Browser öffnet falsche Seiten/ Kein Zugriff auf eigene Dokumente

Conchitta · 23.08.2016, 20:45

Erst mal vorab, wie die meisten mit Problemen hier habe auch ich wenig Ahnung & brauche ne Dummianleitung

.
Mein Browser (Internet Explorer) öffnet seit Tagen falsche Seiten, hauptsächlich Gewinnspiele. Habe dann dummerweise viel zu viel probiert... PC auf Werkeinstellung, Anti- Malware, chkdsk r.... Das Problem wurde dann noch schlimmer & die Seiten haben sich ständig von alleine geschlossen. Habe das denn Internet-Explorer deaktiviert & nutze den Chrome-Browser. Dort tritt dass Problem zwar (noch) nicht auf, aber er ist extrem langsam & das Problem ist damit ja nicht behoben. Desweiteren komme ich nicht mehr an meine Dokumente. Es kommt C:\Users\conchitta\Documents\Eigene...kann nicht zugegriffen werden, Zugriff verweigert.
Ich weiß jetzt nicht, ob das ein eigenes Thema ist, aber vermute dass das alles zusammenhängt.
Ich hoffe, dass mir jemand helfen kann & danke im voraus!

M-K-D-B · 23.08.2016, 20:51

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Conchitta · 24.08.2016, 00:22

Vielen Dank für die schnelle Hilfe . Habe etwas länger gebraucht, weil Windows dem download verweigert hat.

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
durchgeführt von conchitta (Administrator) auf LAPTOP (23-08-2016 22:32:23)
Gestartet von C:\Users\conchitta\Downloads
Geladene Profile: conchitta (Verfügbare Profile: conchitta)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\conchitta\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{61311554-F85D-471F-B660-591BEE3DEBEA}: [DhcpNameServer] 127.0.0.1
Tcpip\..\Interfaces\{B7AF3F67-3D61-4EF4-A070-59D7CC5E1CE0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001 -> DefaultScope {230CC18E-06AA-43E1-9D14-820C97C8ACF6} URL = 

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-22] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()

Chrome: 
=======
CHR Profile: C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-23]
CHR Extension: (Google Drive) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-23]
CHR Extension: (YouTube) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-23]
CHR Extension: (Google Tabellen) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-22]
CHR Extension: (Google Docs Offline) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-22]
CHR Extension: (Google Mail) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-23]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [Datei ist nicht signiert]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-23] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [13920 2016-08-23] ()
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-23 22:32 - 2016-08-23 22:32 - 00014311 _____ C:\Users\conchitta\Downloads\FRST.txt
2016-08-23 22:32 - 2016-08-23 22:32 - 00000000 ____D C:\FRST
2016-08-23 22:31 - 2016-08-23 22:31 - 02396672 _____ (Farbar) C:\Users\conchitta\Downloads\FRST64 (1).exe
2016-08-23 22:27 - 2016-08-23 22:29 - 00628392 _____ C:\Users\conchitta\Downloads\FRST64.exe
2016-08-23 06:43 - 2016-08-23 06:43 - 00000000 ____D C:\Program Files\Synaptics
2016-08-23 06:25 - 2016-08-23 06:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-08-23 06:11 - 2016-08-23 06:11 - 00000000 ____D C:\Users\conchitta\Downloads\RevoUninstaller_Portable_2.0 (1)
2016-08-23 06:08 - 2016-08-23 06:09 - 09256439 _____ C:\Users\conchitta\Downloads\RevoUninstaller_Portable_2.0 (1).zip
2016-08-23 06:08 - 2013-12-11 09:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2016-08-23 06:07 - 2013-12-09 02:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-23 06:07 - 2013-12-09 02:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-23 06:07 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-08-23 06:07 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-08-23 06:07 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-08-23 06:07 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-08-23 06:07 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2016-08-23 06:07 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-08-23 06:07 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-08-23 06:07 - 2013-11-27 11:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-08-23 06:07 - 2013-11-27 11:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-23 06:07 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-08-23 06:07 - 2013-11-27 10:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-23 06:07 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-08-23 06:07 - 2013-11-27 10:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2016-08-23 06:07 - 2013-11-26 15:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-23 06:07 - 2013-11-26 15:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-08-23 06:07 - 2013-11-26 13:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-23 06:07 - 2013-11-25 03:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-08-23 06:07 - 2013-11-25 03:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-08-23 06:07 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-08-23 06:07 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-08-23 06:07 - 2013-11-23 14:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2016-08-23 06:07 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2016-08-23 06:07 - 2013-11-23 09:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2016-08-23 06:07 - 2013-11-23 09:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-23 06:07 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-08-23 06:07 - 2013-11-23 05:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-08-23 06:07 - 2013-11-23 05:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-08-23 06:07 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2016-08-23 06:07 - 2013-11-21 08:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-23 06:07 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-08-23 06:07 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-08-23 06:07 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-08-23 06:07 - 2013-11-15 15:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-08-23 06:07 - 2013-10-31 02:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-08-23 06:07 - 2013-10-31 01:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-08-23 06:07 - 2013-09-17 11:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-08-23 06:07 - 2013-09-17 08:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-08-23 06:07 - 2013-09-14 11:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-08-23 06:04 - 2013-11-11 04:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2016-08-23 06:04 - 2013-11-09 08:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-08-23 06:04 - 2013-11-09 07:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-08-23 06:04 - 2013-11-08 12:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-08-23 06:04 - 2013-11-08 06:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-08-23 06:04 - 2013-11-08 06:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-08-23 06:04 - 2013-11-08 06:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-08-23 06:04 - 2013-11-08 05:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-23 06:04 - 2013-11-08 05:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-23 06:04 - 2013-11-05 16:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-08-23 06:04 - 2013-11-05 15:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2016-08-23 06:04 - 2013-11-04 15:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-08-23 06:04 - 2013-11-04 12:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-08-23 06:04 - 2013-11-04 04:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-08-23 06:04 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-23 06:04 - 2013-11-01 08:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-08-23 06:04 - 2013-11-01 07:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-08-23 06:04 - 2013-10-31 02:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-08-23 06:04 - 2013-10-31 02:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-23 06:04 - 2013-10-31 02:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-23 06:04 - 2013-10-31 02:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-23 06:04 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2016-08-23 06:04 - 2013-10-24 11:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2016-08-23 06:04 - 2013-10-24 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2016-08-23 06:04 - 2013-10-17 13:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-08-23 06:04 - 2013-10-17 12:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-08-23 06:04 - 2013-10-10 13:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-08-23 06:04 - 2013-10-10 13:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-08-23 06:01 - 2013-12-27 11:21 - 13192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-23 06:01 - 2013-12-27 09:27 - 11688448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-23 06:01 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-23 06:01 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-23 06:01 - 2013-11-04 13:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-08-23 06:00 - 2014-01-08 03:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-08-23 06:00 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-23 06:00 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-23 06:00 - 2014-01-04 17:54 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2016-08-23 06:00 - 2014-01-04 17:08 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2016-08-23 06:00 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-08-23 06:00 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-08-23 06:00 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2016-08-23 06:00 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2016-08-23 06:00 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-23 06:00 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-23 06:00 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-23 06:00 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-23 06:00 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-08-23 06:00 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-08-23 06:00 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-08-23 06:00 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2016-08-23 06:00 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-08-23 06:00 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2016-08-23 06:00 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-23 06:00 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-08-23 06:00 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-08-23 06:00 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-08-23 06:00 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-23 06:00 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-23 06:00 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-08-23 06:00 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-23 06:00 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-23 06:00 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2016-08-23 06:00 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-23 06:00 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-08-23 06:00 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-08-23 06:00 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-08-23 06:00 - 2013-12-09 01:43 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-08-23 06:00 - 2013-12-09 01:25 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-08-23 06:00 - 2013-11-04 03:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-08-23 06:00 - 2013-10-05 16:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-08-23 06:00 - 2013-10-05 16:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-08-23 06:00 - 2013-10-05 14:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-08-23 06:00 - 2013-10-05 14:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-08-23 05:38 - 2016-08-23 05:38 - 00000000 _____ C:\Recovery.txt
2016-08-23 05:09 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-08-23 05:09 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-08-23 05:08 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-23 05:08 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-23 05:08 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2016-08-23 05:08 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2016-08-23 05:08 - 2013-10-03 11:16 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-08-23 05:08 - 2013-10-03 11:02 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-08-23 05:08 - 2013-10-02 13:00 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-23 05:08 - 2013-10-02 11:47 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-23 05:08 - 2013-10-01 05:42 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-08-23 05:08 - 2013-10-01 05:36 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-08-23 05:06 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2016-08-23 05:06 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2016-08-23 05:01 - 2014-10-31 00:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-08-23 05:01 - 2014-10-31 00:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-08-23 05:01 - 2014-04-19 13:15 - 21186352 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-23 05:01 - 2014-01-31 18:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-08-23 05:01 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-08-23 05:01 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-08-23 05:01 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-08-23 05:01 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2016-08-23 05:01 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2016-08-23 05:01 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2016-08-23 05:01 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-08-23 05:01 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-23 05:01 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-08-23 05:01 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2016-08-23 05:01 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2016-08-23 05:01 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2016-08-23 05:01 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2016-08-23 05:01 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-23 05:01 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2016-08-23 05:01 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2016-08-23 05:01 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-23 05:01 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2016-08-23 05:01 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2016-08-23 05:01 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2016-08-23 05:01 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2016-08-23 05:01 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-08-23 05:01 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2016-08-23 05:01 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-23 05:01 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-23 05:01 - 2014-01-27 13:45 - 00386722 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-08-23 05:01 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-08-23 05:01 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-08-23 05:01 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-08-23 05:01 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-08-23 05:01 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-23 05:01 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2016-08-23 05:01 - 2013-11-27 17:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-08-23 05:01 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2016-08-23 05:01 - 2013-11-27 10:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 05:01 - 2013-11-27 10:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 05:01 - 2013-11-27 10:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-08-23 05:01 - 2013-11-27 10:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-08-23 05:01 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-08-23 05:01 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-08-23 05:00 - 2014-04-19 08:49 - 18644072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-23 05:00 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-08-23 05:00 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-08-23 05:00 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2016-08-23 05:00 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-23 05:00 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-08-23 05:00 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2016-08-23 05:00 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-23 05:00 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-08-23 05:00 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-08-23 05:00 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-08-23 05:00 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-08-23 05:00 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-08-23 05:00 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-08-23 05:00 - 2013-11-23 06:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-08-23 05:00 - 2013-11-23 06:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-08-23 05:00 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2016-08-23 05:00 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2016-08-23 05:00 - 2013-10-13 04:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2016-08-23 05:00 - 2013-10-12 23:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-08-23 05:00 - 2013-10-12 23:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-23 05:00 - 2013-10-05 16:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-08-23 05:00 - 2013-10-05 10:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-08-23 04:59 - 2016-08-23 04:59 - 00000000 ____D C:\ProgramData\Synaptics
2016-08-23 04:59 - 2013-09-26 13:21 - 23213568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-23 04:59 - 2013-09-26 12:09 - 17143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-23 04:59 - 2013-09-26 10:46 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-23 04:59 - 2013-09-26 09:58 - 12996096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-23 04:59 - 2013-09-26 08:51 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2016-08-23 04:59 - 2013-09-26 08:34 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2016-08-23 04:59 - 2013-09-26 08:34 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2016-08-23 04:59 - 2013-09-21 06:48 - 07544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-23 04:58 - 2013-09-26 14:08 - 00707560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-08-23 04:58 - 2013-09-26 11:37 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-23 04:58 - 2013-09-26 11:20 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2016-08-23 04:58 - 2013-09-26 10:35 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-23 04:58 - 2013-09-26 10:23 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-23 04:58 - 2013-09-26 09:42 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-23 04:58 - 2013-09-26 09:21 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-23 04:58 - 2013-09-26 08:54 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-23 04:58 - 2013-09-26 08:47 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-23 04:58 - 2013-09-26 08:40 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-23 04:58 - 2013-09-26 08:36 - 00867840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-08-23 04:58 - 2013-09-26 08:35 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-08-23 04:58 - 2013-09-25 12:25 - 00783504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-23 04:58 - 2013-09-25 10:58 - 00648648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-23 04:58 - 2013-09-25 07:40 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2016-08-23 04:58 - 2013-09-24 12:12 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2016-08-23 04:58 - 2013-09-24 07:54 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-08-23 04:58 - 2013-09-24 07:10 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-08-23 04:58 - 2013-09-24 07:05 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2016-08-23 04:58 - 2013-09-24 07:00 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-08-23 04:58 - 2013-09-24 06:27 - 00919552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-08-23 04:58 - 2013-09-24 05:56 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2016-08-23 04:58 - 2013-09-23 04:39 - 02800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-08-23 04:58 - 2013-09-23 03:46 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-08-23 04:58 - 2013-09-23 03:42 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-08-23 04:58 - 2013-09-21 14:10 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-08-23 04:58 - 2013-09-21 14:10 - 00236376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-08-23 04:58 - 2013-09-21 14:10 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-08-23 04:58 - 2013-09-21 13:50 - 00528048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-08-23 04:58 - 2013-09-21 13:48 - 00700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-08-23 04:58 - 2013-09-21 13:48 - 00534048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-08-23 04:58 - 2013-09-21 13:48 - 00123480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-08-23 04:58 - 2013-09-21 12:56 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-08-23 04:58 - 2013-09-21 12:54 - 02328328 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-08-23 04:58 - 2013-09-21 12:53 - 01534504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-23 04:58 - 2013-09-21 12:53 - 00996320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-08-23 04:58 - 2013-09-21 12:53 - 00934856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-23 04:58 - 2013-09-21 12:53 - 00366688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-08-23 04:58 - 2013-09-21 12:45 - 00171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-08-23 04:58 - 2013-09-21 11:37 - 02065960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-08-23 04:58 - 2013-09-21 11:23 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-08-23 04:58 - 2013-09-21 11:23 - 00427096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-08-23 04:58 - 2013-09-21 11:23 - 00098104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-08-23 04:58 - 2013-09-21 11:12 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-23 04:58 - 2013-09-21 11:09 - 00796928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-23 04:58 - 2013-09-21 11:09 - 00312936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-08-23 04:58 - 2013-09-21 09:58 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-08-23 04:58 - 2013-09-21 09:57 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-23 04:58 - 2013-09-21 09:55 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-08-23 04:58 - 2013-09-21 09:50 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2016-08-23 04:58 - 2013-09-21 09:17 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2016-08-23 04:58 - 2013-09-21 08:55 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2016-08-23 04:58 - 2013-09-21 08:33 - 11366912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-08-23 04:58 - 2013-09-21 07:59 - 00940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-23 04:58 - 2013-09-21 07:57 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\livessp.dll
2016-08-23 04:58 - 2013-09-21 07:56 - 08712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-08-23 04:58 - 2013-09-21 07:43 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-08-23 04:58 - 2013-09-21 07:38 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-08-23 04:58 - 2013-09-21 07:34 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-08-23 04:58 - 2013-09-21 07:31 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-23 04:58 - 2013-09-21 07:26 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-08-23 04:58 - 2013-09-21 07:10 - 12028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-23 04:58 - 2013-09-21 07:05 - 08875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-23 04:58 - 2013-09-21 07:02 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-08-23 04:58 - 2013-09-21 06:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-08-23 04:58 - 2013-09-21 06:49 - 04975104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-23 04:58 - 2013-09-21 06:44 - 01662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-08-23 04:58 - 2013-09-21 06:39 - 01455616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-08-23 04:58 - 2013-09-21 06:38 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2016-08-23 04:58 - 2013-09-21 06:36 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2016-08-23 04:58 - 2013-09-19 08:17 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2016-08-23 04:58 - 2013-09-19 07:43 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2016-08-23 04:58 - 2013-09-19 07:30 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-08-23 04:58 - 2013-09-19 07:29 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2016-08-23 04:58 - 2013-09-19 07:08 - 01150976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-08-23 04:58 - 2013-09-19 07:01 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2016-08-23 04:58 - 2013-09-19 06:37 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-08-23 04:58 - 2013-09-19 06:32 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2016-08-23 04:58 - 2013-09-19 06:27 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-08-23 04:58 - 2013-09-19 06:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-08-23 04:58 - 2013-09-19 06:25 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-08-23 04:58 - 2013-09-19 06:11 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-08-23 04:58 - 2013-09-19 06:10 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-08-23 04:58 - 2013-09-19 05:59 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-08-23 04:58 - 2013-09-19 05:55 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-08-23 04:58 - 2013-09-19 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-08-23 04:58 - 2013-09-19 05:32 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-08-23 04:58 - 2013-09-19 05:29 - 01581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-08-23 04:58 - 2013-09-17 11:18 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-08-23 04:58 - 2013-09-17 07:15 - 01225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-08-23 04:58 - 2013-09-17 07:00 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-08-23 04:58 - 2013-09-17 06:08 - 00738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2016-08-23 04:58 - 2013-09-14 16:06 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys
2016-08-23 04:58 - 2013-09-14 16:06 - 00066904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PSHED.DLL
2016-08-23 04:58 - 2013-09-14 10:35 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-08-23 04:58 - 2013-09-13 14:24 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-23 04:58 - 2013-09-13 14:14 - 00872328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-08-23 04:58 - 2013-09-13 12:52 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-08-23 04:58 - 2013-09-13 11:52 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2016-08-23 04:58 - 2013-09-13 10:54 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-08-23 04:58 - 2013-09-13 09:55 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-08-23 04:58 - 2013-09-13 09:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-08-23 04:58 - 2013-09-12 09:37 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2016-08-23 04:58 - 2013-09-11 11:32 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-23 04:58 - 2013-09-11 11:31 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-08-23 04:58 - 2013-09-11 09:41 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-08-23 04:58 - 2013-09-11 09:09 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-08-23 04:58 - 2013-09-07 14:44 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdprint.dll
2016-08-23 04:58 - 2013-09-07 14:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-08-23 04:58 - 2013-09-07 13:45 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-08-23 04:58 - 2013-09-07 13:25 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-08-23 04:58 - 2013-09-07 13:11 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-08-23 04:58 - 2013-09-07 13:07 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2016-08-23 04:58 - 2013-09-07 12:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2016-08-23 04:58 - 2013-09-07 12:51 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2016-08-23 04:58 - 2013-09-05 09:39 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2016-08-23 04:58 - 2013-09-05 08:42 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2016-08-23 04:58 - 2013-09-04 09:01 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2016-08-23 04:58 - 2013-09-04 08:16 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-08-23 04:58 - 2013-09-04 07:47 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2016-08-23 04:58 - 2013-09-04 07:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2016-08-23 04:58 - 2013-09-04 07:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-08-23 04:58 - 2013-09-04 06:57 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-23 04:58 - 2013-09-04 06:48 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-08-23 04:58 - 2013-09-04 06:35 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-08-23 04:58 - 2013-08-31 16:18 - 00205024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-08-23 04:58 - 2013-08-31 14:15 - 00180232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-08-23 04:58 - 2013-08-31 14:04 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll
2016-08-23 04:58 - 2013-08-31 11:36 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-08-23 04:58 - 2013-08-31 11:12 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-08-23 04:58 - 2013-08-30 09:31 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2016-08-23 04:58 - 2013-08-28 09:55 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-08-23 04:58 - 2013-08-28 09:49 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-08-23 04:58 - 2013-08-28 09:09 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2016-08-23 04:58 - 2013-08-27 08:09 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-08-23 04:58 - 2013-08-27 07:24 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-08-23 04:57 - 2013-09-26 10:24 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-08-23 04:57 - 2013-09-26 09:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-08-23 04:57 - 2013-09-26 09:14 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-08-23 04:57 - 2013-09-25 09:32 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-08-23 04:57 - 2013-09-24 08:55 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2016-08-23 04:57 - 2013-09-24 07:59 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2016-08-23 04:57 - 2013-09-23 04:25 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-08-23 04:57 - 2013-09-21 08:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2016-08-23 04:57 - 2013-09-21 07:37 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-08-23 04:57 - 2013-09-21 07:20 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-23 04:57 - 2013-09-21 07:09 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-08-23 04:57 - 2013-09-21 06:38 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-08-23 04:57 - 2013-09-21 06:37 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-08-23 04:57 - 2013-09-19 09:19 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll
2016-08-23 04:57 - 2013-09-19 08:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
2016-08-23 04:57 - 2013-09-19 08:27 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2016-08-23 04:57 - 2013-09-19 08:23 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WorkFoldersRes.dll
2016-08-23 04:57 - 2013-09-19 07:47 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
2016-08-23 04:57 - 2013-09-17 08:58 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-08-23 04:57 - 2013-09-17 07:26 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-08-23 04:57 - 2013-09-17 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-08-23 04:57 - 2013-09-17 05:28 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2016-08-23 04:57 - 2013-09-14 13:39 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-08-23 04:57 - 2013-09-13 10:10 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-08-23 04:57 - 2013-09-13 09:28 - 03524096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-23 04:57 - 2013-09-11 11:31 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-08-23 04:57 - 2013-09-07 14:00 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdprint.dll
2016-08-23 04:57 - 2013-09-07 13:50 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll
2016-08-23 04:57 - 2013-09-07 13:30 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-08-23 04:57 - 2013-09-07 13:22 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-08-23 04:57 - 2013-09-07 13:13 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-08-23 04:57 - 2013-09-05 07:40 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2016-08-23 04:57 - 2013-09-04 07:04 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2016-08-23 04:57 - 2013-08-31 12:46 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2016-08-23 04:57 - 2013-08-31 12:00 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2016-08-23 04:57 - 2013-08-31 11:25 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2016-08-23 04:53 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-08-23 04:53 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-08-23 04:50 - 2013-10-11 15:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-08-23 04:50 - 2013-10-11 15:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-08-23 04:49 - 2013-12-09 02:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-08-23 04:49 - 2013-11-09 08:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2016-08-23 04:49 - 2013-11-09 08:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-08-23 04:49 - 2013-11-09 07:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-08-23 04:42 - 2016-08-22 20:11 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-23 04:41 - 2016-08-23 04:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-23 04:41 - 2016-08-23 04:41 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-23 04:41 - 2016-08-23 04:41 - 00000380 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2016-08-23 04:40 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-08-23 04:26 - 2016-08-23 04:26 - 02449376 _____ (Megaify Software ) C:\Users\conchitta\Downloads\DriverToolkitInstaller (6).exe
2016-08-23 04:01 - 2016-08-23 06:49 - 00336024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-23 03:50 - 2016-08-23 03:59 - 130076618 _____ C:\Users\conchitta\Downloads\Intel_hd_graphics_win64_153332.zip
2016-08-23 03:45 - 2016-08-23 03:45 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\conchitta\Downloads\driveragent-setup-1278 (1).exe
2016-08-23 03:44 - 2016-08-23 03:44 - 00022200 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2016-08-23 03:44 - 2016-08-23 03:44 - 00000000 ____D C:\Users\conchitta\AppData\Local\eSupport.com
2016-08-23 03:44 - 2016-08-23 03:44 - 00000000 ____D C:\Program Files (x86)\eSupport.com
2016-08-23 03:32 - 2016-08-23 06:04 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-08-23 03:32 - 2016-08-23 03:32 - 00000000 ____D C:\Users\conchitta\AppData\Local\DriverToolkit
2016-08-23 03:11 - 2016-08-23 05:47 - 00013920 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
2016-08-23 03:10 - 2016-08-23 06:05 - 00000000 ____D C:\Users\conchitta\AppData\Local\SlimWare Utilities Inc
2016-08-23 03:09 - 2016-08-23 05:24 - 00000000 ____D C:\Users\conchitta\AppData\Local\FromDocToPDFTooltab
2016-08-23 03:09 - 2016-08-23 03:09 - 00000000 ____D C:\Users\conchitta\AppData\Local\Downloaded Installers
2016-08-22 23:47 - 2016-08-23 21:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-22 23:46 - 2016-08-22 23:46 - 00001089 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-22 23:46 - 2016-08-22 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-22 23:46 - 2016-08-22 23:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 23:46 - 2016-08-22 23:46 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-22 23:46 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-22 23:46 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-22 23:46 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-22 20:52 - 2016-08-22 20:52 - 00000000 ____D C:\Users\conchitta\AppData\Roaming\Macromedia
2016-08-22 20:46 - 2016-08-22 20:48 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-22 20:46 - 2016-08-22 20:48 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-22 20:43 - 2016-08-23 21:53 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-22 20:43 - 2016-08-23 20:53 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-22 20:43 - 2016-08-23 06:14 - 00000000 ____D C:\Users\conchitta\AppData\Local\Google
2016-08-22 20:43 - 2016-08-22 20:48 - 00004104 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-22 20:43 - 2016-08-22 20:48 - 00003868 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-22 20:43 - 2016-08-22 20:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-22 20:41 - 2016-08-23 20:12 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{25A66E3A-C779-4BFF-A644-D698B6E080FA}
2016-08-22 20:17 - 2016-08-23 20:09 - 00000000 __RDO C:\Users\conchitta\SkyDrive
2016-08-22 20:16 - 2016-08-23 22:00 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2751898029-2148813506-1804420663-1001
2016-08-22 20:16 - 2016-08-22 20:16 - 00000000 ____D C:\ProgramData\ToshibaEurope
2016-08-22 20:11 - 2016-08-22 20:12 - 00000000 ____D C:\Users\conchitta\AppData\Local\PackageStaging
2016-08-22 20:11 - 2016-08-22 20:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-08-22 20:11 - 2016-08-22 20:11 - 00000000 ____D C:\Users\conchitta\AppData\Local\TOSHIBA
2016-08-22 20:10 - 2016-08-23 06:30 - 00000000 ____D C:\Users\conchitta\AppData\Local\Packages
2016-08-22 20:10 - 2016-08-22 20:10 - 00000000 ____D C:\Users\conchitta\AppData\Roaming\Adobe
2016-08-22 20:10 - 2016-08-22 20:10 - 00000000 ____D C:\Users\conchitta\AppData\Local\VirtualStore
2016-08-22 20:08 - 2016-08-23 04:00 - 00000000 ____D C:\Users\conchitta
2016-08-22 20:08 - 2016-08-22 20:08 - 00000020 ___SH C:\Users\conchitta\ntuser.ini
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Vorlagen
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Startmenü
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Netzwerkumgebung
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Lokale Einstellungen
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Eigene Dateien
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Druckumgebung
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Documents\Eigene Videos
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Documents\Eigene Musik
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Documents\Eigene Bilder
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\AppData\Local\Verlauf
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\AppData\Local\Anwendungsdaten
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Anwendungsdaten
2016-08-22 20:06 - 2016-08-22 20:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-23 22:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-23 20:46 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-08-23 20:20 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-23 06:53 - 2013-09-06 23:25 - 04646338 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-23 06:53 - 2013-08-28 12:25 - 00797412 _____ C:\WINDOWS\system32\perfh013.dat
2016-08-23 06:53 - 2013-08-28 12:25 - 00161992 _____ C:\WINDOWS\system32\perfc013.dat
2016-08-23 06:53 - 2013-08-28 12:16 - 00793160 _____ C:\WINDOWS\system32\perfh010.dat
2016-08-23 06:53 - 2013-08-28 12:16 - 00156082 _____ C:\WINDOWS\system32\perfc010.dat
2016-08-23 06:53 - 2013-08-28 12:08 - 00801394 _____ C:\WINDOWS\system32\perfh00C.dat
2016-08-23 06:53 - 2013-08-28 12:08 - 00158846 _____ C:\WINDOWS\system32\perfc00C.dat
2016-08-23 06:53 - 2013-08-28 11:59 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-23 06:53 - 2013-08-28 11:59 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-23 06:49 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-23 06:48 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-23 06:47 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-08-23 06:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2016-08-23 06:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-08-23 06:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\FileManager
2016-08-23 06:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Camera
2016-08-23 06:47 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-23 06:47 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-08-23 06:47 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-08-23 05:37 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-23 05:13 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-22 21:02 - 2013-10-09 01:38 - 00000000 ____D C:\ProgramData\McAfee
2016-08-22 21:02 - 2013-10-09 01:38 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-08-22 21:02 - 2013-10-09 01:38 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-22 20:51 - 2013-10-09 01:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-22 20:51 - 2013-09-08 00:56 - 00000000 ____D C:\WINDOWS\Panther
2016-08-22 20:46 - 2013-10-09 01:55 - 00000000 ____D C:\Program Files (x86)\TOSHIBA Games
2016-08-22 20:16 - 2013-10-09 01:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\TOSHIBA
2016-08-22 20:16 - 2013-09-06 23:26 - 00000000 ____D C:\ProgramData\Toshiba
2016-08-22 20:14 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-22 19:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2013-09-07 08:13

==================== Ende von FRST.txt ============================

--- --- ---

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
durchgeführt von conchitta (23-08-2016 22:33:19)
Gestartet von C:\Users\conchitta\Downloads
Windows 8.1 (X64) (2016-08-22 18:09:52)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-2751898029-2148813506-1804420663-500 - Administrator - Disabled)
conchitta (S-1-5-21-2751898029-2148813506-1804420663-1001 - Administrator - Enabled) => C:\Users\conchitta
Gast (S-1-5-21-2751898029-2148813506-1804420663-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2751898029-2148813506-1804420663-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
FromDocToPDF Internet Explorer Homepage and New Tab (HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\...\FromDocToPDFTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ACHTUNG
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1C5CCB11-FD46-4373-BB51-CE2E249A62C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-22] (Google Inc.)
Task: {26FB73B8-F896-4EDC-AE6A-A0195E4346BE} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {6D20924F-588B-4B45-95B9-3553C6D2AF56} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {7FE0925E-4178-4642-BBCF-C35A6437B449} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-22] (Google Inc.)
Task: {CCF7B886-2C21-4511-80C6-29978FB47A87} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-08-28] (TODO: <Company name>)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-09-06 23:53 - 2013-08-12 19:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd
2016-08-23 05:31 - 2016-08-23 05:31 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\46814cd3fb4488be00a1a0d654ba28c9\Windows.Foundation.ni.dll
2013-10-09 01:15 - 2013-09-04 01:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-08-22 20:46 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-22 20:46 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\conchitta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{97185104-0EDA-4C8C-ABF3-112C92FD4EF3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{A5465BAB-3068-45DA-85D3-A7E1B9D9C807}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EEF7AD55-2628-45B1-B168-9008AEA3BAFB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{CEFA1628-04CD-4855-BB91-0521F13EAB44}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{72DEC956-00CD-4506-9E72-84AAD746DEFD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C1820B97-7FD2-4D7D-8D59-8D33179C1F88}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6B1719A8-7D86-4EFA-953F-953A12A7A4D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

23-08-2016 03:58:32 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager =============

==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/23/2016 04:59:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SynTPEnh.exe, Version: 17.0.10.51, Zeitstempel: 0x53d06d8c
Name des fehlerhaften Moduls: SynTPEnh.exe, Version: 17.0.10.51, Zeitstempel: 0x53d06d8c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000007f872
ID des fehlerhaften Prozesses: 0x13c8
Startzeit der fehlerhaften Anwendung: 0xSynTPEnh.exe0
Pfad der fehlerhaften Anwendung: SynTPEnh.exe1
Pfad des fehlerhaften Moduls: SynTPEnh.exe2
Berichtskennung: SynTPEnh.exe3
Vollständiger Name des fehlerhaften Pakets: SynTPEnh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SynTPEnh.exe5

Error: (08/23/2016 03:56:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x3f24
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:30:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x3edc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:30:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x2980
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:30:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x2f80
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:29:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x2fac
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:29:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x1368
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:29:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x5bb4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:29:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x49f8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:21:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0xab4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Systemfehler:
=============
Error: (08/23/2016 10:00:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: Microsoft.ZuneMusic

Error: (08/23/2016 08:20:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: Microsoft.ZuneMusic

Error: (08/23/2016 06:47:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062 = Der Dienst wurde nicht gestartet.

Error: (08/23/2016 06:35:01 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/23/2016 06:35:01 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/23/2016 05:13:53 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (08/23/2016 05:12:27 AM) (Source: DCOM) (EventID: 10029) (User: NT-AUTORITÄT)
Description: {B8FC52F5-CB03-4E10-8BCB-E3EC794C54A5}wuauserv

Error: (08/23/2016 04:44:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062 = Der Dienst wurde nicht gestartet.

Error: (08/23/2016 04:41:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.227.404.0)

Error: (08/23/2016 04:00:03 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 3971.27 MB
Verfügbarer physikalischer RAM: 1785.87 MB
Summe virtueller Speicher: 5379.27 MB
Verfügbarer virtueller Speicher: 2635.2 MB

==================== Laufwerke ================================

Drive c: (TI31204300A) (Fixed) (Total:454.91 GB) (Free:429.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Soll ich den TDSSKiller gleich hinterher oder warten bis alles durchgeguckt ist?

Vielen Dank nochmal!

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
durchgeführt von conchitta (23-08-2016 22:33:19)
Gestartet von C:\Users\conchitta\Downloads
Windows 8.1 (X64) (2016-08-22 18:09:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2751898029-2148813506-1804420663-500 - Administrator - Disabled)
conchitta (S-1-5-21-2751898029-2148813506-1804420663-1001 - Administrator - Enabled) => C:\Users\conchitta
Gast (S-1-5-21-2751898029-2148813506-1804420663-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2751898029-2148813506-1804420663-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
FromDocToPDF Internet Explorer Homepage and New Tab (HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\...\FromDocToPDFTooltab Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ACHTUNG
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1C5CCB11-FD46-4373-BB51-CE2E249A62C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-22] (Google Inc.)
Task: {26FB73B8-F896-4EDC-AE6A-A0195E4346BE} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {6D20924F-588B-4B45-95B9-3553C6D2AF56} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {7FE0925E-4178-4642-BBCF-C35A6437B449} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-22] (Google Inc.)
Task: {CCF7B886-2C21-4511-80C6-29978FB47A87} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-08-28] (TODO: <Company name>)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-09-06 23:53 - 2013-08-12 19:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd
2016-08-23 05:31 - 2016-08-23 05:31 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\46814cd3fb4488be00a1a0d654ba28c9\Windows.Foundation.ni.dll
2013-10-09 01:15 - 2013-09-04 01:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-08-22 20:46 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-22 20:46 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\conchitta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{97185104-0EDA-4C8C-ABF3-112C92FD4EF3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{A5465BAB-3068-45DA-85D3-A7E1B9D9C807}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EEF7AD55-2628-45B1-B168-9008AEA3BAFB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{CEFA1628-04CD-4855-BB91-0521F13EAB44}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{72DEC956-00CD-4506-9E72-84AAD746DEFD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C1820B97-7FD2-4D7D-8D59-8D33179C1F88}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6B1719A8-7D86-4EFA-953F-953A12A7A4D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

23-08-2016 03:58:32 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/23/2016 04:59:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SynTPEnh.exe, Version: 17.0.10.51, Zeitstempel: 0x53d06d8c
Name des fehlerhaften Moduls: SynTPEnh.exe, Version: 17.0.10.51, Zeitstempel: 0x53d06d8c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000007f872
ID des fehlerhaften Prozesses: 0x13c8
Startzeit der fehlerhaften Anwendung: 0xSynTPEnh.exe0
Pfad der fehlerhaften Anwendung: SynTPEnh.exe1
Pfad des fehlerhaften Moduls: SynTPEnh.exe2
Berichtskennung: SynTPEnh.exe3
Vollständiger Name des fehlerhaften Pakets: SynTPEnh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SynTPEnh.exe5

Error: (08/23/2016 03:56:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x3f24
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:30:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x3edc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:30:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x2980
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:30:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x2f80
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:29:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x2fac
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:29:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x1368
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:29:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x5bb4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:29:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x49f8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/23/2016 03:21:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0xab4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5


Systemfehler:
=============
Error: (08/23/2016 10:00:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: Microsoft.ZuneMusic

Error: (08/23/2016 08:20:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: Microsoft.ZuneMusic

Error: (08/23/2016 06:47:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062 = Der Dienst wurde nicht gestartet.

Error: (08/23/2016 06:35:01 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/23/2016 06:35:01 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/23/2016 05:13:53 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (08/23/2016 05:12:27 AM) (Source: DCOM) (EventID: 10029) (User: NT-AUTORITÄT)
Description: {B8FC52F5-CB03-4E10-8BCB-E3EC794C54A5}wuauserv

Error: (08/23/2016 04:44:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062 = Der Dienst wurde nicht gestartet.

Error: (08/23/2016 04:41:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.227.404.0)

Error: (08/23/2016 04:00:03 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 3971.27 MB
Verfügbarer physikalischer RAM: 1785.87 MB
Summe virtueller Speicher: 5379.27 MB
Verfügbarer virtueller Speicher: 2635.2 MB

==================== Laufwerke ================================

Drive c: (TI31204300A) (Fixed) (Total:454.91 GB) (Free:429.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Conchitta · 24.08.2016, 04:16

Code:

ATTFilter

03:04:25.0901 0x17d8  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
03:04:25.0901 0x17d8  UEFI system
03:04:31.0808 0x17d8  ============================================================
03:04:31.0808 0x17d8  Current date / time: 2016/08/24 03:04:31.0808
03:04:31.0808 0x17d8  SystemInfo:
03:04:31.0808 0x17d8  
03:04:31.0808 0x17d8  OS Version: 6.3.9600 ServicePack: 0.0
03:04:31.0808 0x17d8  Product type: Workstation
03:04:31.0808 0x17d8  ComputerName: LAPTOP
03:04:31.0808 0x17d8  UserName: conchitta
03:04:31.0808 0x17d8  Windows directory: C:\WINDOWS
03:04:31.0808 0x17d8  System windows directory: C:\WINDOWS
03:04:31.0808 0x17d8  Running under WOW64
03:04:31.0808 0x17d8  Processor architecture: Intel x64
03:04:31.0808 0x17d8  Number of processors: 2
03:04:31.0808 0x17d8  Page size: 0x1000
03:04:31.0808 0x17d8  Boot type: Normal boot
03:04:31.0808 0x17d8  CodeIntegrityOptions = 0x00000001
03:04:31.0808 0x17d8  ============================================================
03:04:31.0808 0x17d8  KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 9600.16452, osProperties = 0x19
03:04:31.0808 0x17d8  KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 9600.16452, osProperties = 0x19
03:04:31.0808 0x17d8  BG loaded
03:04:32.0855 0x17d8  System UUID: {6A3BACE0-644A-3521-69A6-18D6AA0209F4}
03:04:33.0764 0x17d8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:04:33.0764 0x17d8  ============================================================
03:04:33.0764 0x17d8  \Device\Harddisk0\DR0:
03:04:33.0764 0x17d8  GPT partitions:
03:04:33.0764 0x17d8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {89A572FF-1FBA-11E3-86CF-95A363E04460}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
03:04:33.0764 0x17d8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {89A57307-1FBA-11E3-86CF-95A363E04460}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
03:04:33.0764 0x17d8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {89A57309-1FBA-11E3-86CF-95A363E04460}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
03:04:33.0764 0x17d8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {89A5730F-1FBA-11E3-86CF-95A363E04460}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x38DD0800
03:04:33.0764 0x17d8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E60E22C7-307E-11E3-9E9A-54BEF773241F}, Name: Basic data partition, StartLBA 0x39043000, BlocksNum 0x1343000
03:04:33.0764 0x17d8  MBR partitions:
03:04:33.0764 0x17d8  ============================================================
03:04:33.0780 0x17d8  C: <-> \Device\Harddisk0\DR0\Partition4
03:04:33.0780 0x17d8  ============================================================
03:04:33.0780 0x17d8  Initialize success
03:04:33.0780 0x17d8  ============================================================
03:04:48.0619 0x14e8  ============================================================
03:04:48.0619 0x14e8  Scan started
03:04:48.0619 0x14e8  Mode: Manual; SigCheck; TDLFS; 
03:04:48.0619 0x14e8  ============================================================
03:04:48.0619 0x14e8  KSN ping started
03:04:50.0951 0x14e8  KSN ping finished: true
03:04:53.0191 0x14e8  ================ Scan system memory ========================
03:04:53.0191 0x14e8  System memory - ok
03:04:53.0191 0x14e8  ================ Scan services =============================
03:04:53.0347 0x14e8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
03:04:53.0457 0x14e8  1394ohci - ok
03:04:53.0488 0x14e8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
03:04:53.0504 0x14e8  3ware - ok
03:04:53.0535 0x14e8  [ E19D921EBBD1A2CA4C48D7B5F1685B30, E14F6E48593E03DDAB4DF281755C0A5FC77D491AB8039D421AC84D306C38BCDA ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
03:04:53.0550 0x14e8  ACPI - ok
03:04:53.0566 0x14e8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
03:04:53.0582 0x14e8  acpiex - ok
03:04:53.0582 0x14e8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
03:04:53.0597 0x14e8  acpipagr - ok
03:04:53.0597 0x14e8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
03:04:53.0613 0x14e8  AcpiPmi - ok
03:04:53.0629 0x14e8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
03:04:53.0629 0x14e8  acpitime - ok
03:04:53.0675 0x14e8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
03:04:53.0691 0x14e8  ADP80XX - ok
03:04:53.0741 0x14e8  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
03:04:53.0804 0x14e8  AeLookupSvc - ok
03:04:53.0835 0x14e8  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
03:04:53.0882 0x14e8  AFD - ok
03:04:53.0898 0x14e8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
03:04:53.0898 0x14e8  agp440 - ok
03:04:53.0929 0x14e8  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
03:04:53.0945 0x14e8  ahcache - ok
03:04:53.0976 0x14e8  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
03:04:53.0991 0x14e8  ALG - ok
03:04:54.0007 0x14e8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
03:04:54.0038 0x14e8  AmdK8 - ok
03:04:54.0038 0x14e8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
03:04:54.0054 0x14e8  AmdPPM - ok
03:04:54.0085 0x14e8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
03:04:54.0085 0x14e8  amdsata - ok
03:04:54.0116 0x14e8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
03:04:54.0132 0x14e8  amdsbs - ok
03:04:54.0132 0x14e8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
03:04:54.0148 0x14e8  amdxata - ok
03:04:54.0179 0x14e8  [ 4126D30992B26303E47E8981313FD6D6, 4C8DB2DDDB88FBEA87CDBFB93D9855B40043778878AF4A5571C174434F9C0D4C ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
03:04:54.0210 0x14e8  AmUStor - ok
03:04:54.0241 0x14e8  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
03:04:54.0288 0x14e8  AppID - ok
03:04:54.0304 0x14e8  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
03:04:54.0320 0x14e8  AppIDSvc - ok
03:04:54.0335 0x14e8  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\WINDOWS\System32\appinfo.dll
03:04:54.0367 0x14e8  Appinfo - ok
03:04:54.0476 0x14e8  [ EF0EE63BE56D2CAC3FA07850770326F1, AB50E428B7FF9B697A11393D72B5702E1E5991F0ECE422FE69B353FE0746F03C ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
03:04:54.0523 0x14e8  AppReadiness - ok
03:04:54.0601 0x14e8  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
03:04:54.0648 0x14e8  AppXSvc - ok
03:04:54.0679 0x14e8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
03:04:54.0679 0x14e8  arcsas - ok
03:04:54.0695 0x14e8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
03:04:54.0695 0x14e8  atapi - ok
03:04:54.0773 0x14e8  [ 50440A2FEDF6A9D94F2BA06192E172EB, A69F186839D0337FA0DD3EBDAA33479FD21A15484DD47E8F6ED29F4D062151B8 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
03:04:54.0788 0x14e8  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
03:04:57.0152 0x14e8  Detect skipped due to KSN trusted
03:04:57.0152 0x14e8  AtherosSvc - ok
03:04:57.0340 0x14e8  [ 2A11580E835FE3762C36FBC6F3666643, 089DF149B411FE3BE51AA1F9E9A18222B6D3D32EE136C0E28158959F0E015623 ] athr            C:\WINDOWS\system32\DRIVERS\athwbx.sys
03:04:57.0449 0x14e8  athr - ok
03:04:57.0480 0x14e8  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
03:04:57.0512 0x14e8  AudioEndpointBuilder - ok
03:04:57.0543 0x14e8  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
03:04:57.0574 0x14e8  Audiosrv - ok
03:04:57.0621 0x14e8  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
03:04:57.0637 0x14e8  AxInstSV - ok
03:04:57.0684 0x14e8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
03:04:57.0734 0x14e8  b06bdrv - ok
03:04:57.0750 0x14e8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
03:04:57.0766 0x14e8  BasicDisplay - ok
03:04:57.0797 0x14e8  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
03:04:57.0797 0x14e8  BasicRender - ok
03:04:57.0828 0x14e8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
03:04:57.0828 0x14e8  bcmfn2 - ok
03:04:57.0859 0x14e8  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
03:04:57.0891 0x14e8  BDESVC - ok
03:04:57.0906 0x14e8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
03:04:57.0922 0x14e8  Beep - ok
03:04:57.0969 0x14e8  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\WINDOWS\System32\bfe.dll
03:04:58.0047 0x14e8  BFE - ok
03:04:58.0141 0x14e8  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
03:04:58.0234 0x14e8  BITS - ok
03:04:58.0266 0x14e8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
03:04:58.0281 0x14e8  bowser - ok
03:04:58.0297 0x14e8  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
03:04:58.0328 0x14e8  BrokerInfrastructure - ok
03:04:58.0344 0x14e8  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
03:04:58.0375 0x14e8  Browser - ok
03:04:58.0406 0x14e8  [ 60E8BCEC59540F3C740BA9DED2832E70, B866B6397C453B3BB12D5FBDA8FFBD8DF5B37541614B01B5ADE777FE298CF81A ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
03:04:58.0438 0x14e8  BtFilter - ok
03:04:58.0469 0x14e8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
03:04:58.0500 0x14e8  BthAvrcpTg - ok
03:04:58.0516 0x14e8  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
03:04:58.0547 0x14e8  BthEnum - ok
03:04:58.0547 0x14e8  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
03:04:58.0563 0x14e8  BthHFEnum - ok
03:04:58.0563 0x14e8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
03:04:58.0578 0x14e8  bthhfhid - ok
03:04:58.0609 0x14e8  [ FCD8BD17B7193CFFF18C332D1A381D7F, CD8A03086695F8FF2566697164D1FD1B60210C017220EFBD78CB12C38CD12BE1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
03:04:58.0625 0x14e8  BthLEEnum - ok
03:04:58.0625 0x14e8  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
03:04:58.0641 0x14e8  BTHMODEM - ok
03:04:58.0641 0x14e8  [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
03:04:58.0672 0x14e8  BthPan - ok
03:04:58.0703 0x14e8  [ 8458ECAB701EE385851C2559B71D1209, 0680031AFB5501C6D16F404CAA43C00C44C3213A790BB5570C9309BB9197C257 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
03:04:58.0766 0x14e8  BTHPORT - ok
03:04:58.0797 0x14e8  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
03:04:58.0797 0x14e8  bthserv - ok
03:04:58.0813 0x14e8  [ 2C0B77176CD68F1F60510CDF36ADC401, 77990114F9D7B60F5D62122F4634DF89BE69EC56507DAD8C84417B9EC6B21E8D ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
03:04:58.0828 0x14e8  BTHUSB - ok
03:04:58.0859 0x14e8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
03:04:58.0859 0x14e8  cdfs - ok
03:04:58.0906 0x14e8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
03:04:58.0922 0x14e8  cdrom - ok
03:04:58.0953 0x14e8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
03:04:58.0969 0x14e8  CertPropSvc - ok
03:04:59.0000 0x14e8  [ 5832CD83F5E84BFF8BD93727685852CB, 4E0E170335E566E89E7FEA70629ACEF3E4BB8A54001AE81333FC99B983DB73F2 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
03:04:59.0016 0x14e8  cfwids - ok
03:04:59.0016 0x14e8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
03:04:59.0031 0x14e8  circlass - ok
03:04:59.0063 0x14e8  [ B8B663BE41827211737F627473D6D192, E01FB67229FF962231637A4C07E19A29D1CD8ADEF6E5E177F136EC6572729EFF ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
03:04:59.0078 0x14e8  CLFS - ok
03:04:59.0109 0x14e8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
03:04:59.0125 0x14e8  CmBatt - ok
03:04:59.0156 0x14e8  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
03:04:59.0203 0x14e8  CNG - ok
03:04:59.0203 0x14e8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
03:04:59.0219 0x14e8  CompositeBus - ok
03:04:59.0219 0x14e8  COMSysApp - ok
03:04:59.0234 0x14e8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
03:04:59.0234 0x14e8  condrv - ok
03:04:59.0313 0x14e8  [ 9A851F47C6F4CDC1B41B4AAB04053BF7, 788C9023D96D8D2838D332D8BEF153ED570885DD5C4F3DF0F02BEA9A20B13667 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
03:04:59.0328 0x14e8  cphs - ok
03:04:59.0359 0x14e8  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
03:04:59.0375 0x14e8  CryptSvc - ok
03:04:59.0406 0x14e8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
03:04:59.0422 0x14e8  dam - ok
03:04:59.0469 0x14e8  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
03:04:59.0516 0x14e8  DcomLaunch - ok
03:04:59.0563 0x14e8  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
03:04:59.0594 0x14e8  defragsvc - ok
03:04:59.0625 0x14e8  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
03:04:59.0641 0x14e8  DeviceAssociationService - ok
03:04:59.0688 0x14e8  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
03:04:59.0703 0x14e8  DeviceInstall - ok
03:04:59.0739 0x14e8  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
03:04:59.0739 0x14e8  Dfsc - ok
03:04:59.0801 0x14e8  [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
03:04:59.0817 0x14e8  dg_ssudbus - ok
03:04:59.0864 0x14e8  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
03:04:59.0895 0x14e8  Dhcp - ok
03:04:59.0910 0x14e8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
03:04:59.0910 0x14e8  disk - ok
03:04:59.0942 0x14e8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
03:04:59.0957 0x14e8  dmvsc - ok
03:05:00.0004 0x14e8  [ FBD2D7F491F3EBC5C54C5C4DB2564953, 1C053C28DB00ADF63BE317376395F5E32CBFD2C065A3756470BC54F44747965B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
03:05:00.0020 0x14e8  Dnscache - ok
03:05:00.0051 0x14e8  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
03:05:00.0067 0x14e8  dot3svc - ok
03:05:00.0082 0x14e8  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
03:05:00.0098 0x14e8  DPS - ok
03:05:00.0114 0x14e8  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
03:05:00.0129 0x14e8  drmkaud - ok
03:05:00.0176 0x14e8  [ 8407DDFAB85AE664E507C30314090385, 05F052C64D192CF69A462A5EC16DDA0D43CA5D0245900C9FCB9201685A2E7748 ] DrvAgent64      C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
03:05:00.0192 0x14e8  DrvAgent64 - ok
03:05:00.0207 0x14e8  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
03:05:00.0239 0x14e8  DsmSvc - ok
03:05:00.0285 0x14e8  [ 40CFC6671B2442D32E149FF1683212D1, ADC1743CDB98EAC736783156D659364DF8613BCC4C0B6D0AC0D8F05AF18E0BF7 ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
03:05:00.0301 0x14e8  dts_apo_service - ok
03:05:00.0395 0x14e8  [ 13B160C1913F012BD1615EB1398D3779, 2B5786AAEC845156D28ABDAA77347844D39F33DF53F2C96ACEF38A668ADFF422 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
03:05:00.0473 0x14e8  DXGKrnl - ok
03:05:00.0504 0x14e8  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
03:05:00.0520 0x14e8  Eaphost - ok
03:05:00.0629 0x14e8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
03:05:00.0754 0x14e8  ebdrv - ok
03:05:00.0770 0x14e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
03:05:00.0785 0x14e8  EFS - ok
03:05:00.0801 0x14e8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
03:05:00.0801 0x14e8  EhStorClass - ok
03:05:00.0832 0x14e8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
03:05:00.0832 0x14e8  EhStorTcgDrv - ok
03:05:00.0848 0x14e8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
03:05:00.0848 0x14e8  ErrDev - ok
03:05:00.0895 0x14e8  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
03:05:00.0926 0x14e8  EventSystem - ok
03:05:00.0957 0x14e8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
03:05:00.0973 0x14e8  exfat - ok
03:05:00.0989 0x14e8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
03:05:01.0004 0x14e8  fastfat - ok
03:05:01.0051 0x14e8  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
03:05:01.0129 0x14e8  Fax - ok
03:05:01.0129 0x14e8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
03:05:01.0145 0x14e8  fdc - ok
03:05:01.0160 0x14e8  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
03:05:01.0176 0x14e8  fdPHost - ok
03:05:01.0192 0x14e8  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
03:05:01.0192 0x14e8  FDResPub - ok
03:05:01.0223 0x14e8  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
03:05:01.0239 0x14e8  fhsvc - ok
03:05:01.0270 0x14e8  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
03:05:01.0270 0x14e8  FileInfo - ok
03:05:01.0301 0x14e8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
03:05:01.0317 0x14e8  Filetrace - ok
03:05:01.0332 0x14e8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
03:05:01.0332 0x14e8  flpydisk - ok
03:05:01.0348 0x14e8  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
03:05:01.0379 0x14e8  FltMgr - ok
03:05:01.0426 0x14e8  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
03:05:01.0520 0x14e8  FontCache - ok
03:05:01.0598 0x14e8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:05:01.0614 0x14e8  FontCache3.0.0.0 - ok
03:05:01.0629 0x14e8  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
03:05:01.0645 0x14e8  FsDepends - ok
03:05:01.0676 0x14e8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
03:05:01.0676 0x14e8  Fs_Rec - ok
03:05:01.0723 0x14e8  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
03:05:01.0757 0x14e8  fvevol - ok
03:05:01.0773 0x14e8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
03:05:01.0773 0x14e8  FxPPM - ok
03:05:01.0789 0x14e8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
03:05:01.0789 0x14e8  gagp30kx - ok
03:05:01.0851 0x14e8  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
03:05:01.0882 0x14e8  GamesAppService - ok
03:05:01.0898 0x14e8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
03:05:01.0898 0x14e8  gencounter - ok
03:05:01.0961 0x14e8  [ 045AE8D818B2E74B839597BB9C19C13B, 5C46F86C16E7F9740FEA56D5153B8E438A87B6011AA2C589FF0C1BE21D4BA701 ] GFNEXSrv        C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
03:05:01.0992 0x14e8  GFNEXSrv - ok
03:05:02.0007 0x14e8  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
03:05:02.0023 0x14e8  GPIOClx0101 - ok
03:05:02.0086 0x14e8  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
03:05:02.0117 0x14e8  gpsvc - ok
03:05:02.0179 0x14e8  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:05:02.0211 0x14e8  gupdate - ok
03:05:02.0226 0x14e8  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:05:02.0242 0x14e8  gupdatem - ok
03:05:02.0273 0x14e8  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
03:05:02.0289 0x14e8  HdAudAddService - ok
03:05:02.0304 0x14e8  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
03:05:02.0320 0x14e8  HDAudBus - ok
03:05:02.0320 0x14e8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
03:05:02.0336 0x14e8  HidBatt - ok
03:05:02.0336 0x14e8  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
03:05:02.0351 0x14e8  HidBth - ok
03:05:02.0351 0x14e8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
03:05:02.0367 0x14e8  hidi2c - ok
03:05:02.0367 0x14e8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
03:05:02.0382 0x14e8  HidIr - ok
03:05:02.0414 0x14e8  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
03:05:02.0429 0x14e8  hidserv - ok
03:05:02.0429 0x14e8  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
03:05:02.0445 0x14e8  HidUsb - ok
03:05:02.0476 0x14e8  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
03:05:02.0492 0x14e8  hkmsvc - ok
03:05:02.0523 0x14e8  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
03:05:02.0554 0x14e8  HomeGroupListener - ok
03:05:02.0586 0x14e8  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
03:05:02.0601 0x14e8  HomeGroupProvider - ok
03:05:02.0632 0x14e8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
03:05:02.0632 0x14e8  HpSAMD - ok
03:05:02.0679 0x14e8  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
03:05:02.0726 0x14e8  HTTP - ok
03:05:02.0726 0x14e8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
03:05:02.0742 0x14e8  hwpolicy - ok
03:05:02.0757 0x14e8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
03:05:02.0757 0x14e8  hyperkbd - ok
03:05:02.0773 0x14e8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
03:05:02.0773 0x14e8  HyperVideo - ok
03:05:02.0789 0x14e8  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
03:05:02.0804 0x14e8  i8042prt - ok
03:05:02.0804 0x14e8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
03:05:02.0804 0x14e8  iaLPSSi_GPIO - ok
03:05:02.0820 0x14e8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
03:05:02.0836 0x14e8  iaLPSSi_I2C - ok
03:05:02.0867 0x14e8  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
03:05:02.0882 0x14e8  iaStorA - ok
03:05:02.0914 0x14e8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
03:05:02.0945 0x14e8  iaStorAV - ok
03:05:02.0976 0x14e8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
03:05:02.0992 0x14e8  iaStorV - ok
03:05:03.0039 0x14e8  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
03:05:03.0054 0x14e8  ICCS - ok
03:05:03.0054 0x14e8  IEEtwCollectorService - ok
03:05:03.0179 0x14e8  [ BD875DF51F3B5F3B6BBDDC8184D85922, AE751C424EE6B98F434CDD80FDF315CBEF9B453A5351DEF111FBE04AA16B7ED4 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
03:05:03.0289 0x14e8  igfx - ok
03:05:03.0367 0x14e8  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
03:05:03.0414 0x14e8  IKEEXT - ok
03:05:03.0429 0x14e8  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
03:05:03.0445 0x14e8  intaud_WaveExtensible - ok
03:05:03.0476 0x14e8  [ 56BF61A0F2CB461DFC78AC5260739D5C, DE6C0B6B614BE4BFEB7A2D992C4881BD720278247A0053B9154B453311B7E510 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
03:05:03.0492 0x14e8  IntcDAud - ok
03:05:03.0586 0x14e8  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
03:05:03.0617 0x14e8  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
03:05:06.0037 0x14e8  Detect skipped due to KSN trusted
03:05:06.0037 0x14e8  Intel(R) Capability Licensing Service Interface - ok
03:05:06.0115 0x14e8  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
03:05:06.0162 0x14e8  Intel(R) Capability Licensing Service TCP IP Interface - ok
03:05:06.0208 0x14e8  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
03:05:06.0224 0x14e8  Intel(R) ME Service - ok
03:05:06.0240 0x14e8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
03:05:06.0271 0x14e8  intelide - ok
03:05:06.0302 0x14e8  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
03:05:06.0318 0x14e8  intelpep - ok
03:05:06.0349 0x14e8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
03:05:06.0365 0x14e8  intelppm - ok
03:05:06.0365 0x14e8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
03:05:06.0380 0x14e8  IpFilterDriver - ok
03:05:06.0427 0x14e8  [ 201EDF3C5E674BF1FE44D28CC6A76EA2, 33DEA0C6DE9AE915C62794FBBA2625364E68AC5385C4B5FFDE889D90DA54C1AE ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
03:05:06.0474 0x14e8  iphlpsvc - ok
03:05:06.0474 0x14e8  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
03:05:06.0490 0x14e8  IPMIDRV - ok
03:05:06.0521 0x14e8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
03:05:06.0537 0x14e8  IPNAT - ok
03:05:06.0552 0x14e8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
03:05:06.0568 0x14e8  IRENUM - ok
03:05:06.0583 0x14e8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
03:05:06.0599 0x14e8  isapnp - ok
03:05:06.0615 0x14e8  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
03:05:06.0630 0x14e8  iScsiPrt - ok
03:05:06.0646 0x14e8  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
03:05:06.0646 0x14e8  iwdbus - ok
03:05:06.0677 0x14e8  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
03:05:06.0693 0x14e8  jhi_service - ok
03:05:06.0693 0x14e8  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
03:05:06.0708 0x14e8  kbdclass - ok
03:05:06.0740 0x14e8  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
03:05:06.0740 0x14e8  kbdhid - ok
03:05:06.0755 0x14e8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
03:05:06.0787 0x14e8  kdnic - ok
03:05:06.0802 0x14e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
03:05:06.0802 0x14e8  KeyIso - ok
03:05:06.0849 0x14e8  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
03:05:06.0865 0x14e8  KSecDD - ok
03:05:06.0912 0x14e8  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
03:05:06.0927 0x14e8  KSecPkg - ok
03:05:06.0943 0x14e8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
03:05:06.0943 0x14e8  ksthunk - ok
03:05:06.0974 0x14e8  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
03:05:07.0005 0x14e8  KtmRm - ok
03:05:07.0021 0x14e8  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
03:05:07.0021 0x14e8  L1C - ok
03:05:07.0068 0x14e8  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
03:05:07.0083 0x14e8  LanmanServer - ok
03:05:07.0115 0x14e8  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
03:05:07.0130 0x14e8  LanmanWorkstation - ok
03:05:07.0193 0x14e8  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
03:05:07.0224 0x14e8  lfsvc - ok
03:05:07.0240 0x14e8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
03:05:07.0255 0x14e8  lltdio - ok
03:05:07.0287 0x14e8  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
03:05:07.0302 0x14e8  lltdsvc - ok
03:05:07.0318 0x14e8  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
03:05:07.0365 0x14e8  lmhosts - ok
03:05:07.0412 0x14e8  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
03:05:07.0427 0x14e8  LMS - ok
03:05:07.0459 0x14e8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
03:05:07.0459 0x14e8  LSI_SAS - ok
03:05:07.0474 0x14e8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
03:05:07.0474 0x14e8  LSI_SAS2 - ok
03:05:07.0490 0x14e8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
03:05:07.0505 0x14e8  LSI_SAS3 - ok
03:05:07.0505 0x14e8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
03:05:07.0521 0x14e8  LSI_SSS - ok
03:05:07.0537 0x14e8  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\WINDOWS\System32\lsm.dll
03:05:07.0584 0x14e8  LSM - ok
03:05:07.0615 0x14e8  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
03:05:07.0630 0x14e8  luafv - ok
03:05:07.0677 0x14e8  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
03:05:07.0693 0x14e8  MBAMProtector - ok
03:05:07.0755 0x14e8  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
03:05:07.0818 0x14e8  MBAMScheduler - ok
03:05:07.0849 0x14e8  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
03:05:07.0880 0x14e8  MBAMService - ok
03:05:07.0943 0x14e8  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
03:05:07.0959 0x14e8  MBAMSwissArmy - ok
03:05:07.0990 0x14e8  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
03:05:08.0005 0x14e8  MBAMWebAccessControl - ok
03:05:08.0037 0x14e8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
03:05:08.0052 0x14e8  megasas - ok
03:05:08.0084 0x14e8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
03:05:08.0115 0x14e8  megasr - ok
03:05:08.0130 0x14e8  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
03:05:08.0146 0x14e8  MEIx64 - ok
03:05:08.0162 0x14e8  [ D9D93198D7479C8FC52375806CFDC1CF, 856806C154367F3E32B7FCC797719D37942A1249138DD8DA87B95BC757CB8A95 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
03:05:08.0177 0x14e8  mfeapfk - ok
03:05:08.0209 0x14e8  [ EBC37DF7D14D33056C46CCD233A3E9DF, 3FDE4214B888004ED8FF93DEBA80EABA738E66A592078032414E94F9F769D3DF ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
03:05:08.0224 0x14e8  mfeavfk - ok
03:05:08.0240 0x14e8  [ 381EECD28C170978837DE41835647F07, DD385B4C6C1BB2B775ED39E7045EB000676BF2B29DD0BA3D31FE95969DC63DF4 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
03:05:08.0255 0x14e8  mfeelamk - ok
03:05:08.0365 0x14e8  [ 89A8491264921184753B472F96A68E2F, 4FC0ACF8023C6324789F6300B4646C23EDCDA6B6409B277DA3C7B000EC94C4D4 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
03:05:08.0380 0x14e8  mfefire - ok
03:05:08.0427 0x14e8  [ 688FC9DB0D8319413F99C020D646A0BD, 52FB02DD79CB04F5559965B2EF4020FA65194163D3BB8289697A063B3A864360 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
03:05:08.0474 0x14e8  mfefirek - ok
03:05:08.0537 0x14e8  [ 205FF925AACA86BF19B1395D22463AF7, 1447338FEB4EBE18E4D2B37BC1A09723EC8DF52D28FEBB38B86552CDA06F303C ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
03:05:08.0568 0x14e8  mfehidk - ok
03:05:08.0599 0x14e8  [ 5E03DF8154CCA4D5B236B8AFAF3ECE48, B35B786EE7476A189771CA741862D13C7BBF9233367396371413849FF48C7E23 ] mfevtp          C:\Windows\system32\mfevtps.exe
03:05:08.0599 0x14e8  mfevtp - ok
03:05:08.0646 0x14e8  [ FD426ABB976F264C5741D724B0046B06, B03AEFB874C7C5EC80A18F9E6670C0F8C4F5AC0F94FF43BE956C9CD0DB03BF8F ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
03:05:08.0677 0x14e8  mfewfpk - ok
03:05:08.0693 0x14e8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
03:05:08.0724 0x14e8  MMCSS - ok
03:05:08.0724 0x14e8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
03:05:08.0740 0x14e8  Modem - ok
03:05:08.0760 0x14e8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
03:05:08.0776 0x14e8  monitor - ok
03:05:08.0791 0x14e8  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
03:05:08.0807 0x14e8  mouclass - ok
03:05:08.0807 0x14e8  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
03:05:08.0822 0x14e8  mouhid - ok
03:05:08.0838 0x14e8  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
03:05:08.0854 0x14e8  mountmgr - ok
03:05:08.0854 0x14e8  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
03:05:08.0869 0x14e8  mpsdrv - ok
03:05:08.0932 0x14e8  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
03:05:08.0979 0x14e8  MpsSvc - ok
03:05:08.0994 0x14e8  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
03:05:09.0010 0x14e8  MRxDAV - ok
03:05:09.0057 0x14e8  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
03:05:09.0088 0x14e8  mrxsmb - ok
03:05:09.0119 0x14e8  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
03:05:09.0151 0x14e8  mrxsmb10 - ok
03:05:09.0182 0x14e8  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
03:05:09.0197 0x14e8  mrxsmb20 - ok
03:05:09.0244 0x14e8  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
03:05:09.0260 0x14e8  MsBridge - ok
03:05:09.0276 0x14e8  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
03:05:09.0291 0x14e8  MSDTC - ok
03:05:09.0307 0x14e8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
03:05:09.0322 0x14e8  Msfs - ok
03:05:09.0322 0x14e8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
03:05:09.0338 0x14e8  msgpiowin32 - ok
03:05:09.0354 0x14e8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
03:05:09.0369 0x14e8  mshidkmdf - ok
03:05:09.0385 0x14e8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
03:05:09.0385 0x14e8  mshidumdf - ok
03:05:09.0401 0x14e8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
03:05:09.0401 0x14e8  msisadrv - ok
03:05:09.0448 0x14e8  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
03:05:09.0463 0x14e8  MSiSCSI - ok
03:05:09.0463 0x14e8  msiserver - ok
03:05:09.0479 0x14e8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
03:05:09.0479 0x14e8  MSKSSRV - ok
03:05:09.0494 0x14e8  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
03:05:09.0510 0x14e8  MsLldp - ok
03:05:09.0526 0x14e8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
03:05:09.0526 0x14e8  MSPCLOCK - ok
03:05:09.0541 0x14e8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
03:05:09.0541 0x14e8  MSPQM - ok
03:05:09.0557 0x14e8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
03:05:09.0588 0x14e8  MsRPC - ok
03:05:09.0588 0x14e8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
03:05:09.0604 0x14e8  mssmbios - ok
03:05:09.0604 0x14e8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
03:05:09.0619 0x14e8  MSTEE - ok
03:05:09.0619 0x14e8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
03:05:09.0635 0x14e8  MTConfig - ok
03:05:09.0635 0x14e8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
03:05:09.0651 0x14e8  Mup - ok
03:05:09.0666 0x14e8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
03:05:09.0682 0x14e8  mvumis - ok
03:05:09.0713 0x14e8  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
03:05:09.0729 0x14e8  napagent - ok
03:05:09.0776 0x14e8  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
03:05:09.0791 0x14e8  NativeWifiP - ok
03:05:09.0823 0x14e8  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
03:05:09.0838 0x14e8  NcaSvc - ok
03:05:09.0854 0x14e8  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
03:05:09.0885 0x14e8  NcbService - ok
03:05:09.0901 0x14e8  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
03:05:09.0932 0x14e8  NcdAutoSetup - ok
03:05:09.0994 0x14e8  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
03:05:10.0041 0x14e8  NDIS - ok
03:05:10.0073 0x14e8  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
03:05:10.0088 0x14e8  NdisCap - ok
03:05:10.0135 0x14e8  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
03:05:10.0198 0x14e8  NdisImPlatform - ok
03:05:10.0229 0x14e8  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
03:05:10.0244 0x14e8  NdisTapi - ok
03:05:10.0354 0x14e8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
03:05:10.0369 0x14e8  Ndisuio - ok
03:05:10.0385 0x14e8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
03:05:10.0401 0x14e8  NdisVirtualBus - ok
03:05:10.0416 0x14e8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
03:05:10.0448 0x14e8  NdisWan - ok
03:05:10.0448 0x14e8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
03:05:10.0463 0x14e8  NdisWanLegacy - ok
03:05:10.0463 0x14e8  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
03:05:10.0479 0x14e8  NDProxy - ok
03:05:10.0494 0x14e8  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
03:05:10.0510 0x14e8  Ndu - ok
03:05:10.0510 0x14e8  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
03:05:10.0526 0x14e8  NetBIOS - ok
03:05:10.0541 0x14e8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
03:05:10.0557 0x14e8  NetBT - ok
03:05:10.0573 0x14e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
03:05:10.0588 0x14e8  Netlogon - ok
03:05:10.0619 0x14e8  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
03:05:10.0635 0x14e8  Netman - ok
03:05:10.0666 0x14e8  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
03:05:10.0698 0x14e8  netprofm - ok
03:05:10.0760 0x14e8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:05:10.0763 0x14e8  NetTcpPortSharing - ok
03:05:10.0794 0x14e8  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
03:05:10.0810 0x14e8  netvsc - ok
03:05:10.0841 0x14e8  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
03:05:10.0857 0x14e8  NlaSvc - ok
03:05:10.0872 0x14e8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
03:05:10.0888 0x14e8  Npfs - ok
03:05:10.0904 0x14e8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
03:05:10.0904 0x14e8  npsvctrig - ok
03:05:10.0935 0x14e8  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
03:05:10.0935 0x14e8  nsi - ok
03:05:10.0951 0x14e8  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
03:05:10.0951 0x14e8  nsiproxy - ok
03:05:11.0029 0x14e8  [ 725EF69B2DBEB7B33280019A556201BC, 210E816AA07AB4C294410B829A7165EEE056C72B4D846F11F18A9E80C4772BE5 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
03:05:11.0107 0x14e8  Ntfs - ok
03:05:11.0138 0x14e8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
03:05:11.0154 0x14e8  Null - ok
03:05:11.0169 0x14e8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
03:05:11.0185 0x14e8  nvraid - ok
03:05:11.0201 0x14e8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
03:05:11.0216 0x14e8  nvstor - ok
03:05:11.0216 0x14e8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
03:05:11.0232 0x14e8  nv_agp - ok
03:05:11.0263 0x14e8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
03:05:11.0310 0x14e8  p2pimsvc - ok
03:05:11.0357 0x14e8  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
03:05:11.0373 0x14e8  p2psvc - ok
03:05:11.0404 0x14e8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
03:05:11.0404 0x14e8  Parport - ok
03:05:11.0419 0x14e8  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
03:05:11.0435 0x14e8  partmgr - ok
03:05:11.0466 0x14e8  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
03:05:11.0498 0x14e8  PcaSvc - ok
03:05:11.0513 0x14e8  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\WINDOWS\system32\drivers\pci.sys
03:05:11.0529 0x14e8  pci - ok
03:05:11.0544 0x14e8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
03:05:11.0560 0x14e8  pciide - ok
03:05:11.0560 0x14e8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
03:05:11.0576 0x14e8  pcmcia - ok
03:05:11.0591 0x14e8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
03:05:11.0607 0x14e8  pcw - ok
03:05:11.0623 0x14e8  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
03:05:11.0638 0x14e8  pdc - ok
03:05:11.0669 0x14e8  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
03:05:11.0701 0x14e8  PEAUTH - ok
03:05:11.0732 0x14e8  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys
03:05:11.0748 0x14e8  PEGAGFN - ok
03:05:11.0818 0x14e8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
03:05:11.0833 0x14e8  PerfHost - ok
03:05:11.0912 0x14e8  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
03:05:11.0974 0x14e8  pla - ok
03:05:12.0005 0x14e8  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
03:05:12.0021 0x14e8  PlugPlay - ok
03:05:12.0037 0x14e8  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
03:05:12.0037 0x14e8  PNRPAutoReg - ok
03:05:12.0068 0x14e8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
03:05:12.0083 0x14e8  PNRPsvc - ok
03:05:12.0115 0x14e8  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
03:05:12.0130 0x14e8  PolicyAgent - ok
03:05:12.0146 0x14e8  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
03:05:12.0177 0x14e8  Power - ok
03:05:12.0302 0x14e8  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
03:05:12.0412 0x14e8  PrintNotify - ok
03:05:12.0427 0x14e8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
03:05:12.0443 0x14e8  Processor - ok
03:05:12.0474 0x14e8  [ 9E5A3A3B702ECB9E88AA07731F0E65EB, 837EF55E367218B07100092BA1E6291FD52766C57A02900B6141B1A360654B84 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
03:05:12.0490 0x14e8  ProfSvc - ok
03:05:12.0521 0x14e8  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
03:05:12.0537 0x14e8  Psched - ok
03:05:12.0583 0x14e8  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
03:05:12.0599 0x14e8  QWAVE - ok
03:05:12.0615 0x14e8  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
03:05:12.0630 0x14e8  QWAVEdrv - ok
03:05:12.0646 0x14e8  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
03:05:12.0662 0x14e8  RasAcd - ok
03:05:12.0677 0x14e8  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
03:05:12.0693 0x14e8  RasAuto - ok
03:05:12.0724 0x14e8  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\WINDOWS\System32\rasmans.dll
03:05:12.0755 0x14e8  RasMan - ok
03:05:12.0771 0x14e8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
03:05:12.0787 0x14e8  RasPppoe - ok
03:05:12.0833 0x14e8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
03:05:12.0865 0x14e8  rdbss - ok
03:05:12.0912 0x14e8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
03:05:12.0927 0x14e8  rdpbus - ok
03:05:12.0958 0x14e8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
03:05:12.0990 0x14e8  RDPDR - ok
03:05:13.0005 0x14e8  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
03:05:13.0021 0x14e8  RdpVideoMiniport - ok
03:05:13.0052 0x14e8  [ 06250FF7F8E5F98DAA6F2D6251B1694E, F9FA2CDD7964442E51DEB826ED00E3EEA786B3CBDE3CC5452E0122A960CFD35C ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
03:05:13.0068 0x14e8  rdyboost - ok
03:05:13.0115 0x14e8  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
03:05:13.0162 0x14e8  ReFS - ok
03:05:13.0208 0x14e8  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
03:05:13.0224 0x14e8  RemoteAccess - ok
03:05:13.0287 0x14e8  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
03:05:13.0318 0x14e8  RemoteRegistry - ok
03:05:13.0349 0x14e8  [ 02307C86CB24769306B0DFA0C751952E, 637D90161C477995925936E4807B57EA80BE11761B26F5FC1B4B0F3EB52FBA87 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
03:05:13.0365 0x14e8  RFCOMM - ok
03:05:13.0380 0x14e8  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
03:05:13.0396 0x14e8  RpcEptMapper - ok
03:05:13.0427 0x14e8  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
03:05:13.0443 0x14e8  RpcLocator - ok
03:05:13.0490 0x14e8  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
03:05:13.0521 0x14e8  RpcSs - ok
03:05:13.0537 0x14e8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
03:05:13.0552 0x14e8  rspndr - ok
03:05:13.0646 0x14e8  [ A307450FE19F99CC8AC750EB13959F94, D74B054B116C8E4295AFE1826D3E560D7F6885980C711F692CCDF4D9A87978AB ] RTWlanE         C:\WINDOWS\system32\DRIVERS\rtwlane.sys
03:05:13.0708 0x14e8  RTWlanE - ok
03:05:13.0724 0x14e8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
03:05:13.0740 0x14e8  s3cap - ok
03:05:13.0772 0x14e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
03:05:13.0777 0x14e8  SamSs - ok
03:05:13.0792 0x14e8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
03:05:13.0808 0x14e8  sbp2port - ok
03:05:13.0839 0x14e8  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
03:05:13.0855 0x14e8  SCardSvr - ok
03:05:13.0870 0x14e8  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
03:05:13.0886 0x14e8  ScDeviceEnum - ok
03:05:13.0902 0x14e8  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
03:05:13.0917 0x14e8  scfilter - ok
03:05:13.0980 0x14e8  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
03:05:14.0027 0x14e8  Schedule - ok
03:05:14.0058 0x14e8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
03:05:14.0073 0x14e8  SCPolicySvc - ok
03:05:14.0105 0x14e8  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
03:05:14.0120 0x14e8  sdbus - ok
03:05:14.0136 0x14e8  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
03:05:14.0136 0x14e8  sdstor - ok
03:05:14.0152 0x14e8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
03:05:14.0167 0x14e8  secdrv - ok
03:05:14.0183 0x14e8  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
03:05:14.0198 0x14e8  seclogon - ok
03:05:14.0230 0x14e8  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
03:05:14.0245 0x14e8  SENS - ok
03:05:14.0261 0x14e8  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
03:05:14.0277 0x14e8  SensrSvc - ok
03:05:14.0308 0x14e8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
03:05:14.0308 0x14e8  SerCx - ok
03:05:14.0339 0x14e8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
03:05:14.0355 0x14e8  SerCx2 - ok
03:05:14.0370 0x14e8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
03:05:14.0370 0x14e8  Serenum - ok
03:05:14.0386 0x14e8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
03:05:14.0386 0x14e8  Serial - ok
03:05:14.0402 0x14e8  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
03:05:14.0402 0x14e8  sermouse - ok
03:05:14.0464 0x14e8  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
03:05:14.0480 0x14e8  SessionEnv - ok
03:05:14.0495 0x14e8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
03:05:14.0511 0x14e8  sfloppy - ok
03:05:14.0542 0x14e8  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
03:05:14.0573 0x14e8  SharedAccess - ok
03:05:14.0652 0x14e8  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
03:05:14.0698 0x14e8  ShellHWDetection - ok
03:05:14.0714 0x14e8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
03:05:14.0730 0x14e8  SiSRaid2 - ok
03:05:14.0730 0x14e8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
03:05:14.0745 0x14e8  SiSRaid4 - ok
03:05:14.0792 0x14e8  [ 4A233E3477FE43F6AEBBEE4FE157E05F, ADDC666E0C0891FA7DC4B98205E31546D5753537955D477722BF0BF350A5712C ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
03:05:14.0808 0x14e8  SmbDrvI - ok
03:05:14.0839 0x14e8  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
03:05:14.0855 0x14e8  smphost - ok
03:05:14.0870 0x14e8  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
03:05:14.0886 0x14e8  SNMPTRAP - ok
03:05:14.0917 0x14e8  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
03:05:14.0948 0x14e8  spaceport - ok
03:05:14.0964 0x14e8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
03:05:14.0980 0x14e8  SpbCx - ok
03:05:15.0027 0x14e8  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
03:05:15.0073 0x14e8  Spooler - ok
03:05:15.0292 0x14e8  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
03:05:15.0480 0x14e8  sppsvc - ok
03:05:15.0527 0x14e8  [ CD7534BA5BA92086B1BC10ADF880FC49, 90FC7A083A95CF79A3B7816A5D0B9CE7B9757A685F412931955AB3B88C8F0530 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
03:05:15.0542 0x14e8  srv - ok
03:05:15.0589 0x14e8  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
03:05:15.0620 0x14e8  srv2 - ok
03:05:15.0652 0x14e8  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
03:05:15.0667 0x14e8  srvnet - ok
03:05:15.0699 0x14e8  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
03:05:15.0714 0x14e8  SSDPSRV - ok
03:05:15.0714 0x14e8  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
03:05:15.0730 0x14e8  SstpSvc - ok
03:05:15.0777 0x14e8  [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
03:05:15.0839 0x14e8  ssudmdm - ok
03:05:15.0886 0x14e8  [ D67F951F6BA708812420195B8D0AB8B6, 6583DB22EB8AA5FF0134D2536C9A46BC0D7D8F8B2829D5719DD68968C22F5917 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
03:05:15.0902 0x14e8  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
03:05:18.0268 0x14e8  Detect skipped due to KSN trusted
03:05:18.0268 0x14e8  STacSV - ok
03:05:18.0331 0x14e8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
03:05:18.0362 0x14e8  stexstor - ok
03:05:18.0393 0x14e8  [ 71CB3BB20F08BB724769DAAAFD5AB26E, FC4B2BD03037EC07F4443BBE13A28859035F7229CA06D4E42AFB42ABF1A89F09 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
03:05:18.0440 0x14e8  STHDA - ok
03:05:18.0471 0x14e8  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
03:05:18.0518 0x14e8  stisvc - ok
03:05:18.0534 0x14e8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
03:05:18.0549 0x14e8  storahci - ok
03:05:18.0565 0x14e8  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
03:05:18.0581 0x14e8  storflt - ok
03:05:18.0581 0x14e8  [ D57AEE34C7C0DD1DC8B6B54B7A89649C, C649E8670CBEAAAD0A380617B67BAF5A5931289AE599796FA6A9830AAFE5F8B4 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
03:05:18.0596 0x14e8  stornvme - ok
03:05:18.0612 0x14e8  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
03:05:18.0627 0x14e8  StorSvc - ok
03:05:18.0643 0x14e8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
03:05:18.0643 0x14e8  storvsc - ok
03:05:18.0674 0x14e8  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
03:05:18.0690 0x14e8  svsvc - ok
03:05:18.0706 0x14e8  [ 04CF20310145DEC63D5387BEAFF77D9A, 5017AF8C2DFBFE1F9946FF5AF229D62D141118EA923EEFA994EB4C7B52DEF208 ] SWDUMon         C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
03:05:18.0706 0x14e8  SWDUMon - ok
03:05:18.0737 0x14e8  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
03:05:18.0752 0x14e8  swenum - ok
03:05:18.0804 0x14e8  [ 99453C649DC4B0BE6D062B701CD2917F, 6E136BBF46E2E07635BEDC307A7F2E7C653DB45C055419DAB4878BF657B82058 ] swprv           C:\WINDOWS\System32\swprv.dll
03:05:18.0836 0x14e8  swprv - ok
03:05:18.0898 0x14e8  [ 90AAE45676DDF13048FFB9D01FBE1669, 983FFA615E42B5E039DE5F1033F643D0E87C93A715043A9A642518FC66E3F9F5 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
03:05:18.0929 0x14e8  SynTP - ok
03:05:18.0992 0x14e8  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\WINDOWS\system32\sysmain.dll
03:05:19.0039 0x14e8  SysMain - ok
03:05:19.0086 0x14e8  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
03:05:19.0117 0x14e8  SystemEventsBroker - ok
03:05:19.0148 0x14e8  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
03:05:19.0164 0x14e8  TabletInputService - ok
03:05:19.0179 0x14e8  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
03:05:19.0195 0x14e8  TapiSrv - ok
03:05:19.0304 0x14e8  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
03:05:19.0429 0x14e8  Tcpip - ok
03:05:19.0523 0x14e8  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
03:05:19.0601 0x14e8  TCPIP6 - ok
03:05:19.0633 0x14e8  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
03:05:19.0648 0x14e8  tcpipreg - ok
03:05:19.0679 0x14e8  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] tdcmdpst        C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys
03:05:19.0679 0x14e8  tdcmdpst - ok
03:05:19.0711 0x14e8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
03:05:19.0726 0x14e8  tdx - ok
03:05:19.0773 0x14e8  [ E964837B2A702D82E51DE879FEFDF22B, 3C24E4E3486F4D6B4AB0E202BD45AF4D344123EB6467476A4317DB0CFA37EC86 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
03:05:19.0789 0x14e8  TemproMonitoringService - ok
03:05:19.0820 0x14e8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
03:05:19.0836 0x14e8  terminpt - ok
03:05:19.0914 0x14e8  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
03:05:19.0945 0x14e8  TermService - ok
03:05:19.0961 0x14e8  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
03:05:19.0992 0x14e8  Themes - ok
03:05:20.0008 0x14e8  [ 77CF0ECC1C2B5E616B650AB5D4931114, FFB54C264EE10AABA076B591196A98DA5F57E975A4A143AFB5424DFF726AF66F ] Thotkey         C:\WINDOWS\System32\drivers\Thotkey.sys
03:05:20.0023 0x14e8  Thotkey - ok
03:05:20.0054 0x14e8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
03:05:20.0054 0x14e8  THREADORDER - ok
03:05:20.0086 0x14e8  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
03:05:20.0101 0x14e8  TimeBroker - ok
03:05:20.0148 0x14e8  [ 6C4F5CD42074DB52AE88FC4BAB2C54F7, B4E3B6A23C99A11186F4EE875871D459A7A03EF4565CA114B41FB3C982841A45 ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
03:05:20.0164 0x14e8  TMachInfo - ok
03:05:20.0179 0x14e8  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
03:05:20.0195 0x14e8  TODDSrv - ok
03:05:20.0242 0x14e8  [ 380192EE4C9FA50A083C14522E6240C8, 539EF29B97E552F655F73EFB54AE300587F3C6FCE9AF89C81B838997E9E0CD43 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
03:05:20.0258 0x14e8  TOSHIBA eco Utility Service - ok
03:05:20.0289 0x14e8  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\WINDOWS\System32\drivers\tosrfec.sys
03:05:20.0289 0x14e8  tosrfec - ok
03:05:20.0320 0x14e8  [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64       C:\WINDOWS\system32\drivers\tos_sps64.sys
03:05:20.0336 0x14e8  tos_sps64 - ok
03:05:20.0414 0x14e8  [ 67F2A8FCD91A06E445C374C9E6BB0DD3, 3087D762421A265A0E4BB41496284B092F7F71476CC7BEC5334E3FB6414B4F41 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
03:05:20.0429 0x14e8  TPCHSrv - ok
03:05:20.0461 0x14e8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
03:05:20.0461 0x14e8  TPM - ok
03:05:20.0492 0x14e8  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
03:05:20.0508 0x14e8  TrkWks - ok
03:05:20.0539 0x14e8  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
03:05:20.0554 0x14e8  TrustedInstaller - ok
03:05:20.0570 0x14e8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
03:05:20.0586 0x14e8  TsUsbFlt - ok
03:05:20.0601 0x14e8  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
03:05:20.0601 0x14e8  TsUsbGD - ok
03:05:20.0633 0x14e8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
03:05:20.0648 0x14e8  tunnel - ok
03:05:20.0679 0x14e8  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\WINDOWS\system32\drivers\TVALZ_O.SYS
03:05:20.0679 0x14e8  TVALZ - ok
03:05:20.0695 0x14e8  [ 55A9A23DD64EB7781FCAB565B028CD0E, 44CE0C8244F9AE6CCCDB49C29F6D35FE4CE8C92DE5B5D44D22DBD088DE83AA10 ] TVALZFL         C:\WINDOWS\system32\Drivers\TVALZFL.sys
03:05:20.0711 0x14e8  TVALZFL - ok
03:05:20.0726 0x14e8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
03:05:20.0726 0x14e8  uagp35 - ok
03:05:20.0742 0x14e8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
03:05:20.0758 0x14e8  UASPStor - ok
03:05:20.0808 0x14e8  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
03:05:20.0824 0x14e8  UCX01000 - ok
03:05:20.0855 0x14e8  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
03:05:20.0871 0x14e8  udfs - ok
03:05:20.0886 0x14e8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
03:05:20.0886 0x14e8  UEFI - ok
03:05:20.0917 0x14e8  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
03:05:20.0933 0x14e8  UI0Detect - ok
03:05:20.0933 0x14e8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
03:05:20.0949 0x14e8  uliagpkx - ok
03:05:20.0964 0x14e8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
03:05:20.0980 0x14e8  umbus - ok
03:05:20.0980 0x14e8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
03:05:20.0996 0x14e8  UmPass - ok
03:05:21.0011 0x14e8  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
03:05:21.0027 0x14e8  UmRdpService - ok
03:05:21.0058 0x14e8  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
03:05:21.0121 0x14e8  upnphost - ok
03:05:21.0152 0x14e8  [ 3432E857B8EC1C1316AB098F2BCCDFB6, D83B40E50C92B896855DE28BFEDE53F8DA9F705ED8484B898C04F381F3C85F65 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
03:05:21.0167 0x14e8  usbccgp - ok
03:05:21.0167 0x14e8  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
03:05:21.0183 0x14e8  usbcir - ok
03:05:21.0199 0x14e8  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
03:05:21.0214 0x14e8  usbehci - ok
03:05:21.0230 0x14e8  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
03:05:21.0246 0x14e8  usbhub - ok
03:05:21.0277 0x14e8  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
03:05:21.0292 0x14e8  USBHUB3 - ok
03:05:21.0324 0x14e8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
03:05:21.0339 0x14e8  usbohci - ok
03:05:21.0339 0x14e8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
03:05:21.0355 0x14e8  usbprint - ok
03:05:21.0371 0x14e8  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
03:05:21.0386 0x14e8  USBSTOR - ok
03:05:21.0386 0x14e8  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
03:05:21.0402 0x14e8  usbuhci - ok
03:05:21.0417 0x14e8  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
03:05:21.0464 0x14e8  usbvideo - ok
03:05:21.0496 0x14e8  [ D22EB844EB57D016CC34178AC86456DF, C83440A44EA9CC3D1041AB966FFC423DD17FB25B42BA41BB36C109D16723BD5E ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
03:05:21.0511 0x14e8  USBXHCI - ok
03:05:21.0527 0x14e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
03:05:21.0542 0x14e8  VaultSvc - ok
03:05:21.0558 0x14e8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
03:05:21.0574 0x14e8  vdrvroot - ok
03:05:21.0636 0x14e8  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\WINDOWS\System32\vds.exe
03:05:21.0699 0x14e8  vds - ok
03:05:21.0730 0x14e8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
03:05:21.0746 0x14e8  VerifierExt - ok
03:05:21.0761 0x14e8  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
03:05:21.0808 0x14e8  vhdmp - ok
03:05:21.0824 0x14e8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
03:05:21.0839 0x14e8  viaide - ok
03:05:21.0839 0x14e8  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
03:05:21.0855 0x14e8  vmbus - ok
03:05:21.0855 0x14e8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
03:05:21.0871 0x14e8  VMBusHID - ok
03:05:21.0933 0x14e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
03:05:21.0964 0x14e8  vmicguestinterface - ok
03:05:21.0980 0x14e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
03:05:21.0996 0x14e8  vmicheartbeat - ok
03:05:22.0027 0x14e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
03:05:22.0042 0x14e8  vmickvpexchange - ok
03:05:22.0074 0x14e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
03:05:22.0089 0x14e8  vmicrdv - ok
03:05:22.0121 0x14e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
03:05:22.0136 0x14e8  vmicshutdown - ok
03:05:22.0152 0x14e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
03:05:22.0183 0x14e8  vmictimesync - ok
03:05:22.0199 0x14e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
03:05:22.0230 0x14e8  vmicvss - ok
03:05:22.0246 0x14e8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
03:05:22.0246 0x14e8  volmgr - ok
03:05:22.0277 0x14e8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
03:05:22.0292 0x14e8  volmgrx - ok
03:05:22.0339 0x14e8  [ C85C075DE5B6D0FE116043054DE8EE02, 8BB01DA3D63562F51BCCB5CC996F99A5CB0A8F89900045BBCF4115FD521A9706 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
03:05:22.0355 0x14e8  volsnap - ok
03:05:22.0371 0x14e8  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
03:05:22.0371 0x14e8  vpci - ok
03:05:22.0386 0x14e8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
03:05:22.0402 0x14e8  vsmraid - ok
03:05:22.0464 0x14e8  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\WINDOWS\system32\vssvc.exe
03:05:22.0527 0x14e8  VSS - ok
03:05:22.0558 0x14e8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
03:05:22.0589 0x14e8  VSTXRAID - ok
03:05:22.0621 0x14e8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
03:05:22.0621 0x14e8  vwifibus - ok
03:05:22.0636 0x14e8  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
03:05:22.0652 0x14e8  vwififlt - ok
03:05:22.0667 0x14e8  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
03:05:22.0667 0x14e8  vwifimp - ok
03:05:22.0761 0x14e8  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
03:05:22.0799 0x14e8  W32Time - ok
03:05:22.0815 0x14e8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
03:05:22.0830 0x14e8  WacomPen - ok
03:05:22.0877 0x14e8  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\WINDOWS\system32\wbengine.exe
03:05:22.0940 0x14e8  wbengine - ok
03:05:22.0971 0x14e8  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
03:05:23.0002 0x14e8  WbioSrvc - ok
03:05:23.0033 0x14e8  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
03:05:23.0065 0x14e8  Wcmsvc - ok
03:05:23.0096 0x14e8  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
03:05:23.0127 0x14e8  wcncsvc - ok
03:05:23.0143 0x14e8  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
03:05:23.0174 0x14e8  WcsPlugInService - ok
03:05:23.0190 0x14e8  [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
03:05:23.0205 0x14e8  WdBoot - ok
03:05:23.0252 0x14e8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
03:05:23.0283 0x14e8  Wdf01000 - ok
03:05:23.0299 0x14e8  [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
03:05:23.0315 0x14e8  WdFilter - ok
03:05:23.0330 0x14e8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
03:05:23.0346 0x14e8  WdiServiceHost - ok
03:05:23.0361 0x14e8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
03:05:23.0377 0x14e8  WdiSystemHost - ok
03:05:23.0377 0x14e8  [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
03:05:23.0393 0x14e8  WdNisDrv - ok
03:05:23.0408 0x14e8  WdNisSvc - ok
03:05:23.0424 0x14e8  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
03:05:23.0440 0x14e8  WebClient - ok
03:05:23.0471 0x14e8  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
03:05:23.0486 0x14e8  Wecsvc - ok
03:05:23.0486 0x14e8  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
03:05:23.0502 0x14e8  WEPHOSTSVC - ok
03:05:23.0518 0x14e8  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
03:05:23.0549 0x14e8  wercplsupport - ok
03:05:23.0565 0x14e8  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
03:05:23.0580 0x14e8  WerSvc - ok
03:05:23.0596 0x14e8  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
03:05:23.0611 0x14e8  WFPLWFS - ok
03:05:23.0627 0x14e8  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
03:05:23.0643 0x14e8  WiaRpc - ok
03:05:23.0658 0x14e8  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
03:05:23.0674 0x14e8  WIMMount - ok
03:05:23.0674 0x14e8  WinDefend - ok
03:05:23.0705 0x14e8  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
03:05:23.0736 0x14e8  WinHttpAutoProxySvc - ok
03:05:23.0783 0x14e8  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
03:05:23.0799 0x14e8  Winmgmt - ok
03:05:23.0924 0x14e8  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
03:05:24.0018 0x14e8  WinRM - ok
03:05:24.0049 0x14e8  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
03:05:24.0049 0x14e8  WinUsb - ok
03:05:24.0127 0x14e8  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
03:05:24.0205 0x14e8  WlanSvc - ok
03:05:24.0268 0x14e8  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
03:05:24.0315 0x14e8  wlidsvc - ok
03:05:24.0330 0x14e8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
03:05:24.0330 0x14e8  WmiAcpi - ok
03:05:24.0361 0x14e8  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
03:05:24.0377 0x14e8  wmiApSrv - ok
03:05:24.0408 0x14e8  WMPNetworkSvc - ok
03:05:24.0471 0x14e8  [ 53A36BD7ABD1E56C9A0C923F09C717E3, 6CF53F109DA4EB06918C3528816FDBE5EC2AE1A5BA3DC9B172958B99758955D0 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
03:05:24.0549 0x14e8  workfolderssvc - ok
03:05:24.0549 0x14e8  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
03:05:24.0565 0x14e8  wpcfltr - ok
03:05:24.0596 0x14e8  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
03:05:24.0611 0x14e8  WPCSvc - ok
03:05:24.0643 0x14e8  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
03:05:24.0658 0x14e8  WPDBusEnum - ok
03:05:24.0674 0x14e8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
03:05:24.0690 0x14e8  WpdUpFltr - ok
03:05:24.0705 0x14e8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
03:05:24.0721 0x14e8  ws2ifsl - ok
03:05:24.0736 0x14e8  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
03:05:24.0752 0x14e8  wscsvc - ok
03:05:24.0752 0x14e8  WSearch - ok
03:05:24.0896 0x14e8  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\WINDOWS\System32\WSService.dll
03:05:25.0052 0x14e8  WSService - ok
03:05:25.0208 0x14e8  [ A4158154BABB7A29BF5639CFAB3CEC2C, CDAFB22CFB99860A3F20074BF011AB0C9CED6A89A52C2B442814A7A477C141AC ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
03:05:25.0349 0x14e8  wuauserv - ok
03:05:25.0365 0x14e8  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
03:05:25.0380 0x14e8  WudfPf - ok
03:05:25.0396 0x14e8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
03:05:25.0411 0x14e8  WUDFRd - ok
03:05:25.0427 0x14e8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
03:05:25.0443 0x14e8  WUDFSensorLP - ok
03:05:25.0458 0x14e8  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
03:05:25.0474 0x14e8  wudfsvc - ok
03:05:25.0490 0x14e8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
03:05:25.0490 0x14e8  WUDFWpdMtp - ok
03:05:25.0521 0x14e8  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
03:05:25.0568 0x14e8  WwanSvc - ok
03:05:25.0583 0x14e8  ================ Scan global ===============================
03:05:25.0599 0x14e8  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
03:05:25.0630 0x14e8  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
03:05:25.0661 0x14e8  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
03:05:25.0677 0x14e8  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
03:05:25.0677 0x14e8  [ Global ] - ok
03:05:25.0677 0x14e8  ================ Scan MBR ==================================
03:05:25.0693 0x14e8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
03:05:25.0755 0x14e8  \Device\Harddisk0\DR0 - ok
03:05:25.0755 0x14e8  ================ Scan VBR ==================================
03:05:25.0786 0x14e8  [ E706B3DD07E969C4405CF62C0CD3C3BA ] \Device\Harddisk0\DR0\Partition1
03:05:25.0786 0x14e8  \Device\Harddisk0\DR0\Partition1 - ok
03:05:25.0802 0x14e8  [ B5BCD4E1741065BDCF379CEC1F2445F7 ] \Device\Harddisk0\DR0\Partition2
03:05:25.0802 0x14e8  \Device\Harddisk0\DR0\Partition2 - ok
03:05:25.0818 0x14e8  [ B8313B94B71F5704D4A40FC9D0F0C2E0 ] \Device\Harddisk0\DR0\Partition3
03:05:25.0818 0x14e8  \Device\Harddisk0\DR0\Partition3 - ok
03:05:25.0833 0x14e8  [ BD7E68F6F0D8FE9351761B391C437BF1 ] \Device\Harddisk0\DR0\Partition4
03:05:25.0833 0x14e8  \Device\Harddisk0\DR0\Partition4 - ok
03:05:25.0865 0x14e8  [ 7E32835869C90C7BE7A17318A6031B6C ] \Device\Harddisk0\DR0\Partition5
03:05:25.0865 0x14e8  \Device\Harddisk0\DR0\Partition5 - ok
03:05:25.0865 0x14e8  ================ Scan active images ========================
03:05:25.0880 0x14e8  [ FA47B0AA255B7CF4519E995C6404AE22, F7B315B96E27D1CA00FDB181646B4DF10A0B5AAA7D407AAECAABD7C2348D339F ] C:\Windows\System32\drivers\crashdmp.sys
03:05:25.0880 0x14e8  C:\Windows\System32\drivers\crashdmp.sys - ok
03:05:25.0880 0x14e8  [ 224C2CB37497472C345CB2A02DF11363, 73FE60B2D1D7395E1B97B673CC296A5FE36BA4F4AD9EAD13F3F545134DAC7B70 ] C:\Windows\System32\drivers\Diskdump.sys
03:05:25.0880 0x14e8  C:\Windows\System32\drivers\Diskdump.sys - ok
03:05:25.0880 0x14e8  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] C:\Windows\System32\drivers\iaStorA.sys
03:05:25.0880 0x14e8  C:\Windows\System32\drivers\iaStorA.sys - ok
03:05:25.0896 0x14e8  [ 05C674A72412E6400D5A2684C867402D, B711D7F5500AFB8F419153D1EB9D9678E34763F20FEA18DD2FEE8A60C8F62CE3 ] C:\Windows\System32\drivers\dumpfve.sys
03:05:25.0896 0x14e8  C:\Windows\System32\drivers\dumpfve.sys - ok
03:05:25.0896 0x14e8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] C:\Windows\System32\drivers\cdrom.sys
03:05:25.0896 0x14e8  C:\Windows\System32\drivers\cdrom.sys - ok
03:05:25.0911 0x14e8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] C:\Windows\System32\drivers\null.sys
03:05:25.0911 0x14e8  C:\Windows\System32\drivers\null.sys - ok
03:05:25.0911 0x14e8  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] C:\Windows\System32\drivers\BasicRender.sys
03:05:25.0911 0x14e8  C:\Windows\System32\drivers\BasicRender.sys - ok
03:05:25.0927 0x14e8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] C:\Windows\System32\drivers\beep.sys
03:05:25.0927 0x14e8  C:\Windows\System32\drivers\beep.sys - ok
03:05:25.0927 0x14e8  [ 13B160C1913F012BD1615EB1398D3779, 2B5786AAEC845156D28ABDAA77347844D39F33DF53F2C96ACEF38A668ADFF422 ] C:\Windows\System32\drivers\dxgkrnl.sys
03:05:25.0927 0x14e8  C:\Windows\System32\drivers\dxgkrnl.sys - ok
03:05:25.0927 0x14e8  [ 602811E8AAE68030C151345C84A0CDAF, BA2B2E3187B56A452CFE765A4028D1E088B0F5B7BFD5F706F360D4691EF3F76D ] C:\Windows\System32\drivers\watchdog.sys
03:05:25.0927 0x14e8  C:\Windows\System32\drivers\watchdog.sys - ok
03:05:25.0927 0x14e8  [ 22EDC0DE06A0272DFA4C7B47B5D8E377, 60069F03ED6374D33A05B22EA00C5979222798E948B60F3CEAA0EBF2A17C0972 ] C:\Windows\System32\drivers\dxgmms1.sys
03:05:25.0927 0x14e8  C:\Windows\System32\drivers\dxgmms1.sys - ok
03:05:25.0943 0x14e8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] C:\Windows\System32\drivers\BasicDisplay.sys
03:05:25.0943 0x14e8  C:\Windows\System32\drivers\BasicDisplay.sys - ok
03:05:25.0943 0x14e8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] C:\Windows\System32\drivers\npfs.sys
03:05:25.0943 0x14e8  C:\Windows\System32\drivers\npfs.sys - ok
03:05:25.0943 0x14e8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] C:\Windows\System32\drivers\msfs.sys
03:05:25.0943 0x14e8  C:\Windows\System32\drivers\msfs.sys - ok
03:05:25.0943 0x14e8  [ 3C7361E0A5A6966DB957B94ECF924A9E, 6AE6BFD1E6987E85F4C134639F7AC2A92523B9E9A638A7FA0A98E3B195430D24 ] C:\Windows\System32\drivers\tdi.sys
03:05:25.0943 0x14e8  C:\Windows\System32\drivers\tdi.sys - ok
03:05:25.0958 0x14e8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] C:\Windows\System32\drivers\tdx.sys
03:05:25.0958 0x14e8  C:\Windows\System32\drivers\tdx.sys - ok
03:05:25.0958 0x14e8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] C:\Windows\System32\drivers\netbt.sys
03:05:25.0958 0x14e8  C:\Windows\System32\drivers\netbt.sys - ok
03:05:25.0958 0x14e8  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] C:\Windows\System32\drivers\afd.sys
03:05:25.0958 0x14e8  C:\Windows\System32\drivers\afd.sys - ok
03:05:25.0958 0x14e8  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] C:\Windows\System32\drivers\pacer.sys
03:05:25.0958 0x14e8  C:\Windows\System32\drivers\pacer.sys - ok
03:05:25.0958 0x14e8  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] C:\Windows\System32\drivers\vwififlt.sys
03:05:25.0958 0x14e8  C:\Windows\System32\drivers\vwififlt.sys - ok
03:05:25.0974 0x14e8  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] C:\Windows\System32\drivers\netbios.sys
03:05:25.0974 0x14e8  C:\Windows\System32\drivers\netbios.sys - ok
03:05:25.0974 0x14e8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] C:\Windows\System32\drivers\rdbss.sys
03:05:25.0974 0x14e8  C:\Windows\System32\drivers\rdbss.sys - ok
03:05:25.0974 0x14e8  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] C:\Windows\System32\drivers\nsiproxy.sys
03:05:25.0974 0x14e8  C:\Windows\System32\drivers\nsiproxy.sys - ok
03:05:25.0974 0x14e8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] C:\Windows\System32\drivers\npsvctrig.sys
03:05:25.0974 0x14e8  C:\Windows\System32\drivers\npsvctrig.sys - ok
03:05:25.0990 0x14e8  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] C:\Windows\System32\drivers\ahcache.sys
03:05:25.0990 0x14e8  C:\Windows\System32\drivers\ahcache.sys - ok
03:05:25.0990 0x14e8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] C:\Windows\System32\drivers\dam.sys
03:05:25.0990 0x14e8  C:\Windows\System32\drivers\dam.sys - ok
03:05:25.0990 0x14e8  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] C:\Windows\System32\drivers\dfsc.sys
03:05:25.0990 0x14e8  C:\Windows\System32\drivers\dfsc.sys - ok
03:05:25.0990 0x14e8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] C:\Windows\System32\drivers\mssmbios.sys
03:05:25.0990 0x14e8  C:\Windows\System32\drivers\mssmbios.sys - ok
03:05:26.0005 0x14e8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] C:\Windows\System32\drivers\CompositeBus.sys
03:05:26.0005 0x14e8  C:\Windows\System32\drivers\CompositeBus.sys - ok
03:05:26.0005 0x14e8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] C:\Windows\System32\drivers\kdnic.sys
03:05:26.0005 0x14e8  C:\Windows\System32\drivers\kdnic.sys - ok
03:05:26.0005 0x14e8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] C:\Windows\System32\drivers\umbus.sys
03:05:26.0005 0x14e8  C:\Windows\System32\drivers\umbus.sys - ok
03:05:26.0005 0x14e8  [ 3D136E8D4C0407D9C40FD8BDD649B587, FD357C96761BFD6DBB643C7579C0512781CFE21552764EB88DDE446CCE216C75 ] C:\Windows\System32\ntdll.dll
03:05:26.0005 0x14e8  C:\Windows\System32\ntdll.dll - ok
03:05:26.0005 0x14e8  [ 89B91AEEE4C0C5D3708C0F177C97B630, E971CADE6F049F2790BDE863FF1EAAFCCA893D3DAFE3522A571C74E0F8F6187A ] C:\Windows\System32\smss.exe
03:05:26.0005 0x14e8  C:\Windows\System32\smss.exe - ok
03:05:26.0021 0x14e8  [ BD875DF51F3B5F3B6BBDDC8184D85922, AE751C424EE6B98F434CDD80FDF315CBEF9B453A5351DEF111FBE04AA16B7ED4 ] C:\Windows\System32\drivers\igdkmd64.sys
03:05:26.0021 0x14e8  C:\Windows\System32\drivers\igdkmd64.sys - ok
03:05:26.0021 0x14e8  [ 37D01B8BC15E263F4405367C9A442824, 13782AD69C9D2DED1E94A766D9BB200499FA5890E63820C7755A99C9D751F2AA ] C:\Windows\System32\autochk.exe
03:05:26.0021 0x14e8  C:\Windows\System32\autochk.exe - ok
03:05:26.0021 0x14e8  [ D22EB844EB57D016CC34178AC86456DF, C83440A44EA9CC3D1041AB966FFC423DD17FB25B42BA41BB36C109D16723BD5E ] C:\Windows\System32\drivers\USBXHCI.SYS
03:05:26.0021 0x14e8  C:\Windows\System32\drivers\USBXHCI.SYS - ok
03:05:26.0021 0x14e8  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] C:\Windows\System32\drivers\UCX01000.SYS
03:05:26.0021 0x14e8  C:\Windows\System32\drivers\UCX01000.SYS - ok
03:05:26.0036 0x14e8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] C:\Windows\System32\drivers\fastfat.sys
03:05:26.0036 0x14e8  C:\Windows\System32\drivers\fastfat.sys - ok
03:05:26.0036 0x14e8  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] C:\Windows\System32\drivers\TeeDriverx64.sys
03:05:26.0036 0x14e8  C:\Windows\System32\drivers\TeeDriverx64.sys - ok
03:05:26.0036 0x14e8  [ 32F2E6BAD9FA8E14B55E97280661801E, 5F0DAEE71A96262834759C897D3EE6F952978418A97F41B35E497D9A6A2E0E36 ] C:\Windows\System32\drivers\usbport.sys
03:05:26.0036 0x14e8  C:\Windows\System32\drivers\usbport.sys - ok
03:05:26.0036 0x14e8  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] C:\Windows\System32\drivers\hdaudbus.sys
03:05:26.0036 0x14e8  C:\Windows\System32\drivers\hdaudbus.sys - ok
03:05:26.0052 0x14e8  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] C:\Windows\System32\drivers\usbehci.sys
03:05:26.0052 0x14e8  C:\Windows\System32\drivers\usbehci.sys - ok
03:05:26.0052 0x14e8  [ 2A11580E835FE3762C36FBC6F3666643, 089DF149B411FE3BE51AA1F9E9A18222B6D3D32EE136C0E28158959F0E015623 ] C:\Windows\System32\drivers\athwbx.sys

Conchitta · 24.08.2016, 04:21

Code:

ATTFilter

03:05:26.0052 0x14e8  C:\Windows\System32\drivers\athwbx.sys - ok
c
03:05:26.0068 0x14e8  C:\Windows\System32\imm32.dll - ok
03:05:26.0068 0x14e8  [ 90AAE45676DDF13048FFB9D01FBE1669, 983FFA615E42B5E039DE5F1033F643D0E87C93A715043A9A642518FC66E3F9F5 ] C:\Windows\System32\drivers\SynTP.sys
03:05:26.0068 0x14e8  C:\Windows\System32\drivers\SynTP.sys - ok
03:05:26.0068 0x14e8  [ 882222A9961418A75A08CB68671679D5, 836E22C68E3BB08E612DA3680C772EB3AD94A30377D82CB35BFDE92493D5ED33 ] C:\Windows\System32\drivers\usbd.sys
03:05:26.0068 0x14e8  C:\Windows\System32\drivers\usbd.sys - ok
03:05:26.0068 0x14e8  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] C:\Windows\System32\drivers\kbdclass.sys
03:05:26.0068 0x14e8  C:\Windows\System32\drivers\kbdclass.sys - ok
03:05:26.0083 0x14e8  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] C:\Windows\System32\drivers\mouclass.sys
03:05:26.0083 0x14e8  C:\Windows\System32\drivers\mouclass.sys - ok
03:05:26.0083 0x14e8  [ 99387C515F80270F097F6DD9B5315649, 01DBF3B69DCA897AD45271DF0DF96F3503274881800DAD36AB37FCE97167C6E5 ] C:\Windows\System32\drivers\battc.sys
03:05:26.0083 0x14e8  C:\Windows\System32\drivers\battc.sys - ok
03:05:26.0083 0x14e8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] C:\Windows\System32\drivers\CmBatt.sys
03:05:26.0083 0x14e8  C:\Windows\System32\drivers\CmBatt.sys - ok
03:05:26.0083 0x14e8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] C:\Windows\System32\drivers\intelppm.sys
03:05:26.0083 0x14e8  C:\Windows\System32\drivers\intelppm.sys - ok
03:05:26.0099 0x14e8  [ 4A233E3477FE43F6AEBBEE4FE157E05F, ADDC666E0C0891FA7DC4B98205E31546D5753537955D477722BF0BF350A5712C ] C:\Windows\System32\drivers\Smb_driver_Intel.sys
03:05:26.0099 0x14e8  C:\Windows\System32\drivers\Smb_driver_Intel.sys - ok
03:05:26.0099 0x14e8  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] C:\Windows\System32\drivers\tdcmdpst.sys
03:05:26.0099 0x14e8  C:\Windows\System32\drivers\tdcmdpst.sys - ok
03:05:26.0099 0x14e8  [ ADB26481D4D247C1D6986EC45FFDAB53, DB5BA1884F8477631CD913E84E55D037C8D4BB40266D46A0138DA3753F979503 ] C:\Windows\System32\drivers\hidclass.sys
03:05:26.0099 0x14e8  C:\Windows\System32\drivers\hidclass.sys - ok
03:05:26.0099 0x14e8  [ 7FFB24B4A54B1ACD46CF6899D879CC9F, 7EBFADD2B35386226C69A21631A69FF82D66B855899C9B1CEE96987A3A64094D ] C:\Windows\System32\drivers\hidparse.sys
03:05:26.0099 0x14e8  C:\Windows\System32\drivers\hidparse.sys - ok
03:05:26.0115 0x14e8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] C:\Windows\System32\drivers\mshidkmdf.sys
03:05:26.0115 0x14e8  C:\Windows\System32\drivers\mshidkmdf.sys - ok
03:05:26.0115 0x14e8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] C:\Windows\System32\drivers\NdisVirtualBus.sys
03:05:26.0115 0x14e8  C:\Windows\System32\drivers\NdisVirtualBus.sys - ok
03:05:26.0115 0x14e8  [ 77CF0ECC1C2B5E616B650AB5D4931114, FFB54C264EE10AABA076B591196A98DA5F57E975A4A143AFB5424DFF726AF66F ] C:\Windows\System32\drivers\Thotkey.sys
03:05:26.0115 0x14e8  C:\Windows\System32\drivers\Thotkey.sys - ok
03:05:26.0115 0x14e8  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] C:\Windows\System32\drivers\tosrfec.sys
03:05:26.0115 0x14e8  C:\Windows\System32\drivers\tosrfec.sys - ok
03:05:26.0115 0x14e8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] C:\Windows\System32\drivers\wmiacpi.sys
03:05:26.0115 0x14e8  C:\Windows\System32\drivers\wmiacpi.sys - ok
03:05:26.0130 0x14e8  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] C:\Windows\System32\drivers\iwdbus.sys
03:05:26.0130 0x14e8  C:\Windows\System32\drivers\iwdbus.sys - ok
03:05:26.0130 0x14e8  [ 65EBBB459B66C818E809DD8135DCFFA2, 1ABDA0AF74801397044935B0167271179E6B3857A6852AEC491F4948C15C5388 ] C:\Windows\System32\drivers\ks.sys
03:05:26.0130 0x14e8  C:\Windows\System32\drivers\ks.sys - ok
03:05:26.0130 0x14e8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] C:\Windows\System32\drivers\rdpbus.sys
03:05:26.0130 0x14e8  C:\Windows\System32\drivers\rdpbus.sys - ok
03:05:26.0130 0x14e8  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] C:\Windows\System32\drivers\swenum.sys
03:05:26.0130 0x14e8  C:\Windows\System32\drivers\swenum.sys - ok
03:05:26.0146 0x14e8  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] C:\Windows\System32\drivers\usbhub.sys
03:05:26.0146 0x14e8  C:\Windows\System32\drivers\usbhub.sys - ok
03:05:26.0146 0x14e8  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] C:\Windows\System32\drivers\USBHUB3.SYS
03:05:26.0146 0x14e8  C:\Windows\System32\drivers\USBHUB3.SYS - ok
03:05:26.0146 0x14e8  [ 3103BBAB41F0C75BE6FA302439C9B9D6, CC0D62B5B5A0E6193B27CA7E3BCDD3E5FFB5F1EFDA97CE1EB76FCA7D1B159FEF ] C:\Windows\System32\drivers\drmk.sys
03:05:26.0146 0x14e8  C:\Windows\System32\drivers\drmk.sys - ok
03:05:26.0146 0x14e8  [ 6E20731E1EE157D22CB2F7519F9E5AB2, 1956353641434A8F603BA4C973B89CA0A19067582EA97F5640672D7EBEC31D8E ] C:\Windows\System32\drivers\portcls.sys
03:05:26.0146 0x14e8  C:\Windows\System32\drivers\portcls.sys - ok
03:05:26.0161 0x14e8  [ 71CB3BB20F08BB724769DAAAFD5AB26E, FC4B2BD03037EC07F4443BBE13A28859035F7229CA06D4E42AFB42ABF1A89F09 ] C:\Windows\System32\drivers\stwrt64.sys
03:05:26.0161 0x14e8  C:\Windows\System32\drivers\stwrt64.sys - ok
03:05:26.0161 0x14e8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] C:\Windows\System32\drivers\ksthunk.sys
03:05:26.0161 0x14e8  C:\Windows\System32\drivers\ksthunk.sys - ok
03:05:26.0161 0x14e8  [ 905A32D35E8CC1F08F040F77B03697FF, CA1B6E1B52E9DA5977C5105C28E3FA5142B4CBF16391B532A6037B396A2F7884 ] C:\Windows\System32\shlwapi.dll
03:05:26.0161 0x14e8  C:\Windows\System32\shlwapi.dll - ok
03:05:26.0161 0x14e8  [ 56BF61A0F2CB461DFC78AC5260739D5C, DE6C0B6B614BE4BFEB7A2D992C4881BD720278247A0053B9154B453311B7E510 ] C:\Windows\System32\drivers\IntcDAud.sys
03:05:26.0161 0x14e8  C:\Windows\System32\drivers\IntcDAud.sys - ok
03:05:26.0161 0x14e8  [ AD5CE3C874A6229D4B80F977FAF6EF87, 5DE92E394E969FAD0B758E6BB10B5ECD5BA06601554A7C2ED3E8D654190159D1 ] C:\Windows\System32\GdiPlus.dll
03:05:26.0161 0x14e8  C:\Windows\System32\GdiPlus.dll - ok
03:05:26.0177 0x14e8  [ 450C44450C72E3C75CEFA5E9C8371A23, 43AD23DB703390274C86D121038E726B4AD19F6C4C58E22740593C3B39BE3169 ] C:\Windows\System32\wow64win.dll
03:05:26.0177 0x14e8  C:\Windows\System32\wow64win.dll - ok
03:05:26.0177 0x14e8  [ C039246195C736A602F581D29F18A43D, 96A0AF75F369FEBE3B79E3628D69206E096FB01D959987BD9862CF364DDAA724 ] C:\Windows\System32\combase.dll
03:05:26.0177 0x14e8  C:\Windows\System32\combase.dll - ok
03:05:26.0177 0x14e8  [ EBC37DF7D14D33056C46CCD233A3E9DF, 3FDE4214B888004ED8FF93DEBA80EABA738E66A592078032414E94F9F769D3DF ] C:\Windows\System32\drivers\mfeavfk.sys
03:05:26.0177 0x14e8  C:\Windows\System32\drivers\mfeavfk.sys - ok
03:05:26.0177 0x14e8  [ 688FC9DB0D8319413F99C020D646A0BD, 52FB02DD79CB04F5559965B2EF4020FA65194163D3BB8289697A063B3A864360 ] C:\Windows\System32\drivers\mfefirek.sys
03:05:26.0177 0x14e8  C:\Windows\System32\drivers\mfefirek.sys - ok
03:05:26.0193 0x14e8  [ 4126D30992B26303E47E8981313FD6D6, 4C8DB2DDDB88FBEA87CDBFB93D9855B40043778878AF4A5571C174434F9C0D4C ] C:\Windows\System32\drivers\AmUStor.sys
03:05:26.0193 0x14e8  C:\Windows\System32\drivers\AmUStor.sys - ok
03:05:26.0193 0x14e8  [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] C:\Windows\System32\drivers\ssudbus.sys
03:05:26.0193 0x14e8  C:\Windows\System32\drivers\ssudbus.sys - ok
03:05:26.0193 0x14e8  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] C:\Windows\System32\drivers\winusb.sys
03:05:26.0193 0x14e8  C:\Windows\System32\drivers\winusb.sys - ok
03:05:26.0193 0x14e8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] C:\Windows\System32\drivers\WUDFRd.sys
03:05:26.0193 0x14e8  C:\Windows\System32\drivers\WUDFRd.sys - ok
03:05:26.0193 0x14e8  [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] C:\Windows\System32\drivers\ssudmdm.sys
03:05:26.0193 0x14e8  C:\Windows\System32\drivers\ssudmdm.sys - ok
03:05:26.0208 0x14e8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] C:\Windows\System32\drivers\modem.sys
03:05:26.0208 0x14e8  C:\Windows\System32\drivers\modem.sys - ok
03:05:26.0208 0x14e8  [ 447CB6699A8EAD2BC516991738A16277, 1A58913C5A51B26FBB87AE26C34A0C9F2F4444D7F50CEF90635EDE17DBED77CC ] C:\Windows\System32\imagehlp.dll
03:05:26.0208 0x14e8  C:\Windows\System32\imagehlp.dll - ok
03:05:26.0208 0x14e8  [ 722B699957393AC38AD18C84964EFFA6, 3102F7CA9B20BCE0C5871CF6B045A333A66A54C8D72E4A4CD820DAE34D823F95 ] C:\Windows\System32\setupapi.dll
03:05:26.0208 0x14e8  C:\Windows\System32\setupapi.dll - ok
03:05:26.0208 0x14e8  [ D84E30C42F76768B2040EB2A32A0F6E3, 36EA18DDE101D0C43639D8D52CB8F248B5A84496332347BD89E9754B111E1D57 ] C:\Windows\System32\advapi32.dll
03:05:26.0208 0x14e8  C:\Windows\System32\advapi32.dll - ok
03:05:26.0224 0x14e8  [ 60E8BCEC59540F3C740BA9DED2832E70, B866B6397C453B3BB12D5FBDA8FFBD8DF5B37541614B01B5ADE777FE298CF81A ] C:\Windows\System32\drivers\btfilter.sys
03:05:26.0224 0x14e8  C:\Windows\System32\drivers\btfilter.sys - ok
03:05:26.0224 0x14e8  [ 8458ECAB701EE385851C2559B71D1209, 0680031AFB5501C6D16F404CAA43C00C44C3213A790BB5570C9309BB9197C257 ] C:\Windows\System32\drivers\bthport.sys
03:05:26.0224 0x14e8  C:\Windows\System32\drivers\bthport.sys - ok
03:05:26.0224 0x14e8  [ 1A811BAFA2114C2FC878507F9F86566C, 81554EB4E5A8E985599CE8464DDDFC1DBA57AA2837F5D5458E753AB2C925C2E8 ] C:\Windows\System32\user32.dll
03:05:26.0224 0x14e8  C:\Windows\System32\user32.dll - ok
03:05:26.0224 0x14e8  [ 2C0B77176CD68F1F60510CDF36ADC401, 77990114F9D7B60F5D62122F4634DF89BE69EC56507DAD8C84417B9EC6B21E8D ] C:\Windows\System32\drivers\BTHUSB.SYS
03:05:26.0224 0x14e8  C:\Windows\System32\drivers\BTHUSB.SYS - ok
03:05:26.0240 0x14e8  [ E585E29FD95DD85C8E4CBDF868902C3E, 1AE069A2652B19771656C01CA6EECDF42A3061390FF1D0BE262743FE40D00447 ] C:\Windows\System32\comdlg32.dll
03:05:26.0240 0x14e8  C:\Windows\System32\comdlg32.dll - ok
03:05:26.0240 0x14e8  [ 3432E857B8EC1C1316AB098F2BCCDFB6, D83B40E50C92B896855DE28BFEDE53F8DA9F705ED8484B898C04F381F3C85F65 ] C:\Windows\System32\drivers\usbccgp.sys
03:05:26.0240 0x14e8  C:\Windows\System32\drivers\usbccgp.sys - ok
03:05:26.0240 0x14e8  [ A4B86A08CEC7841895C817430CB76CE2, 1185171CDAB5373460EE225F5A2DBF7C89F5CFBEC19F2A02609F65241FFAD0DA ] C:\Windows\System32\clbcatq.dll
03:05:26.0240 0x14e8  C:\Windows\System32\clbcatq.dll - ok
03:05:26.0240 0x14e8  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] C:\Windows\System32\drivers\usbvideo.sys
03:05:26.0240 0x14e8  C:\Windows\System32\drivers\usbvideo.sys - ok
03:05:26.0240 0x14e8  [ CFCDAAA210D62B277A2183F62FEE068F, 47450EAB0FBCBC24AEEBBAFB392D312B63DDF8F8D762ACB0C09F4143673EC284 ] C:\Windows\System32\rpcrt4.dll
03:05:26.0255 0x14e8  C:\Windows\System32\rpcrt4.dll - ok
03:05:26.0255 0x14e8  [ CC29613C244DA266D40DBACC108FEAB5, B92B10664D811EDF4A16A19AF01B0C5D9721748BDD2852B32F18DB9C9C267042 ] C:\Windows\System32\wow64cpu.dll
03:05:26.0255 0x14e8  C:\Windows\System32\wow64cpu.dll - ok
03:05:26.0255 0x14e8  [ FCD8BD17B7193CFFF18C332D1A381D7F, CD8A03086695F8FF2566697164D1FD1B60210C017220EFBD78CB12C38CD12BE1 ] C:\Windows\System32\drivers\BthLEEnum.sys
03:05:26.0255 0x14e8  C:\Windows\System32\drivers\BthLEEnum.sys - ok
03:05:26.0255 0x14e8  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] C:\Windows\System32\drivers\bthenum.sys
03:05:26.0255 0x14e8  C:\Windows\System32\drivers\bthenum.sys - ok
03:05:26.0255 0x14e8  [ 02307C86CB24769306B0DFA0C751952E, 637D90161C477995925936E4807B57EA80BE11761B26F5FC1B4B0F3EB52FBA87 ] C:\Windows\System32\drivers\rfcomm.sys
03:05:26.0255 0x14e8  C:\Windows\System32\drivers\rfcomm.sys - ok
03:05:26.0271 0x14e8  [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] C:\Windows\System32\drivers\bthpan.sys
03:05:26.0271 0x14e8  C:\Windows\System32\drivers\bthpan.sys - ok
03:05:26.0271 0x14e8  [ 9E2ABB0CAB26EBD775D968EAB1C1F6EC, C71BA2C89FDD1395BDD2E8C4F7B00C2CF0BE428EA8DF59945CDCC5575922BCA4 ] C:\Windows\System32\normaliz.dll
03:05:26.0271 0x14e8  C:\Windows\System32\normaliz.dll - ok
03:05:26.0271 0x14e8  [ B7564AB4F8A12A16C568F256EC6C429B, DD4E34227A1227F10BFD2DF1BA40D3EEB905FF6E9FF4905BE3323102ACD45F28 ] C:\Windows\System32\psapi.dll
03:05:26.0271 0x14e8  C:\Windows\System32\psapi.dll - ok
03:05:26.0271 0x14e8  [ 179E2B1F19FD949761EEAB36AD5DAB35, D8F0295FFE4D2498A20B5B22F348AD316E1FCAC960C3B8385C621ECA643B03E4 ] C:\Windows\System32\msctf.dll
03:05:26.0271 0x14e8  C:\Windows\System32\msctf.dll - ok
03:05:26.0286 0x14e8  [ 1AEFA4B25F72772F131D760F664ED7E1, 13C4A554F34FBB54257EEA8832AAFB37453410B563D2589F9A533639D80B54C7 ] C:\Windows\System32\difxapi.dll
03:05:26.0286 0x14e8  C:\Windows\System32\difxapi.dll - ok
03:05:26.0286 0x14e8  [ C49981A2AD6B2793891075FD514F5728, 5D7FC0085558EF4632D920345345AEF97DBAC32577A05AB571422EBFC7178F3D ] C:\Windows\System32\gdi32.dll
03:05:26.0286 0x14e8  C:\Windows\System32\gdi32.dll - ok
03:05:26.0286 0x14e8  [ 6F997D98C6A30D79C622811FBAB9119E, 730BD302DEF13201B7E197524F373CB2E422D167C8ACBE190F551F6AC153D13C ] C:\Windows\System32\ws2_32.dll
03:05:26.0286 0x14e8  C:\Windows\System32\ws2_32.dll - ok
03:05:26.0286 0x14e8  [ AD8C705077689862FC864F94987015EC, 663F1094A456787C213F0FD9B259DF1F0633BAB5D214FBC775370FD3F5233EC8 ] C:\Windows\System32\shell32.dll
03:05:26.0286 0x14e8  C:\Windows\System32\shell32.dll - ok
03:05:26.0286 0x14e8  [ B9FC41CEC711DC0E1BFE927EEDC49176, 0CCC1345C61F86F431EF5E11D5A57CD58DA20CE3688BD60C48BD9F4D25D4B664 ] C:\Windows\System32\oleaut32.dll
03:05:26.0286 0x14e8  C:\Windows\System32\oleaut32.dll - ok
03:05:26.0302 0x14e8  [ 7CE4D5AB5626A26A6E6DFC7397179841, 871E24E52C58BBECB251083F1705261E7B3D3D8E017089FCD52D7582571B59F1 ] C:\Windows\System32\msvcrt.dll
03:05:26.0302 0x14e8  C:\Windows\System32\msvcrt.dll - ok
03:05:26.0302 0x14e8  [ AAC770C00645F25A6CE9CCB711F8E7ED, 1F99EC3B5BFCB9746072D2B3546C6B6809BF3A5AB4B79D912B124C00B006723B ] C:\Windows\System32\kernel32.dll
03:05:26.0302 0x14e8  C:\Windows\System32\kernel32.dll - ok
03:05:26.0302 0x14e8  [ 74B258D5896FC8F8256E8D03459AC2A2, B37DC91EA21A9E16DF4CA19099FA940063A690704E499D335F5104954E91715D ] C:\Windows\System32\lpk.dll
03:05:26.0302 0x14e8  C:\Windows\System32\lpk.dll - ok
03:05:26.0302 0x14e8  [ 75428240F81D41B9F8F7CE5DDB07CA0F, B420AD4B2DE3C6222F86E2FDE7F8FAB73675D81E817CD81EAEFC7E8FD076E50B ] C:\Windows\System32\nsi.dll
03:05:26.0302 0x14e8  C:\Windows\System32\nsi.dll - ok
03:05:26.0318 0x14e8  [ FADE737DEAFE3BF4CFC151AD0F548A47, D8E58838F966E69507EA60B3F2B15B088FA70F6A9536F5C8D7CA2794FD481894 ] C:\Windows\System32\wow64.dll
03:05:26.0318 0x14e8  C:\Windows\System32\wow64.dll - ok
03:05:26.0318 0x14e8  [ DACC0040F6BB7F524BAE1D653B9FC329, 1FD3FC4E7C7D3FADA6DA29D4CA4D8F124A23F3565CDAC92BDF987AD7B7EA89D7 ] C:\Windows\System32\Wldap32.dll
03:05:26.0318 0x14e8  C:\Windows\System32\Wldap32.dll - ok
03:05:26.0318 0x14e8  [ DB0F2D3A7561ECC396DF8878674B6DD9, 76134D50EE1D3AC57670C22517735021C45F7203C7199F09501FFF80E07AA153 ] C:\Windows\System32\ole32.dll
03:05:26.0318 0x14e8  C:\Windows\System32\ole32.dll - ok
03:05:26.0318 0x14e8  [ B65523C830308241407F6EBCC6484E70, 0045EE4010BF5FB60886F1B02EA73590BBEEED78CE4577989EE55B4BF2B74923 ] C:\Windows\System32\sechost.dll
03:05:26.0318 0x14e8  C:\Windows\System32\sechost.dll - ok
03:05:26.0333 0x14e8  [ 82580BA9C29F7553FBB4FF6A80664157, 16461726A925FABDB1C09397CFDD24A2C3F930163A38D08DE07FFB5A830CBDDA ] C:\Windows\System32\KernelBase.dll
03:05:26.0333 0x14e8  C:\Windows\System32\KernelBase.dll - ok
03:05:26.0333 0x14e8  [ 2D7D55C11CA93C385166768D529AB979, E736E83BDC93BCD3441640400EDDB59EA5F4D3065D4217593110E073D9973E3B ] C:\Windows\System32\wintrust.dll
03:05:26.0333 0x14e8  C:\Windows\System32\wintrust.dll - ok
03:05:26.0333 0x14e8  [ 6EFAF0D87291F9FBD7C0ED3BD56511AA, 039895A75791F7107B98428EAA797D240E1A160312DC841973F8D9D1DC4D30E8 ] C:\Windows\System32\crypt32.dll
03:05:26.0333 0x14e8  C:\Windows\System32\crypt32.dll - ok
03:05:26.0333 0x14e8  [ 8D2DF744C20A8960C022BF71505D3B45, CF29FDDA58CD2A30EEDFC44E7E8D8D2C378330CC71930A0BB65652AE7AD76B8B ] C:\Windows\System32\cfgmgr32.dll
03:05:26.0333 0x14e8  C:\Windows\System32\cfgmgr32.dll - ok
03:05:26.0333 0x14e8  [ 980CDCBF3EDB80CA20921F2C88260406, 48CBFB7B8DB7A6B5F268D94D28D19711E93EE4E54415921AE233B66BEADAB9D0 ] C:\Windows\System32\comctl32.dll
03:05:26.0333 0x14e8  C:\Windows\System32\comctl32.dll - ok
03:05:26.0349 0x14e8  [ 7DA935827BC3F48AE146BA4B2755F1AD, BB5A9394BFCEAB681BDA3A32C9F5E6222BE4FA8D0D70BA9639FBA722F4D7B2C5 ] C:\Windows\System32\msasn1.dll
03:05:26.0349 0x14e8  C:\Windows\System32\msasn1.dll - ok
03:05:26.0349 0x14e8  [ 00542019B2969529C5E9C68C83BD6F88, A5EA5B5DD71A05E16CA6E32622825D415FF1BEE2A9C5DA7F4B8A8065EDEAAE36 ] C:\Windows\SysWOW64\normaliz.dll
03:05:26.0349 0x14e8  C:\Windows\SysWOW64\normaliz.dll - ok
03:05:26.0349 0x14e8  [ 32F9650CD23F6F36706E9EA23ECCF484, 742C036C9018CCAE53719D50E3AAFDED2088C8EA67CE59595B7AA575BD116B06 ] C:\Windows\SysWOW64\lpk.dll
03:05:26.0349 0x14e8  C:\Windows\SysWOW64\lpk.dll - ok
03:05:26.0349 0x14e8  [ 1A69D165DDA78A4329B854D4FEDAD132, 7520C53230F7362BCC747CA8B7683DA16B672DD2C6CA2536B5260E33C8ACF5F7 ] C:\Windows\System32\win32k.sys
03:05:26.0349 0x14e8  C:\Windows\System32\win32k.sys - ok
03:05:26.0365 0x14e8  [ 885901A37E73FA25F3F87A848BA8033F, 4335F74947E1C4FC8442E62D2BC61264D0019030F2F2D2E5D4D668548A411B01 ] C:\Windows\System32\csrsrv.dll
03:05:26.0365 0x14e8  C:\Windows\System32\csrsrv.dll - ok
03:05:26.0365 0x14e8  [ B2D3F07F5E8A13AF988A8B3C0A800880, CB41E9D0E8107AA9337DBD1C56F22461131AD0952A2472B4477E2649D16ECB15 ] C:\Windows\System32\csrss.exe
03:05:26.0365 0x14e8  C:\Windows\System32\csrss.exe - ok
03:05:26.0365 0x14e8  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\System32\basesrv.dll
03:05:26.0365 0x14e8  C:\Windows\System32\basesrv.dll - ok
03:05:26.0365 0x14e8  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\Windows\System32\winsrv.dll
03:05:26.0365 0x14e8  C:\Windows\System32\winsrv.dll - ok
03:05:26.0365 0x14e8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] C:\Windows\System32\drivers\monitor.sys
03:05:26.0365 0x14e8  C:\Windows\System32\drivers\monitor.sys - ok
03:05:26.0380 0x14e8  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\System32\sxssrv.dll
03:05:26.0380 0x14e8  C:\Windows\System32\sxssrv.dll - ok
03:05:26.0380 0x14e8  [ 8D3421127B05432B743719C239ABF80F, 51BB0D8B68FB8AD9CF47DFB452DA633670D0B0183B912F512E807D92D2255517 ] C:\Windows\System32\tsddd.dll
03:05:26.0380 0x14e8  C:\Windows\System32\tsddd.dll - ok
03:05:26.0380 0x14e8  [ 48CFA7BE561A7BE144C29BB912055016, 64BE1AFD9F55C2BD636914D1F808AD209C68BF97AA3D0B73568C2C1E48BE2800 ] C:\Windows\System32\wininit.exe
03:05:26.0380 0x14e8  C:\Windows\System32\wininit.exe - ok
03:05:26.0380 0x14e8  [ 5EC5EC3A6118227CA3FFD1353BC61344, 3F4AE0A3D94AD26C2114FC766E0D62C48A7E47EF1BD387F2F0AF87237B68E31F ] C:\Windows\System32\cdd.dll
03:05:26.0380 0x14e8  C:\Windows\System32\cdd.dll - ok
03:05:26.0396 0x14e8  [ 8ED638461EFFCF584AF5A8C291A2F9DF, C8414D68E423D345212E90524897B781B944034C385123DED4ACA508FADDD11E ] C:\Windows\System32\profapi.dll
03:05:26.0396 0x14e8  C:\Windows\System32\profapi.dll - ok
03:05:26.0396 0x14e8  [ 57E1B83BB52651FF388788D8C4F12C80, B1D253D5C5E944D76D0B79E3B1802C29E11BEFBBDCE703FB4F03D25D211F3D45 ] C:\Windows\System32\KBDGR.DLL
03:05:26.0396 0x14e8  C:\Windows\System32\KBDGR.DLL - ok
03:05:26.0396 0x14e8  [ 55D0BC5BA19B1BA3A82F75A33828BCC0, D30254D004A13746377D1554961C11BF3B5D7F06E361993D6FF396741A281D31 ] C:\Windows\System32\wininitext.dll
03:05:26.0396 0x14e8  C:\Windows\System32\wininitext.dll - ok
03:05:26.0396 0x14e8  [ 7C94FDA3809015B8F2208D2E1C221F17, 71486B77FE0D3A97D2C2DCC527AC1EB44C9155601403C9E79F9854DB58CA8F68 ] C:\Windows\System32\winlogon.exe
03:05:26.0396 0x14e8  C:\Windows\System32\winlogon.exe - ok
03:05:26.0396 0x14e8  [ 1DBC3C3728F7787A36BEDF2DF7E48AB3, EF5B5C6DC3440FC78E288E127E671181CFCD856BB462D9EC202A67C607DA6ABC ] C:\Windows\System32\powrprof.dll
03:05:26.0396 0x14e8  C:\Windows\System32\powrprof.dll - ok
03:05:26.0411 0x14e8  [ 04F8A9CC544B08634EC932E017434457, FFA322DAB1C2FB6C56EF413210CBC4DF0981D9CE301F67A67DE38DE7CCEFB17E ] C:\Windows\System32\winlogonext.dll
03:05:26.0411 0x14e8  C:\Windows\System32\winlogonext.dll - ok
03:05:26.0411 0x14e8  [ BCECD25BCFFE2FC4498374BF2E572DBE, E8DF45593BBD7D9387EE127DC9CDFCB9695723D0AC47F9A615CB7203ACC8F190 ] C:\Windows\System32\sxs.dll
03:05:26.0411 0x14e8  C:\Windows\System32\sxs.dll - ok
03:05:26.0411 0x14e8  [ BC18914CB16B0A7BF5D103A65359FAE4, 3CFD06E3B377CA9E777C8D6C7E77B5CC914EC60D8EF8D7B50F0505F48834B4D9 ] C:\Windows\System32\WlS0WndH.dll
03:05:26.0411 0x14e8  C:\Windows\System32\WlS0WndH.dll - ok
03:05:26.0427 0x14e8  [ A41455649982EE080BE5CA8A72153808, 2C86808D30875C83CBE7F1D34834349D5BD429DFBCA8BD17B7ED4E8E75735FF7 ] C:\Windows\System32\winsta.dll
03:05:26.0427 0x14e8  C:\Windows\System32\winsta.dll - ok
03:05:26.0427 0x14e8  [ B83B06508CADBC204B3DAEECC395A571, 10045637ABA4EF52F93602F5F78E8A50F2C2D9B2E646D0D0CC91E684C2AD1030 ] C:\Windows\System32\cryptbase.dll
03:05:26.0427 0x14e8  C:\Windows\System32\cryptbase.dll - ok
03:05:26.0427 0x14e8  [ 876A3E1A4DB8720DF66D653BDBAD3E5D, 6ED5BDC432E5F351E01995D345D296CA67AF24B84951268F239C631A544054A5 ] C:\Windows\System32\bcryptprimitives.dll
03:05:26.0427 0x14e8  C:\Windows\System32\bcryptprimitives.dll - ok
03:05:26.0427 0x14e8  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\Windows\System32\services.exe
03:05:26.0427 0x14e8  C:\Windows\System32\services.exe - ok
03:05:26.0443 0x14e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] C:\Windows\System32\lsass.exe
03:05:26.0443 0x14e8  C:\Windows\System32\lsass.exe - ok
03:05:26.0443 0x14e8  [ 652D7E7BC8D6A909480FF2BBD0E46210, 9871C9EBA42B9385A62C20AB23AE6A99ADB8D2043E85083454482075611AA510 ] C:\Windows\System32\sspicli.dll
03:05:26.0443 0x14e8  C:\Windows\System32\sspicli.dll - ok
03:05:26.0443 0x14e8  [ 0D85B43A59FB7A63782F6A8969B5BB43, 8B6C5BDC6DCDFE3A060D5147AE2DA40CC47009160E9667A68701A83246A4850C ] C:\Windows\System32\sspisrv.dll
03:05:26.0443 0x14e8  C:\Windows\System32\sspisrv.dll - ok
03:05:26.0443 0x14e8  [ 1B0FCDBFDA0AD5DFCE2D99832BAAF5EC, 10C4613831A829680106468924A7C5DCB36B8A5A4F5A22EB3149D0C79A30920F ] C:\Windows\System32\scext.dll
03:05:26.0443 0x14e8  C:\Windows\System32\scext.dll - ok
03:05:26.0443 0x14e8  [ 7A5CCEC20CF6AA21FF7CC51C0AEBF648, 8D03F0573B0ACC1776A7BC85FA88EFB43AF7C9E3EC1EEAA4AD8EB3ABA3E797E5 ] C:\Windows\System32\dabapi.dll
03:05:26.0443 0x14e8  C:\Windows\System32\dabapi.dll - ok
03:05:26.0458 0x14e8  [ 61BAE7A83A8650CFC976E8242CE2E4DE, 4277EB563DCE5882D7BF0913082A02E5B6797EDF9CC35BF30951AB1CF1B47B99 ] C:\Windows\System32\EventAggregation.dll
03:05:26.0458 0x14e8  C:\Windows\System32\EventAggregation.dll - ok
03:05:26.0458 0x14e8  [ AA9973F611039A02C8D1F71A65F8C775, 2CFCE559BED5BE35B1970DF544E0606AF6559E02EF8381BA09270ED5FB8E1BF5 ] C:\Windows\System32\srvcli.dll
03:05:26.0458 0x14e8  C:\Windows\System32\srvcli.dll - ok
03:05:26.0458 0x14e8  [ 13E04B8546D3F0D9533DA880A3357F12, F38A7F63E7D0D4AD61A575E874FE20EDF6DF8CAEC683441D2CC02A17BF3EF409 ] C:\Windows\System32\SPInf.dll
03:05:26.0458 0x14e8  C:\Windows\System32\SPInf.dll - ok
03:05:26.0458 0x14e8  [ E18E9C9EBCFCA456B74BB6A80B1DB226, CE2B61A7AD7C9C7BDBE0563F1C98EF68736C4E6BFD6961006FAE6E6C428BC8D7 ] C:\Windows\System32\lsasrv.dll
03:05:26.0458 0x14e8  C:\Windows\System32\lsasrv.dll - ok
03:05:26.0474 0x14e8  [ D8BD1366FBE256C4D3D9FC75A763F8A2, 5544C47B3C6533FB5088EE539B32364CADE185460604B66C4DF156DC2566230E ] C:\Windows\System32\samsrv.dll
03:05:26.0474 0x14e8  C:\Windows\System32\samsrv.dll - ok
03:05:26.0474 0x14e8  [ 187926CDEFF85D00FB055FC1CA89C3FB, F803133FF7BAF33C54BFC175DFCDF7FB75B5BD033CDB0F632A3571DC734BF622 ] C:\Windows\System32\bcrypt.dll
03:05:26.0474 0x14e8  C:\Windows\System32\bcrypt.dll - ok
03:05:26.0474 0x14e8  [ BED41BC388BAF9D31152E9B0B4F88360, 2017B8D8F6A240E2940D7EC4ED39340F3A2B75464E22A4DFDEB2A46F17AB75C6 ] C:\Windows\System32\ncrypt.dll
03:05:26.0474 0x14e8  C:\Windows\System32\ncrypt.dll - ok
03:05:26.0474 0x14e8  [ 5AF14A9AEB3092F4304F5E5EC4328B67, 27D3C53087A952882CEEB66F02684863478D7BE96609095966546DD16115B62D ] C:\Windows\System32\ntasn1.dll
03:05:26.0474 0x14e8  C:\Windows\System32\ntasn1.dll - ok
03:05:26.0490 0x14e8  [ FF6AE8D9D0F0264656DC55C7F60C1EE5, 0D2275B424D72207ADFBFBAC37A6D1FE4B410C953DA03178B8BA395025B915EE ] C:\Windows\System32\msprivs.dll
03:05:26.0490 0x14e8  C:\Windows\System32\msprivs.dll - ok
03:05:26.0490 0x14e8  [ EECF7FE667129D5B52B1CCD54CB9EEF2, D01B2FCBF400AD3250CBE5467F3B42BD1DEC319E9E4CD013A098DDABC83ACDE7 ] C:\Windows\System32\netjoin.dll
03:05:26.0490 0x14e8  C:\Windows\System32\netjoin.dll - ok
03:05:26.0490 0x14e8  [ 7D4665483FF800B8972E517748726AB6, 9F1DF7095B4A1038DD33F808426AAB246ABD5FC61B60EEC473C63E8C3286E97B ] C:\Windows\System32\negoexts.dll
03:05:26.0490 0x14e8  C:\Windows\System32\negoexts.dll - ok
03:05:26.0490 0x14e8  [ 853037685DDFA140E8386BA66A096BF8, 0CA7E08FDDB210F6F4DC423331D275220191F1664387450661F4B18605A1904F ] C:\Windows\System32\cryptdll.dll
03:05:26.0490 0x14e8  C:\Windows\System32\cryptdll.dll - ok
03:05:26.0490 0x14e8  [ 4D1E2DC40048C2E07CE4B2ADEFF6A020, 7D2FD55368182DF833812009EECF4E3346EC297AC5588FA9308E6585E4298867 ] C:\Windows\System32\kerberos.dll
03:05:26.0490 0x14e8  C:\Windows\System32\kerberos.dll - ok
03:05:26.0505 0x14e8  [ 51DA757F8E4B7FB3DCB14184304C9328, 40181110E080C5D3B370D4F04DF0AB759FDC63073177AB972F6E6297A8FFFEAA ] C:\Windows\System32\cryptsp.dll
03:05:26.0505 0x14e8  C:\Windows\System32\cryptsp.dll - ok
03:05:26.0505 0x14e8  [ 896B307E803430F67EC772807F9CC023, 84EA5BAF8824631C28BFF0FEDF41A4B78F9C63E376D0CB01121177DF0D728397 ] C:\Windows\System32\mswsock.dll
03:05:26.0505 0x14e8  C:\Windows\System32\mswsock.dll - ok
03:05:26.0505 0x14e8  [ 53DC027553EB54B3F84B07122DEEE0CC, F6DDCA5EA12E2E79BBD3A59991A66486D54C82FA94348FDA1B1E6B19BF22B2B8 ] C:\Windows\System32\msv1_0.dll
03:05:26.0505 0x14e8  C:\Windows\System32\msv1_0.dll - ok
03:05:26.0505 0x14e8  [ E01B8CE6646E055D2B806AE4DD5A1202, B506538B8CB3D6505BCA4EE2949BEA41EA868251688526A0CDED073BD2E437E3 ] C:\Windows\System32\netlogon.dll
03:05:26.0505 0x14e8  C:\Windows\System32\netlogon.dll - ok
03:05:26.0521 0x14e8  [ 59E2D5DD885C5A06C16CD5E309A5060A, 8BE523FE7FF8EF4D00E3D2C873FCFA9D4CC2611FE950391963538CCF3B0C7EF1 ] C:\Windows\System32\dnsapi.dll
03:05:26.0521 0x14e8  C:\Windows\System32\dnsapi.dll - ok
03:05:26.0521 0x14e8  [ 66385FE1DDCEA70EDFB25F57C8507D7B, A32A2D23E6AE228CCE37302DB78B461811CBA3A00096F3EA07900B8ACA4A6997 ] C:\Windows\System32\logoncli.dll
03:05:26.0521 0x14e8  C:\Windows\System32\logoncli.dll - ok
03:05:26.0521 0x14e8  [ 64E2C7176D189E4A838D04F7C724CAE7, A9EC868AB16C79D00D74D95EF9936772B9D4B7A1E64240534B4646029A207708 ] C:\Windows\System32\userenv.dll
03:05:26.0521 0x14e8  C:\Windows\System32\userenv.dll - ok
03:05:26.0521 0x14e8  [ 40B10EAB69F4087C60DC21B5C92A4702, D73A9C7D32383BDF305E1B0D9DDEC01CE8CBCC6F867FE31697A01E02A0576891 ] C:\Windows\System32\TSpkg.dll
03:05:26.0521 0x14e8  C:\Windows\System32\TSpkg.dll - ok
03:05:26.0521 0x14e8  [ C51CF4D9DA57EA894967752090F6E2CF, 0040F439FAFD4DAA6DE1CE653CD79BFAB147C4BF6476BC85BC5BA8402A6632E8 ] C:\Windows\System32\pku2u.dll
03:05:26.0521 0x14e8  C:\Windows\System32\pku2u.dll - ok
03:05:26.0536 0x14e8  [ D617071B11C99CFE5C4BD0FD82C0609C, BA1107A301771E0060FAC32590FA4F126E271D1780F1C6E742FDBFD0F5F65875 ] C:\Windows\System32\livessp.dll
03:05:26.0536 0x14e8  C:\Windows\System32\livessp.dll - ok
03:05:26.0536 0x14e8  [ 4CB3F50D37FD6CF3282D018011FE6E87, FF95089CF9F00C0127DC32B9643BC09AD2D9891803A7873B18E77667C67F7BBD ] C:\Windows\System32\rsaenh.dll
03:05:26.0536 0x14e8  C:\Windows\System32\rsaenh.dll - ok
03:05:26.0536 0x14e8  [ 45E4A2FADA3579F6DC68F2A0998C3419, 804DC0E59DA78591D6598A0ED3125A8F4A04C84E85FBB55BDC05D2E859FD8121 ] C:\Windows\System32\wdigest.dll
03:05:26.0536 0x14e8  C:\Windows\System32\wdigest.dll - ok
03:05:26.0536 0x14e8  [ 9D27BB60487764A781FE453F9DED8F1F, 5B8DC758877AC74DA2DFDF4117003B295316899D1A39DF1C914B47AB8AECD4A2 ] C:\Windows\System32\schannel.dll
03:05:26.0536 0x14e8  C:\Windows\System32\schannel.dll - ok
03:05:26.0552 0x14e8  [ 5EBAF77D01D75CAFEF78B47840C75569, 29E2CC1E434BB35698E90C3E78B68E774EF511108EF8EC5A1D500BBF0819123B ] C:\Windows\System32\efslsaext.dll
03:05:26.0552 0x14e8  C:\Windows\System32\efslsaext.dll - ok
03:05:26.0552 0x14e8  [ 995F43F02C9C99A895A72AAF8310CFE1, F2920363861198AF90C084384F91C4CA20A1E00AF81268E93ABA74C482564D9C ] C:\Windows\System32\dpapisrv.dll
03:05:26.0552 0x14e8  C:\Windows\System32\dpapisrv.dll - ok
03:05:26.0552 0x14e8  [ 700BB3365D04B1606A03FB1D6B19C138, F784DA339E5AE4F4C7CF73C4FC745F178FB8352D686567FE0FA1EE797D95CB4F ] C:\Windows\System32\credssp.dll
03:05:26.0552 0x14e8  C:\Windows\System32\credssp.dll - ok
03:05:26.0552 0x14e8  [ 1F1B8D07708E40E54C55B392C78ECCE2, 965AC70B88E49B832204BA3710F5798FEAC08BBB794A079CC32035C326AB57A4 ] C:\Windows\System32\scecli.dll
03:05:26.0552 0x14e8  C:\Windows\System32\scecli.dll - ok
03:05:26.0568 0x14e8  [ 7172D44ED18787964B43146863466672, E87A98746079081395AD9BA2E7C048C470A5265A03182C542A4B9CF5B36A07C9 ] C:\Windows\System32\scesrv.dll
03:05:26.0568 0x14e8  C:\Windows\System32\scesrv.dll - ok
03:05:26.0568 0x14e8  [ 1FCCB71ADD51C919D003DD0D95FB8992, 5842A4E62424364313B5FE1935B938CA7EB6434E8DA62526DFEB2F7533F00CA9 ] C:\Windows\System32\authz.dll
03:05:26.0568 0x14e8  C:\Windows\System32\authz.dll - ok
03:05:26.0568 0x14e8  [ 296823744D624E98A46759AD58911FC3, DFB6E863CB492E76AC970FC94BDF7DD1500D319B5DB52B5A7BD8F977EEA07E6E ] C:\Windows\System32\netutils.dll
03:05:26.0568 0x14e8  C:\Windows\System32\netutils.dll - ok
03:05:26.0568 0x14e8  [ E4CA434F251681590D0538BC21C32D2F, 99E7587D1744BF62086FEB06A778CF3966199F1CC2DFB91FDA53A9166A2A3AEC ] C:\Windows\System32\svchost.exe
03:05:26.0568 0x14e8  C:\Windows\System32\svchost.exe - ok
03:05:26.0568 0x14e8  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] C:\Windows\System32\umpnpmgr.dll
03:05:26.0568 0x14e8  C:\Windows\System32\umpnpmgr.dll - ok
03:05:26.0583 0x14e8  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] C:\Windows\System32\umpo.dll
03:05:26.0583 0x14e8  C:\Windows\System32\umpo.dll - ok
03:05:26.0583 0x14e8  [ 9FF64147DB9078337C15F41A6043C74F, 79ADBEE555855E9B27A30091632AB4EDECAD9E243CA7D533C437657FC329CCA6 ] C:\Windows\System32\umpoext.dll
03:05:26.0583 0x14e8  C:\Windows\System32\umpoext.dll - ok
03:05:26.0583 0x14e8  [ 45F36BBDFD50134488ECA96BB9231818, A02BAA2F6FA640E4FCE55A126EC983A03A406FE329134524D3BDDB6C1B32C7CF ] C:\Windows\System32\pcwum.dll
03:05:26.0583 0x14e8  C:\Windows\System32\pcwum.dll - ok
03:05:26.0583 0x14e8  [ 2788CA31DD51CF747D9C94772CE93E02, F7D5684629A800B048FCC54265C0ADE4ED53E9475762E38B2821B431FE0BADC9 ] C:\Windows\System32\gpapi.dll
03:05:26.0583 0x14e8  C:\Windows\System32\gpapi.dll - ok
03:05:26.0599 0x14e8  [ 85936A752E6BBE740D9FCF156E1AC5E1, 45C71EB035AA246A6774DB784F01DEA73285909805CBA42FC4B9616D69ADB8A8 ] C:\Windows\System32\hid.dll
03:05:26.0599 0x14e8  C:\Windows\System32\hid.dll - ok
03:05:26.0599 0x14e8  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] C:\Windows\System32\RpcEpMap.dll
03:05:26.0599 0x14e8  C:\Windows\System32\RpcEpMap.dll - ok
03:05:26.0599 0x14e8  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] C:\Windows\System32\rpcss.dll
03:05:26.0599 0x14e8  C:\Windows\System32\rpcss.dll - ok
03:05:26.0599 0x14e8  [ 0D86DEB93CC1D2B32CAF658439350241, 77E04DA09A6B59BCAA04BC8B99F56EF2F8A9C18C3A030A93C2934A5DAFC3F10C ] C:\Windows\System32\RpcRtRemote.dll
03:05:26.0599 0x14e8  C:\Windows\System32\RpcRtRemote.dll - ok
03:05:26.0599 0x14e8  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] C:\Windows\System32\bisrv.dll
03:05:26.0599 0x14e8  C:\Windows\System32\bisrv.dll - ok
03:05:26.0615 0x14e8  [ 54A9F4AC86F2A4E7C3ADE47CAE5DE8E0, 92443C87E0072670FA62953001D89A619E6B9FC634C08D5AEA8FCDBF6CBB22FA ] C:\Windows\System32\psmsrv.dll
03:05:26.0615 0x14e8  C:\Windows\System32\psmsrv.dll - ok
03:05:26.0615 0x14e8  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] C:\Windows\System32\lsm.dll
03:05:26.0615 0x14e8  C:\Windows\System32\lsm.dll - ok
03:05:26.0615 0x14e8  [ 9A1175EF7B9E297FDC0ADD33783EF8FF, 0FC1A3942E0F3F1B5FBA09598247FCB073150D485B25C4784710904A392B6CCD ] C:\Windows\System32\sysntfy.dll
03:05:26.0615 0x14e8  C:\Windows\System32\sysntfy.dll - ok
03:05:26.0615 0x14e8  [ 1596DE403BD75918317F724776487262, 9729CC1A6BC867CC58302732180F35C8A30F0C9DBD5AAC8414608C7B9CF1D818 ] C:\Windows\System32\UXInit.dll
03:05:26.0615 0x14e8  C:\Windows\System32\UXInit.dll - ok
03:05:26.0630 0x14e8  [ 3BE05B2695179F8F3CF1136544E46A14, 7F54D6B8C1B6A2EF7227C17F50399E9B2D5AC5081E7A2EF551A762886A74C2CF ] C:\Windows\System32\uxtheme.dll
03:05:26.0630 0x14e8  C:\Windows\System32\uxtheme.dll - ok
03:05:26.0630 0x14e8  [ E55B850489F154F85110AE3B436A40D6, BF783B6EEDED6DE52F3C3217EEBF3B43A8A1FA549EC182EC52915011CB83FE55 ] C:\Windows\System32\wmsgapi.dll
03:05:26.0630 0x14e8  C:\Windows\System32\wmsgapi.dll - ok
03:05:26.0640 0x14e8  [ 3260D5308DD9AE069FE4881D65389A84, 22150707B4606964F9008A1734BD885D2824B2E1515D073729427049FA6B999C ] C:\Windows\System32\FirewallAPI.dll
03:05:26.0640 0x14e8  C:\Windows\System32\FirewallAPI.dll - ok
03:05:26.0640 0x14e8  [ 92ABF534E992C61730C24F003BBE192A, 5F7D4A471A066B53460193B3D9FB7217B87ACDB342E4258404699424D36E9C8D ] C:\Windows\System32\dpapi.dll
03:05:26.0640 0x14e8  C:\Windows\System32\dpapi.dll - ok
03:05:26.0640 0x14e8  [ 5B19A3ED994EB972FBD99AC18D0AEA13, 5764DA74BB394013087AEFFD271C306207F98049B633352CB9F52C3805539826 ] C:\Windows\System32\devobj.dll
03:05:26.0640 0x14e8  C:\Windows\System32\devobj.dll - ok
03:05:26.0640 0x14e8  [ 0D50F3C3D50B878CEAE21B9BE3F6A638, BF0B1A5D4CEA656695FFB45D930F6ADD63519AEAE9F8AED21E4E50708FE5E84C ] C:\Windows\System32\kernel.appcore.dll
03:05:26.0640 0x14e8  C:\Windows\System32\kernel.appcore.dll - ok
03:05:26.0655 0x14e8  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] C:\Windows\System32\SystemEventsBrokerServer.dll
03:05:26.0655 0x14e8  C:\Windows\System32\SystemEventsBrokerServer.dll - ok
03:05:26.0655 0x14e8  [ CD45E3FE736150D45EFDC9145DA53757, 8E04D55117A6D44AF51528413DC0AAF347FD43580CB9FCA84F5928135A3B0FF3 ] C:\Windows\System32\bi.dll
03:05:26.0655 0x14e8  C:\Windows\System32\bi.dll - ok
03:05:26.0655 0x14e8  [ F5ED5BA1243201C5078764F916B0387E, 31285E78A6CEF4AC030A8765FC464BE666776A4721C45033E75F042FE5DE1C80 ] C:\Windows\System32\dab.dll
03:05:26.0655 0x14e8  C:\Windows\System32\dab.dll - ok
03:05:26.0655 0x14e8  [ 3710A8A7508B36AD96A97CE79E17403E, DD9807B58607825F1B4E13602B147B5FF6F3D72559136B718DB3B99D42D015F6 ] C:\Windows\System32\LogonUI.exe
03:05:26.0655 0x14e8  C:\Windows\System32\LogonUI.exe - ok
03:05:26.0671 0x14e8  [ 706423B1B2C8F2237FD0F3822C8DC1C7, BE092A9F6C9CF8A357DA35752DBE35EB5E250F6222BDD4847B7268EACB0A14ED ] C:\Windows\System32\apphelp.dll
03:05:26.0671 0x14e8  C:\Windows\System32\apphelp.dll - ok
03:05:26.0671 0x14e8  [ B4BBC6E4998042EF21437EED52EC0273, 93259A6EFD00F8DB7A700143690857428BAFD7073525DEE3E9D24589CB962EE0 ] C:\Windows\System32\dwm.exe
03:05:26.0671 0x14e8  C:\Windows\System32\dwm.exe - ok
03:05:26.0671 0x14e8  [ 9E5FB30E22B37AC7A2CDB445F6AF71A1, E1CCEAE72739A1D700D0B614C195DDADB759D7E92E0768E82B080615E5CEB4FD ] C:\Windows\System32\dwmredir.dll
03:05:26.0671 0x14e8  C:\Windows\System32\dwmredir.dll - ok
03:05:26.0671 0x14e8  [ 9FF95D589B5626852CECA2444C5C5A58, F1361A04AEF66446609CB845DB30FF2AC6EF1BE32066182554F0B1698D9E4DD6 ] C:\Windows\System32\authui.dll
03:05:26.0671 0x14e8  C:\Windows\System32\authui.dll - ok
03:05:26.0686 0x14e8  [ 4E905C48CA38770B2C62508E32DB974B, 533B082BDE2F9EC47B494A6B4223AE0C884B543D44AF78C62A53E56DB4A9F60F ] C:\Windows\System32\dwmcore.dll
03:05:26.0687 0x14e8  C:\Windows\System32\dwmcore.dll - ok
03:05:26.0690 0x14e8  [ 1A818AF9E4AFC277C19082B9B644C5E7, 479FA031CA63F167E73BCC7A5913DD8E579C34D2A30CC34E26853EBB28EF9633 ] C:\Windows\System32\dcomp.dll
03:05:26.0690 0x14e8  C:\Windows\System32\dcomp.dll - ok
03:05:26.0692 0x14e8  [ 2F80A4B09F735EA880F4A836232613A2, 23A543207CC9B2748CF7736693D32C4EC4DEF5E5C26D49A2D610F9B367B537C5 ] C:\Windows\System32\SHCore.dll
03:05:26.0692 0x14e8  C:\Windows\System32\SHCore.dll - ok
03:05:26.0692 0x14e8  [ 5802776C98F842CA255F04067ACBB355, A50C4BF8A2DAA11C90ED63EC4A4F9751C1BEE67EA7D0A74FCB0E7E47A74D007E ] C:\Windows\System32\WindowsCodecs.dll
03:05:26.0692 0x14e8  C:\Windows\System32\WindowsCodecs.dll - ok
03:05:26.0692 0x14e8  [ 37A1B06AB3493CB276195B7358A6A805, E175ACF33F519E21AD85CF2917AF7671D05F4F12EB5888D4B6EA82A58D3490C9 ] C:\Windows\System32\avrt.dll
03:05:26.0692 0x14e8  C:\Windows\System32\avrt.dll - ok
03:05:26.0692 0x14e8  [ E475BEF9B460F4F678972F88C5FF50D2, 4437CA70280C5C41DF29B684AF2500D98FBBE28B225DF9C84428916BA0130B5F ] C:\Windows\System32\wmiclnt.dll
03:05:26.0692 0x14e8  C:\Windows\System32\wmiclnt.dll - ok
03:05:26.0708 0x14e8  [ 6443D4EC94E47804389F323A272B5DC2, 3D62B879614B1E95777803D85405A3A7FA37F37E8A3BF93CAA9B0E0E7B758F95 ] C:\Windows\System32\dui70.dll
03:05:26.0708 0x14e8  C:\Windows\System32\dui70.dll - ok
03:05:26.0708 0x14e8  [ 534677561FABA42D0EA52E054B8334D4, 147E92EBA4EC41B0989B3C883C11D00F360A920A67C8E25A1DB34E77077CF9F2 ] C:\Windows\System32\dwmapi.dll
03:05:26.0708 0x14e8  C:\Windows\System32\dwmapi.dll - ok
03:05:26.0708 0x14e8  [ 18102CA0EB09DCFE520E69152590EE93, 47ED967B5246D1F06000BF17F067741D79366FB9E73452E2BCD5B167A7089EF5 ] C:\Windows\System32\d3d11.dll
03:05:26.0708 0x14e8  C:\Windows\System32\d3d11.dll - ok
03:05:26.0708 0x14e8  [ 59575523BCA5E8555208621719A32F62, BBCD5611264BF2C100F47991C59C6D1DD0A41CB13861003EB344D5CE6E34B7FF ] C:\Windows\System32\dxgi.dll
03:05:26.0708 0x14e8  C:\Windows\System32\dxgi.dll - ok
03:05:26.0708 0x14e8  [ 389C4E97E3A498159B625A7A13EA4560, F493C5B5BC5353B13AED2B538DD947FA5E708E6D021E9F7830250F921F26B99A ] C:\Windows\System32\d3d10warp.dll
03:05:26.0708 0x14e8  C:\Windows\System32\d3d10warp.dll - ok
03:05:26.0723 0x14e8  [ 3300E6B3EA7048D3032822A3C0BABAEE, 6FCCA031AAC2121AA485B942ABE71879A6188C3A533ED91CF7EDDF719FA753C5 ] C:\Windows\System32\igdumdim64.dll
03:05:26.0723 0x14e8  C:\Windows\System32\igdumdim64.dll - ok
03:05:26.0723 0x14e8  [ 2527134BDF1302597BC6E531B3B53D2A, 7163ADEAB7CECF00CBBA4A2FCFE304B1D3DCBD931F011F16B68C02A78D7D5F71 ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503\comctl32.dll
03:05:26.0723 0x14e8  C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503\comctl32.dll - ok
03:05:26.0723 0x14e8  [ 4C66C21B6244A09DD671485D67D13DB9, 842FA6DBE0B32D23E74E0A0165752C583C45A13D507208772A5A5ECD60DB9866 ] C:\Windows\System32\duser.dll
03:05:26.0723 0x14e8  C:\Windows\System32\duser.dll - ok
03:05:26.0723 0x14e8  [ 8476172591FC115D931EA8DBBB4733FF, F614696BF61EEF664A63BB1773765428DAB851BFB4886C47652DAFFB300FDC2E ] C:\Windows\System32\SndVolSSO.dll
03:05:26.0723 0x14e8  C:\Windows\System32\SndVolSSO.dll - ok
03:05:26.0740 0x14e8  [ 14FE91CA8A9C0195650A6F70869F1AFC, 8BCE6017F34EAC239E110DFB99647BB21D4F860AEFEF1460C0B51D5374869A3D ] C:\Windows\System32\igd10iumd64.dll
03:05:26.0740 0x14e8  C:\Windows\System32\igd10iumd64.dll - ok
03:05:26.0743 0x14e8  [ BFD87A50EB3C37FABF6B1BB072D850E7, CF675F6C404B37A3AE4113FD177FC3947D4D6A16D59B34EEC9704A4EF3E5C32E ] C:\Windows\System32\MMDevAPI.dll
03:05:26.0743 0x14e8  C:\Windows\System32\MMDevAPI.dll - ok
03:05:26.0743 0x14e8  [ 529011B16EF71630645DCFD195294332, 9F0FA6A7CA187B0C2430099096DEBEE1EC75A7A29EA2C4C5A6BB538F003D1B25 ] C:\Windows\System32\slc.dll
03:05:26.0743 0x14e8  C:\Windows\System32\slc.dll - ok
03:05:26.0743 0x14e8  [ 949906B18AAE3C6AF975D8E4E9AFEC24, 4860A443EBA86EE7930A3339B7A176301A3C4D22DB1B5C10EF8768C9F2858CC3 ] C:\Windows\System32\sppc.dll
03:05:26.0743 0x14e8  C:\Windows\System32\sppc.dll - ok
03:05:26.0743 0x14e8  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] C:\Windows\System32\drivers\luafv.sys
03:05:26.0743 0x14e8  C:\Windows\System32\drivers\luafv.sys - ok
03:05:26.0743 0x14e8  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] C:\Windows\System32\drivers\mbam.sys
03:05:26.0743 0x14e8  C:\Windows\System32\drivers\mbam.sys - ok
03:05:26.0759 0x14e8  [ 3494028DD43AD509FA9E63BEC61C25C7, 1DCE439A9DA8A218E7E8A50008C09FBD3B4784008CCDA13AC92078685DEA5781 ] C:\Windows\System32\igdusc64.dll
03:05:26.0759 0x14e8  C:\Windows\System32\igdusc64.dll - ok
03:05:26.0759 0x14e8  [ 3B85C2DC57230C3EA71E2AF88EEB9DEC, 6CEF9EF6A02321C5968AA4560C376569E242A03BD0E68E8BA8E1BB842BA0C9E0 ] C:\Windows\System32\BCP47Langs.dll
03:05:26.0759 0x14e8  C:\Windows\System32\BCP47Langs.dll - ok
03:05:26.0759 0x14e8  [ EF5A9D7523E4530D2030D4EA2D90FEC3, 3E6285AC235EE05D890A3BA7ACE46799A9E9CE48DF2EA19D83E5E53B8FAF675E ] C:\Windows\System32\uDWM.dll
03:05:26.0759 0x14e8  C:\Windows\System32\uDWM.dll - ok
03:05:26.0759 0x14e8  [ 2898E39D1E0CB9074C18988A2F8B73D3, D397C26A4216603D369E136ABF6A8EF714FC23A7CAAB03B6AF1E37BC52BC7425 ] C:\Windows\System32\SmartcardCredentialProvider.dll
03:05:26.0759 0x14e8  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
03:05:26.0777 0x14e8  [ D381B446466B468D27BF23A7A372D205, 833DABCC53EDE71667C7EE24AC63DB759D8B3DD878B034CEBDCEF1F2EF7BAE31 ] C:\Windows\System32\cngcredui.dll
03:05:26.0777 0x14e8  C:\Windows\System32\cngcredui.dll - ok
03:05:26.0780 0x14e8  [ 7E9AFBB34ACF6CDC4D596006CEEC74E5, 889ED106DAF0A791F5557CE761A0FD8EAFA72F14E6196EB34AD1A438E87751DF ] C:\Windows\System32\BioCredProv.dll
03:05:26.0780 0x14e8  C:\Windows\System32\BioCredProv.dll - ok
03:05:26.0780 0x14e8  [ F3C88687207F4F75773D288A6D4B61F7, D71AA9E00EE120FF8659770776405B3F15EAA0FC39E0D5834DFD88A621F14361 ] C:\Windows\System32\certCredProvider.dll
03:05:26.0780 0x14e8  C:\Windows\System32\certCredProvider.dll - ok
03:05:26.0780 0x14e8  [ 8BDD004DC92D09CCD1F3922C59983019, 4471FD9A339D3AEB51BE33BC176E8BA10E5B3FC6E3C375C36FCC650D78D1C58E ] C:\Windows\System32\winbio.dll
03:05:26.0780 0x14e8  C:\Windows\System32\winbio.dll - ok
03:05:26.0780 0x14e8  [ 9860C19010CFB3F70DC6EDAEB1F1A5E2, 9551D542B1F9398C468157BA0633072BEB339EC0955D1088F0F909769B03DA86 ] C:\Windows\System32\wevtsvc.dll
03:05:26.0780 0x14e8  C:\Windows\System32\wevtsvc.dll - ok
03:05:26.0795 0x14e8  [ 9E5A3A3B702ECB9E88AA07731F0E65EB, 837EF55E367218B07100092BA1E6291FD52766C57A02900B6141B1A360654B84 ] C:\Windows\System32\profsvc.dll
03:05:26.0795 0x14e8  C:\Windows\System32\profsvc.dll - ok
03:05:26.0795 0x14e8  [ 906664AF9FCE80DD4FDA268A3506FF13, 8CE423F95352FA31A77703064DA96285D8FF0A6B6D4D955B2B58B99643EDAC12 ] C:\Windows\System32\DWrite.dll
03:05:26.0795 0x14e8  C:\Windows\System32\DWrite.dll - ok
03:05:26.0795 0x14e8  [ E521CCD352373B1825BEA80DEC2B7D97, CFA01810D4531A07BD9749DBCA34634DA749B846887315D26671CBA53B8D12A4 ] C:\Windows\System32\oleacc.dll
03:05:26.0795 0x14e8  C:\Windows\System32\oleacc.dll - ok
03:05:26.0795 0x14e8  [ 96F4101AA72C55A7554733A05A797088, 7695FFD0F7F7CC3AC5D625E37EB8665AA2DFF841442D114944CC38590BC593A4 ] C:\Windows\System32\wlidcredprov.dll
03:05:26.0795 0x14e8  C:\Windows\System32\wlidcredprov.dll - ok
03:05:26.0795 0x14e8  [ A956CC9503FD75F2372A6B673E1C07B2, 334D9180357E6BF209C16BA680AB691B09DB36CF58EA4320DFC46946F6A9D94E ] C:\Windows\System32\UIAnimation.dll
03:05:26.0795 0x14e8  C:\Windows\System32\UIAnimation.dll - ok
03:05:26.0811 0x14e8  [ A5F79CC03396AAC79F79C1368DA08A95, 5488DB19AADA6E711958A4FFF88AAE608DF27FCAF01058B5EC46AE76C9A10176 ] C:\Windows\System32\ntdsapi.dll
03:05:26.0811 0x14e8  C:\Windows\System32\ntdsapi.dll - ok
03:05:26.0811 0x14e8  [ C77D967840F17DED03DA4BA9D3C40FDB, 53A2FFFD3060E000537963B3CBF7D38BD296137011F88A83804E39AA0ACF980A ] C:\Windows\System32\profsvcext.dll
03:05:26.0811 0x14e8  C:\Windows\System32\profsvcext.dll - ok
03:05:26.0811 0x14e8  [ D60F99ECBFCE0C01BE4C5B06E09435DB, F45B7C70F23DF412E721FD50CF0197CA73A082A051B231C5D07929A346A07589 ] C:\Windows\System32\atl.dll
03:05:26.0811 0x14e8  C:\Windows\System32\atl.dll - ok
03:05:26.0811 0x14e8  [ BA25717D6694B6C472129AD93893A03D, 28F38C38914E093CC7BDF720E358D9F9D8E518CA16CAF69A60CBB4807D2C672B ] C:\Windows\System32\netapi32.dll
03:05:26.0811 0x14e8  C:\Windows\System32\netapi32.dll - ok
03:05:26.0826 0x14e8  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] C:\Windows\System32\gpsvc.dll
03:05:26.0826 0x14e8  C:\Windows\System32\gpsvc.dll - ok
03:05:26.0826 0x14e8  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] C:\Windows\System32\themeservice.dll
03:05:26.0826 0x14e8  C:\Windows\System32\themeservice.dll - ok
03:05:26.0826 0x14e8  [ F71E12EBA575EBD58B499BC7C39D0CD0, 47B384EAB195C13C07CC56CA9245CD90F2C27C846F5DB4C97D3466304A75CE70 ] C:\Windows\System32\wkscli.dll
03:05:26.0826 0x14e8  C:\Windows\System32\wkscli.dll - ok
03:05:26.0826 0x14e8  [ 835D33D2EF07743028475486D0BA5696, 763BAD8395CDC537DE7B4A821117218187CC669410DFDDFB95C6759F32EBBE4F ] C:\Windows\System32\wevtapi.dll
03:05:26.0826 0x14e8  C:\Windows\System32\wevtapi.dll - ok
03:05:26.0842 0x14e8  [ 119CE6CF93183EB144F5EA9A4A5A6AB3, A396903C90712CA8125D56AE690E36593EFEE6B7D9BE4B351CE36A3AD503FEA8 ] C:\Windows\System32\rasplap.dll
03:05:26.0842 0x14e8  C:\Windows\System32\rasplap.dll - ok
03:05:26.0842 0x14e8  [ 813292CC10F625BDAAEA76EABDECD82F, C1CB7C235F4E6A4F3408353B6E22FEAB3898D46E9DE1171C3E398167D1E505A9 ] C:\Windows\System32\winbrand.dll
03:05:26.0842 0x14e8  C:\Windows\System32\winbrand.dll - ok
03:05:26.0842 0x14e8  [ 4D8F3CEF04AFF366972ED6411DB2E0E0, 90FB2D7427719E70E8BB030D952D64333C5DAAF90B2C9A558AB83046AB8C9DB1 ] C:\Windows\System32\rasapi32.dll
03:05:26.0842 0x14e8  C:\Windows\System32\rasapi32.dll - ok
03:05:26.0842 0x14e8  [ 9FB85E37238FEA836E5E6779A93DA461, 9CFBC92BB5C730AB194EC18A993640FD62F2FE3503D16B77C055242C7B84B800 ] C:\Windows\System32\rasman.dll
03:05:26.0842 0x14e8  C:\Windows\System32\rasman.dll - ok
03:05:26.0842 0x14e8  [ 950E87673E2AE1A536869BCC4E711D67, 1EE759FD810A3D199CF069454069D34522AE6AB332741E4F680CCF80A3AF9ED3 ] C:\Windows\System32\rtutils.dll
03:05:26.0842 0x14e8  C:\Windows\System32\rtutils.dll - ok
03:05:26.0858 0x14e8  [ 053472337FDD116BD010C88DB0C34DF1, 970D80D6C67A9D66AF03D1223AE663C205484232C22A482584C55AB1E1BC49D4 ] C:\Windows\System32\d2d1.dll
03:05:26.0858 0x14e8  C:\Windows\System32\d2d1.dll - ok
03:05:26.0858 0x14e8  [ 1547E5B7D2EF477D422EBE0FE58508CC, 3EC11F4414C6C856972D654DB2627037AAF37F010C81B6E4612C2035C6EDD5B7 ] C:\Windows\System32\AuthExt.dll
03:05:26.0858 0x14e8  C:\Windows\System32\AuthExt.dll - ok
03:05:26.0858 0x14e8  [ 0341F92E52A8FF814671761179C103FB, 49037E34D4B572CAB85BBF29330D3DA188D1FBA65FA5E41728B47D1DD2206804 ] C:\Windows\System32\dsrole.dll
03:05:26.0858 0x14e8  C:\Windows\System32\dsrole.dll - ok
03:05:26.0858 0x14e8  [ E5DFD54D2DAA70738F581D1AC74C09CD, A07F817EE75AA84A60290A4074DE059CA891E9E4932972531A1771BBA69A103E ] C:\Windows\System32\nlaapi.dll
03:05:26.0858 0x14e8  C:\Windows\System32\nlaapi.dll - ok
03:05:26.0873 0x14e8  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] C:\Windows\System32\es.dll
03:05:26.0873 0x14e8  C:\Windows\System32\es.dll - ok
03:05:26.0873 0x14e8  [ 8721643ED5447F245762DF0A976AB87A, 4208D723A105B22229C7502CBB6803C7A67F6BB1798D74F7EBE33BF58B177495 ] C:\Windows\System32\wtsapi32.dll
03:05:26.0873 0x14e8  C:\Windows\System32\wtsapi32.dll - ok
03:05:26.0873 0x14e8  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] C:\Windows\System32\Sens.dll
03:05:26.0873 0x14e8  C:\Windows\System32\Sens.dll - ok
03:05:26.0873 0x14e8  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] C:\Windows\System32\AudioEndpointBuilder.dll
03:05:26.0873 0x14e8  C:\Windows\System32\AudioEndpointBuilder.dll - ok
03:05:26.0889 0x14e8  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] C:\Windows\System32\FntCache.dll
03:05:26.0889 0x14e8  C:\Windows\System32\FntCache.dll - ok
03:05:26.0889 0x14e8  [ 5E47B467A1CD51943C370BF781E1A4F1, 17B679389382129E6E1193F2FD3C236B5FA6EE8B5621219D54A859476116B8DD ] C:\Windows\System32\taskschd.dll
03:05:26.0889 0x14e8  C:\Windows\System32\taskschd.dll - ok
03:05:26.0889 0x14e8  [ D67F951F6BA708812420195B8D0AB8B6, 6583DB22EB8AA5FF0134D2536C9A46BC0D7D8F8B2829D5719DD68968C22F5917 ] C:\Program Files\IDT\WDM\stacsv64.exe
03:05:26.0889 0x14e8  C:\Program Files\IDT\WDM\stacsv64.exe - ok
03:05:26.0889 0x14e8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] C:\Windows\System32\mmcss.dll
03:05:26.0889 0x14e8  C:\Windows\System32\mmcss.dll - ok
03:05:26.0889 0x14e8  [ 5F540AD6674AEFD64C1051648FF87DE3, BA4935185BD57AD6FB975F50AA49E8B6826A60DBCF1E3CB583582FC0BA09B503 ] C:\Windows\System32\dsound.dll
03:05:26.0889 0x14e8  C:\Windows\System32\dsound.dll - ok
03:05:26.0905 0x14e8  [ 6AA868B3C2A014AE76ECF53B667BF086, 51B4C02D0A48A98A3D5EF0E038BE423594A6349D5B1DDC36DE6706BA4EEF74A4 ] C:\Windows\System32\winmm.dll
03:05:26.0905 0x14e8  C:\Windows\System32\winmm.dll - ok
03:05:26.0905 0x14e8  [ 9543FE667E9709640F1D9852BCF97A17, 3EF13E6A9E551AAF552A54CB2347CCD9C42099B941794F4AC9D2DFD9DFBBEEDC ] C:\Windows\System32\xmllite.dll
03:05:26.0905 0x14e8  C:\Windows\System32\xmllite.dll - ok
03:05:26.0905 0x14e8  [ F12D8EB9E944BEB0FB4C5E4F1336401B, 9C09CE3AFB8E19851DFB6A684A759A3067263AE018C34E2CCF1E5C1F4835DC4D ] C:\Windows\System32\winmmbase.dll
03:05:26.0905 0x14e8  C:\Windows\System32\winmmbase.dll - ok
03:05:26.0905 0x14e8  [ 02FF0CDD04B9E54BB989EDE66B5C2D6B, 29B57F344E968D319E6FC314A0ECC99267BAC6E1259ED7BBB3DBB1BE8E0A5B78 ] C:\Windows\System32\stapi64.dll
03:05:26.0905 0x14e8  C:\Windows\System32\stapi64.dll - ok
03:05:26.0920 0x14e8  [ DB5F0DFF669AB88296134F82258AEFB8, 51CA57A6642B1E11BB2A15D19E342D1C66EBCAFBB88ACF65D7FA10918183D850 ] C:\Windows\System32\AudioSes.dll
03:05:26.0920 0x14e8  C:\Windows\System32\AudioSes.dll - ok
03:05:26.0920 0x14e8  [ 1480A23374019528CF11B911E60E52AA, 943856A82345B7FE91EC41E259AF866370C4BF67F67388A68B73221A46AA4B92 ] C:\Windows\System32\propsys.dll
03:05:26.0920 0x14e8  C:\Windows\System32\propsys.dll - ok
03:05:26.0920 0x14e8  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] C:\Windows\System32\audiosrv.dll
03:05:26.0920 0x14e8  C:\Windows\System32\audiosrv.dll - ok
03:05:26.0920 0x14e8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] C:\Windows\System32\drivers\lltdio.sys
03:05:26.0920 0x14e8  C:\Windows\System32\drivers\lltdio.sys - ok
03:05:26.0936 0x14e8  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] C:\Windows\System32\drivers\nwifi.sys
03:05:26.0936 0x14e8  C:\Windows\System32\drivers\nwifi.sys - ok
03:05:26.0936 0x14e8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] C:\Windows\System32\drivers\ndisuio.sys
03:05:26.0936 0x14e8  C:\Windows\System32\drivers\ndisuio.sys - ok
03:05:26.0936 0x14e8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] C:\Windows\System32\drivers\rspndr.sys
03:05:26.0936 0x14e8  C:\Windows\System32\drivers\rspndr.sys - ok
03:05:26.0936 0x14e8  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] C:\Windows\System32\wcmsvc.dll
03:05:26.0936 0x14e8  C:\Windows\System32\wcmsvc.dll - ok
03:05:26.0951 0x14e8  [ EC2DB85DD72A3506D60B428A36F5E27E, 1E3DD6DD0DF3737E0207569A11F3AC9CDEB0A2D13EF4737E69F526EF1A00D91B ] C:\Windows\System32\NetworkStatus.dll
03:05:26.0951 0x14e8  C:\Windows\System32\NetworkStatus.dll - ok
03:05:26.0951 0x14e8  [ CA416663232F14D4EFB6A8E2640DD7D4, F46CF4032DDEA9BD3C0B29329EC8FCC4E24B057243E1FFE035D99D05AD7A6D34 ] C:\Windows\System32\stapo64.dll
03:05:26.0951 0x14e8  C:\Windows\System32\stapo64.dll - ok
03:05:26.0951 0x14e8  [ 3BADC3E73CB058338765BEA4FE73AFBE, 47EA5B659EA29DF4FAFAEF01214DE2124797E9C450055C4751CC5A73523B5E70 ] C:\Windows\System32\AudioEng.dll
03:05:26.0951 0x14e8  C:\Windows\System32\AudioEng.dll - ok
03:05:26.0951 0x14e8  [ 0D12F606DE18A5739AF27F12A32C6A6E, 5F2231EDB58B3C81BC85CC94807D0DA4235034DD89C429EABE5DF540AA9100BC ] C:\Windows\System32\IPHLPAPI.DLL
03:05:26.0951 0x14e8  C:\Windows\System32\IPHLPAPI.DLL - ok
03:05:26.0951 0x14e8  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] C:\Windows\System32\lmhsvc.dll
03:05:26.0951 0x14e8  C:\Windows\System32\lmhsvc.dll - ok
03:05:26.0967 0x14e8  [ DB9657253BD51C172B3262B9CD5463F3, DCD61909A2A875E721EDBF312A1814D00B49F868F169396767E9FD2FA177991C ] C:\Windows\System32\nrpsrv.dll
03:05:26.0967 0x14e8  C:\Windows\System32\nrpsrv.dll - ok
03:05:26.0967 0x14e8  [ FD9683552D97156E0C5B948BDABA2569, 5BB19966FAA3C5F786DBCC9F8416182BD865851906122AB84FF572E38AA8881F ] C:\Windows\System32\winnsi.dll
03:05:26.0967 0x14e8  C:\Windows\System32\winnsi.dll - ok
03:05:26.0967 0x14e8  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] C:\Windows\System32\wlansvc.dll
03:05:26.0967 0x14e8  C:\Windows\System32\wlansvc.dll - ok
03:05:26.0967 0x14e8  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] C:\Windows\System32\dhcpcore.dll
03:05:26.0967 0x14e8  C:\Windows\System32\dhcpcore.dll - ok
03:05:26.0967 0x14e8  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] C:\Windows\System32\nsisvc.dll
03:05:26.0967 0x14e8  C:\Windows\System32\nsisvc.dll - ok
03:05:26.0983 0x14e8  [ FBD2D7F491F3EBC5C54C5C4DB2564953, 1C053C28DB00ADF63BE317376395F5E32CBFD2C065A3756470BC54F44747965B ] C:\Windows\System32\dnsrslvr.dll
03:05:26.0983 0x14e8  C:\Windows\System32\dnsrslvr.dll - ok
03:05:26.0983 0x14e8  [ 1946308C7FF73E4CD47579F34F9F6E1B, EE9FE65762D95F0694188801D8B1A8427763EA6DC46382E0AA5AFE7B3B5AF396 ] C:\Windows\System32\dhcpcore6.dll
03:05:26.0983 0x14e8  C:\Windows\System32\dhcpcore6.dll - ok
03:05:26.0983 0x14e8  [ 91E000AE0DA97BE6280376FDD477C476, B639E4CEEA99F2FA3F07C0797B5B2ECEA6B2524E99E7CCD281BDCE2DFED31BE0 ] C:\Windows\System32\FWPUCLNT.DLL
03:05:26.0983 0x14e8  C:\Windows\System32\FWPUCLNT.DLL - ok
03:05:26.0983 0x14e8  [ 8D25DE2AC85BC807DC19D4DAF6AA6D27, CB6238AB8AC9DDDF7170511C6E512FF134E9E79831F58BCB670DE327F70D0AD8 ] C:\Windows\System32\dnsext.dll
03:05:26.0983 0x14e8  C:\Windows\System32\dnsext.dll - ok
03:05:26.0998 0x14e8  [ 3378C5241A1FE2F1D34BCC3ABC99F435, BE82C59E9CB0A7561401D956B97C2E4A9B383BB5CF00E5DC004633C031F35748 ] C:\Windows\System32\dhcpcsvc.dll
03:05:26.0998 0x14e8  C:\Windows\System32\dhcpcsvc.dll - ok
03:05:26.0998 0x14e8  [ D4CFAC89188EC0B887CFFCA7C80E495D, 2145D5DC03E79B361764F7281E2255318DA303B47E2D01BEC5E9E3D8DBFF586B ] C:\Windows\System32\dhcpcsvc6.dll
03:05:26.0998 0x14e8  C:\Windows\System32\dhcpcsvc6.dll - ok
03:05:26.0998 0x14e8  [ 50D1A7BF4F35D3897657EAAFA377369D, 792A36447C507D854C3DACD32786880AE6809393B38C93DB7CCCB332CA2DF25D ] C:\Windows\System32\samlib.dll
03:05:26.0998 0x14e8  C:\Windows\System32\samlib.dll - ok
03:05:26.0998 0x14e8  [ 1CE1F2BBF92DF79CF8638FDA04DB4F10, FBE8183204175B892DF543A0CC9296FE91C281E818CE9C343C6B16F4E6BEA006 ] C:\Windows\System32\shacct.dll
03:05:26.0998 0x14e8  C:\Windows\System32\shacct.dll - ok
03:05:27.0014 0x14e8  [ 511238503CDDDCA563BB201EED26E7A0, 99A6E97DE4516384C47D4B312D3DB6C61068B96B2E264F3CABA311215BA6F107 ] C:\Windows\System32\wcmcsp.dll
03:05:27.0014 0x14e8  C:\Windows\System32\wcmcsp.dll - ok
03:05:27.0014 0x14e8  [ FE04048C1D11EEC3FA40982F78CA0178, 003B25BFF67510529506B0F4F5B4EF44BA1993BF604D328DCD8017E957CC28F9 ] C:\Windows\System32\wlanmsm.dll
03:05:27.0014 0x14e8  C:\Windows\System32\wlanmsm.dll - ok
03:05:27.0014 0x14e8  [ 59C04629522B5815BF39F8A310FD2C81, 02096C293E4D6726DD944D1A1D66D2A41D0CDBE887809E8A30ABA95F53D289FA ] C:\Windows\System32\onex.dll
03:05:27.0014 0x14e8  C:\Windows\System32\onex.dll - ok
03:05:27.0014 0x14e8  [ 8E54F32766CFFC9112800533D721236C, A3D0003395EFD4DA6B755A730D969594EE10003F5A5276DF82F1931884ABB53A ] C:\Windows\System32\wlansec.dll
03:05:27.0014 0x14e8  C:\Windows\System32\wlansec.dll - ok
03:05:27.0014 0x14e8  [ F5946BC89C6D350ADADDA9676DF28CF3, EA70848F403DE98A743C02D4020CEE31AAE01861A3EC6A4AE3CEA4DD971A3519 ] C:\Windows\System32\eappprxy.dll
03:05:27.0014 0x14e8  C:\Windows\System32\eappprxy.dll - ok
03:05:27.0030 0x14e8  [ 3B04158DE50AB283B3A5FB5E70C48FB4, 4C50337D26E7AA6523E74212195A4AE9EE9971CE87EA7A2E4FA653F97A6221B1 ] C:\Windows\System32\wlansvcpal.dll
03:05:27.0030 0x14e8  C:\Windows\System32\wlansvcpal.dll - ok
03:05:27.0030 0x14e8  [ 04B39CF60E0E379D400750DAB02D12DB, 41B234D4B16B1829336110099AB45FE8BC575302ADBC7C2DB1F517855EF69FB6 ] C:\Windows\System32\InputSwitch.dll
03:05:27.0030 0x14e8  C:\Windows\System32\InputSwitch.dll - ok
03:05:27.0030 0x14e8  [ 5EC234995AFB7356A8B1A22C9244F243, 28B890FD933638C110DD227CABA929795DA148964E3D7201A10E1B4DD48F3B85 ] C:\Windows\System32\wuaext.dll
03:05:27.0030 0x14e8  C:\Windows\System32\wuaext.dll - ok
03:05:27.0030 0x14e8  [ 2244C13A861137EE7D518607592C221D, C5EFF9BCC41827C25DDA3F6C6E42DC13A376751495FF11C5476A22DC9922ACC9 ] C:\Windows\System32\Windows.UI.Immersive.dll
03:05:27.0030 0x14e8  C:\Windows\System32\Windows.UI.Immersive.dll - ok
03:05:27.0045 0x14e8  [ D9D2CC3B8C41B59B1E964D0F89CCA330, 5F4F07AB7985A238BD09FC468956CC7CE3F9E40BC2B412F87F0B7188C845F14B ] C:\Windows\System32\msxml6.dll
03:05:27.0045 0x14e8  C:\Windows\System32\msxml6.dll - ok
03:05:27.0045 0x14e8  [ F22BC2C1BD805F874540B7595F0C804D, C4AF63DC87DA9CC642C6E4942B77C081625FB4C1D7C3D5E7228DC4704E38643D ] C:\Windows\System32\IDStore.dll
03:05:27.0045 0x14e8  C:\Windows\System32\IDStore.dll - ok
03:05:27.0045 0x14e8  [ 46E0F92B51247ECCE5A837D613517182, CC45C388704E0D55C559AF9C79605B60820CA0A40B758B2B85B0D87CBD0D8845 ] C:\Windows\System32\samcli.dll
03:05:27.0045 0x14e8  C:\Windows\System32\samcli.dll - ok
03:05:27.0045 0x14e8  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] C:\Windows\System32\wbiosrvc.dll
03:05:27.0045 0x14e8  C:\Windows\System32\wbiosrvc.dll - ok
03:05:27.0045 0x14e8  [ 78C409115EF703FCC6941237E7985971, 22E948F4B8A317BEE3F7B237C6BBDEEC55836AEBBF8DD8245F116BA80E48A1E4 ] C:\Windows\System32\UIAutomationCore.dll
03:05:27.0061 0x14e8  C:\Windows\System32\UIAutomationCore.dll - ok
03:05:27.0061 0x14e8  [ 1CD1B2F038D2697EA7AA7127551ED429, 60AA0E874929ED13E305FB51345C48AE0058C0DDC900F0007B7CAC8AD9FBA88F ] C:\Windows\System32\wlidres.dll
03:05:27.0061 0x14e8  C:\Windows\System32\wlidres.dll - ok
03:05:27.0061 0x14e8  [ 059D36ABEC9F2D3F677B8EA9240405CD, B4CD58747DBA0E9C1C22DDFB049302662D7875C6ABF04DA76565FCDFE5AA82C3 ] C:\Windows\System32\batmeter.dll
03:05:27.0061 0x14e8  C:\Windows\System32\batmeter.dll - ok
03:05:27.0061 0x14e8  [ BA247631B40720DAEA89BEFAA4632EB6, D18B009631F89A350B9BA81B11EE49AADF9295E7CDC6B15EE61983A935551A64 ] C:\Windows\System32\PhotoMetadataHandler.dll
03:05:27.0061 0x14e8  C:\Windows\System32\PhotoMetadataHandler.dll - ok
03:05:27.0061 0x14e8  [ AC867DEC5E0E12BA342BF9B00D93F2B6, 2322350D06C734228B597DD3E66F80B700CC903EA1C4B50CED131B786D979AA8 ] C:\Windows\System32\Windows.Globalization.dll
03:05:27.0061 0x14e8  C:\Windows\System32\Windows.Globalization.dll - ok
03:05:27.0076 0x14e8  [ 3095D55353A22224E7972F9B552AA69D, 56B3CF223C08A264836454707F8DE4CB3227929D58A6FDD0E6E21CCA16A62123 ] C:\Windows\System32\msftedit.dll
03:05:27.0076 0x14e8  C:\Windows\System32\msftedit.dll - ok
03:05:27.0076 0x14e8  [ 6A5C1EA6E0B31B168FDE21A1FDC078C2, 7DB716456F61905F9D038FA0E518E9C416614A3F7ED990308BF6F899376FB8D2 ] C:\Windows\System32\msimg32.dll
03:05:27.0076 0x14e8  C:\Windows\System32\msimg32.dll - ok
03:05:27.0076 0x14e8  [ 7A1BAB2BDCF59A506588DDF58ED43E21, C7191778058E0CE498E6B21ADEA8A6928AE8B8669B2F00AB639728538ADDDA64 ] C:\Windows\System32\globinputhost.dll
03:05:27.0076 0x14e8  C:\Windows\System32\globinputhost.dll - ok
03:05:27.0092 0x14e8  [ 775965CF80FA406DEF00A1415372E82A, 73977375178A82A08BA9807C851D33B88E0055D759A2E6D8DC308F39BE3E6373 ] C:\Windows\System32\ninput.dll
03:05:27.0092 0x14e8  C:\Windows\System32\ninput.dll - ok
03:05:27.0092 0x14e8  [ 0DF0FA32C2841537B0610B4179320A3A, 0B998280F28072CDF99BD9DE23A98D04CB07F5B83E412D941004FA3A20E6830C ] C:\Windows\System32\TetheringIeProvider.dll
03:05:27.0092 0x14e8  C:\Windows\System32\TetheringIeProvider.dll - ok
03:05:27.0092 0x14e8  [ CDE696B3F78E5EB7E5766C562891C88D, 27456FED022B2B3716797D714858DD231146368B4732EDBEB6E24E3633BA3144 ] C:\Windows\System32\WiFiDisplay.dll
03:05:27.0092 0x14e8  C:\Windows\System32\WiFiDisplay.dll - ok
03:05:27.0092 0x14e8  [ 4607B84C62D4537B0B7D69B217B8A999, 6488388A6AC111DEFC6726C568256D95D8E3C507739E0A36E039D54F0ED7FE9C ] C:\Windows\System32\wlanapi.dll
03:05:27.0092 0x14e8  C:\Windows\System32\wlanapi.dll - ok
03:05:27.0092 0x14e8  [ 682C1B06C4E00A9DC995E4B2FD626CB2, 52B2820171D1A345EDB6FF61FA27D4B03F86ED91D9C0BC997F9820A5646B1ED2 ] C:\Windows\System32\wlgpclnt.dll
03:05:27.0092 0x14e8  C:\Windows\System32\wlgpclnt.dll - ok
03:05:27.0108 0x14e8  [ 6234321BF60C3CC6D344D3F1B10F0E7C, CFAA2D008E0817D3456FED29CE34E6118A57279DF5C4C7B7CC1965E853C208C0 ] C:\Windows\System32\l2gpstore.dll
03:05:27.0108 0x14e8  C:\Windows\System32\l2gpstore.dll - ok
03:05:27.0108 0x14e8  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys
03:05:27.0108 0x14e8  C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys - ok
03:05:27.0108 0x14e8  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] C:\Windows\System32\shsvcs.dll
03:05:27.0108 0x14e8  C:\Windows\System32\shsvcs.dll - ok
03:05:27.0108 0x14e8  [ 4897A55EEBC1D3F6DFEB1CD94C241F48, A68C504A5BF10D4C4C082EA4E92EC4358B4E09E87FB8C49A16080ABB900C4523 ] C:\Windows\System32\SubscriptionMgr.dll
03:05:27.0108 0x14e8  C:\Windows\System32\SubscriptionMgr.dll - ok
03:05:27.0123 0x14e8  [ 2988ACC988D3FC47447D368CB5450162, 9C5641C621EFDB23DB89BC1AE0AE73F94F38D8ADA128F96A8DD55326F41644F1 ] C:\Windows\System32\wlanhlp.dll
03:05:27.0123 0x14e8  C:\Windows\System32\wlanhlp.dll - ok
03:05:27.0123 0x14e8  [ 045AE8D818B2E74B839597BB9C19C13B, 5C46F86C16E7F9740FEA56D5153B8E438A87B6011AA2C589FF0C1BE21D4BA701 ] C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
03:05:27.0123 0x14e8  C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe - ok
03:05:27.0123 0x14e8  [ C386F4A32947092776A8E4EB88BFCD9E, 2327E2DA46D4E72A170890EA797ED7F0C724D33C09AA679A9DF5FE91CA13158A ] C:\Windows\System32\fveapi.dll
03:05:27.0123 0x14e8  C:\Windows\System32\fveapi.dll - ok
03:05:27.0123 0x14e8  [ 7913D3236FC4EE7EB28B80361B1737BD, 641BD5CBEAFE7A1828E798CEDFB433F68D7ADEAF21E4C983FF652093BDFA9AE9 ] C:\Windows\System32\bcd.dll
03:05:27.0123 0x14e8  C:\Windows\System32\bcd.dll - ok
03:05:27.0139 0x14e8  [ D50705D14E8C876A47FF14B999B4A6C3, 56D28EDB5F039F48DF1000FC7FB736556FF9A0A583D9A567F2533620F3A8FB96 ] C:\Windows\System32\fvecerts.dll
03:05:27.0139 0x14e8  C:\Windows\System32\fvecerts.dll - ok
03:05:27.0139 0x14e8  [ D9053149D55CEB13C66A69A00A1B6D7D, 5C90FDC824E17435C6A1C868D8DE0947380D01143097501F878017FFD8298AD1 ] C:\Windows\System32\wbem\wbemprox.dll
03:05:27.0139 0x14e8  C:\Windows\System32\wbem\wbemprox.dll - ok
03:05:27.0139 0x14e8  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] C:\Windows\System32\schedsvc.dll
03:05:27.0139 0x14e8  C:\Windows\System32\schedsvc.dll - ok
03:05:27.0139 0x14e8  [ 527429623E2A20C53DB246C51E6F2726, C3B714A70D58A2F31B6D3CB9527FF007E23D49A49EED4DF5F75BBE1BDA01D571 ] C:\Windows\System32\wbemcomn.dll
03:05:27.0139 0x14e8  C:\Windows\System32\wbemcomn.dll - ok
03:05:27.0139 0x14e8  [ 39435F4007F1CEDEF04356892B18D174, 72FB052CFA59CE8A60514628D88B34ADA5ADA4DBE727B705908B5B36061126A3 ] C:\Windows\System32\ubpm.dll
03:05:27.0139 0x14e8  C:\Windows\System32\ubpm.dll - ok
03:05:27.0155 0x14e8  [ 5B9290D5540BDC461500DB84FC3606F0, 5F7DD7581C21D107A933460085C126751DA535D01878C86D9159320194EF886E ] C:\Windows\System32\CSystemEventsBrokerClient.dll
03:05:27.0155 0x14e8  C:\Windows\System32\CSystemEventsBrokerClient.dll - ok
03:05:27.0155 0x14e8  [ E04863DDDA4D5386895D316B9A26958F, 326E1DC9AB3871F86A0DBAACEC1952A5018A0440269AF84EF9129C121440CC16 ] C:\Windows\System32\ktmw32.dll
03:05:27.0155 0x14e8  C:\Windows\System32\ktmw32.dll - ok
03:05:27.0155 0x14e8  [ 68DEABD4CB0CF3920D3B6CCAA36173BC, C87F86DE3E366975919D2A5722E9942F643D9B81185E06B49968D3A7BD1D76C0 ] C:\Windows\System32\taskcomp.dll
03:05:27.0155 0x14e8  C:\Windows\System32\taskcomp.dll - ok
03:05:27.0155 0x14e8  [ 070B4DE2729515E9F22E4AAFD7B2497C, 1353572251F10FAA92B586D5B483BD3684B86AA2292EF0D180B2E84910914624 ] C:\Windows\System32\ntmarta.dll
03:05:27.0155 0x14e8  C:\Windows\System32\ntmarta.dll - ok
03:05:27.0170 0x14e8  [ 4A57CB09CFABF4918ECF8DEB60488A27, 782549309FAA671646AE7E66DAF5F1860A16E092463F7403A2F83255130A07B4 ] C:\Windows\System32\actxprxy.dll
03:05:27.0170 0x14e8  C:\Windows\System32\actxprxy.dll - ok
03:05:27.0170 0x14e8  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] C:\Windows\System32\drivers\http.sys
03:05:27.0170 0x14e8  C:\Windows\System32\drivers\http.sys - ok
03:05:27.0170 0x14e8  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] C:\Windows\System32\spoolsv.exe
03:05:27.0170 0x14e8  C:\Windows\System32\spoolsv.exe - ok
03:05:27.0170 0x14e8  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] C:\Windows\System32\BFE.DLL
03:05:27.0170 0x14e8  C:\Windows\System32\BFE.DLL - ok
03:05:27.0186 0x14e8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] C:\Windows\System32\drivers\bowser.sys
03:05:27.0186 0x14e8  C:\Windows\System32\drivers\bowser.sys - ok
03:05:27.0186 0x14e8  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] C:\Windows\System32\drivers\mpsdrv.sys
03:05:27.0186 0x14e8  C:\Windows\System32\drivers\mpsdrv.sys - ok
03:05:27.0186 0x14e8  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] C:\Windows\System32\MPSSVC.dll
03:05:27.0186 0x14e8  C:\Windows\System32\MPSSVC.dll - ok
03:05:27.0186 0x14e8  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] C:\Windows\System32\drivers\mrxsmb.sys
03:05:27.0186 0x14e8  C:\Windows\System32\drivers\mrxsmb.sys - ok
03:05:27.0186 0x14e8  [ 098A6AC9EC3D8958F2404073E488945A, 9A91353E62A4E65943B2B8080D768A5211D9F1927836211A9CA66D76EBA030EC ] C:\Windows\System32\netcfgx.dll
03:05:27.0186 0x14e8  C:\Windows\System32\netcfgx.dll - ok
03:05:27.0201 0x14e8  [ 9B95FCB49595A869F27034916382FE57, C9C98C5837D4562CF706B96C4B25AD264E3CA65BD442090F6093C235E1B7AE5E ] C:\Windows\System32\adhapi.dll
03:05:27.0201 0x14e8  C:\Windows\System32\adhapi.dll - ok
03:05:27.0201 0x14e8  [ 9DF590DEA96B6756CF8D73C2525797BE, 3FDF4B8794C800CD6586310A85A46F78AA0130E10712BF72CE442BC7C23715A0 ] C:\Windows\System32\wfapigp.dll
03:05:27.0201 0x14e8  C:\Windows\System32\wfapigp.dll - ok
03:05:27.0201 0x14e8  [ 5D9B166EFBA673C8221C5C97CCFB5BFE, 63F99158CB660FD4BC838B12DE1F4C2F3DAE43AF88EBC68FE73A43B62AF8D257 ] C:\Windows\System32\wcmapi.dll
03:05:27.0201 0x14e8  C:\Windows\System32\wcmapi.dll - ok
03:05:27.0201 0x14e8  [ 1E10B23560C34A90A0FA6ECD26E8565F, 497927962EE856AF72DA6C3DBFA2A5F99E0EE576BFB34F75FCDD7498F75B5BC0 ] C:\Windows\System32\ProximityService.dll
03:05:27.0201 0x14e8  C:\Windows\System32\ProximityService.dll - ok
03:05:27.0217 0x14e8  [ 02E72187BE9329E4D9255BC5AE6D8286, F5CAF4A710052559715D2E7FBF6A6D04A83BFB31B76F8D7A758295936543E74A ] C:\Windows\System32\ProximityCommon.dll
03:05:27.0217 0x14e8  C:\Windows\System32\ProximityCommon.dll - ok
03:05:27.0217 0x14e8  [ 1EE65FEAA57FBC2050AE153D07C8DC3F, 5B3878780D3B3EE4EDA0B880E7D41949CB1D3C69937ACC56B8CDCA17014CF111 ] C:\Windows\System32\ProximityCommonPal.dll
03:05:27.0217 0x14e8  C:\Windows\System32\ProximityCommonPal.dll - ok
03:05:27.0217 0x14e8  [ 02C6DF84328E271C3F844E477CB25169, 04A345135E7150A869AC1B410B138746D53A7BE0934B748EF0C73D36E71487AF ] C:\Windows\System32\ProximityServicePal.dll
03:05:27.0217 0x14e8  C:\Windows\System32\ProximityServicePal.dll - ok
03:05:27.0217 0x14e8  [ EDE582496D0CADEE35EA2B1076FF19A8, EF46CF2BD33340004E403D270442B0EEDF98D92EFBEB403B0377CC4BE9E9D63A ] C:\Windows\System32\taskhost.exe
03:05:27.0217 0x14e8  C:\Windows\System32\taskhost.exe - ok
03:05:27.0217 0x14e8  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] C:\Windows\System32\drivers\mrxsmb20.sys
03:05:27.0217 0x14e8  C:\Windows\System32\drivers\mrxsmb20.sys - ok
03:05:27.0233 0x14e8  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] C:\Windows\System32\drivers\vwifimp.sys
03:05:27.0233 0x14e8  C:\Windows\System32\drivers\vwifimp.sys - ok
03:05:27.0233 0x14e8  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] C:\Windows\System32\wkssvc.dll
03:05:27.0233 0x14e8  C:\Windows\System32\wkssvc.dll - ok
03:05:27.0233 0x14e8  [ 50440A2FEDF6A9D94F2BA06192E172EB, A69F186839D0337FA0DD3EBDAA33479FD21A15484DD47E8F6ED29F4D062151B8 ] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
03:05:27.0233 0x14e8  C:\Program Files (x86)\Bluetooth Suite\AdminService.exe - ok
03:05:27.0233 0x14e8  [ 285F776B002DA6E3FEE357022A54413A, D9C1157ECFFC1C38F9EDE0E927528ACDF760DE713B0BCAD4B7DEF64175D8FD86 ] C:\Windows\System32\MrmCoreR.dll
03:05:27.0233 0x14e8  C:\Windows\System32\MrmCoreR.dll - ok
03:05:27.0248 0x14e8  [ EC757C54CC8F7AEB0A397E7C08A5DC9C, 118B0AD4E4116C8BEA6293CBAD782B5B4BC7ED63593ECAE08F580E674DB0BA56 ] C:\Windows\System32\urlmon.dll
03:05:27.0248 0x14e8  C:\Windows\System32\urlmon.dll - ok
03:05:27.0248 0x14e8  [ 5F4A10FEC62F3E75EDFE4FB8876402D5, 4D1ED8E7B9FB3E2A1EB53D13E16055EF4F31CD6F86644931A24E559CEEEB53AB ] C:\Windows\System32\iertutil.dll
03:05:27.0248 0x14e8  C:\Windows\System32\iertutil.dll - ok
03:05:27.0248 0x14e8  [ F267E9AE8279DF0F4F0246135F2BAF5C, D9CDA37C7788DD22FE9BA9CCF5E3A9D296DE5AED2AD59F543AD66B42B6A6435E ] C:\Windows\System32\wininet.dll
03:05:27.0248 0x14e8  C:\Windows\System32\wininet.dll - ok
03:05:27.0248 0x14e8  [ 7101124E9C48FDBCD7C3DA690990010B, E4FC33B2D38CC75BF0C98A69DA2860F000BC17FFC86C96B342BDFDDE6C247C00 ] C:\Windows\System32\bthprops.cpl
03:05:27.0248 0x14e8  C:\Windows\System32\bthprops.cpl - ok
03:05:27.0264 0x14e8  [ 3B03178E65E6903328644E329B24D8B2, 5B951EF351DB32E3E3623992231ECC8DAB34171E28304916C5359D4710278EDE ] C:\Windows\System32\version.dll
03:05:27.0264 0x14e8  C:\Windows\System32\version.dll - ok
03:05:27.0264 0x14e8  [ 89C84BF2D5A2A5DD867E046488B8DDE3, 174C0BF9B1FB3504D36FEE0D37A0A957FB5D7B38A7878428399EEC6EB4537D44 ] C:\Windows\System32\BluetoothApis.dll
03:05:27.0264 0x14e8  C:\Windows\System32\BluetoothApis.dll - ok
03:05:27.0264 0x14e8  [ 40CFC6671B2442D32E149FF1683212D1, ADC1743CDB98EAC736783156D659364DF8613BCC4C0B6D0AC0D8F05AF18E0BF7 ] C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
03:05:27.0264 0x14e8  C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe - ok
03:05:27.0264 0x14e8  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] C:\Windows\System32\das.dll
03:05:27.0264 0x14e8  C:\Windows\System32\das.dll - ok
03:05:27.0264 0x14e8  [ BA0655E1856A16A14C9BC1FB27B111B9, 974BA0A5ABD08F2579B4A28DE5A8579641B4B3E40EFDFFAA3A0DD733AADE3D01 ] C:\Windows\System32\TpmTasks.dll
03:05:27.0264 0x14e8  C:\Windows\System32\TpmTasks.dll - ok
03:05:27.0280 0x14e8  [ 0D0CD1020D821F4D2AC95280213D2F2E, 8F1CB7DB214EF506030CB74B6780C1F598D1234DF7BBF568678FEA29F74AC65C ] C:\Windows\System32\aepic.dll
03:05:27.0280 0x14e8  C:\Windows\System32\aepic.dll - ok
03:05:27.0280 0x14e8  [ D1A3B6C2F8F39EC7F75D03740A8112A1, CE3EC47954CCC70F78A4E49F8A585CC64B04A2B725A310034571902B663FEBED ] C:\Windows\System32\tbs.dll
03:05:27.0280 0x14e8  C:\Windows\System32\tbs.dll - ok
03:05:27.0280 0x14e8  [ 770D71782A90BE9C48C4310C5C35E25B, 00B9E8B04786D1E93A78F42896023AF2095D69ED70A56042B6C98EB531778779 ] C:\Windows\System32\sfc_os.dll
03:05:27.0280 0x14e8  C:\Windows\System32\sfc_os.dll - ok
03:05:27.0280 0x14e8  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] C:\Windows\System32\cryptsvc.dll
03:05:27.0280 0x14e8  C:\Windows\System32\cryptsvc.dll - ok
03:05:27.0295 0x14e8  [ 6AB51A84C2400F1346CCD6B65766DDCD, EA4871C90E4026618A1415F394367599C5E005D33EBD590B6C8409BCC3DD01B7 ] C:\Windows\System32\cryptcatsvc.dll
03:05:27.0295 0x14e8  C:\Windows\System32\cryptcatsvc.dll - ok
03:05:27.0295 0x14e8  [ ED8901D9AF4023CAD4738D3A4DF9645B, 487DE071FAC1ACB1421DF9F3C770315795BC69031AA40ABB66627574110214C7 ] C:\Windows\System32\crypttpmeksvc.dll
03:05:27.0295 0x14e8  C:\Windows\System32\crypttpmeksvc.dll - ok
03:05:27.0295 0x14e8  [ CD95892713570725F4CBBA99F07CDDF2, FD6367D83487D5C87A9698F162E6C348DAF7DB7D554038658D0E000BD85F9143 ] C:\Windows\System32\dasHost.exe
03:05:27.0295 0x14e8  C:\Windows\System32\dasHost.exe - ok
03:05:27.0295 0x14e8  [ 8FA4755F3BA513F4BAE0A2AF1BE8C5F7, 39748E6B58142793F44DDC89A0F3130022533D4BF38832B8D118915788C24461 ] C:\Windows\System32\vssapi.dll
03:05:27.0295 0x14e8  C:\Windows\System32\vssapi.dll - ok
03:05:27.0311 0x14e8  [ 941EDC6791A09356EEBEC309C1633CA2, 4E1F5843C96FAEE37D553D37FA25005D7412266A4E5DA47487C5420CE1F8ED42 ] C:\Windows\System32\vsstrace.dll
03:05:27.0311 0x14e8  C:\Windows\System32\vsstrace.dll - ok
03:05:27.0311 0x14e8  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] C:\Windows\System32\dps.dll
03:05:27.0311 0x14e8  C:\Windows\System32\dps.dll - ok
03:05:27.0311 0x14e8  [ 2A857CCAFE18B1D396484AC9CC0B9B80, 8FA28E3ED2B6571E40B9471DAA45F6A530FE4B644A08DC49847AE66FC77449A4 ] C:\Windows\System32\mscoree.dll
03:05:27.0311 0x14e8  C:\Windows\System32\mscoree.dll - ok
03:05:27.0311 0x14e8  [ 32AD6B4D813643E339EB8EA7AB18670B, 4A97F2E303ED16AED9EBB948DC76562558292B1DC934664C7406D1E066FA34D3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
03:05:27.0311 0x14e8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
03:05:27.0311 0x14e8  [ 836B35C5C8C5E6DE6CB0035D075755C7, C1522217DF4AACEA708C6D156765EBA9646D335A86644E3787B81FC0FB06E80E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
03:05:27.0311 0x14e8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
03:05:27.0326 0x14e8  [ D69139606B4DCF4399DCD6DC6B19B52D, A831319C6D94C660084F57E9808B590BEADA273354ED5FDB9CCAC1E4DCD6F5D4 ] C:\Windows\System32\msvcr120_clr0400.dll
03:05:27.0326 0x14e8  C:\Windows\System32\msvcr120_clr0400.dll - ok
03:05:27.0326 0x14e8  [ 038370FBF8C77865CB1C9CD06826DB41, 9CB35B2FD94E0EE793FD3DC534F13924E4AD413333383841D5A442AEDC05210F ] C:\Windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
03:05:27.0326 0x14e8  C:\Windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll - ok
03:05:27.0326 0x14e8  [ 8074E4C2165E1CB792D917B308580050, F07627507739FD55C977C0047AFF4FAB67453684EEFEC3F6D37691F4BBEF654B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\fc9860df7e7c03efd26ad5311301dfcb\mscorlib.ni.dll
03:05:27.0326 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\fc9860df7e7c03efd26ad5311301dfcb\mscorlib.ni.dll - ok
03:05:27.0326 0x14e8  [ 128FEE89035D9F09682A396998769B69, 318A2C182B68754DC569CC2C1534A02CE969ED183D4EA492F01975DCDEE8765C ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
03:05:27.0326 0x14e8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
03:05:27.0342 0x14e8  [ BF2B408231C081BAA04DF4CD2F411902, 38DC7CC0770ABF12D0E77A837EDA70CC35C03EC1B44C04641E9BE4FBEFE1BF45 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\82516df82d140bc152c7916f632d3df3\System.ni.dll
03:05:27.0342 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\82516df82d140bc152c7916f632d3df3\System.ni.dll - ok
03:05:27.0342 0x14e8  [ CB1C34E417AAB7244760A0AD322F655F, 1DC6452CCC0B3F526EBE884544CA1295AA6F9987DF50BAB39F78B5441E89ED62 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\3d5e322a749989a08d5ce14040504f29\System.ServiceProcess.ni.dll
03:05:27.0342 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\3d5e322a749989a08d5ce14040504f29\System.ServiceProcess.ni.dll - ok
03:05:27.0342 0x14e8  [ 6029BFC2F8C257BBCFE5F4BE2E59924B, FC91B72DD771048E2CA1D2D1506FCC8C06E24F0931388C8FA40EFF61E2E9FB3D ] C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\DeviceSupport.dll
03:05:27.0342 0x14e8  C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\DeviceSupport.dll - ok
03:05:27.0342 0x14e8  [ 7C3B449F661D99A9B1033A14033D2987, AE996EDB9B050677C4F82D56092EFDC75F0ADDC97A14E2C46753E2DB3F6BD732 ] C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\msvcr110.dll
03:05:27.0342 0x14e8  C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\msvcr110.dll - ok
03:05:27.0358 0x14e8  [ 7CAA1B97A3311EB5A695E3C9028616E7, 27F394AE01D12F851F1DEE3632DEE3C5AFA1D267F7A96321D35FD43105B035AD ] C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\msvcp110.dll
03:05:27.0358 0x14e8  C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\msvcp110.dll - ok
03:05:27.0358 0x14e8  [ 63E5E7C8C02E4FF32357E83C900E6E94, A1171D9D8225A003EBA139B00802495802AE0C3D1FF9A23CCD7CC4D17011416C ] C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\Interop.SRS_APO2011_ControllerLib.dll
03:05:27.0358 0x14e8  C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\Interop.SRS_APO2011_ControllerLib.dll - ok
03:05:27.0358 0x14e8  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
03:05:27.0358 0x14e8  C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
03:05:27.0358 0x14e8  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] C:\Windows\System32\IKEEXT.DLL
03:05:27.0358 0x14e8  C:\Windows\System32\IKEEXT.DLL - ok
03:05:27.0373 0x14e8  [ E3EAC65E289EC7AD6D966DC6390A80E2, 934B1AB35B86B568F9051C304150222CB76496E16E0A117589D7BE95A08BECB6 ] C:\Program Files\IDT\OEM\slcnt64.dll
03:05:27.0373 0x14e8  C:\Program Files\IDT\OEM\slcnt64.dll - ok
03:05:27.0373 0x14e8  [ 234F79CD1226D634BBC6B154E4CC7A44, 5BD370BFEBD9D583C3D4AA556FEF3716220362917C78058909470B096A30B1DC ] C:\Windows\System32\vpnikeapi.dll
03:05:27.0373 0x14e8  C:\Windows\System32\vpnikeapi.dll - ok
03:05:27.0373 0x14e8  [ 325D9D1D5D819BD6474BC3E674650138, 5657C46954E02A276439E385299FD3392A828DA223C37EA7A711264045D8609D ] C:\Windows\System32\cryptxml.dll
03:05:27.0373 0x14e8  C:\Windows\System32\cryptxml.dll - ok
03:05:27.0373 0x14e8  [ CB79FA82A5D7CEAAA804EF15E87CC6D2, 135123FE906E94A9419DFF8CED771EBACD9C47631FDA2B05D15D76A40E096F67 ] C:\Windows\System32\webservices.dll
03:05:27.0373 0x14e8  C:\Windows\System32\webservices.dll - ok
03:05:27.0389 0x14e8  [ E5B1B9A202DE99C9126C5F57A1EA0C6C, 34FB2E9F678EAE9688680BB0EAD3B7DACC43C17AA7C7DEB7EE6BAC0ABFE754C5 ] C:\Program Files\IDT\OEM\sltech64.dll
03:05:27.0389 0x14e8  C:\Program Files\IDT\OEM\sltech64.dll - ok
03:05:27.0389 0x14e8  [ 3CBC5C08374816556505A4425B9B943D, 926B5C82CCC1331FB0E352A625420F4A1DAE6D425D8E49742237FCFFC96578F6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\096c19641750c7574a2c93533ac523ef\System.Management.ni.dll
03:05:27.0389 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\096c19641750c7574a2c93533ac523ef\System.Management.ni.dll - ok
03:05:27.0389 0x14e8  [ 50521B64C35C6723D6554ACE661634B5, 7F66FD163034328D710B4EC45B8B0E90F524DBAC865C7F435763D17F339D4759 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\abc647830f9313dc2abccf73eee14276\System.Core.ni.dll
03:05:27.0389 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\abc647830f9313dc2abccf73eee14276\System.Core.ni.dll - ok
03:05:27.0389 0x14e8  [ D7109186046CC1AFF17BDBD192E00308, A58CA744DC1E0D896A20E406B6B20AC1EE55B2CF48FE2A927CC7E10169A0D2E3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll
03:05:27.0389 0x14e8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll - ok
03:05:27.0389 0x14e8  [ 5FB52C4367FCABB27373F701C714192C, 99ECC9D01120A7FBAE2E47CF11A66F56ACC2B4ADC377AC6DB6BA377EF59BF6E1 ] C:\Windows\System32\wbem\wmiutils.dll
03:05:27.0405 0x14e8  C:\Windows\System32\wbem\wmiutils.dll - ok
03:05:27.0405 0x14e8  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
03:05:27.0405 0x14e8  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe - ok
03:05:27.0405 0x14e8  [ 986ABF43F76F5B0E3557363FB4925C78, 56FF297FCBD3120598E1B90F273850AAF9BE95BF0AA011B961A930FF155686F9 ] C:\Windows\SysWOW64\ntdll.dll
03:05:27.0405 0x14e8  C:\Windows\SysWOW64\ntdll.dll - ok
03:05:27.0405 0x14e8  [ 7F1FC7E98B7DD19BDBB4B2424F93DA8B, 9AC39A9321D62B7064590DE6BA296EC3321B1389A0E99B9CB37CCAA43455B1EB ] C:\Windows\SysWOW64\kernel32.dll
03:05:27.0405 0x14e8  C:\Windows\SysWOW64\kernel32.dll - ok
03:05:27.0420 0x14e8  [ AFA852563F2145C26B34F939487A86E9, FBF3F8C9F2B9E39976F3F4DE1DC4A51DA599515CA7CEF3FAFBB6E66E9B53BD0C ] C:\Windows\SysWOW64\KernelBase.dll
03:05:27.0420 0x14e8  C:\Windows\SysWOW64\KernelBase.dll - ok
03:05:27.0420 0x14e8  [ 80B7844BF20D44E1789EA6F46FC9CA9B, A95A090C727DF6BB731BFFE121B2E831CEEC33C30404EF206ECC149551F8021B ] C:\Windows\SysWOW64\advapi32.dll
03:05:27.0420 0x14e8  C:\Windows\SysWOW64\advapi32.dll - ok
03:05:27.0420 0x14e8  [ A33629C51295570FE9F252A39DDCEA93, 061FCF3A89632883BC3023D75D8264BFC897F5AEEE5F076D4D79412CD554BA6A ] C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamsrv.dll
03:05:27.0420 0x14e8  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamsrv.dll - ok
03:05:27.0420 0x14e8  [ 53A5F1B984F585997968CD0DFB27400C, 74045E90F4453E3C4EA02300C67662FA90436D5DA8F35D41875DE47AC2576B70 ] C:\Program Files (x86)\ Malwarebytes Anti-Malware \msvcp100.dll
03:05:27.0420 0x14e8  C:\Program Files (x86)\ Malwarebytes Anti-Malware \msvcp100.dll - ok
03:05:27.0436 0x14e8  [ DC0213118E61E5CA865092109860792C, C8E64CF58CCDEC18257DB2903F4EA8B472C4999C367FCAB8944C507BF522D17A ] C:\Program Files (x86)\ Malwarebytes Anti-Malware \msvcr100.dll
03:05:27.0436 0x14e8  C:\Program Files (x86)\ Malwarebytes Anti-Malware \msvcr100.dll - ok
03:05:27.0436 0x14e8  [ A5BD16CF06D4ECB6445BFCAC9C0A366F, 07283D52AE5FB402A0155DCAD2141180D55C840F4E872C03F9F13EA66BADD719 ] C:\Windows\SysWOW64\netapi32.dll
03:05:27.0436 0x14e8  C:\Windows\SysWOW64\netapi32.dll - ok
03:05:27.0436 0x14e8  [ E572557FD4CA855642A0B26CC9F3C788, 891D833853FB1CDEB57E6FBDF985360DADC7CB7642AD7A0107C15119CAD40C6E ] C:\Windows\SysWOW64\secur32.dll
03:05:27.0436 0x14e8  C:\Windows\SysWOW64\secur32.dll - ok
03:05:27.0436 0x14e8  [ 52EF8037A22F0EB0083AA29EAC706495, 31E4790C685DF7530E8E6A50CE73651144C51F82D91985D4F48F4B8696499122 ] C:\Windows\SysWOW64\psapi.dll
03:05:27.0436 0x14e8  C:\Windows\SysWOW64\psapi.dll - ok
03:05:27.0451 0x14e8  [ DFD3F397BE9B1EE411A25DE34B6D58CE, 5160A9DA0D7E885AC2190A2DAE1F1BCC19E40511DE598979C61AFCC06B98A14C ] C:\Windows\SysWOW64\userenv.dll
03:05:27.0451 0x14e8  C:\Windows\SysWOW64\userenv.dll - ok
03:05:27.0451 0x14e8  [ 5200C5F299CBE2079C393306BCC43B75, 5F75962447FE48BE04A5EC0A6B773046B879E5AC41D53A086558C14D99F63970 ] C:\Windows\SysWOW64\shell32.dll
03:05:27.0451 0x14e8  C:\Windows\SysWOW64\shell32.dll - ok
03:05:27.0451 0x14e8  [ DD5B2173CFD5A32C66497B5C83D2F38D, 6AD1B50188FF7BD3AF5FD736874A2B5CD40A5D03E84662BCBF37DEB736B5C06F ] C:\Windows\SysWOW64\ole32.dll
03:05:27.0451 0x14e8  C:\Windows\SysWOW64\ole32.dll - ok
03:05:27.0451 0x14e8  [ CF4C3815E577C7DC32BB8DB90F0B34C1, D9A7D96DD65F701A7B957340580D4AC810AC5991AD7A4B62196F6EC9C345764E ] C:\Windows\SysWOW64\oleaut32.dll
03:05:27.0451 0x14e8  C:\Windows\SysWOW64\oleaut32.dll - ok
03:05:27.0451 0x14e8  [ 6EBA4AA97BA64CEB363C1C8CE12214F9, 8DFCEF622E810C3AC2C3B0CED1303E18E3FB745460572B24722E556A5BE4E68F ] C:\Windows\SysWOW64\msvcrt.dll
03:05:27.0451 0x14e8  C:\Windows\SysWOW64\msvcrt.dll - ok
03:05:27.0467 0x14e8  [ 2294AB089A055F4621FDE40DDFAD4D7E, 5261EF53E78A3BE324609AF5A6D9E90C81B76204765118AFC53A1489992A47EC ] C:\Windows\SysWOW64\rpcrt4.dll
03:05:27.0467 0x14e8  C:\Windows\SysWOW64\rpcrt4.dll - ok
03:05:27.0467 0x14e8  [ 3503F1397CB9BEE0D9684A7CA4C1C315, A2F786D75653A46ED086A83CC85941DEA72F7F814325A9891F4420521BFED45D ] C:\Windows\SysWOW64\sechost.dll
03:05:27.0467 0x14e8  C:\Windows\SysWOW64\sechost.dll - ok
03:05:27.0467 0x14e8  [ ACBA82820AF2B51B31969A0570A993F7, CCE1DB7255B3C0D1B3001EE8BFA322E25F1C955446F6A91B5DB3506803FD7462 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
03:05:27.0467 0x14e8  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
03:05:27.0467 0x14e8  [ 428AF7FA03FF09CE1CD373ABFEBAD8A3, 43B3F6953DA33D87F58BA03295877ABA89FC9F36C0229A9D0D4A423B21629988 ] C:\Windows\SysWOW64\ws2_32.dll
03:05:27.0467 0x14e8  C:\Windows\SysWOW64\ws2_32.dll - ok
03:05:27.0467 0x14e8  [ 91C7C50B2A290B82604163B5A679EA24, 37ABC67B400E0A037B6E926FEFA669EFF7B1EF86E19924904E18683275F4E374 ] C:\Program Files (x86)\ Malwarebytes Anti-Malware \Qt5Core.dll
03:05:27.0467 0x14e8  C:\Program Files (x86)\ Malwarebytes Anti-Malware \Qt5Core.dll - ok
03:05:27.0483 0x14e8  [ 9FAC7693213C54B25D0DC48BC20686CF, 9C9485DA86EED0399A5E91EE8C687C442435C97B239424983E76E201DDF852F7 ] C:\Windows\SysWOW64\crypt32.dll
03:05:27.0483 0x14e8  C:\Windows\SysWOW64\crypt32.dll - ok
03:05:27.0483 0x14e8  [ 170A3370144196F72A04038B652732EF, 7497C64729B70B79E9785321C3CA5230A49706061EA6335CFF2ECAE35511CA89 ] C:\Windows\SysWOW64\user32.dll
03:05:27.0483 0x14e8  C:\Windows\SysWOW64\user32.dll - ok
03:05:27.0483 0x14e8  [ DB530B4C83DC2439EA2397613C841AF4, 8ACB4700FF1A9F195E70D2FDD7326425B6197F8CD322A712080423BD973E5AF5 ] C:\Windows\SysWOW64\version.dll
03:05:27.0483 0x14e8  C:\Windows\SysWOW64\version.dll - ok
03:05:27.0483 0x14e8  [ 9EE220DEE3DA294D3815E2D4EB56A7D9, B6537D24229797ACD5BDDA7D69463F26706B2AF71DC9B8C3962B4C2DAF5733B0 ] C:\Windows\SysWOW64\wtsapi32.dll
03:05:27.0483 0x14e8  C:\Windows\SysWOW64\wtsapi32.dll - ok
03:05:27.0498 0x14e8  [ 0E9317A95DD3E678AFCD457DAAD01DA5, E5790F6E2F526CE67C4DEE6277AEF29AD71ACC6C75FC865F96C9E9A86E693D0E ] C:\Windows\SysWOW64\netutils.dll
03:05:27.0498 0x14e8  C:\Windows\SysWOW64\netutils.dll - ok
03:05:27.0498 0x14e8  [ 522BF7088E69948A20DD5C89D359B2C4, 20949159376225C7DB8B4CBBA1F0C06113E2DED7369B59329AF00D3295BC627B ] C:\Windows\SysWOW64\srvcli.dll
03:05:27.0498 0x14e8  C:\Windows\SysWOW64\srvcli.dll - ok
03:05:27.0498 0x14e8  [ 46DAF6EFC4D7E1C8AC9E0179EFB4B3A9, 13FA959D4D82336A22A118EFC6B59E4F64B90AF0FDEB7FD10ACF0C2556AB4D44 ] C:\Windows\SysWOW64\wkscli.dll
03:05:27.0498 0x14e8  C:\Windows\SysWOW64\wkscli.dll - ok
03:05:27.0498 0x14e8  [ 2A3626E0B7F5A5317902EBDAF2B4CCE0, EA30725A98FFF09667CB6A53A2E17A8CA9669E4A7BC27CE4459327EC4F6B137D ] C:\Windows\SysWOW64\combase.dll
03:05:27.0498 0x14e8  C:\Windows\SysWOW64\combase.dll - ok
03:05:27.0514 0x14e8  [ CC877931A205C47710456FFEE0BEF29D, 3A063C6B064BBE812FCB9A54AC3AFF946A86C022028B48416AB8A164953CC67E ] C:\Windows\SysWOW64\profapi.dll
03:05:27.0514 0x14e8  C:\Windows\SysWOW64\profapi.dll - ok
03:05:27.0514 0x14e8  [ 6CB5CFF7F48B8E226523BF2E849AA6E5, A92EEF4B85C2F246447F3061156527305D9C410B0491ED79F6FF11684CD4BD06 ] C:\Windows\SysWOW64\shlwapi.dll
03:05:27.0514 0x14e8  C:\Windows\SysWOW64\shlwapi.dll - ok
03:05:27.0514 0x14e8  [ E46E5AC5AFF7DB8E39E2405AD6083138, 8B7CDBB9DF8CD54ADCCFE140FC3FF56996BEA3AC5E450DF7557EC3CA9D378CEC ] C:\Windows\SysWOW64\gdi32.dll
03:05:27.0514 0x14e8  C:\Windows\SysWOW64\gdi32.dll - ok
03:05:27.0514 0x14e8  [ 5D7148704D8715482695A534887359FA, A194BE35CFB3B5B157E4DEF24E4615EBE8C04156ABFD19718AA906598D26487E ] C:\Windows\SysWOW64\mpr.dll
03:05:27.0514 0x14e8  C:\Windows\SysWOW64\mpr.dll - ok
03:05:27.0514 0x14e8  [ 64A5D80882CF405F515A1A1D3F136B6A, 954ECB5540F3DCDABCB4BDC738B2AB0ADC063E78F376247E5650DCA9C2B9F504 ] C:\Windows\SysWOW64\nsi.dll
03:05:27.0514 0x14e8  C:\Windows\SysWOW64\nsi.dll - ok
03:05:27.0530 0x14e8  [ 1CF1F62F2484C996DFB99D511E18D662, F807C9B5F39F4A00101C411657DB585B5571E89D9D1B34EBEC757237E886BB9C ] C:\Windows\SysWOW64\sspicli.dll
03:05:27.0530 0x14e8  C:\Windows\SysWOW64\sspicli.dll - ok
03:05:27.0530 0x14e8  [ 3265F568468AB87950342764F6D77E78, 62D063F00323145860C3D2E21C99A4D961E01CED0DC142089FAD25BFFC6CEFE8 ] C:\Windows\SysWOW64\winnsi.dll
03:05:27.0530 0x14e8  C:\Windows\SysWOW64\winnsi.dll - ok
03:05:27.0530 0x14e8  [ 623825C1F07CC2C80C550FBD6CD3E65B, 2BFE5C4F5F325B0C7A31F83063D727781644C00E419025E50B8239D6E2468090 ] C:\Windows\SysWOW64\bcryptprimitives.dll
03:05:27.0530 0x14e8  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
03:05:27.0530 0x14e8  [ C70E652B7D507AAB25208E1602B29B89, AF903E8815CD60A23C9F91BF071A263D7B5D3202576AB92CFC30429F379DA947 ] C:\Windows\SysWOW64\cryptbase.dll
03:05:27.0530 0x14e8  C:\Windows\SysWOW64\cryptbase.dll - ok
03:05:27.0545 0x14e8  [ 8685F31A9319FB0FA882C736783F5F5E, D772A7FEAEBC794B403EAB98C7E816DDE87A1C1F4AA7B756AA64DF117BD18085 ] C:\Windows\SysWOW64\msasn1.dll
03:05:27.0545 0x14e8  C:\Windows\SysWOW64\msasn1.dll - ok
03:05:27.0545 0x14e8  [ 9D519CCC49EBEF2AB0F3282C097B141B, D1C88FA2DBD3D20C3FA5EB39472F49E5F43F9FC3C6B01B487FD8D31C963F756C ] C:\Windows\SysWOW64\cryptsp.dll
03:05:27.0545 0x14e8  C:\Windows\SysWOW64\cryptsp.dll - ok
03:05:27.0545 0x14e8  [ 68516BC692B58959933B5029747F2A2A, 2984B01D549168AAEE6B7699D7AD76E9D7598C8EBC4631AADCB9FF7EC8D2A89B ] C:\Windows\SysWOW64\rsaenh.dll
03:05:27.0545 0x14e8  C:\Windows\SysWOW64\rsaenh.dll - ok
03:05:27.0545 0x14e8  [ FCA4D9D06C44BA66878DD01D132CD816, 3CF39BD49AC009B528C2788BC433A8E1F2860400BBA9CC39022308C8F8F5EAD9 ] C:\Windows\SysWOW64\SHCore.dll
03:05:27.0545 0x14e8  C:\Windows\SysWOW64\SHCore.dll - ok
03:05:27.0561 0x14e8  [ B832E4D96463DBF77FC3AC35EC6390B3, 2845BCC7E3452A48B5992C676AA9D6DBF47C19AA6CF938CC8F1D1708E22E2309 ] C:\Windows\SysWOW64\bcrypt.dll
03:05:27.0561 0x14e8  C:\Windows\SysWOW64\bcrypt.dll - ok
03:05:27.0561 0x14e8  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
03:05:27.0561 0x14e8  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe - ok
03:05:27.0561 0x14e8  [ 63CE66EF2B30A09308EAFE29BAEC6A75, CD7886AF91EB33166B0A7D5A13352E37A36583A96E008C2586BA3484AD823584 ] C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamcore.dll
03:05:27.0561 0x14e8  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamcore.dll - ok
03:05:27.0561 0x14e8  [ 3AA79A83EC7D1B16D296029035A9C399, 4674894D18CE9026CA54AFA9556987023C14A92EC24AFCB29030B80ABF7E0535 ] C:\Windows\SysWOW64\sfc.dll
03:05:27.0561 0x14e8  C:\Windows\SysWOW64\sfc.dll - ok
03:05:27.0561 0x14e8  [ 9AE11282C83784273732ED155BC9FF4A, 3D9DF61610A18CAAE93DF3D91029D13DE1D329A40D66DA4CCF5163A780693476 ] C:\Windows\SysWOW64\dnsapi.dll
03:05:27.0561 0x14e8  C:\Windows\SysWOW64\dnsapi.dll - ok
03:05:27.0576 0x14e8  [ A4CCD7ED2C5F458F0016EB7A7BE6C949, 4F253590D14653F9BF90619167FC6CA423442909BC9F2A61BE3F1B46409AF40F ] C:\Windows\SysWOW64\wintrust.dll
03:05:27.0576 0x14e8  C:\Windows\SysWOW64\wintrust.dll - ok
03:05:27.0576 0x14e8  [ 5AA28997F6A30EB196A5AB09F684B7BE, E05770774B05836B2EF59A5B2089256268CCB53B41ADC6F3EB3985AC96194F4B ] C:\Windows\SysWOW64\imagehlp.dll
03:05:27.0576 0x14e8  C:\Windows\SysWOW64\imagehlp.dll - ok
03:05:27.0576 0x14e8  [ EB5BB44DBA9F55DB59076E58F6E42C03, DB19B33CC13427CB915BBB1C9AC564AD91A8663AAB4CC64168DA40FAB0711817 ] C:\Windows\SysWOW64\sfc_os.dll
03:05:27.0576 0x14e8  C:\Windows\SysWOW64\sfc_os.dll - ok
03:05:27.0576 0x14e8  [ 2C4965FA375C7C2C1FBD18EFD75F61CF, 5E9870E2034272F0CA7661DA6AD49D90E5D62F5DF5AF1B873342DA65DE193630 ] C:\Windows\SysWOW64\cscapi.dll
03:05:27.0576 0x14e8  C:\Windows\SysWOW64\cscapi.dll - ok
03:05:27.0592 0x14e8  [ 5E03DF8154CCA4D5B236B8AFAF3ECE48, B35B786EE7476A189771CA741862D13C7BBF9233367396371413849FF48C7E23 ] C:\Windows\System32\mfevtps.exe
03:05:27.0592 0x14e8  C:\Windows\System32\mfevtps.exe - ok
03:05:27.0592 0x14e8  [ E034B873FFB81EE0D0B2AE53BC4F3BE1, 73A127864DEFD3522EE90F08A798DC9643884A171C6B47F247B65C4245D46F97 ] C:\Windows\System32\sfc.dll
03:05:27.0592 0x14e8  C:\Windows\System32\sfc.dll - ok
03:05:27.0592 0x14e8  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] C:\Windows\System32\drivers\mrxsmb10.sys
03:05:27.0592 0x14e8  C:\Windows\System32\drivers\mrxsmb10.sys - ok
03:05:27.0592 0x14e8  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] C:\Windows\System32\drivers\Ndu.sys
03:05:27.0592 0x14e8  C:\Windows\System32\drivers\Ndu.sys - ok
03:05:27.0608 0x14e8  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] C:\Windows\System32\nlasvc.dll
03:05:27.0608 0x14e8  C:\Windows\System32\nlasvc.dll - ok
03:05:27.0608 0x14e8  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] C:\Windows\System32\pcasvc.dll
03:05:27.0608 0x14e8  C:\Windows\System32\pcasvc.dll - ok
03:05:27.0608 0x14e8  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] C:\Windows\System32\drivers\PEAuth.sys
03:05:27.0608 0x14e8  C:\Windows\System32\drivers\PEAuth.sys - ok
03:05:27.0608 0x14e8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
03:05:27.0608 0x14e8  C:\Windows\System32\drivers\secdrv.sys - ok
03:05:27.0608 0x14e8  [ 380AA537624F698F4C51C55806D30E69, D27FC209A99E4EE175659590AD5CFD543D77667C0F0D2BC12535EA1E34C88430 ] C:\Windows\System32\ncsi.dll
03:05:27.0608 0x14e8  C:\Windows\System32\ncsi.dll - ok
03:05:27.0623 0x14e8  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] C:\Windows\System32\drivers\srvnet.sys
03:05:27.0623 0x14e8  C:\Windows\System32\drivers\srvnet.sys - ok
03:05:27.0623 0x14e8  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] C:\Windows\System32\drivers\tcpipreg.sys
03:05:27.0623 0x14e8  C:\Windows\System32\drivers\tcpipreg.sys - ok
03:05:27.0623 0x14e8  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] C:\Windows\System32\TODDSrv.exe
03:05:27.0623 0x14e8  C:\Windows\System32\TODDSrv.exe - ok
03:05:27.0623 0x14e8  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] C:\Windows\System32\wiaservc.dll
03:05:27.0623 0x14e8  C:\Windows\System32\wiaservc.dll - ok
03:05:27.0639 0x14e8  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] C:\Windows\System32\winhttp.dll
03:05:27.0639 0x14e8  C:\Windows\System32\winhttp.dll - ok
03:05:27.0639 0x14e8  [ 5878613C2E0EFB4F656DDADC452551B6, C77BA7BBBE979AE507114766681B7E9F28273DA77AC410CF5BF9C850C3469B2A ] C:\Windows\SysWOW64\winsta.dll
03:05:27.0639 0x14e8  C:\Windows\SysWOW64\winsta.dll - ok
03:05:27.0639 0x14e8  [ 90B06AD0BA271ABDD56A77040B39C525, 8838337E09B4555FBD165EB02119B3DE5BC074E33D1A9D39FFFB82B0402F12AE ] C:\Windows\System32\ssdpapi.dll
03:05:27.0639 0x14e8  C:\Windows\System32\ssdpapi.dll - ok
03:05:27.0639 0x14e8  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] C:\Windows\System32\trkwks.dll
03:05:27.0639 0x14e8  C:\Windows\System32\trkwks.dll - ok
03:05:27.0639 0x14e8  [ 90B85FFBDEEAD1BE861D59134EA985B0, ED0DC979EED9AB9933C49204D362DE575C7112A792633FDA75BB5D1DAB50A5C2 ] C:\Program Files\Windows Defender\MsMpEng.exe
03:05:27.0639 0x14e8  C:\Program Files\Windows Defender\MsMpEng.exe - ok
03:05:27.0655 0x14e8  [ 6E49FFDFBAC4AC6CB45238C67E3E15F2, AC2EC3D322E9227CD8C7637444D86F5737175BED5C770805A1782ED47BBCE50D ] C:\Windows\System32\wiatrace.dll
03:05:27.0655 0x14e8  C:\Windows\System32\wiatrace.dll - ok
03:05:27.0655 0x14e8  [ 2EDEA049EF63BDC17CDEB17090788DC2, 2A0DD727289114B64000D2DC374A78EF6669CCFF7DF5FA0D17B4D49A665279BC ] C:\Program Files\Windows Defender\MpSvc.dll
03:05:27.0655 0x14e8  C:\Program Files\Windows Defender\MpSvc.dll - ok
03:05:27.0655 0x14e8  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] C:\Windows\System32\sysmain.dll
03:05:27.0655 0x14e8  C:\Windows\System32\sysmain.dll - ok
03:05:27.0655 0x14e8  [ 86BEAB5F847094D30E057F7F2C7122B6, 6D131BB98164245D6B3BABD2DF6CA5748D482EA5C488300051B1F043B0CE18A2 ] C:\Program Files\Windows Defender\MpClient.dll
03:05:27.0655 0x14e8  C:\Program Files\Windows Defender\MpClient.dll - ok
03:05:27.0670 0x14e8  [ 415EE38FA22E6489ED95D0C0F1560BD8, 43295A954E388D6D18F70ACB04A672EC96F030C50B68472907C222BD8780E6F7 ] C:\Windows\System32\deviceassociation.dll
03:05:27.0670 0x14e8  C:\Windows\System32\deviceassociation.dll - ok
03:05:27.0670 0x14e8  [ B801371569B9E310BBD068E21D486F1A, 9A98B5ABD1918BE548A4239B4C25C1604FDAE85D865DBE16F2E415399A09707D ] C:\Windows\System32\fundisc.dll
03:05:27.0670 0x14e8  C:\Windows\System32\fundisc.dll - ok
03:05:27.0670 0x14e8  [ 536175601D6FDA57917D18D21476915A, 3482E67616FACA092128498829B726791A921A40281ECBA00484375B89E93FA7 ] C:\Windows\System32\wsdchngr.dll
03:05:27.0670 0x14e8  C:\Windows\System32\wsdchngr.dll - ok
03:05:27.0670 0x14e8  [ D6AE16663985EA7E81E17A1A810AC547, 550A0A765765BC3FDDDD5504FB6BA0159ED459541181F24FF7E9A5926E50621E ] C:\Windows\SysWOW64\ntmarta.dll
03:05:27.0670 0x14e8  C:\Windows\SysWOW64\ntmarta.dll - ok
03:05:27.0686 0x14e8  [ 16BF6ADAED1427A7AF08125DD14BA52C, BE50645151FB85FA044FF29A23ADA5E46001A42ACD0BF204B9AE377CC78AD5DB ] C:\Windows\System32\fdPnp.dll
03:05:27.0686 0x14e8  C:\Windows\System32\fdPnp.dll - ok
03:05:27.0686 0x14e8  [ 89A8491264921184753B472F96A68E2F, 4FC0ACF8023C6324789F6300B4646C23EDCDA6B6409B277DA3C7B000EC94C4D4 ] C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
03:05:27.0686 0x14e8  C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe - ok
03:05:27.0686 0x14e8  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] C:\Windows\System32\wbem\WMIsvc.dll
03:05:27.0686 0x14e8  C:\Windows\System32\wbem\WMIsvc.dll - ok
03:05:27.0686 0x14e8  [ C82FB11F3BBFAD6B72915555B9E8798D, 8EBDFCCEA6D141E79BA4875A9C22CA9F2DFA868327F28E52A7DE5043B10FB13C ] C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll
03:05:27.0686 0x14e8  C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll - ok
03:05:27.0701 0x14e8  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] C:\Windows\System32\drivers\srv2.sys
03:05:27.0701 0x14e8  C:\Windows\System32\drivers\srv2.sys - ok
03:05:27.0701 0x14e8  [ CD7534BA5BA92086B1BC10ADF880FC49, 90FC7A083A95CF79A3B7816A5D0B9CE7B9757A685F412931955AB3B88C8F0530 ] C:\Windows\System32\drivers\srv.sys
03:05:27.0701 0x14e8  C:\Windows\System32\drivers\srv.sys - ok
03:05:27.0701 0x14e8  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] C:\Windows\System32\srvsvc.dll
03:05:27.0701 0x14e8  C:\Windows\System32\srvsvc.dll - ok
03:05:27.0701 0x14e8  [ 380192EE4C9FA50A083C14522E6240C8, 539EF29B97E552F655F73EFB54AE300587F3C6FCE9AF89C81B838997E9E0CD43 ] C:\Program Files\TOSHIBA\Teco\TecoService.exe
03:05:27.0701 0x14e8  C:\Program Files\TOSHIBA\Teco\TecoService.exe - ok
03:05:27.0701 0x14e8  [ 7AEBE66128E5AE12BB3CF5915A44D488, 9DA784B9BDAC2ACC81C6DAC20976CB8255010A389D5C185D44EAE4772E70FBD4 ] C:\Program Files\TOSHIBA\Teco\TecoHci.dll
03:05:27.0701 0x14e8  C:\Program Files\TOSHIBA\Teco\TecoHci.dll - ok
03:05:27.0717 0x14e8  [ 729C0C735C81F839F2ED2E09FFDB6081, C9AF43AEAE12855439CF877D6B97BBDF682B57BF85561579865B69F783B0392C ] C:\Program Files\TOSHIBA\Teco\BatmgrDll.dll
03:05:27.0717 0x14e8  C:\Program Files\TOSHIBA\Teco\BatmgrDll.dll - ok
03:05:27.0717 0x14e8  [ DFC8F7C5B7E9A089E680F644B484C7AD, E3E99604F3C4108CF0B613BFC478A26B26A72918E36A5A5DB2D5C02361124E6F ] C:\Program Files\TOSHIBA\Teco\TecoPower.dll
03:05:27.0717 0x14e8  C:\Program Files\TOSHIBA\Teco\TecoPower.dll - ok
03:05:27.0717 0x14e8  [ 056A7F991CCBDACB5A132419FA244C3E, DD979234DAD651999617EA4721679D2D9B12CF2B82F228448CE3E893066EBAB0 ] C:\Windows\System32\mi.dll
03:05:27.0717 0x14e8  C:\Windows\System32\mi.dll - ok
03:05:27.0717 0x14e8  [ 830445350C7CDEC426FA5E1F9E1B0DAD, D32B25C7E7F093718DCA6E5BD348F3A2C2F4EAF95C4B4F59096B792B4C47D2FD ] C:\Windows\System32\sscore.dll
03:05:27.0717 0x14e8  C:\Windows\System32\sscore.dll - ok
03:05:27.0733 0x14e8  [ 3A8A50121A2600AEC63E4713AF6F25E7, 16D93213978146DFAEA42DAB1F62BD450E379C695D8AF285EF3BB71E245A0309 ] C:\Windows\System32\sscoreext.dll
03:05:27.0733 0x14e8  C:\Windows\System32\sscoreext.dll - ok
03:05:27.0733 0x14e8  [ DC95BA5CD67D17CC1FE467E9A9C9EF64, DA3015DE811416D0D6BAAE81F6F64389EEEF95A5B33B2B6709D311CFBA7A05E4 ] C:\Program Files\TOSHIBA\Teco\TPSCDll.dll
03:05:27.0733 0x14e8  C:\Program Files\TOSHIBA\Teco\TPSCDll.dll - ok
03:05:27.0733 0x14e8  [ 4F096D96285E06CD51AEF7D2D3DE04DA, 5BB420FBE28315F2117376052BB8488CE84A3398DDA65005B8AE1F792017E9A8 ] C:\Program Files\TOSHIBA\Teco\msvcp100.dll
03:05:27.0733 0x14e8  C:\Program Files\TOSHIBA\Teco\msvcp100.dll - ok
03:05:27.0733 0x14e8  [ EB14BA1BB61BC08E9FF137B5E4DB938C, B166FF137343C2D72886BFF26735274B9FA40E99D3FFFD670EFA04A6DB06CC8C ] C:\Windows\System32\miutils.dll
03:05:27.0733 0x14e8  C:\Windows\System32\miutils.dll - ok
03:05:27.0733 0x14e8  [ 38DF4E3D3559F58793E70ED8093A6F2B, F20F4ABA2EC8F8AE488B029D002347356D5607E1C0507DECD2E66D942441D928 ] C:\Windows\System32\wmidcom.dll
03:05:27.0733 0x14e8  C:\Windows\System32\wmidcom.dll - ok
03:05:27.0748 0x14e8  [ E1D793FCCD26B862839217612830ECFC, 4A96199D07370BB44B9BF73F945DC65C6B165593419B41E9F5A5CB82E1A2B7B9 ] C:\Windows\System32\wbem\wbemcore.dll
03:05:27.0748 0x14e8  C:\Windows\System32\wbem\wbemcore.dll - ok
03:05:27.0748 0x14e8  [ DF3CA8D16BDED6A54977B30E66864D33, 1D1A1AE540BA132F998D60D3622F0297B6E86AE399332C3B47462D7C0F560A36 ] C:\Program Files\TOSHIBA\Teco\msvcr100.dll
03:05:27.0748 0x14e8  C:\Program Files\TOSHIBA\Teco\msvcr100.dll - ok
03:05:27.0748 0x14e8  [ 2C6B75D50B9917766FE7BA0C11A1FA23, C510F813EB9CE28E1AEB75740A068AAAEE4A21B21E7E8399CBDC96D95D8CEB9A ] C:\Windows\System32\wbem\esscli.dll
03:05:27.0748 0x14e8  C:\Windows\System32\wbem\esscli.dll - ok
03:05:27.0748 0x14e8  [ 98693D5B381F42BB76012BCAB23FCC54, F95C15974330E9BEF957FEF2D3BA4CD5BEC8A74B8A5AEB1F419796427F2154EE ] C:\Program Files\Windows Defender\MpRtp.dll
03:05:27.0748 0x14e8  C:\Program Files\Windows Defender\MpRtp.dll - ok
03:05:27.0764 0x14e8  [ 57540FE9167823B79A6B9582732ABE50, DC9A0BCB3B9215EFE42FE9E494F74F6424D861016809AE15FECD4C148CC10DA5 ] C:\Windows\System32\fltLib.dll
03:05:27.0764 0x14e8  C:\Windows\System32\fltLib.dll - ok
03:05:27.0764 0x14e8  [ C510810D292782189F8BE12A1B0E366E, 486B8DE1FD5F8125276D423D153BEA653EB47E6C9358417A3F37D71730913B02 ] C:\Windows\System32\wbem\fastprox.dll
03:05:27.0764 0x14e8  C:\Windows\System32\wbem\fastprox.dll - ok
03:05:27.0764 0x14e8  [ 66F78ECB93F16BBDA095D9EA71CD712B, 6F67F61874669C2D5E88E9B567553B73D61C131D1E1ACBB5229A74865A741516 ] C:\Windows\System32\resutils.dll
03:05:27.0764 0x14e8  C:\Windows\System32\resutils.dll - ok
03:05:27.0764 0x14e8  [ 36BC2FF91264BB032FEB927B03DE4C29, 9073945F67C3833D6C4F4841BCFC972068EF9B74F86766B9BEF96DB26A398413 ] C:\Windows\System32\wbem\wbemsvc.dll
03:05:27.0764 0x14e8  C:\Windows\System32\wbem\wbemsvc.dll - ok
03:05:27.0780 0x14e8  [ ADD4BF666238FD0AC47B5B8EF23C908C, 90C1BAF73748EEF5A6EB9232E1D3C91AC1263743DAD52428FC4489583C95D54F ] C:\Program Files\Windows Defender\NisIpsPlugin.dll
03:05:27.0780 0x14e8  C:\Program Files\Windows Defender\NisIpsPlugin.dll - ok
03:05:27.0780 0x14e8  [ 8BCBC2204E959B0A9935CDA1569DFEEC, 452243E53D8B9C372D60BB1F49FD1C843CD30D6CE84D0245EC4B24698C4FFF6A ] C:\Program Files\TOSHIBA\Teco\TPowerSaverDll.dll
03:05:27.0780 0x14e8  C:\Program Files\TOSHIBA\Teco\TPowerSaverDll.dll - ok
03:05:27.0780 0x14e8  [ E6A6677E8B6A877DA515449BE9554294, 0765B7BD112472C5C5033DE174726C9159EDC860ED2821E1F5BD2B43D502522A ] C:\Program Files\TOSHIBA\Teco\TCooling.dll
03:05:27.0780 0x14e8  C:\Program Files\TOSHIBA\Teco\TCooling.dll - ok
03:05:27.0780 0x14e8  [ 0F9594CB8B35FAF12825285415414F85, 2889F4B6C4ED05A9597530C0BA8FF49C91BE81E5F277557412E2ECC59915AE49 ] C:\Windows\System32\clusapi.dll
03:05:27.0780 0x14e8  C:\Windows\System32\clusapi.dll - ok
03:05:27.0780 0x14e8  [ 514F85F9C45618304F54295D4FE0A321, 65C1EEB6B88DAF168C8C26DE237D38FD852C5F11BEC6DAF9E22689B35A2F0D86 ] C:\Program Files\TOSHIBA\Teco\TPwrBrightness.dll
03:05:27.0780 0x14e8  C:\Program Files\TOSHIBA\Teco\TPwrBrightness.dll - ok
03:05:27.0795 0x14e8  [ 201EDF3C5E674BF1FE44D28CC6A76EA2, 33DEA0C6DE9AE915C62794FBBA2625364E68AC5385C4B5FFDE889D90DA54C1AE ] C:\Windows\System32\iphlpsvc.dll
03:05:27.0795 0x14e8  C:\Windows\System32\iphlpsvc.dll - ok
03:05:27.0795 0x14e8  [ 4845FC917AB257CAE4F16A80ADC15412, 6267D746031947F05F08E7D95C98272E22020F89ACC75C545A1B42D03D1C13EA ] C:\Windows\System32\wbem\repdrvfs.dll
03:05:27.0795 0x14e8  C:\Windows\System32\wbem\repdrvfs.dll - ok
03:05:27.0795 0x14e8  [ 70DAA70A39D15868A0DDEDC46B7A823F, 8AAE9195D41BB14C51EDC9C5D011CE6EE28C6960A52D8AB1CA8B386858715C54 ] C:\Windows\System32\httpprxm.dll
03:05:27.0795 0x14e8  C:\Windows\System32\httpprxm.dll - ok
03:05:27.0795 0x14e8  [ 1B8B4F73EE08B5A6EC5A70C96DA90667, 0C93947BC6326D1DC044D8A8198EF81B053EA2131E1F3217AAA050F456140E70 ] C:\Windows\System32\adhsvc.dll
03:05:27.0795 0x14e8  C:\Windows\System32\adhsvc.dll - ok
03:05:27.0812 0x14e8  [ 5CEC21295040B8FA8F26CB07D650954D, 549240C2308AFDB19561940EC3B7DC98AEF39F6655DAB8D541B2A0D4C508E70D ] C:\Windows\System32\netprofm.dll
03:05:27.0812 0x14e8  C:\Windows\System32\netprofm.dll - ok
03:05:27.0817 0x14e8  [ E372BBF897005442ECEB7843CEB394D2, 25EDE9135ECDBE26E1D07DA1292081532474B743F69E75AC895850A70B78AC58 ] C:\Windows\System32\rasadhlp.dll
03:05:27.0817 0x14e8  C:\Windows\System32\rasadhlp.dll - ok
03:05:27.0817 0x14e8  [ 6E98157791491AEBF64B1392293E48A7, 89E6499C150341730113DBA193C0F778FC809E3AAE49A9227FC11A026DACD5EE ] C:\Windows\System32\nci.dll
03:05:27.0817 0x14e8  C:\Windows\System32\nci.dll - ok
03:05:27.0817 0x14e8  [ 582ED9A6D0B34F2F55607562FDA263E9, 4E90E5E761493E5CF62C8813E8BE7357267654A219FAB8F6CF0F8F6FD0431A59 ] C:\Windows\System32\sqmapi.dll
03:05:27.0817 0x14e8  C:\Windows\System32\sqmapi.dll - ok
03:05:27.0817 0x14e8  [ 5FE61B0E223FAC7316526A7B588E9F2D, 5AA77AA71A3BD0E0A6AB64A0771E51D3B1055A8D20D2A328C6BF77747633660B ] C:\Windows\System32\wdscore.dll
03:05:27.0817 0x14e8  C:\Windows\System32\wdscore.dll - ok
03:05:27.0817 0x14e8  [ 1BE19952766D469F7169C32DB28C5D10, 5AC713312316E91E986F5D33168F3A49560080B71BA3DB4C14752A0BD3472A28 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C3A4926-76F9-4A41-9E66-B90723F254B4}\mpengine.dll
03:05:27.0817 0x14e8  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C3A4926-76F9-4A41-9E66-B90723F254B4}\mpengine.dll - ok
03:05:27.0832 0x14e8  [ 824BC775A6B475D872431F6B36DD8BA3, B36C99A9B76DE63CE08794C8BFC49081E2D35D4BB7F993B949DD681F8EB991F8 ] C:\Windows\System32\wbem\WmiPrvSD.dll
03:05:27.0832 0x14e8  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
03:05:27.0832 0x14e8  [ AD74DF37F2D3001F04E6075D89CE3F5E, 3B7E4DDF07EFF88594C29FD5AEFAAE979245002ED61E079B051C77CFB10AD48B ] C:\Program Files\TOSHIBA\Teco\U66G_DLL.dll
03:05:27.0832 0x14e8  C:\Program Files\TOSHIBA\Teco\U66G_DLL.dll - ok
03:05:27.0832 0x14e8  [ A19F9B39E739E89698E662896F4A76B5, 230D95FFE6A47CBB6619A9D66FD097AE83093C48C650E39B953139160F4135EF ] C:\Windows\System32\ncobjapi.dll
03:05:27.0832 0x14e8  C:\Windows\System32\ncobjapi.dll - ok
03:05:27.0832 0x14e8  [ B2CF1AF98C13B3C19FDD7EF1EF56C05F, 016BE1B76DE48572DABBF20797ABAD87F73FB1CBD0A8E293D69B8CA6A1063550 ] C:\Windows\System32\wbem\wbemess.dll
03:05:27.0832 0x14e8  C:\Windows\System32\wbem\wbemess.dll - ok
03:05:27.0848 0x14e8  [ E90A3C2460984362BE38F572842C890A, 11EB6472B843FCF4CCDAA9C67EBDA071748AAE50C3D150C13143C6F90A352078 ] C:\Windows\System32\activeds.dll
03:05:27.0848 0x14e8  C:\Windows\System32\activeds.dll - ok
03:05:27.0848 0x14e8  [ E7CD6B5449030F4F9B29C742664B63B3, 290C95E4865E4F72EB849C458F8AE76BB31F86D20C9C02D2BDF075CA653D6E12 ] C:\Windows\System32\adsldpc.dll
03:05:27.0848 0x14e8  C:\Windows\System32\adsldpc.dll - ok
03:05:27.0848 0x14e8  [ 0488E461EEE18F5CFCE7C1774BBFCBB3, AE7BF9A458547DE3454958320CA97F65EF03430825117C96E53D8D53C7450E17 ] C:\Windows\System32\adsldp.dll
03:05:27.0848 0x14e8  C:\Windows\System32\adsldp.dll - ok
03:05:27.0848 0x14e8  [ DD02C0806C03506E03A24C984502B92B, 9CC961D4161D06F2AE49F5E98331C6D110A14DBD9255ED9C4C32A9490FB53329 ] C:\Windows\System32\secur32.dll
03:05:27.0848 0x14e8  C:\Windows\System32\secur32.dll - ok
03:05:27.0863 0x14e8  [ AB8DC63BB90A2A3DE13B38D8B64B4DC6, A6B9F9BD48C0EFFDB93C66F5C33607BCB32ABC1B36D183B1EF62FB9451E64585 ] C:\Windows\System32\cscapi.dll
03:05:27.0863 0x14e8  C:\Windows\System32\cscapi.dll - ok
03:05:27.0863 0x14e8  [ CE6D08350D0A1278E9A97D94023D1800, 54AACAADDD25CC44B59A7637C3A1E7E3A8392CC6D22F4D2C5A202D29BF44AFC1 ] C:\Windows\System32\wbem\WmiPrvSE.exe
03:05:27.0863 0x14e8  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
03:05:27.0863 0x14e8  [ BFC0069A46E1D1F38AFB253F76964471, A52ABDD2018F0D9C31CF08668A848E85897A7FB646F5082BA5DBD7000593011E ] C:\Windows\System32\wbem\wmiprov.dll
03:05:27.0863 0x14e8  C:\Windows\System32\wbem\wmiprov.dll - ok
03:05:27.0863 0x14e8  [ 43B223C4799777C4DA008469DD913813, 0E112702AC194A2020577554381958ABB6FF08ABE949AD0DDA2BBEB1D4FD60E4 ] C:\Windows\System32\wbem\NCProv.dll
03:05:27.0863 0x14e8  C:\Windows\System32\wbem\NCProv.dll - ok
03:05:27.0863 0x14e8  [ F8BF48FC9E13EA2B1CB256E39F21AE31, CC4D8992DF5D7556352D83B20709042A8DD9B4A5C99CE08B92E6DB1A39AF35D1 ] C:\Windows\System32\wbem\stdprov.dll
03:05:27.0863 0x14e8  C:\Windows\System32\wbem\stdprov.dll - ok
03:05:27.0879 0x14e8  [ D0BAD4E2BCA23BD0DC9930EE4DEA6658, 2B71B72A13DF699C4E5A9C98EF2FF13FDA82C7E6D534A0B61B2E058CB0BACA7D ] C:\Windows\System32\dafupnp.dll
03:05:27.0879 0x14e8  C:\Windows\System32\dafupnp.dll - ok
03:05:27.0879 0x14e8  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] C:\Windows\System32\netprofmsvc.dll
03:05:27.0879 0x14e8  C:\Windows\System32\netprofmsvc.dll - ok
03:05:27.0879 0x14e8  [ 28C35503056748FA88499DAECF3D5557, 95CA9A24B5A782340D75A6268F8503513C4A51FDABE0897300471FD5EE78E960 ] C:\Windows\System32\npmproxy.dll
03:05:27.0879 0x14e8  C:\Windows\System32\npmproxy.dll - ok
03:05:27.0879 0x14e8  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] C:\Windows\System32\browser.dll
03:05:27.0879 0x14e8  C:\Windows\System32\browser.dll - ok
03:05:27.0895 0x14e8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] C:\Windows\System32\wdi.dll
03:05:27.0895 0x14e8  C:\Windows\System32\wdi.dll - ok
03:05:27.0895 0x14e8  [ 03694A8350222AC9F0E8693986E92BE2, 44FB5A8143A5782CB2E6056B04B73CB8E967585BFBED6D98C4AB49CA5AAA3730 ] C:\Windows\System32\diagperf.dll
03:05:27.0895 0x14e8  C:\Windows\System32\diagperf.dll - ok
03:05:27.0895 0x14e8  [ 397006C14C023F8E494093E0EAFADC2A, 108B6BD13697728B79C533F4E3468A025FD5A9834F5D19F6F746448C44D0D182 ] C:\Windows\System32\perftrack.dll
03:05:27.0895 0x14e8  C:\Windows\System32\perftrack.dll - ok
03:05:27.0895 0x14e8  [ 205B59C8B291A707B24C97B123834E70, 04034B153F3D9EF07E08615449250EAA6A3930AE28EB58B1CC1A40D34A812BD0 ] C:\Windows\System32\pnpts.dll
03:05:27.0895 0x14e8  C:\Windows\System32\pnpts.dll - ok
03:05:27.0910 0x14e8  [ 59A343C3BD792AF308400B2EE5E1A924, 3BDA961E92C51293FC9465BEFCD5721992DE115C6943F1396AB5E989C3B32559 ] C:\Windows\System32\wer.dll
03:05:27.0910 0x14e8  C:\Windows\System32\wer.dll - ok
03:05:27.0910 0x14e8  [ CBCA90CF2ACE96038571ED0A7BD3D756, EF9031E493E9E1B4FBD556DA0FB2F0E89313CB8853F379AA277EE3519DED7D64 ] C:\Windows\System32\esent.dll
03:05:27.0910 0x14e8  C:\Windows\System32\esent.dll - ok
03:05:27.0910 0x14e8  [ 647B3E3A60DED8DAECF4F798A058EADB, 9A9DE6F0781FF01512E965D44514CD60DC645DCE8ECAAF0B3001DBA7379BB917 ] C:\Windows\System32\srumsvc.dll
03:05:27.0910 0x14e8  C:\Windows\System32\srumsvc.dll - ok
03:05:27.0910 0x14e8  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] C:\Windows\System32\bthserv.dll
03:05:27.0910 0x14e8  C:\Windows\System32\bthserv.dll - ok
03:05:27.0910 0x14e8  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] C:\Windows\System32\hidserv.dll
03:05:27.0910 0x14e8  C:\Windows\System32\hidserv.dll - ok
03:05:27.0926 0x14e8  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] C:\Windows\System32\ssdpsrv.dll
03:05:27.0926 0x14e8  C:\Windows\System32\ssdpsrv.dll - ok
03:05:27.0926 0x14e8  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] C:\Windows\System32\drivers\WUDFPf.sys
03:05:27.0926 0x14e8  C:\Windows\System32\drivers\WUDFPf.sys - ok
03:05:27.0926 0x14e8  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] C:\Windows\System32\wpdbusenum.dll
03:05:27.0926 0x14e8  C:\Windows\System32\wpdbusenum.dll - ok
03:05:27.0926 0x14e8  [ 4D92CCDBF7BAE2228B1974849D8FDF13, 9B3B32DB1C94FB50117E15F55EEC7474927DCC40AF44ECF1632AD965CCE841BD ] C:\Windows\System32\WUDFPlatform.dll
03:05:27.0926 0x14e8  C:\Windows\System32\WUDFPlatform.dll - ok
03:05:27.0942 0x14e8  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] C:\Windows\System32\WUDFSvc.dll
03:05:27.0942 0x14e8  C:\Windows\System32\WUDFSvc.dll - ok
03:05:27.0942 0x14e8  [ 6AF7948D08E59B5690D3559AEB8E0F93, 66E825B05FE666BE7E8B79BB33E7AF9942D05F2CC6EB2702BA3D2183FB4C4598 ] C:\Windows\System32\wdiasqmmodule.dll
03:05:27.0942 0x14e8  C:\Windows\System32\wdiasqmmodule.dll - ok
03:05:27.0942 0x14e8  [ 8449B6B3E281AF44BEA98D318D7481A5, 74463B6DC0D88B29F3CB28A55C922887102DDD9450EF99242314238FBF488CB7 ] C:\Windows\System32\nduprov.dll
03:05:27.0942 0x14e8  C:\Windows\System32\nduprov.dll - ok
03:05:27.0942 0x14e8  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] C:\Windows\System32\IPSECSVC.DLL
03:05:27.0942 0x14e8  C:\Windows\System32\IPSECSVC.DLL - ok
03:05:27.0942 0x14e8  [ 4C118640604AD6A9E619747F9E236E11, 424126B340957AC727C1901B951CD189F979474B83F8B79248801B3F77ED9F09 ] C:\Windows\System32\dafBth.dll
03:05:27.0942 0x14e8  C:\Windows\System32\dafBth.dll - ok
03:05:27.0957 0x14e8  [ D3F794546CE8666B663A0A906CA97DCA, 9A9133B07FE27AC43716E018260ADB2B24519B2B582254E0FCA2B7DF7394BD36 ] C:\Windows\System32\wpnsruprov.dll
03:05:27.0957 0x14e8  C:\Windows\System32\wpnsruprov.dll - ok
03:05:27.0957 0x14e8  [ BEA157D1857FA63205558750720D9071, EC7FA0E0BBC2B0A826903D6E1989AFE73E5D06780306F478FE715A7E4A73EA7C ] C:\Windows\System32\appsruprov.dll
03:05:27.0957 0x14e8  C:\Windows\System32\appsruprov.dll - ok
03:05:27.0957 0x14e8  [ F13A820F50114A9F364D6CA2A89ECB2E, 068E8308CED9C9FDBBD8CE7507051ED0E66CA9B997B7946CB987D3F89CFBD67F ]

Conchitta · 24.08.2016, 04:40

Code:

ATTFilter

03:05:31.0304 0x14e8  [ C24923BE88DADF8EB9F9FB4E666BCFC1, 1E9A2CEEB28F8388C940D5FC0F42D1F18A48B30B0A159246DD8A144CDD1BE950 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
03:05:31.0304 0x14e8  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
03:05:31.0304 0x14e8  [ 49AFABF92DBA6187482692766CDF7CEF, 66CACDADCDE1E8EF00658FF14E9B247F2D6E77926D1B61E1F34B535FC123EA34 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtc259d85b#\7158baf4a3aded3d2705c93ab81fed24\System.Runtime.WindowsRuntime.UI.Xaml.ni.dll
03:05:31.0304 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtc259d85b#\7158baf4a3aded3d2705c93ab81fed24\System.Runtime.WindowsRuntime.UI.Xaml.ni.dll - ok
03:05:31.0304 0x14e8  [ 919B463EFE7440A34B1961FD60F2AAFD, 0D9D10F7245612887BDBD94A49A11CA03232984B11DCD31DFF5BBD09B3091749 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\1b6c35238563de0cb93d3ed0826a69a3\Windows.Globalization.ni.dll
03:05:31.0304 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\1b6c35238563de0cb93d3ed0826a69a3\Windows.Globalization.ni.dll - ok
03:05:31.0304 0x14e8  [ 67D451868C5A5B2A20A8C86BCC458730, E518DDC23CA8C8F48DBDC536844204AFED85503D3E0EAF0826BF5D442406A4C9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.System\1b9313ac5408d87db8981e315017482d\Windows.System.ni.dll
03:05:31.0304 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.System\1b9313ac5408d87db8981e315017482d\Windows.System.ni.dll - ok
03:05:31.0320 0x14e8  [ F088DCFD75E8FBC094EE11D41CC5962D, 0FE5F12E59BC2B937F033999D8E9CA62148E8342ACA57F0E9053D6B268753F8D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c8849d6fd3bee972ec451baea15949ca\UIAutomationTypes.ni.dll
03:05:31.0320 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c8849d6fd3bee972ec451baea15949ca\UIAutomationTypes.ni.dll - ok
03:05:31.0320 0x14e8  [ C2E9F9E9853C086D6895A69B3620F01E, 0B712CB442429D7A0137D6AF2D66DAFBA0808B45D900D876C3BD964E194BC0D6 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.dll
03:05:31.0320 0x14e8  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.dll - ok
03:05:31.0320 0x14e8  [ F261AF9F70FDD187FEB5BD39D76F4903, 7DDA1A7846CE1EF60B93CBECA55D7C134816B725E2482F250604A15DB0CC5E00 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime\6dd333c4d9129ba8ae919e55de4b63e5\System.Runtime.ni.dll
03:05:31.0320 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime\6dd333c4d9129ba8ae919e55de4b63e5\System.Runtime.ni.dll - ok
03:05:31.0320 0x14e8  [ FE0BBC1E18FCFD1AE15047EFC5E0E89E, 7DC2A2B55A05563A7BCA07ABFDA43F813500C8BFA93484AC7C363E10335EC3F8 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
03:05:31.0320 0x14e8  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll - ok
03:05:31.0336 0x14e8  [ B27E118D9DD914F3D8CA9D6502354655, BDFA7AC81BAD62666F644FA4CB5A5D29F8C6335829FF2CCC590C34481B0E2991 ] C:\Windows\System32\msfeedsbs.dll
03:05:31.0336 0x14e8  C:\Windows\System32\msfeedsbs.dll - ok
03:05:31.0336 0x14e8  [ FCE28EC0D5F44BE64F1F60C659100AB3, 42FABC8059D25028768B8C0961076BABCF8AEFD97A19F1D42923EDFC73A3FCFC ] C:\Windows\System32\WinMetadata\Windows.Security.winmd
03:05:31.0336 0x14e8  C:\Windows\System32\WinMetadata\Windows.Security.winmd - ok
03:05:31.0336 0x14e8  [ 3C7C12972C49DC80F4468E288B7B8418, 37ECEBF0F1E98C41BFF379E2925BBD2BBE845D05942965EC15F600F33DF82791 ] C:\Windows\System32\WinMetadata\Windows.Data.winmd
03:05:31.0336 0x14e8  C:\Windows\System32\WinMetadata\Windows.Data.winmd - ok
03:05:31.0336 0x14e8  [ 25112724737C5897917201556648BA81, 1D8524F01295035E467C6E147B4CFADC19FF1DAECD9CDB25E003DC05869A9FDA ] C:\Windows\System32\WinMetadata\Windows.Devices.winmd
03:05:31.0336 0x14e8  C:\Windows\System32\WinMetadata\Windows.Devices.winmd - ok
03:05:31.0351 0x14e8  [ 1745770D14DCB5737B061D5B40533994, 719D393AB6E21D0A37870A640026AADC548B5D56F140D54E4EF98B2DB22CDEB4 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\6961dbfdba394bca6f1588c23bd33cb8\Windows.Networking.ni.dll
03:05:31.0351 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\6961dbfdba394bca6f1588c23bd33cb8\Windows.Networking.ni.dll - ok
03:05:31.0351 0x14e8  [ 96A20C492C64F5F6EED68EB33E4ECD89, ACF715B19671417F092D71C9A34EC55A65BC6BD27EB4034A573E66A49828D6E4 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Globalization\114358a88ccbde6320d6c4625c8d4fbb\System.Globalization.ni.dll
03:05:31.0351 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Globalization\114358a88ccbde6320d6c4625c8d4fbb\System.Globalization.ni.dll - ok
03:05:31.0351 0x14e8  [ DFF9850B93BB643939EA5A2C6A13566B, A985B1A7425FD71B324D2B313009F1812F18EF658CF9F7F6827B418E58972197 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\b31944a8979a518a2716a6eac4a726d5\Windows.UI.ni.dll
03:05:31.0351 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\b31944a8979a518a2716a6eac4a726d5\Windows.UI.ni.dll - ok
03:05:31.0351 0x14e8  [ 8444BB9CEBF26DB31EF943E954427407, 6A7279CAC7BD61F3F22623936FE2ECE0200EA95817A0A09E2B3797ECA94A2D42 ] C:\Windows\SysWOW64\WinMetadata\Windows.UI.Xaml.winmd
03:05:31.0351 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.UI.Xaml.winmd - ok
03:05:31.0367 0x14e8  [ 2D539FA89CA6E22E6D71876831B6718E, 6290757B1922DC685F9F336B0604CAEAFD93757104BDAF2FCF52755C99EFAE6F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\c8cddddce4d9d23a0c1bec6c053bc616\Windows.UI.Xaml.ni.dll
03:05:31.0367 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\c8cddddce4d9d23a0c1bec6c053bc616\Windows.UI.Xaml.ni.dll - ok
03:05:31.0367 0x14e8  [ 416E174DE0147F5ABC06C797245EF500, C8AAFA2D87FE6BCC8E496533FC28963085EFC91FB716326FEF2659B485E29714 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtbff93e24#\5ac014f734f4e1c3627201ed4eb563d2\System.Runtime.InteropServices.WindowsRuntime.ni.dll
03:05:31.0367 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtbff93e24#\5ac014f734f4e1c3627201ed4eb563d2\System.Runtime.InteropServices.WindowsRuntime.ni.dll - ok
03:05:31.0367 0x14e8  [ 3F346EF402B329140FA9678A78848EB1, A778F5BB496EC875A3AEC18305F322091366EAEEC7D0C5DA24F260917ACF3AFE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ObjectModel\801749fa7be749d055e67dc105a66ddf\System.ObjectModel.ni.dll
03:05:31.0367 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ObjectModel\801749fa7be749d055e67dc105a66ddf\System.ObjectModel.ni.dll - ok
03:05:31.0367 0x14e8  [ 53EF50B28BCAB3E2BF6A90B6B5CA75C6, A1495F9601B367F8738386139F61CBAB7932EAA06537148BA61D01F69A1DCB07 ] C:\Windows\SysWOW64\WinMetadata\Windows.Media.winmd
03:05:31.0367 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Media.winmd - ok
03:05:31.0382 0x14e8  [ EEFAEA70CE7B226DDBBAF44CA830E015, 529E1AB5C85FF251434894EE5E3FE49AB05D099166DAF1871C56DD854ABA636F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.System\f41dd771cd0a512791829ed02a9a8d72\Windows.System.ni.dll
03:05:31.0382 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.System\f41dd771cd0a512791829ed02a9a8d72\Windows.System.ni.dll - ok
03:05:31.0382 0x14e8  [ C2F50539F3A67F2D085EB29C359D0B9F, FEDFEE2AB8CCF1DE2621F8A6A9A5ED7960B9F2EDAADE3583989C398397707A3A ] C:\Windows\SysWOW64\WinMetadata\Windows.Web.winmd
03:05:31.0382 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Web.winmd - ok
03:05:31.0382 0x14e8  [ D19120F6502A8A428E5F886ECB5A56C7, DB8B08608DF680C18765C6CF27ED183C1112349918E430DD8D2589E34B79ED25 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
03:05:31.0382 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll - ok
03:05:31.0382 0x14e8  [ 4D04CB485EB4728CC35C3E225AAF45B7, 1F446213C58A60C48570ACB21F2D48389F2CD609AC6C77AC6A08BBA25625EF03 ] C:\Windows\SysWOW64\WinMetadata\Windows.Graphics.winmd
03:05:31.0382 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Graphics.winmd - ok
03:05:31.0398 0x14e8  [ CB08421F2088172257EE40D46E855753, 548133C1A5AB9730AB126772A7659E1AC8825B5907C417B079D41D585C59CD64 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Web\e055525ee2b3229634a0b0d3454594f6\Windows.Web.ni.dll
03:05:31.0398 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Web\e055525ee2b3229634a0b0d3454594f6\Windows.Web.ni.dll - ok
03:05:31.0398 0x14e8  [ 7CE78BAD60C18BFD186B4A51D1D821B8, 7521320D8F041D54A3EE1A6899B205DCEB8415C83DDDF573D388435558FCD03A ] C:\Windows\SysWOW64\WinMetadata\Windows.ApplicationModel.winmd
03:05:31.0398 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.ApplicationModel.winmd - ok
03:05:31.0398 0x14e8  [ 29725574253A7060DA245BB36D3C3259, C9F01D4C612873373AC5B56CC770D04CEE4489DB79337F7113282B4E41ABA429 ] C:\Windows\SysWOW64\WinMetadata\Windows.Globalization.winmd
03:05:31.0398 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Globalization.winmd - ok
03:05:31.0398 0x14e8  [ B1A7628BFFA7441E45B77FE4DC9ADC57, 287F5ED2D1FB3953F50995B8EAE0633627D05F985A5579763FF0B14D5C1048D9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll
03:05:31.0398 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll - ok
03:05:31.0414 0x14e8  [ 096D01DBBF7749854C8C24DA6AAF953F, EED41304A754738C3A8ECF8B5768225956A13531DF779650D2DBCD411D5C9EBA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Collections\198f99ac9d6a623cf8e98092be902e4d\System.Collections.ni.dll
03:05:31.0414 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Collections\198f99ac9d6a623cf8e98092be902e4d\System.Collections.ni.dll - ok
03:05:31.0414 0x14e8  [ CFB733A3E046C528607DC8C6301F7813, 4B4F242885234D6CB925089CD40D43F12F2858731BA8C7716E1276FBCB956ED6 ] C:\Windows\SysWOW64\WinMetadata\Windows.Foundation.winmd
03:05:31.0414 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Foundation.winmd - ok
03:05:31.0414 0x14e8  [ AEC2C4CB43CD9DFA5A9C0AA0658B3BE1, D4795F27BA2E2AAEB231F86AB4BE37219F22767AB8B8279B8568D0A66AC8AB80 ] C:\Windows\SysWOW64\WinMetadata\Windows.UI.winmd
03:05:31.0414 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.UI.winmd - ok
03:05:31.0414 0x14e8  [ FB4D4A50B7562E2F55590C459184ABE0, B2C5476A4E20477291196D0ED3337A3314CEFC77A6109A1B06673B3F61053AEB ] C:\Windows\SysWOW64\WinMetadata\Windows.Security.winmd
03:05:31.0414 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Security.winmd - ok

Bevor der letzte Teil kommt , wollte ich noch mal Danke sagen & sorry für das "falsche Antworten" & die lange Wartezeit. Ich hatte nicht bemerkt, dass der TDSSKiller - Report nicht gesendet worden ist .

Code:

ATTFilter

03:05:31.0429 0x14e8  [ 7142BE2DA4A1E2920E8291E58F70E129, D816766BC82A84B6E3C4B4DE00854C619F046526EF3865E94E2414E4A6E440FD ] C:\Windows\SysWOW64\WinMetadata\Windows.Data.winmd
03:05:31.0429 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Data.winmd - ok
03:05:31.0429 0x14e8  [ 97872E02254E4BE5B88401BD87AB5B94, A850003D4C9F5387990AB4BA52DBFC773773D1CE45FF799917191F7513769D27 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IO\56a50f284e4ac6941da0759f174ffaff\System.IO.ni.dll
03:05:31.0429 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IO\56a50f284e4ac6941da0759f174ffaff\System.IO.ni.dll - ok
03:05:31.0429 0x14e8  [ 41104EF8CAB86820B39E855EAE773A51, DFDBB769A450B661EC923F60FCDE10EED0AB6E9EC08FE688943397B8BEFFACDD ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Threading\bcc2451c07788e094ddc8c4cb40999a1\System.Threading.ni.dll
03:05:31.0429 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Threading\bcc2451c07788e094ddc8c4cb40999a1\System.Threading.ni.dll - ok
03:05:31.0429 0x14e8  [ BE5DDC4ECA31DB21DC4505390CFE71FE, 353881CAAC4C4F8FFDF1E07A031ABA967D96B86A2246FE327E60CB242A87714F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Thre7bb2aad0#\b9555e309f383104cc978144c186aaeb\System.Threading.Tasks.ni.dll
03:05:31.0429 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Thre7bb2aad0#\b9555e309f383104cc978144c186aaeb\System.Threading.Tasks.ni.dll - ok
03:05:31.0445 0x14e8  [ 9435AF3F1C6C1C61E8EA6304A9579985, FC04926A1FCFA65F5C5773F3BC56841BA13328A072C6275A21BD5868A3FBE812 ] C:\Windows\SysWOW64\WinMetadata\Windows.Storage.winmd
03:05:31.0445 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Storage.winmd - ok
03:05:31.0445 0x14e8  [ 2076519A71D8EB27509252367E9E20F9, 5BBC47A2A0C329A5CDC4FDC4E33B45F22EECCE467B0144685D06ACBA46C00EBC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Linq\a5f95a789e5daaba6fc249c8294111a6\System.Linq.ni.dll
03:05:31.0445 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Linq\a5f95a789e5daaba6fc249c8294111a6\System.Linq.ni.dll - ok
03:05:31.0445 0x14e8  [ A6865E69FA18E49B57EE238BA2C62D9A, 0FB95517E8BF2132467337728460900FC5556000C5B8D1681FA2D4605C800469 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Globalization\be2dab0c9f6144f1331726c373d92c32\System.Globalization.ni.dll
03:05:31.0445 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Globalization\be2dab0c9f6144f1331726c373d92c32\System.Globalization.ni.dll - ok
03:05:31.0445 0x14e8  [ 0091CEC87AA80F107BD5F758D878614D, 68DE2F726519377AF70969635BF69DE37399FCB757DEE0B1D111DD2DD71A1DB4 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt1e58aa76#\f2a24fc73fe5bbe772c71efa68f2021e\System.Runtime.Extensions.ni.dll
03:05:31.0445 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt1e58aa76#\f2a24fc73fe5bbe772c71efa68f2021e\System.Runtime.Extensions.ni.dll - ok
03:05:31.0461 0x14e8  [ 91F3EBBF97237E6D5813CAAF3335C2BD, 6FB172F01536E7369B14B26C21FC378E5F6C933284873863A4262092E13E2F20 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.caf7096d#\e5466e5aebe53654950c03dafec1d456\System.Net.Primitives.ni.dll
03:05:31.0461 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.caf7096d#\e5466e5aebe53654950c03dafec1d456\System.Net.Primitives.ni.dll - ok
03:05:31.0461 0x14e8  [ D53DF2FDE73380EA5220654C94B7CF50, 9B03D60C248A7632DADF31E923BEACDC1638A52EA5094CD20DF2DD587057270D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Requests\03fdb14d6ab1809d3122969e4d927ff2\System.Net.Requests.ni.dll
03:05:31.0461 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Requests\03fdb14d6ab1809d3122969e4d927ff2\System.Net.Requests.ni.dll - ok
03:05:31.0461 0x14e8  [ 81FECA73187C889AB473697C68DF0E80, 6483021303E2DB216D5A7B519C28B185107FB314F00BC5861FF3EF5B4E9F540A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtdf6812ee#\bb0a8c91afc6d67593743d89db1f92d0\System.Runtime.Serialization.Primitives.ni.dll
03:05:31.0461 0x14e8  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtdf6812ee#\bb0a8c91afc6d67593743d89db1f92d0\System.Runtime.Serialization.Primitives.ni.dll - ok
03:05:31.0461 0x14e8  [ F27AC7A195CE555E9300FA0AE53F937A, 3481416F7181E37D83155C9EDEB557D5F199755ED83B84217C8E701DF6657318 ] C:\Windows\SysWOW64\WinMetadata\Windows.System.winmd
03:05:31.0461 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.System.winmd - ok
03:05:31.0476 0x14e8  [ 8BC94F25D15E61A53DEBBF7142457BC4, C67C97EA350C1A5A070FF184F1B09644C3D4CBA47E3B292C001449D9ED33C7B1 ] C:\Windows\SysWOW64\WinMetadata\Windows.Devices.winmd
03:05:31.0476 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Devices.winmd - ok
03:05:31.0476 0x14e8  [ DD740281B7454C26AE4D756D2BF898A2, 3BCBF09D393C2DAB95BBE734C5F86C13FCFB14338313042E07A67E8677AB5A01 ] C:\Windows\SysWOW64\WinMetadata\Windows.Networking.winmd
03:05:31.0476 0x14e8  C:\Windows\SysWOW64\WinMetadata\Windows.Networking.winmd - ok
03:05:31.0476 0x14e8  [ 1F947FF630A7336AB0E39DB409E2C406, 6E3B910A297A0A280CEB82D38AF1DA97C2C9EF210684D109054F72E8337A2F54 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
03:05:31.0476 0x14e8  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll - ok
03:05:31.0476 0x14e8  [ 9911D485A187BF4A78F30CAB8707B41F, D31A1A8394941FDA10B1B5B1886F0292A7E5BCD2738195849DB86DD5DF32C674 ] C:\Windows\SysWOW64\taskschd.dll
03:05:31.0476 0x14e8  C:\Windows\SysWOW64\taskschd.dll - ok
03:05:31.0476 0x14e8  [ 6E639FDBA5E9FA5974EF24412FEA30BF, 07ECAE0B0726FB46D4D13A5B5ACD7CBE72F93F9BBED79EB7EFBC9F685725CFC1 ] C:\Windows\System32\sc.exe
03:05:31.0476 0x14e8  C:\Windows\System32\sc.exe - ok
03:05:31.0492 0x14e8  [ 3599089381EFAAE7D93FC63EB27D04D1, 04B6CD99489732D14A8690634DCAF6E6A012260D0B79C4EC94E50817C94D8E04 ] C:\Windows\System32\pots.dll
03:05:31.0492 0x14e8  C:\Windows\System32\pots.dll - ok
03:05:31.0492 0x14e8  [ 3ED8FA77F41F3AEAE2F0DCC0DB0596FF, F46015926F1D525CB478529BDF9F56C78A4DA0029709CF8EC78B000BBDD2607F ] C:\Windows\System32\backgroundTaskHost.exe
03:05:31.0492 0x14e8  C:\Windows\System32\backgroundTaskHost.exe - ok
03:05:31.0492 0x14e8  [ 734E37BDA5BBE79DDE271F1A3FD031E3, F5C929EEC3E0AB8BA6C21E652C2BBB5A35AF60A5273F3E3F5AD21D3D150B2976 ] C:\Windows\System32\wmdrmdev.dll
03:05:31.0492 0x14e8  C:\Windows\System32\wmdrmdev.dll - ok
03:05:31.0492 0x14e8  [ 06EA746E1CD5A546E980CEA7FDEE6B2F, B3B1FB72FBBB5277D37A3EF9330DEF0CB24DFC482CB48F94663E0C1A9CB7F9DC ] C:\Windows\System32\drmv2clt.dll
03:05:31.0492 0x14e8  C:\Windows\System32\drmv2clt.dll - ok
03:05:31.0507 0x14e8  [ 584A46FA6B56A0279DC47EC99D1C11D8, 6A65E177FFE6127C0DEAA94A57A3178FFCCCE28430A116F5C5601EBC280F395F ] C:\Windows\System32\blackbox.dll
03:05:31.0507 0x14e8  C:\Windows\System32\blackbox.dll - ok
03:05:31.0507 0x14e8  [ 6BA2CEB07CA186E5E5AC06A26C683B2E, 8C5B9A9B081CF07D6016DFBC5EEC3174DE1C2EC22D2A28B8AEF7362E093AC87D ] C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe\Microsoft.Bing.AppEx.Telemetry.winmd
03:05:31.0507 0x14e8  C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe\Microsoft.Bing.AppEx.Telemetry.winmd - ok
03:05:31.0507 0x14e8  [ 6A53F5E1FEA3F6297A3A7E2234DC0FAD, F0A64D70381CCE9D911C5804B2A3B5881FFDF662342059CE88A3DBC610FA95B4 ] C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe\Microsoft.Media.AdaptiveStreaming.winmd
03:05:31.0507 0x14e8  C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe\Microsoft.Media.AdaptiveStreaming.winmd - ok
03:05:31.0507 0x14e8  [ 7805633580258C819664F1C30351C530, EA8E7C08BC3690AB837346BC61C360B2DBA3436035AAC52EADD41A5885DDE5C4 ] C:\Users\conchitta\Downloads\tdsskiller.exe
03:05:31.0507 0x14e8  C:\Users\conchitta\Downloads\tdsskiller.exe - ok
03:05:31.0507 0x14e8  [ 1144E34385970A8777AF5A7F8905A954, E286A8E181725A555D616DF35D3398C7E1E9F2EAB3820DDD802B04FDD81633E3 ] C:\Windows\System32\credui.dll
03:05:31.0507 0x14e8  C:\Windows\System32\credui.dll - ok
03:05:31.0523 0x14e8  [ 3958E82529DA716D1D2F0C44E6F14187, 4813DF3A12DFA72461CBDFB01DBC3FADAEFB9360245798F05A3416ADE4DAED34 ] C:\Windows\System32\pcadm.dll
03:05:31.0523 0x14e8  C:\Windows\System32\pcadm.dll - ok
03:05:31.0523 0x14e8  [ 84C023061D022E0356300B3F4113694F, 606D5035BDD208EBDBBBAB31606FE8F0C207CB676164E0C88A462059C1E44946 ] C:\Users\conchitta\AppData\Local\Temp\{F1A953C2-528A-4EFB-B2EA-8EA28C6A7100}\{6B30933A-B590-4577-B775-7D6B12733EA5}.exe
03:05:31.0523 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{F1A953C2-528A-4EFB-B2EA-8EA28C6A7100}\{6B30933A-B590-4577-B775-7D6B12733EA5}.exe - ok
03:05:31.0523 0x14e8  [ E027A6E99EF709AFD195FD6329224C47, B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C43E7373A3E6874 ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{8EAE5635-FA1E-49A1-BCF9-7CFE77EA01C5}.tmp
03:05:31.0523 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{8EAE5635-FA1E-49A1-BCF9-7CFE77EA01C5}.tmp - ok
03:05:31.0523 0x14e8  [ AB67816718E5C65CC326BE56AC0B9E73, D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE530574B16ADB2D5 ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{F987626F-C275-4699-B2A8-971BF77AFBD7}.tmp
03:05:31.0523 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{F987626F-C275-4699-B2A8-971BF77AFBD7}.tmp - ok
03:05:31.0539 0x14e8  [ 321FF1DF7F4CEF3FA690419110BEE55A, 41243293C9876D8B94F83B28C98F1797CD217140153DDEE631C2EEB8E102C6A0 ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{87D92BA7-1240-4B29-B465-B0A26012D91D}.tmp
03:05:31.0539 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{87D92BA7-1240-4B29-B465-B0A26012D91D}.tmp - ok
03:05:31.0539 0x14e8  [ DC6DB08D85337C9675F94B01043279AE, B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A10AEA9B9E52032B ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{45D4B2A4-0F66-4D98-8D1C-D0C44F9C6FA1}.tmp
03:05:31.0539 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{45D4B2A4-0F66-4D98-8D1C-D0C44F9C6FA1}.tmp - ok
03:05:31.0539 0x14e8  [ C74D46C1F542F5FEB9B7E1A8EC04986D, FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9AE1343DA47A63D ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{61E95473-400D-41BA-B207-7132E294BBEF}.tmp
03:05:31.0539 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{61E95473-400D-41BA-B207-7132E294BBEF}.tmp - ok
03:05:31.0539 0x14e8  [ 517ECD823EB9A03368294C6C33A695D0, 7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06C9E71BBA0CD40C ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{AB889D60-3AEB-4AD8-BF3D-F54C8F868866}.tmp
03:05:31.0539 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{AB889D60-3AEB-4AD8-BF3D-F54C8F868866}.tmp - ok
03:05:31.0554 0x14e8  [ 3428F170E1953B4C4EA10A5F58B55908, B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A7F6AC02E54B306 ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{3D8AC500-AD43-4F0B-B717-EC354B23670A}.tmp
03:05:31.0554 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{3D8AC500-AD43-4F0B-B717-EC354B23670A}.tmp - ok
03:05:31.0554 0x14e8  [ 96D681B7DE0BA6BFA1DC55915003CD05, 26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD271A757833285939 ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{E48FF905-E6C7-479E-AB56-5097367EDBD0}.tmp
03:05:31.0554 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{E48FF905-E6C7-479E-AB56-5097367EDBD0}.tmp - ok
03:05:31.0554 0x14e8  [ 85D8D497E3CFCD66607DAD332378DE8B, FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A9129881E148769C7F ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{9CEA54BD-2BEB-41D1-AA29-3B1D17676F2F}.tmp
03:05:31.0554 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{9CEA54BD-2BEB-41D1-AA29-3B1D17676F2F}.tmp - ok
03:05:31.0554 0x14e8  [ CD0DAF878147B723108C428370FF0355, A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413EAA4DC1FAB76303 ] C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{17AF4DB7-EA4E-4B2C-B9D9-5CD847D97D46}.tmp
03:05:31.0554 0x14e8  C:\Users\conchitta\AppData\Local\Temp\{079E510C-1C3A-4454-A588-E2CD7EBEC325}\{17AF4DB7-EA4E-4B2C-B9D9-5CD847D97D46}.tmp - ok
03:05:31.0554 0x14e8  ================ Scan generic autorun ======================
03:05:31.0632 0x14e8  [ AC698132EDEA96B022FCB48E180EA567, 06F3BFC5FCFF1577399EF3D9C53B00D481AEBA8BA36930AF11F9AFD334A1C70D ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
03:05:31.0648 0x14e8  AmIcoSinglun64 - ok
03:05:31.0757 0x14e8  [ 9C1BDB837A2DA4FFC60CB61CEEA3E334, 31007C53EC7E077A6B9518FAF4D2566376C6F23FCE614AE29F2DA78DBF6BF564 ] C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
03:05:31.0836 0x14e8  1.TPUReg - ok
03:05:31.0882 0x14e8  [ 18DBA177BD009B91D1884C9DB62BB039, 74777A7B69BB2886920B6F1A1039A90FCA8DC2DAA1D6F985ED7F49A35C2E0D42 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
03:05:31.0914 0x14e8  TSVU - ok
03:05:31.0914 0x14e8  Waiting for KSN requests completion. In queue: 164
03:05:32.0938 0x14e8  Waiting for KSN requests completion. In queue: 3
03:05:33.0954 0x14e8  Waiting for KSN requests completion. In queue: 3
03:05:34.0991 0x14e8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x61100 ( enabled : updated )
03:05:34.0991 0x14e8  Win FW state via NFP2: disabled ( trusted )
03:05:37.0403 0x14e8  ============================================================
03:05:37.0403 0x14e8  Scan finished
03:05:37.0403 0x14e8  ============================================================
03:05:37.0418 0x0dc8  Detected object count: 0
03:05:37.0418 0x0dc8  Actual detected object count: 0

M-K-D-B · 24.08.2016, 09:44

Servus,

gut gemacht.

Wir beginnen so:

Zukünftig bitte beachten:

Zitat:

Gestartet von C:\Users\conchitta\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

Conchitta · 26.08.2016, 01:43

Code:

ATTFilter

# AdwCleaner v6.010 - Bericht erstellt am 26/08/2016 um 01:13:27
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-08-25.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : conchitta - LAPTOP
# Gestartet von : C:\Users\conchitta\Downloads\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

[-] Dienst gelöscht: swdumon


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\conchitta\AppData\Local\FromDocToPDFTooltab
[-] Ordner gelöscht: C:\Users\conchitta\AppData\Local\DriverToolkit
[-] Ordner gelöscht: C:\Users\conchitta\AppData\Local\eSupport.com
[-] Ordner gelöscht: C:\Users\conchitta\AppData\Local\slimware utilities inc
[-] Ordner gelöscht: C:\Users\conchitta\AppData\Local\Downloaded Installers
[-] Ordner gelöscht: C:\Program Files (x86)\DriverToolkit
[-] Ordner gelöscht: C:\Program Files (x86)\eSupport.com
[-] Ordner gelöscht: C:\Program Files (x86)\Amazon\Amazon1ButtonApp


***** [ Dateien ] *****

[-] Datei gelöscht: C:\WINDOWS\SysNative\drivers\swdumon.sys
[#] Datei gelöscht: C:\WINDOWS\SysNative\drivers\SWDUMon.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: DRIVERTOOLKIT AUTORUN


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\DriverToolkit
[-] Schlüssel gelöscht: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\eSupport.com
[-] Schlüssel gelöscht: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\OCS
[-] Schlüssel gelöscht: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\SlimWare Utilities Inc
[-] Schlüssel gelöscht: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\FromDocToPDF
[-] Schlüssel gelöscht: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDFTooltab Uninstall Internet Explorer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\eSupport.com
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SlimWare Utilities Inc
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\FromDocToPDF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SlimWare Utilities Inc
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDFTooltab Uninstall Internet Explorer
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3203 Bytes] - [26/08/2016 01:13:27]
C:\AdwCleaner\AdwCleaner[S0].txt - [3143 Bytes] - [26/08/2016 01:11:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3349 Bytes] ##########

Hey & danke =D
Musste Smartscreen ausschalten, um die Anti-Malware runterzuladen. Soll es ausbleiben???

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 26.08.2016
Suchlaufzeit: 01:43
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.08.25.08
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: conchitta

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 281346
Abgelaufene Zeit: 13 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 8.1 x64 
Ran by conchitta (Administrator) on 26.08.2016 at  2:11:51,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.08.2016 at  2:16:01,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
durchgeführt von conchitta (Administrator) auf LAPTOP (26-08-2016 02:28:48)
Gestartet von C:\Users\conchitta\Desktop
Geladene Profile: conchitta (Verfügbare Profile: conchitta)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{43E58378-14D6-46FD-A79E-249BDB43ACB6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{487EEA56-C5C0-467D-9F44-2AB104B012E8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001 -> DefaultScope {230CC18E-06AA-43E1-9D14-820C97C8ACF6} URL = 

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-22] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()

Chrome: 
=======
CHR Profile: C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-23]
CHR Extension: (Google Drive) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-23]
CHR Extension: (YouTube) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-23]
CHR Extension: (Google Tabellen) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-22]
CHR Extension: (Google Docs Offline) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-23]
CHR Extension: (FromDocToPDF) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2016-08-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-22]
CHR Extension: (Google Mail) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-23]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [Datei ist nicht signiert]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-26] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-26 02:28 - 2016-08-26 02:29 - 00013525 _____ C:\Users\conchitta\Desktop\FRST.txt
2016-08-26 02:25 - 2016-08-26 02:25 - 02396160 _____ (Farbar) C:\Users\conchitta\Desktop\FRST64.exe
2016-08-26 02:25 - 2016-08-26 02:25 - 00000000 ____D C:\Users\conchitta\Desktop\FRST-OlderVersion
2016-08-26 02:16 - 2016-08-26 02:16 - 00000823 _____ C:\Users\conchitta\Desktop\JRT.txt
2016-08-26 02:11 - 2016-08-26 02:11 - 01610560 _____ (Malwarebytes) C:\Users\conchitta\Downloads\JRT.exe
2016-08-26 01:59 - 2016-08-26 01:59 - 00001190 _____ C:\Users\conchitta\Desktop\mbam.txt
2016-08-26 01:42 - 2016-08-26 01:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-26 01:42 - 2016-08-26 01:42 - 00001089 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-26 01:42 - 2016-08-26 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-26 01:42 - 2016-08-26 01:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-26 01:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-26 01:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-26 01:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-26 01:37 - 2016-08-26 01:40 - 22851472 _____ (Malwarebytes ) C:\Users\conchitta\Downloads\mbam-setup-2.2.1.1043 (2).exe
2016-08-26 01:32 - 2016-08-26 01:34 - 04725940 _____ (Malwarebytes ) C:\Users\conchitta\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-08-26 01:24 - 2016-08-26 01:27 - 09761476 _____ (Malwarebytes ) C:\Users\conchitta\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-26 01:06 - 2016-08-26 01:13 - 00000000 ____D C:\AdwCleaner
2016-08-26 01:03 - 2016-08-26 01:03 - 03826240 _____ C:\Users\conchitta\Downloads\AdwCleaner_6.010.exe
2016-08-25 00:32 - 2016-06-21 20:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-08-25 00:32 - 2016-06-21 16:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-08-24 03:04 - 2016-08-24 06:07 - 01010956 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_03.04.25_log.txt
2016-08-24 01:01 - 2016-08-24 01:25 - 00783264 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_01.01.59_log.txt
2016-08-24 00:57 - 2016-08-24 01:00 - 00220988 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_00.57.39_log.txt
2016-08-24 00:57 - 2016-08-24 00:57 - 04747704 _____ (AO Kaspersky Lab) C:\Users\conchitta\Downloads\tdsskiller.exe
2016-08-24 00:28 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2016-08-24 00:28 - 2014-03-20 05:48 - 21232792 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-24 00:28 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-08-24 00:28 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-08-24 00:28 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-24 00:28 - 2014-03-20 03:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2016-08-24 00:28 - 2014-03-20 03:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-24 00:28 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-08-24 00:28 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2016-08-24 00:28 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-08-24 00:28 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-08-24 00:28 - 2014-03-19 07:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2016-08-24 00:28 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-24 00:28 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-24 00:28 - 2014-03-19 06:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2016-08-24 00:28 - 2014-03-19 06:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2016-08-24 00:28 - 2014-03-15 06:44 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-08-24 00:28 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-24 00:28 - 2014-03-11 16:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-08-24 00:28 - 2014-03-11 16:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-24 00:28 - 2014-03-11 15:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-08-24 00:28 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-08-24 00:28 - 2014-03-11 14:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-08-24 00:28 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-08-24 00:28 - 2014-03-08 22:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-24 00:28 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-24 00:28 - 2014-03-08 22:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-08-24 00:28 - 2014-03-08 17:29 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-08-24 00:28 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-08-24 00:28 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-24 00:28 - 2014-03-08 09:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-24 00:28 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-24 00:28 - 2014-03-08 09:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-08-24 00:28 - 2014-03-08 08:50 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-08-24 00:28 - 2014-03-08 08:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-24 00:28 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-24 00:28 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-08-24 00:28 - 2014-03-08 08:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-08-24 00:28 - 2014-03-08 08:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-08-24 00:28 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-24 00:28 - 2014-03-06 16:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-08-24 00:28 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-08-24 00:28 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-08-24 00:28 - 2014-03-06 14:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-08-24 00:28 - 2014-03-06 14:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-24 00:28 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-08-24 00:28 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-24 00:28 - 2014-03-06 14:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-24 00:28 - 2014-03-06 14:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-24 00:28 - 2014-03-06 14:40 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-08-24 00:28 - 2014-03-06 14:40 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-08-24 00:28 - 2014-03-06 14:40 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-08-24 00:28 - 2014-03-06 13:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-08-24 00:28 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2016-08-24 00:28 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-08-24 00:28 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-08-24 00:28 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-08-24 00:28 - 2014-03-06 12:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-24 00:28 - 2014-03-06 12:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-08-24 00:28 - 2014-03-06 11:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-08-24 00:28 - 2014-03-06 11:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-24 00:28 - 2014-03-06 11:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-08-24 00:28 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2016-08-24 00:28 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-24 00:28 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-24 00:28 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-24 00:28 - 2014-03-06 09:22 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-24 00:28 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-24 00:28 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-08-24 00:28 - 2014-03-06 08:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-24 00:28 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-08-24 00:28 - 2014-03-06 08:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-08-24 00:28 - 2014-03-06 08:34 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-08-24 00:28 - 2014-03-06 08:33 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-24 00:28 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-08-24 00:28 - 2014-03-06 08:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-24 00:28 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-08-24 00:28 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-08-24 00:28 - 2014-03-06 08:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-24 00:28 - 2014-03-06 08:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-08-24 00:28 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-08-24 00:28 - 2014-03-06 08:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-08-24 00:28 - 2014-03-06 07:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-08-24 00:28 - 2014-03-06 07:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-08-24 00:28 - 2014-03-06 07:35 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-08-24 00:28 - 2014-03-06 07:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-08-24 00:28 - 2014-03-06 07:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-08-24 00:28 - 2014-03-06 07:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-24 00:28 - 2014-03-06 07:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-24 00:28 - 2014-03-06 07:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-24 00:28 - 2014-03-06 07:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-24 00:28 - 2014-03-04 14:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-08-24 00:28 - 2014-03-04 14:15 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-24 00:28 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-08-24 00:28 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-08-24 00:28 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-08-24 00:28 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2016-08-24 00:28 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-08-24 00:28 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2016-08-24 00:28 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-08-24 00:28 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-08-24 00:27 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2016-08-24 00:27 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2016-08-24 00:27 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2016-08-24 00:27 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2016-08-24 00:27 - 2014-03-15 06:56 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-24 00:27 - 2014-03-12 15:45 - 00387210 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-08-24 00:27 - 2014-03-11 17:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-24 00:27 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-24 00:27 - 2014-03-11 17:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-08-24 00:27 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-24 00:27 - 2014-03-11 16:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-08-24 00:27 - 2014-03-11 16:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-08-24 00:27 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-24 00:27 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2016-08-24 00:27 - 2014-03-08 22:35 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-08-24 00:27 - 2014-03-08 11:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2016-08-24 00:27 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2016-08-24 00:27 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2016-08-24 00:27 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2016-08-24 00:27 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2016-08-24 00:27 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2016-08-24 00:27 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-08-24 00:27 - 2014-03-08 09:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-08-24 00:27 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2016-08-24 00:27 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-08-24 00:27 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-08-24 00:27 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-08-24 00:27 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-08-24 00:27 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-08-24 00:27 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-08-24 00:27 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-08-24 00:27 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-08-24 00:27 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-08-24 00:27 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-24 00:27 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2016-08-24 00:27 - 2014-03-06 14:40 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-08-24 00:27 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-24 00:27 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2016-08-24 00:27 - 2014-03-06 12:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-08-24 00:27 - 2014-03-06 12:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-08-24 00:27 - 2014-03-06 11:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-24 00:27 - 2014-03-06 11:24 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-24 00:27 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-08-24 00:27 - 2014-03-06 11:24 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-24 00:27 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-08-24 00:27 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-08-24 00:27 - 2014-03-06 11:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-08-24 00:27 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-08-24 00:27 - 2014-03-06 11:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2016-08-24 00:27 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2016-08-24 00:27 - 2014-03-06 11:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2016-08-24 00:27 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2016-08-24 00:27 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2016-08-24 00:27 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2016-08-24 00:27 - 2014-03-06 10:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2016-08-24 00:27 - 2014-03-06 10:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-24 00:27 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2016-08-24 00:27 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2016-08-24 00:27 - 2014-03-06 09:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2016-08-24 00:27 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2016-08-24 00:27 - 2014-03-06 09:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2016-08-24 00:27 - 2014-03-06 09:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2016-08-24 00:27 - 2014-03-06 08:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-24 00:27 - 2014-03-06 08:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-24 00:27 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-08-24 00:27 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2016-08-24 00:27 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2016-08-24 00:27 - 2014-03-06 08:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-24 00:27 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-08-24 00:27 - 2014-03-06 08:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2016-08-24 00:27 - 2014-03-06 08:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-24 00:27 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-08-24 00:27 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2016-08-24 00:27 - 2014-03-06 08:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-08-24 00:27 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-08-24 00:27 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-08-24 00:27 - 2014-03-06 07:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-08-24 00:27 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-08-24 00:27 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-08-24 00:27 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-08-24 00:27 - 2014-03-04 14:15 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-24 00:27 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-08-24 00:27 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-08-24 00:27 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-08-24 00:27 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-08-24 00:27 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-08-24 00:27 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-08-24 00:27 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-08-24 00:27 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-08-24 00:27 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2016-08-24 00:27 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2016-08-24 00:27 - 2014-02-07 00:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-24 00:27 - 2014-02-06 23:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-24 00:27 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-08-24 00:27 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-08-24 00:25 - 2014-03-02 12:20 - 23549952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-24 00:25 - 2014-03-02 11:33 - 17387008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-24 00:25 - 2014-02-26 08:29 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-08-24 00:20 - 2014-02-08 03:08 - 00139600 _____ C:\WINDOWS\system32\systemsf.ebd
2016-08-23 23:52 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-08-23 23:52 - 2014-02-22 13:00 - 05784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-23 23:52 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-08-23 23:52 - 2014-02-22 11:39 - 13551104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-23 23:51 - 2014-02-22 18:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-23 23:51 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-23 23:51 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-08-23 23:51 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-08-23 23:51 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-23 23:51 - 2014-02-22 17:50 - 02588168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-08-23 23:51 - 2014-02-22 17:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-08-23 23:51 - 2014-02-22 17:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-08-23 23:51 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-08-23 23:51 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2016-08-23 23:51 - 2014-02-22 17:44 - 00539992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-08-23 23:51 - 2014-02-22 17:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-23 23:51 - 2014-02-22 17:41 - 02142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-08-23 23:51 - 2014-02-22 17:41 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-23 23:51 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-23 23:51 - 2014-02-22 17:41 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-08-23 23:51 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-23 23:51 - 2014-02-22 17:41 - 00609456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-23 23:51 - 2014-02-22 17:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-08-23 23:51 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-08-23 23:51 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-08-23 23:51 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-08-23 23:51 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2016-08-23 23:51 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-08-23 23:51 - 2014-02-22 16:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-23 23:51 - 2014-02-22 16:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-08-23 23:51 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-23 23:51 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-23 23:51 - 2014-02-22 16:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-23 23:51 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-08-23 23:51 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2016-08-23 23:51 - 2014-02-22 14:15 - 04192768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-23 23:51 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2016-08-23 23:51 - 2014-02-22 13:44 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-23 23:51 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-08-23 23:51 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2016-08-23 23:51 - 2014-02-22 12:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-23 23:51 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2016-08-23 23:51 - 2014-02-22 12:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-23 23:51 - 2014-02-22 12:06 - 02943488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-08-23 23:51 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-08-23 23:51 - 2014-02-22 12:01 - 02648064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-08-23 23:51 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-23 23:51 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-08-23 23:51 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2016-08-23 23:51 - 2014-02-22 11:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-08-23 23:51 - 2014-02-22 11:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-08-23 23:51 - 2014-02-22 11:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2016-08-23 23:51 - 2014-02-22 11:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-23 23:51 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-08-23 23:51 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-08-23 23:51 - 2014-02-22 11:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-08-23 23:51 - 2014-02-22 11:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-08-23 23:51 - 2014-02-22 11:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-08-23 23:51 - 2014-02-22 11:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2016-08-23 23:51 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-23 23:51 - 2014-02-22 11:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-08-23 23:51 - 2014-02-22 11:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-08-23 23:51 - 2014-02-22 11:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-08-23 23:51 - 2014-02-22 11:11 - 02262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-23 23:51 - 2014-02-22 11:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-08-23 23:51 - 2014-02-22 11:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-23 23:51 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-08-23 23:51 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-08-23 23:51 - 2014-02-22 10:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2016-08-23 23:51 - 2014-02-22 10:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-08-23 23:51 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-08-23 23:51 - 2014-02-22 10:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-23 23:51 - 2014-02-22 10:53 - 12027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-23 23:51 - 2014-02-22 10:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-23 23:51 - 2014-02-22 10:49 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-23 23:51 - 2014-02-22 10:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-08-23 23:51 - 2014-02-22 10:42 - 03408384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-23 23:51 - 2014-02-22 10:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-08-23 23:51 - 2014-02-22 10:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-23 23:51 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-08-23 23:51 - 2014-02-22 10:34 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-08-23 23:51 - 2014-02-22 10:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-23 23:51 - 2014-02-22 10:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-23 23:51 - 2014-02-22 10:24 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2016-08-23 23:51 - 2014-02-22 10:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-23 23:51 - 2014-02-22 10:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-08-23 23:51 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-08-23 23:51 - 2014-01-29 10:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-08-23 23:51 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-08-23 23:51 - 2014-01-27 17:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-08-23 23:51 - 2013-10-08 07:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-08-23 23:51 - 2013-10-05 11:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-08-23 23:51 - 2013-10-05 10:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-08-23 23:51 - 2013-10-05 10:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-08-23 23:51 - 2013-10-05 10:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-08-23 23:51 - 2013-10-05 09:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-08-23 23:51 - 2013-09-17 11:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-08-23 23:51 - 2013-09-17 08:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-08-23 23:51 - 2013-09-14 16:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-08-23 23:51 - 2013-09-14 14:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-08-23 23:50 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-08-23 23:50 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-08-23 23:50 - 2014-02-22 18:00 - 00590168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-08-23 23:50 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2016-08-23 23:50 - 2014-02-22 17:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-23 23:50 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-23 23:50 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-08-23 23:50 - 2014-02-22 17:50 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-08-23 23:50 - 2014-02-22 17:50 - 00258784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-08-23 23:50 - 2014-02-22 17:49 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-08-23 23:50 - 2014-02-22 17:49 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-23 23:50 - 2014-02-22 17:49 - 00280920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-23 23:50 - 2014-02-22 17:49 - 00148824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-08-23 23:50 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-08-23 23:50 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-08-23 23:50 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-08-23 23:50 - 2014-02-22 17:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-08-23 23:50 - 2014-02-22 17:44 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2016-08-23 23:50 - 2014-02-22 17:44 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-08-23 23:50 - 2014-02-22 17:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-23 23:50 - 2014-02-22 17:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-23 23:50 - 2014-02-22 17:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-23 23:50 - 2014-02-22 17:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-23 23:50 - 2014-02-22 17:41 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-08-23 23:50 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2016-08-23 23:50 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-08-23 23:50 - 2014-02-22 17:41 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-08-23 23:50 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-08-23 23:50 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-23 23:50 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-08-23 23:50 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-08-23 23:50 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-08-23 23:50 - 2014-02-22 16:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-08-23 23:50 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-08-23 23:50 - 2014-02-22 16:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-23 23:50 - 2014-02-22 16:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-08-23 23:50 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-08-23 23:50 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2016-08-23 23:50 - 2014-02-22 14:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2016-08-23 23:50 - 2014-02-22 14:11 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-08-23 23:50 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-08-23 23:50 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2016-08-23 23:50 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2016-08-23 23:50 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-23 23:50 - 2014-02-22 13:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-23 23:50 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2016-08-23 23:50 - 2014-02-22 13:17 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-08-23 23:50 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2016-08-23 23:50 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-23 23:50 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-08-23 23:50 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-08-23 23:50 - 2014-02-22 12:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-23 23:50 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-08-23 23:50 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2016-08-23 23:50 - 2014-02-22 12:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-08-23 23:50 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-08-23 23:50 - 2014-02-22 12:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2016-08-23 23:50 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-08-23 23:50 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-08-23 23:50 - 2014-02-22 12:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-08-23 23:50 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-23 23:50 - 2014-02-22 12:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-08-23 23:50 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2016-08-23 23:50 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-08-23 23:50 - 2014-02-22 12:09 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-23 23:50 - 2014-02-22 12:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-23 23:50 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-08-23 23:50 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-08-23 23:50 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2016-08-23 23:50 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-08-23 23:50 - 2014-02-22 12:00 - 02043904 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-23 23:50 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-08-23 23:50 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-08-23 23:50 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2016-08-23 23:50 - 2014-02-22 11:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-23 23:50 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-08-23 23:50 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-08-23 23:50 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-08-23 23:50 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2016-08-23 23:50 - 2014-02-22 11:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2016-08-23 23:50 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2016-08-23 23:50 - 2014-02-22 11:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2016-08-23 23:50 - 2014-02-22 11:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-08-23 23:50 - 2014-02-22 11:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-08-23 23:50 - 2014-02-22 11:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2016-08-23 23:50 - 2014-02-22 11:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-23 23:50 - 2014-02-22 11:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2016-08-23 23:50 - 2014-02-22 11:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-08-23 23:50 - 2014-02-22 11:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-23 23:50 - 2014-02-22 11:25 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2016-08-23 23:50 - 2014-02-22 11:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-23 23:50 - 2014-02-22 11:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-08-23 23:50 - 2014-02-22 11:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-23 23:50 - 2014-02-22 11:21 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-23 23:50 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-08-23 23:50 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2016-08-23 23:50 - 2014-02-22 11:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-08-23 23:50 - 2014-02-22 11:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-08-23 23:50 - 2014-02-22 11:07 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2016-08-23 23:50 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-08-23 23:50 - 2014-02-22 11:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-08-23 23:50 - 2014-02-22 11:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2016-08-23 23:50 - 2014-02-22 11:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-23 23:50 - 2014-02-22 10:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-08-23 23:50 - 2014-02-22 10:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2016-08-23 23:50 - 2014-02-22 10:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2016-08-23 23:50 - 2014-02-22 10:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2016-08-23 23:50 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2016-08-23 23:50 - 2014-02-22 10:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-08-23 23:50 - 2014-02-22 10:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-08-23 23:50 - 2014-02-22 10:50 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-08-23 23:50 - 2014-02-22 10:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2016-08-23 23:50 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-23 23:50 - 2014-02-22 10:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2016-08-23 23:50 - 2014-02-22 10:46 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-23 23:50 - 2014-02-22 10:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-08-23 23:50 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-08-23 23:50 - 2014-02-22 10:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-08-23 23:50 - 2014-02-22 10:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2016-08-23 23:50 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-08-23 23:50 - 2014-02-22 10:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-23 23:50 - 2014-02-22 10:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-08-23 23:50 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-08-23 23:50 - 2014-02-22 10:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2016-08-23 23:50 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-08-23 23:50 - 2014-02-22 10:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2016-08-23 23:50 - 2014-02-22 10:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-23 23:50 - 2014-02-22 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-08-23 23:50 - 2014-02-22 10:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-08-23 23:50 - 2014-02-22 10:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2016-08-23 23:50 - 2014-02-22 10:21 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-08-23 23:50 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-23 23:50 - 2014-02-22 10:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-08-23 23:50 - 2014-02-22 10:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-08-23 23:50 - 2014-02-22 10:04 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-08-23 23:50 - 2014-02-22 10:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-08-23 23:50 - 2014-02-22 10:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-23 23:50 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-23 23:50 - 2014-02-22 06:33 - 00262335 _____ C:\WINDOWS\system32\dfpinc.dat
2016-08-23 23:50 - 2014-02-02 16:48 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-08-23 23:50 - 2014-02-02 15:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-08-23 23:50 - 2014-01-31 11:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-08-23 23:50 - 2014-01-29 10:52 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-08-23 23:50 - 2014-01-27 19:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-08-23 23:50 - 2014-01-27 19:04 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-08-23 23:50 - 2014-01-17 19:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2016-08-23 23:50 - 2013-12-10 09:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-08-23 23:50 - 2013-12-04 17:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-08-23 23:50 - 2013-10-08 06:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-08-23 23:50 - 2013-10-08 06:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-08-23 23:50 - 2013-10-05 16:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-08-23 23:50 - 2013-10-05 14:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-08-23 23:50 - 2013-10-05 13:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

Conchitta · 26.08.2016, 02:04

Code:

ATTFilter

2016-08-23 23:50 - 2013-10-05 10:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2016-08-23 23:50 - 2013-10-05 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-08-23 23:50 - 2013-09-14 16:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-23 23:50 - 2013-09-14 14:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-23 23:50 - 2013-09-12 09:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-08-23 23:50 - 2013-09-12 09:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-08-23 23:49 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2016-08-23 23:49 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2016-08-23 23:49 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2016-08-23 23:49 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-08-23 23:49 - 2014-02-22 18:59 - 00123448 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-08-23 23:49 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-08-23 23:49 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2016-08-23 23:49 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-23 23:49 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-08-23 23:49 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2016-08-23 23:49 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2016-08-23 23:49 - 2014-02-22 18:00 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-08-23 23:49 - 2014-02-22 18:00 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-08-23 23:49 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2016-08-23 23:49 - 2014-02-22 17:59 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2016-08-23 23:49 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-08-23 23:49 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-08-23 23:49 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2016-08-23 23:49 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2016-08-23 23:49 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-23 23:49 - 2014-02-22 17:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2016-08-23 23:49 - 2014-02-22 17:49 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-08-23 23:49 - 2014-02-22 17:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2016-08-23 23:49 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2016-08-23 23:49 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2016-08-23 23:49 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2016-08-23 23:49 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-08-23 23:49 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2016-08-23 23:49 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2016-08-23 23:49 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-08-23 23:49 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-08-23 23:49 - 2014-02-22 16:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-08-23 23:49 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-08-23 23:49 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2016-08-23 23:49 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2016-08-23 23:49 - 2014-02-22 16:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-08-23 23:49 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-08-23 23:49 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2016-08-23 23:49 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2016-08-23 23:49 - 2014-02-22 14:14 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2016-08-23 23:49 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2016-08-23 23:49 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-08-23 23:49 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-23 23:49 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2016-08-23 23:49 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2016-08-23 23:49 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2016-08-23 23:49 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-08-23 23:49 - 2014-02-22 13:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-08-23 23:49 - 2014-02-22 13:25 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2016-08-23 23:49 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-08-23 23:49 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-08-23 23:49 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2016-08-23 23:49 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2016-08-23 23:49 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-23 23:49 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2016-08-23 23:49 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2016-08-23 23:49 - 2014-02-22 13:00 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2016-08-23 23:49 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2016-08-23 23:49 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2016-08-23 23:49 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2016-08-23 23:49 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-08-23 23:49 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2016-08-23 23:49 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2016-08-23 23:49 - 2014-02-22 12:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-08-23 23:49 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-08-23 23:49 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-08-23 23:49 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-08-23 23:49 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-08-23 23:49 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-08-23 23:49 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-08-23 23:49 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-08-23 23:49 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2016-08-23 23:49 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2016-08-23 23:49 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-08-23 23:49 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-08-23 23:49 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-08-23 23:49 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2016-08-23 23:49 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-08-23 23:49 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-08-23 23:49 - 2014-02-22 11:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-08-23 23:49 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2016-08-23 23:49 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-08-23 23:49 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-23 23:49 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-08-23 23:49 - 2014-02-22 11:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-23 23:49 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-08-23 23:49 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-08-23 23:49 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-08-23 23:49 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2016-08-23 23:49 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-23 23:49 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-08-23 23:49 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-08-23 23:49 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-08-23 23:49 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2016-08-23 23:49 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2016-08-23 23:49 - 2014-02-22 11:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-08-23 23:49 - 2014-02-22 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-08-23 23:49 - 2014-02-22 10:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-08-23 23:49 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-08-23 23:49 - 2014-02-22 10:52 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-08-23 23:49 - 2014-02-22 10:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2016-08-23 23:49 - 2014-02-22 10:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-08-23 23:49 - 2014-02-22 10:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2016-08-23 23:49 - 2014-02-22 10:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2016-08-23 23:49 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-08-23 23:49 - 2014-02-22 10:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-08-23 23:49 - 2014-02-22 10:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-08-23 23:49 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2016-08-23 23:49 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2016-08-23 23:49 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2016-08-23 23:49 - 2014-02-22 10:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-08-23 23:49 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2016-08-23 23:49 - 2014-02-22 10:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-08-23 23:49 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2016-08-23 23:49 - 2014-02-22 10:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2016-08-23 23:49 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2016-08-23 23:49 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-08-23 23:49 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-08-23 23:49 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-08-23 23:49 - 2014-01-31 11:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-08-23 23:49 - 2014-01-31 11:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-08-23 23:49 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-08-23 23:49 - 2014-01-31 10:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2016-08-23 23:49 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-08-23 23:49 - 2014-01-27 21:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2016-08-23 23:49 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2016-08-23 23:49 - 2014-01-08 03:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-08-23 23:49 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-08-23 23:49 - 2013-12-04 20:41 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-08-23 23:49 - 2013-12-04 17:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-08-23 23:49 - 2013-12-04 15:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-08-23 23:49 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-08-23 23:49 - 2013-11-08 06:04 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-08-23 23:49 - 2013-10-23 13:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-23 23:49 - 2013-10-23 13:21 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2016-08-23 23:49 - 2013-10-23 13:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2016-08-23 23:49 - 2013-10-08 07:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2016-08-23 23:49 - 2013-10-05 11:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2016-08-23 23:49 - 2013-10-05 10:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2016-08-23 23:49 - 2013-09-12 10:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-08-23 23:49 - 2013-09-10 06:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2016-08-23 23:48 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2016-08-23 23:48 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2016-08-23 23:48 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-23 23:48 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-08-23 23:48 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-08-23 23:48 - 2014-02-22 17:53 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-23 23:48 - 2014-02-22 17:50 - 00054816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2016-08-23 23:48 - 2014-02-22 17:49 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-08-23 23:48 - 2014-02-22 17:49 - 00189784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2016-08-23 23:48 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2016-08-23 23:48 - 2014-02-22 17:41 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-23 23:48 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2016-08-23 23:48 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2016-08-23 23:48 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-08-23 23:48 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2016-08-23 23:48 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2016-08-23 23:48 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2016-08-23 23:48 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2016-08-23 23:48 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2016-08-23 23:48 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2016-08-23 23:48 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2016-08-23 23:48 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-08-23 23:48 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2016-08-23 23:48 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2016-08-23 23:48 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2016-08-23 23:48 - 2014-02-22 13:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2016-08-23 23:48 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2016-08-23 23:48 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2016-08-23 23:48 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2016-08-23 23:48 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2016-08-23 23:48 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2016-08-23 23:48 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2016-08-23 23:48 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2016-08-23 23:48 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2016-08-23 23:48 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-08-23 23:48 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2016-08-23 23:48 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2016-08-23 23:48 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2016-08-23 23:48 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-08-23 23:48 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2016-08-23 23:48 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2016-08-23 23:48 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2016-08-23 23:48 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2016-08-23 23:48 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2016-08-23 23:48 - 2014-02-22 13:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2016-08-23 23:48 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2016-08-23 23:48 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-08-23 23:48 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2016-08-23 23:48 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2016-08-23 23:48 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2016-08-23 23:48 - 2014-02-22 12:56 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-08-23 23:48 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2016-08-23 23:48 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-08-23 23:48 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-08-23 23:48 - 2014-02-22 12:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2016-08-23 23:48 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2016-08-23 23:48 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2016-08-23 23:48 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2016-08-23 23:48 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-08-23 23:48 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2016-08-23 23:48 - 2014-02-22 12:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-23 23:48 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2016-08-23 23:48 - 2014-02-22 12:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2016-08-23 23:48 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2016-08-23 23:48 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-08-23 23:48 - 2014-02-22 12:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2016-08-23 23:48 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2016-08-23 23:48 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2016-08-23 23:48 - 2014-02-22 12:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-08-23 23:48 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-08-23 23:48 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2016-08-23 23:48 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-23 23:48 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2016-08-23 23:48 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-23 23:48 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-23 23:48 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2016-08-23 23:48 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2016-08-23 23:48 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-08-23 23:48 - 2014-02-22 11:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-08-23 23:48 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2016-08-23 23:48 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2016-08-23 23:48 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-08-23 23:48 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-08-23 23:48 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-08-23 23:48 - 2014-02-22 11:29 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-08-23 23:48 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-23 23:48 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2016-08-23 23:48 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-08-23 23:48 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2016-08-23 23:48 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2016-08-23 23:48 - 2014-02-22 11:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-08-23 23:48 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2016-08-23 23:48 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-08-23 23:48 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-08-23 23:48 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-08-23 23:48 - 2014-02-22 11:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2016-08-23 23:48 - 2014-02-22 11:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-08-23 23:48 - 2014-02-22 10:59 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-08-23 23:48 - 2014-02-22 10:55 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-08-23 23:48 - 2014-02-22 10:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2016-08-23 23:48 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2016-08-23 23:48 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-08-23 23:48 - 2014-02-22 10:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-08-23 23:48 - 2014-02-22 10:49 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-08-23 23:48 - 2014-02-22 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-08-23 23:48 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2016-08-23 23:48 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2016-08-23 23:48 - 2014-02-22 10:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-08-23 23:48 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2016-08-23 23:48 - 2014-02-22 10:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2016-08-23 23:48 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-08-23 23:48 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2016-08-23 23:48 - 2014-02-22 10:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-08-23 23:48 - 2014-02-22 10:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2016-08-23 23:48 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-08-23 23:48 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2016-08-23 23:48 - 2014-02-22 10:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-23 23:48 - 2014-02-22 10:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-08-23 23:48 - 2014-02-22 10:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-08-23 23:48 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-08-23 23:48 - 2014-02-22 10:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-08-23 23:48 - 2014-01-31 14:09 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-23 23:48 - 2014-01-31 14:08 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-23 23:48 - 2014-01-31 13:59 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2016-08-23 23:48 - 2014-01-31 13:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2016-08-23 23:48 - 2014-01-31 11:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-08-23 23:48 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-08-23 23:48 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2016-08-23 23:48 - 2014-01-29 10:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-08-23 23:48 - 2014-01-29 02:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-08-23 23:48 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-08-23 23:48 - 2014-01-27 21:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-23 23:48 - 2014-01-22 08:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-08-23 23:48 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-08-23 23:48 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-08-23 23:48 - 2013-11-27 11:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2016-08-23 23:48 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2016-08-23 23:48 - 2013-10-05 17:25 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-23 23:48 - 2013-10-05 10:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2016-08-23 23:48 - 2013-09-12 09:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-08-23 23:48 - 2013-09-12 09:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-08-23 23:47 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2016-08-23 23:47 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2016-08-23 23:47 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-08-23 23:47 - 2014-02-22 14:00 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-08-23 23:47 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-08-23 23:47 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2016-08-23 23:47 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2016-08-23 23:47 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2016-08-23 23:47 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-08-23 23:47 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2016-08-23 23:47 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-08-23 23:47 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-08-23 23:47 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2016-08-23 23:47 - 2014-02-22 13:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-08-23 23:47 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-08-23 23:47 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2016-08-23 23:47 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2016-08-23 23:47 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2016-08-23 23:47 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2016-08-23 23:47 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2016-08-23 23:47 - 2014-02-22 13:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-08-23 23:47 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-08-23 23:47 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2016-08-23 23:47 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2016-08-23 23:47 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2016-08-23 23:47 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-08-23 23:47 - 2014-02-22 12:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2016-08-23 23:47 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-08-23 23:47 - 2014-02-22 12:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-08-23 23:47 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-08-23 23:47 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2016-08-23 23:47 - 2014-02-22 12:29 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2016-08-23 23:47 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2016-08-23 23:47 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-08-23 23:47 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-08-23 23:47 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-08-23 23:47 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-08-23 23:47 - 2014-02-22 11:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-08-23 23:47 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-23 23:47 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-08-23 23:47 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-08-23 23:47 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2016-08-23 23:47 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-08-23 23:47 - 2014-02-22 11:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-23 23:47 - 2014-02-22 11:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2016-08-23 23:47 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-23 23:47 - 2014-02-22 11:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-23 23:47 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-08-23 23:47 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2016-08-23 23:47 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2016-08-23 23:47 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-23 23:47 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-08-23 23:47 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-08-23 23:47 - 2014-02-22 10:57 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-08-23 23:47 - 2014-02-22 10:55 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:47 - 2014-02-22 10:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2016-08-23 23:47 - 2014-02-22 10:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2016-08-23 23:47 - 2014-02-22 10:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2016-08-23 23:47 - 2014-02-22 10:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-08-23 23:47 - 2014-02-22 10:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-08-23 23:47 - 2014-02-22 10:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:47 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-08-23 23:47 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2016-08-23 23:47 - 2014-02-22 10:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-08-23 23:47 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-08-23 23:47 - 2014-02-22 10:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-08-23 23:47 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-08-23 23:47 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-23 23:47 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-08-23 23:47 - 2014-02-01 08:00 - 00002255 _____ C:\WINDOWS\SysWOW64\WimBootCompress.ini
2016-08-23 23:47 - 2014-02-01 08:00 - 00002255 _____ C:\WINDOWS\system32\WimBootCompress.ini
2016-08-23 23:47 - 2013-11-08 05:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-08-23 23:47 - 2013-10-19 07:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2016-08-23 23:47 - 2013-09-13 09:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2016-08-23 23:47 - 2013-09-12 10:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-08-23 23:47 - 2013-09-12 10:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-08-23 23:47 - 2013-09-12 09:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-08-23 23:46 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2016-08-23 23:46 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2016-08-23 23:46 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2016-08-23 23:46 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2016-08-23 23:46 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2016-08-23 23:46 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2016-08-23 23:46 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-23 23:46 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-23 23:46 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2016-08-23 23:46 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2016-08-23 23:46 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2016-08-23 23:46 - 2014-02-22 13:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2016-08-23 23:46 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2016-08-23 23:46 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2016-08-23 23:46 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2016-08-23 23:46 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2016-08-23 23:46 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2016-08-23 23:46 - 2014-02-22 13:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2016-08-23 23:46 - 2014-02-22 13:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-08-23 23:46 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2016-08-23 23:46 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2016-08-23 23:46 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2016-08-23 23:46 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-23 23:46 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-08-23 23:46 - 2014-02-22 12:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-08-23 23:46 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2016-08-23 23:46 - 2014-02-22 12:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2016-08-23 23:46 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-08-23 23:46 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-08-23 23:46 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-08-23 23:46 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2016-08-23 23:46 - 2014-02-22 11:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-08-23 23:46 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-08-23 23:46 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-08-23 23:46 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-08-23 23:46 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2016-08-23 23:46 - 2014-02-22 10:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2016-08-23 23:46 - 2014-02-22 10:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2016-08-23 23:46 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2016-08-23 23:46 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2016-08-23 23:46 - 2014-02-22 10:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-23 23:46 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-23 23:46 - 2014-02-22 06:37 - 00000369 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-08-23 23:46 - 2014-02-22 06:37 - 00000369 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-08-23 23:46 - 2014-02-22 06:37 - 00000369 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-08-23 23:46 - 2014-02-22 06:37 - 00000369 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-08-23 23:46 - 2014-02-08 03:08 - 00100197 _____ C:\WINDOWS\SysWOW64\RacRules.xml
2016-08-23 23:46 - 2014-02-08 03:08 - 00100197 _____ C:\WINDOWS\system32\RacRules.xml
2016-08-23 23:46 - 2014-02-01 08:00 - 00011109 _____ C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2016-08-23 23:46 - 2014-02-01 08:00 - 00011109 _____ C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2016-08-23 23:46 - 2014-02-01 08:00 - 00007762 _____ C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2016-08-23 23:46 - 2014-02-01 08:00 - 00007762 _____ C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2016-08-23 23:46 - 2014-02-01 08:00 - 00007130 _____ C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2016-08-23 23:46 - 2014-02-01 08:00 - 00007130 _____ C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2016-08-23 23:46 - 2013-11-27 11:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2016-08-23 23:46 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2016-08-23 23:46 - 2013-10-22 05:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2016-08-23 23:46 - 2013-09-14 12:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2016-08-23 23:46 - 2013-09-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2016-08-23 23:45 - 2014-02-22 06:43 - 00002440 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2016-08-23 23:45 - 2014-01-27 13:45 - 00050053 _____ C:\WINDOWS\system32\srms.dat
2016-08-23 22:33 - 2016-08-23 22:33 - 00023286 _____ C:\Users\conchitta\Downloads\Addition.txt
2016-08-23 22:32 - 2016-08-26 02:28 - 00000000 ____D C:\FRST
2016-08-23 22:32 - 2016-08-23 22:33 - 00069732 _____ C:\Users\conchitta\Downloads\FRST.txt
2016-08-23 22:27 - 2016-08-23 22:29 - 00628392 _____ C:\Users\conchitta\Downloads\FRST64.exe
2016-08-23 06:43 - 2016-08-23 06:43 - 00000000 ____D C:\Program Files\Synaptics
2016-08-23 06:25 - 2016-08-23 06:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-08-23 06:11 - 2016-08-23 06:11 - 00000000 ____D C:\Users\conchitta\Downloads\RevoUninstaller_Portable_2.0 (1)
2016-08-23 06:08 - 2016-08-23 06:09 - 09256439 _____ C:\Users\conchitta\Downloads\RevoUninstaller_Portable_2.0 (1).zip
2016-08-23 06:07 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-08-23 06:07 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-08-23 06:07 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-08-23 06:07 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-08-23 06:07 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2016-08-23 06:07 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-08-23 06:07 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-08-23 06:07 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-08-23 06:07 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-08-23 06:07 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-08-23 06:07 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-08-23 06:07 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2016-08-23 06:07 - 2013-11-23 09:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2016-08-23 06:07 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-08-23 06:07 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2016-08-23 06:07 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-08-23 06:07 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-08-23 06:07 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-08-23 06:07 - 2013-09-14 11:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-08-23 06:04 - 2013-11-11 04:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2016-08-23 06:04 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-23 06:04 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2016-08-23 06:00 - 2014-01-04 17:54 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2016-08-23 06:00 - 2014-01-04 17:08 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2016-08-23 06:00 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2016-08-23 06:00 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2016-08-23 06:00 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-08-23 06:00 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2016-08-23 06:00 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2016-08-23 06:00 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-08-23 06:00 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-08-23 06:00 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2016-08-23 06:00 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-23 05:38 - 2016-08-23 05:38 - 00000000 _____ C:\Recovery.txt
2016-08-23 05:09 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-08-23 05:09 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-08-23 05:08 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2016-08-23 05:08 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2016-08-23 05:06 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2016-08-23 05:06 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2016-08-23 05:01 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2016-08-23 05:01 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2016-08-23 05:01 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-23 05:01 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-23 05:01 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-08-23 05:01 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2016-08-23 05:01 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-08-23 05:01 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-08-23 05:01 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-08-23 05:01 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-08-23 05:01 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-23 05:01 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2016-08-23 05:01 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2016-08-23 05:01 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-08-23 05:01 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-08-23 05:00 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-08-23 05:00 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-08-23 05:00 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-08-23 05:00 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-08-23 05:00 - 2013-11-23 06:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-08-23 05:00 - 2013-11-23 06:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-08-23 04:59 - 2016-08-23 04:59 - 00000000 ____D C:\ProgramData\Synaptics
2016-08-23 04:58 - 2013-09-25 07:40 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2016-08-23 04:58 - 2013-09-24 07:54 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-08-23 04:58 - 2013-09-24 07:10 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-08-23 04:58 - 2013-09-24 05:56 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2016-08-23 04:58 - 2013-09-21 12:56 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-08-23 04:58 - 2013-09-21 12:53 - 00934856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-23 04:58 - 2013-09-21 12:53 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-08-23 04:58 - 2013-09-21 12:45 - 00171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-08-23 04:58 - 2013-09-21 11:09 - 00796928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-23 04:58 - 2013-09-21 09:57 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-23 04:58 - 2013-09-21 09:55 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-08-23 04:58 - 2013-09-21 09:50 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2016-08-23 04:58 - 2013-09-21 08:55 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2016-08-23 04:58 - 2013-09-21 07:57 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\livessp.dll
2016-08-23 04:58 - 2013-09-21 07:43 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-08-23 04:58 - 2013-09-21 07:26 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-08-23 04:58 - 2013-09-19 08:17 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2016-08-23 04:58 - 2013-09-19 07:29 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2016-08-23 04:58 - 2013-09-19 06:25 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-08-23 04:58 - 2013-09-14 16:06 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys
2016-08-23 04:58 - 2013-09-14 16:06 - 00066904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PSHED.DLL
2016-08-23 04:58 - 2013-09-13 11:52 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2016-08-23 04:58 - 2013-09-13 10:54 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-08-23 04:58 - 2013-09-12 09:37 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2016-08-23 04:58 - 2013-09-11 09:41 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-08-23 04:58 - 2013-09-11 09:09 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-08-23 04:58 - 2013-09-07 14:44 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdprint.dll
2016-08-23 04:58 - 2013-09-07 14:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-08-23 04:58 - 2013-09-07 13:45 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-08-23 04:58 - 2013-09-07 13:07 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2016-08-23 04:58 - 2013-09-05 08:42 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2016-08-23 04:58 - 2013-09-04 09:01 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2016-08-23 04:58 - 2013-09-04 07:47 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2016-08-23 04:58 - 2013-09-04 07:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-08-23 04:58 - 2013-09-04 06:57 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-23 04:58 - 2013-08-31 16:18 - 00205024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-08-23 04:58 - 2013-08-31 14:15 - 00180232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-08-23 04:58 - 2013-08-31 14:04 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll
2016-08-23 04:58 - 2013-08-30 09:31 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2016-08-23 04:58 - 2013-08-28 09:49 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-08-23 04:58 - 2013-08-28 09:09 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2016-08-23 04:58 - 2013-08-27 08:09 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-08-23 04:58 - 2013-08-27 07:24 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-08-23 04:57 - 2013-09-25 09:32 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-08-23 04:57 - 2013-09-24 08:55 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2016-08-23 04:57 - 2013-09-24 07:59 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2016-08-23 04:57 - 2013-09-21 07:37 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-08-23 04:57 - 2013-09-21 06:38 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-08-23 04:57 - 2013-09-21 06:37 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-08-23 04:57 - 2013-09-19 09:19 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll
2016-08-23 04:57 - 2013-09-19 08:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
2016-08-23 04:57 - 2013-09-19 08:27 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2016-08-23 04:57 - 2013-09-19 08:23 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WorkFoldersRes.dll
2016-08-23 04:57 - 2013-09-19 07:47 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
2016-08-23 04:57 - 2013-09-17 08:58 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-08-23 04:57 - 2013-09-17 07:26 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-08-23 04:57 - 2013-09-14 13:39 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-08-23 04:57 - 2013-09-13 10:10 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-08-23 04:57 - 2013-09-07 14:00 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdprint.dll
2016-08-23 04:57 - 2013-09-07 13:50 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll
2016-08-23 04:57 - 2013-09-07 13:22 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-08-23 04:57 - 2013-09-05 07:40 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2016-08-23 04:57 - 2013-08-31 12:46 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2016-08-23 04:57 - 2013-08-31 12:00 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2016-08-23 04:57 - 2013-08-31 11:25 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2016-08-23 04:53 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-08-23 04:53 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-08-23 04:42 - 2016-08-22 20:11 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-23 04:41 - 2016-08-23 04:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-23 04:41 - 2016-08-23 04:41 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-23 04:40 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-08-23 04:26 - 2016-08-23 04:26 - 02449376 _____ (Megaify Software ) C:\Users\conchitta\Downloads\DriverToolkitInstaller (6).exe
2016-08-23 04:01 - 2016-08-24 06:30 - 00336024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-23 03:50 - 2016-08-23 03:59 - 130076618 _____ C:\Users\conchitta\Downloads\Intel_hd_graphics_win64_153332.zip
2016-08-23 03:45 - 2016-08-23 03:45 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\conchitta\Downloads\driveragent-setup-1278 (1).exe
2016-08-23 03:44 - 2016-08-23 03:44 - 00022200 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2016-08-22 23:46 - 2016-08-22 23:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 20:52 - 2016-08-22 20:52 - 00000000 ____D C:\Users\conchitta\AppData\Roaming\Macromedia
2016-08-22 20:46 - 2016-08-22 20:48 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-22 20:46 - 2016-08-22 20:48 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-22 20:43 - 2016-08-26 01:53 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-22 20:43 - 2016-08-26 01:17 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-22 20:43 - 2016-08-23 06:14 - 00000000 ____D C:\Users\conchitta\AppData\Local\Google
2016-08-22 20:43 - 2016-08-22 20:48 - 00004104 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-22 20:43 - 2016-08-22 20:48 - 00003868 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-22 20:43 - 2016-08-22 20:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-22 20:41 - 2016-08-26 01:57 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{25A66E3A-C779-4BFF-A644-D698B6E080FA}
2016-08-22 20:17 - 2016-08-26 02:23 - 00000000 __RDO C:\Users\conchitta\SkyDrive
2016-08-22 20:16 - 2016-08-26 01:47 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2751898029-2148813506-1804420663-1001
2016-08-22 20:16 - 2016-08-22 20:16 - 00000000 ____D C:\ProgramData\ToshibaEurope
2016-08-22 20:11 - 2016-08-22 20:12 - 00000000 ____D C:\Users\conchitta\AppData\Local\PackageStaging
2016-08-22 20:11 - 2016-08-22 20:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-08-22 20:11 - 2016-08-22 20:11 - 00000000 ____D C:\Users\conchitta\AppData\Local\TOSHIBA
2016-08-22 20:10 - 2016-08-23 06:30 - 00000000 ____D C:\Users\conchitta\AppData\Local\Packages
2016-08-22 20:10 - 2016-08-22 20:10 - 00000000 ____D C:\Users\conchitta\AppData\Roaming\Adobe
2016-08-22 20:10 - 2016-08-22 20:10 - 00000000 ____D C:\Users\conchitta\AppData\Local\VirtualStore
2016-08-22 20:08 - 2016-08-23 04:00 - 00000000 ____D C:\Users\conchitta
2016-08-22 20:08 - 2016-08-22 20:08 - 00000020 ___SH C:\Users\conchitta\ntuser.ini
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Vorlagen
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Startmenü
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Netzwerkumgebung
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Lokale Einstellungen
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Eigene Dateien
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Druckumgebung
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Documents\Eigene Videos
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Documents\Eigene Musik
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Documents\Eigene Bilder
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\AppData\Local\Verlauf
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\AppData\Local\Anwendungsdaten
2016-08-22 20:08 - 2016-08-22 20:08 - 00000000 _SHDL C:\Users\conchitta\Anwendungsdaten
2016-08-22 20:06 - 2016-08-22 20:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-26 02:06 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-26 01:28 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-26 01:28 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-26 01:15 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-26 01:15 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-26 01:13 - 2013-10-09 01:46 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-08-25 00:55 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-08-25 00:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-24 23:54 - 2013-09-06 23:25 - 04646338 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-24 23:54 - 2013-08-28 12:25 - 00797412 _____ C:\WINDOWS\system32\perfh013.dat
2016-08-24 23:54 - 2013-08-28 12:25 - 00161992 _____ C:\WINDOWS\system32\perfc013.dat
2016-08-24 23:54 - 2013-08-28 12:16 - 00793160 _____ C:\WINDOWS\system32\perfh010.dat
2016-08-24 23:54 - 2013-08-28 12:16 - 00156082 _____ C:\WINDOWS\system32\perfc010.dat
2016-08-24 23:54 - 2013-08-28 12:08 - 00801394 _____ C:\WINDOWS\system32\perfh00C.dat
2016-08-24 23:54 - 2013-08-28 12:08 - 00158846 _____ C:\WINDOWS\system32\perfc00C.dat
2016-08-24 23:54 - 2013-08-28 11:59 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-24 23:54 - 2013-08-28 11:59 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-24 22:53 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\tracing
2016-08-24 06:26 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-08-24 06:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-08-24 06:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-08-24 06:25 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-08-24 06:25 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-08-24 06:25 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2016-08-24 06:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-08-24 06:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-08-24 06:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-24 06:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-24 06:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\FileManager
2016-08-24 06:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Camera
2016-08-24 06:24 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-24 06:24 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-24 06:24 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-08-23 23:14 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-23 05:37 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-23 05:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-22 21:02 - 2013-10-09 01:38 - 00000000 ____D C:\ProgramData\McAfee
2016-08-22 21:02 - 2013-10-09 01:38 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-08-22 21:02 - 2013-10-09 01:38 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-22 20:51 - 2013-10-09 01:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-22 20:51 - 2013-09-08 00:56 - 00000000 ____D C:\WINDOWS\Panther
2016-08-22 20:46 - 2013-10-09 01:55 - 00000000 ____D C:\Program Files (x86)\TOSHIBA Games
2016-08-22 20:16 - 2013-10-09 01:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\TOSHIBA
2016-08-22 20:16 - 2013-09-06 23:26 - 00000000 ____D C:\ProgramData\Toshiba
2016-08-22 19:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache

Einige Dateien in TEMP:
====================
C:\Users\conchitta\AppData\Local\Temp\libeay32.dll
C:\Users\conchitta\AppData\Local\Temp\msvcr120.dll
C:\Users\conchitta\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2013-09-07 08:13

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
durchgeführt von conchitta (26-08-2016 02:29:53)
Gestartet von C:\Users\conchitta\Desktop
Windows 8.1 (Update) (X64) (2016-08-22 18:09:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2751898029-2148813506-1804420663-500 - Administrator - Disabled)
conchitta (S-1-5-21-2751898029-2148813506-1804420663-1001 - Administrator - Enabled) => C:\Users\conchitta
Gast (S-1-5-21-2751898029-2148813506-1804420663-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1C5CCB11-FD46-4373-BB51-CE2E249A62C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-22] (Google Inc.)
Task: {26FB73B8-F896-4EDC-AE6A-A0195E4346BE} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {6D20924F-588B-4B45-95B9-3553C6D2AF56} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {7FE0925E-4178-4642-BBCF-C35A6437B449} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-22] (Google Inc.)
Task: {CCF7B886-2C21-4511-80C6-29978FB47A87} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-08-28] (TODO: <Company name>)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2016-08-24 02:14 - 2016-08-24 02:14 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\b31944a8979a518a2716a6eac4a726d5\Windows.UI.ni.dll
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd
2016-08-23 05:31 - 2016-08-23 05:31 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\46814cd3fb4488be00a1a0d654ba28c9\Windows.Foundation.ni.dll
2013-10-09 01:15 - 2013-09-04 01:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-08-22 20:46 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-22 20:46 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\43803640.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\43803640.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\conchitta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{97185104-0EDA-4C8C-ABF3-112C92FD4EF3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{A5465BAB-3068-45DA-85D3-A7E1B9D9C807}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EEF7AD55-2628-45B1-B168-9008AEA3BAFB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{CEFA1628-04CD-4855-BB91-0521F13EAB44}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{72DEC956-00CD-4506-9E72-84AAD746DEFD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C1820B97-7FD2-4D7D-8D59-8D33179C1F88}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6B1719A8-7D86-4EFA-953F-953A12A7A4D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

23-08-2016 03:58:32 Windows Modules Installer
26-08-2016 02:11:52 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Sandra Hoppe (GT-I9300
Description: GT-I9300
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd. 
Service: WUDFWpdMtp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/26/2016 12:28:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Bei der Aktivierung der App „Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/25/2016 11:21:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Bei der Aktivierung der App „Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/25/2016 12:27:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Bei der Aktivierung der App „Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/24/2016 10:53:46 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={7FF0C1D3-FDC9-436E-9A9D-5368BC90E021}: Der Benutzer "SYSTEM" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (08/24/2016 10:27:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Bei der Aktivierung der App „Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/24/2016 04:32:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Bei der Aktivierung der App „Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/24/2016 02:57:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Bei der Aktivierung der App „Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/24/2016 12:19:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ec0

Startzeit: 01d1fd8c62a8731d

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\wwahost.exe

Berichts-ID: a694f14f-697f-11e6-8262-a4db301fe0e5

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.176_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness

Error: (08/23/2016 04:59:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SynTPEnh.exe, Version: 17.0.10.51, Zeitstempel: 0x53d06d8c
Name des fehlerhaften Moduls: SynTPEnh.exe, Version: 17.0.10.51, Zeitstempel: 0x53d06d8c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000007f872
ID des fehlerhaften Prozesses: 0x13c8
Startzeit der fehlerhaften Anwendung: 0xSynTPEnh.exe0
Pfad der fehlerhaften Anwendung: SynTPEnh.exe1
Pfad des fehlerhaften Moduls: SynTPEnh.exe2
Berichtskennung: SynTPEnh.exe3
Vollständiger Name des fehlerhaften Pakets: SynTPEnh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SynTPEnh.exe5

Error: (08/23/2016 03:56:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16384, Zeitstempel: 0x52158459
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0035628b
ID des fehlerhaften Prozesses: 0x3f24
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5


Systemfehler:
=============
Error: (08/26/2016 01:14:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.

Error: (08/26/2016 01:14:59 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "TrustedInstaller" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50 = Die Anforderung wird nicht unterstützt.

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/26/2016 01:14:56 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (08/26/2016 01:13:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Validation Trust Protection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2016 01:13:29 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (08/26/2016 01:12:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/26/2016 01:12:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TOSHIBA eco Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2016 01:12:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/26/2016 01:12:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TOSHIBA Optical Disc Drive Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2016 01:12:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee Firewall Core Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3971.27 MB
Verfügbarer physikalischer RAM: 1952.52 MB
Summe virtueller Speicher: 5379.27 MB
Verfügbarer virtueller Speicher: 3247.89 MB

==================== Laufwerke ================================

Drive c: (TI31204300A) (Fixed) (Total:454.91 GB) (Free:422.89 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Hoffe, dass dieses Mal alles richtig gelaufen ist. Habe FRST.exe auf dem Desktop verschoben.
Ich glaube der Adw-Cleaner hat etwas gefunden, alles andere war ohne Fund.
Ich danke dir sehr für deine Zeit & entschuldige mich dafür, dass ich erst so spät antworte, aber leider sind meine Arbeitszeiten etwas schwierig. Gerade deswegen um so mehr

Conchitta · 26.08.2016, 02:54

Es ist doch noch ein Bericht von der Anti-Malware gekommen. Deshalb stelle ich ihn noch mal rein. Was mich wundert...hatte vorher ja schon das gleiche Programm drauf. Da war immer alles ohne Befund, aber diesmal wurde einiges gefunden.

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 26.08.2016
Suchlaufzeit: 03:29
Protokolldatei: mbam(1).txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.08.25.09
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: conchitta

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 280951
Abgelaufene Zeit: 16 Min., 45 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 85
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\adapter, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\abstractbutton, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\abstractbutton\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\alert, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\alert\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedhtml, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedhtml\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedhtml\html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedhtml\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedscript, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedscript\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedscript\html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedscript\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\flare, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\flare\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\flare\icons, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\generic, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\generic\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\link, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\link\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\images, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\rss, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\rss\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\thirdparty, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\thirdparty\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\uninstall, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\uninstall\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\weather, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\weather\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\common, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio\css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\rss, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\rss\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\topapps, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\topapps\css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\topapps\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\weather, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\weather\css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\weather\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\window, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews\css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews\html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\foreground, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\radioWrapper, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\search, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\search\background, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\search\html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\icons, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native\libs, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\_metadata, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 

Dateien: 240
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage, In Quarantäne, [a2ab65ead0caa096cb45c2e8847f9070], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage-journal, In Quarantäne, [252868e7ddbd8fa7f21eadfd8182a65a], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage, In Quarantäne, [64e92a2556449c9a927fb9f15aa9e51b], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [69e485cab1e989ad2ce58d1d17ec7888], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mallpejgeafdahhflmliiahjdpgbegpk_0.localstorage, In Quarantäne, [123bef600991fd3951dfdcd9da2ac838], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mallpejgeafdahhflmliiahjdpgbegpk_0.localstorage-journal, In Quarantäne, [74d91d32e0ba78be210f447159ab6997], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\manifest.json, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\spent.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\bg.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\buildVars, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\buildVars.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\companionSW.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\config.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\contentScript.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\contentScript.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\debug.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\debug.jade, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\extension_toolbar_api.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\initWidgetWindow.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\newTabContentScript.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\options.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\spent.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\spent.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\spent2.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\spent2.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\spentJ.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\spentK.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\spentK.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\startup.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\stub.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\stubby.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\superFrame.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\toolbar.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\toolbar.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\toolbarUI.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\toolbarUI.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\toolbarUI.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\url.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\webtooltab.cs.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\adapter\adapterUtil.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\adapter\widget-adapter.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\abstractbutton\background\abstractButton.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\alert\background\alertButton.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedhtml\background\embedHtmlWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedhtml\html\embedHtmlTemplate.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedhtml\js\embedHtmlUI.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedscript\background\embedScriptWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedscript\html\embedScriptTemplate.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\embedscript\js\embedScriptUI.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\flare\background\FlareWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\flare\icons\Icon_Flare_blue.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\flare\icons\Icon_Flare_pink.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\flare\icons\Thumbs.db, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\generic\background\GenericWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\link\background\linkButton.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\README.txt, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\background\menuButton.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\css\menuframe.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\html\menuframe.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\images\right_arrow.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\images\right_arrow_white.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\js\jquery-1.7.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\js\menuframe.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\js\query-string.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\menu\js\underscore-1.3.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\rss\background\RssWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\thirdparty\background\thirdPartyWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\uninstall\background\uninstallButton.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\components\weather\background\weatherButton.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\bs.30.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\common.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\dynamic.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\enableDetect.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\eventListening.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\global.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\jquery-1.7.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\list-interaction.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\messageEventListener.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\navRedirector.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\paramReplacer.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\PartnerId.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\set.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\underscore-1.3.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\underscore-1.5.2.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\js\unifiedLogging.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widget-context-1.0.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\common\common.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\common\eventListening.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\common\list-interaction.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\common\set.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio\radio-widget.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio\css\radio-widget.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio\js\radio-custom.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio\js\radio-parser.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\radio\js\radio-widget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\rss\rssWidget.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\rss\js\rss-widget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test\invalid.json, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test\jquery.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test\qunit.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test\qunit.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test\resource.json, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test\resource.xml, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test\testWidget.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\test\testWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\topapps\widget.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\topapps\css\widget.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\topapps\js\topapps-config.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\topapps\js\widget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\weather\weatherButton.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\weather\css\weatherButton.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\common\widget-api\widgets\weather\js\weather.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\background\ApiBasedWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\background\widget-api-impl.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\window\hiddenWidgetWindow.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\window\hiddenWidgetWindow.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\window\hiddenWidgetWindowInit.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\window\widgetWindow.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\api\window\widgetWindow.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\background\updateSearch.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\background\updateSearchPromptBg.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\07_buttons2.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\08_buttons2.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\defaultSearchModal.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\tvf_btn_ok.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\tvf_btn_ok2.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\tvf_restart_icon.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\defaultSearch\foreground\updateSearchPromptFg.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews\background\MovieReviewsWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews\css\movieReviews.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews\html\movieReviews.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\moviereviews\js\movieReviews.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\background\RadioWidget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\css\toolbar-item.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\foreground\button.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\radioWrapper\radioWrapper.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\radio\radioWrapper\radioWrapper.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\search\background\searchBox.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\search\html\searchSuggestions.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\search\html\searchSuggestions.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\search\html\searchSuggestions.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\search\html\searchSuggestionsInit.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\css\supertab.css, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\html\supertab.html, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\js\newtabfork.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\js\reporting.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\js\srchsugg.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\js\supertab.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\js\unifiedLogging.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\components\supertab\js\__utm.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\icons\arrowSprite.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\icons\icon128.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\icons\icon16.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\icons\icon19disabled.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\icons\icon19on.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\icons\icon48.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\icons\tb_icon_search_disappearing_ask.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\223754507.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\223754534.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\223754535.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\223754536.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\223754537.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\223754551.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\down_arrow.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\IDR_PRODUCT_LOGO_16.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\IDR_WEBSTORE_ICON.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\magnifying_glass.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\RadioPlayerSprite.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\search_button.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\tvf_icon_guide.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\tvf_logo.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\images\wrench.png, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\chromeUtils.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\companionSWUtils.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\exeManager.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\exeManagerNMD.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\exePackageManager.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\focusManager.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\globalBlacklistManager.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\messaging.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\mutation_summary-min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\mutation_summary.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\nativeMessagingDispatcher.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\newTabInfo.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\newTabInitialize.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\options.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\readLocalStorage.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\reservespacefortoolbar.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\reservespaceifenabled.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\scriptInjector.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\searchContext.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\settingsOverrides.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\toolbarCookieParser.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\toolbarPreinit.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\underscore-1.3.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\URILoaderContentScript.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\webTooltabAPI.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\Widget.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\widgetContentScriptInjectee.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\widgetFactory.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\js\widgetWindowManager.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native\cache.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native\ce.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native\debug.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native\ss.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native\libs\jquery-1.7.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native\libs\jquery-1.9.1.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\native\libs\underscore-1.5.2.min.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\activePing.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\buttonLogger.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\competitorDnsList.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\console.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\FFPreferencesPersister.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\httpTransport.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\HttpURL.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\internationalSearch.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\LocalStoragePersister.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\MindsparkGlobal.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\MindsparkGlobal.unitTest.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\MindsparkGlobalNotes.txt, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\rsvp-latest.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\searchSuggestLocale.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\testHttpTransport.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\unifiedLogger.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\unifiedLogging.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\universalConsole.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\shared\utils.js, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\_metadata\computed_hashes.json, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 
PUP.Optional.MindSpark, C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\12.41.9.60863_0\_metadata\verified_contents.json, In Quarantäne, [84c9b897702a270f591d7c1e0400fb05], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 26.08.2016, 18:05

Servus,

vielen Dank für die Logdateien.

Wir spüren noch evtl. vorhandene Reste auf:

Starte FRST erneut.
Kopiere den Inhalt der folgenden Code-Box in die Zeile "Suche":
Code:
ATTFilter
```
FromDocToPDF;DriverToolkit;slimware utilities;eSupport.com;Amazon1ButtonApp;
         
```
Drücke auf Registry-Suche.
FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
Am Ende erstellt FRST eine Textdatei SearchReg.txt.
Poste mir deren Inhalt mit deiner nächsten Antwort.

Conchitta · 26.08.2016, 20:54

Code:

ATTFilter

Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
durchgeführt von conchitta (26-08-2016 21:50:30)
Gestartet von C:\Users\conchitta\Desktop
Start-Modus: Normal

================== Registry-Suche: "FromDocToPDF;DriverToolkit;slimware utilities;eSupport.com;Amazon1ButtonApp" ===========


===================== Suchergebnis für "FromDocToPDF" ==========

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"SIGN.IE=05B620 FromDocToPDF.7791638b57584c318decfc233d218f13.exe"="0x534143500100000000000000070000002800000020B6050061C4050001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000065672E00000000000200000002000000"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\fromdoctopdf.dl.myway.com]


===================== Suchergebnis für "DriverToolkit" ==========

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"23"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"28"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"30"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"31"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\Uninstall DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\unins000.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"32"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"33"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\Uninstall DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\unins000.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"34"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"35"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\Uninstall DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\unins000.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"36"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"37"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\Uninstall DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\unins000.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"38"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit\DriverToolkit.lnk
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\conchitta\Downloads\DriverToolkitInstaller.exe"="0x5341435001000000000000000700000028000000E05F25006CC2250001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000091850200000000000100000001000000"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\DriverToolkit\unins000.exe"="0x5341435001000000000000000700000028000000C97212000000000003000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000CD960100000000000200000002000000"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\conchitta\Downloads\DriverToolkitInstaller (1).exe"="0x5341435001000000000000000700000028000000E05F25006CC2250001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000CAED0A00000000000200000002000000"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\conchitta\Downloads\DriverToolkitInstaller (2).exe"="0x5341435001000000000000000700000028000000E05F25006CC2250001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000003E700000000000000100000001000000"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\conchitta\Downloads\DriverToolkitInstaller (3).exe"="0x5341435001000000000000000700000028000000E05F25006CC2250001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000BAA00200000000000300000003000000"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\conchitta\Downloads\DriverToolkitInstaller (4).exe"="0x5341435001000000000000000700000028000000E05F25006CC2250001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000E9DC0200000000000100000001000000"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\conchitta\Downloads\DriverToolkitInstaller (5).exe"="0x5341435001000000000000000700000028000000E05F25006CC2250001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000B27E0400000000000100000001000000"


===================== Suchergebnis für "eSupport.com" ==========

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"25"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com\DriverAgent\DriverAgent.lnk
C:\Program Files (x86)\eSupport.com\driveragent\DriverAgent.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"27"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com\DriverAgent\DriverAgent.lnk
C:\Program Files (x86)\eSupport.com\driveragent\DriverAgent.exe
"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\eSupport.com\driveragent\DriverAgent.exe"="0x534143500100000000000000070000002800000008390A00EE6F0A0001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000000E440000000000000200000002000000"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\eSupport.com\driveragent\unins000.exe"="0x5341435001000000000000000700000028000000C93412000000000003000000000000000000020600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000008D270000000000000100000001000000"


===================== Suchergebnis für "Amazon1ButtonApp" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Amazon\Amazon1ButtonApp\"="1"

[HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"0"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe
"

====== Ende von Suche ======

Wollte mich dafür bedanken, dass du alles super erklärst. Da komme selbst ich einigermaßen hinterher

.

M-K-D-B · 26.08.2016, 22:20

Servus,

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
HKLM\...\Run: [] => [X]
DeleteKey: HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\fromdoctopdf.dl.myway.com
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Conchitta · 27.08.2016, 05:26

Ich habe übrigens wieder Zugang zu meinen Dokumenten =D .

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
durchgeführt von conchitta (27-08-2016 01:58:59) Run:1
Gestartet von C:\Users\conchitta\Desktop
Geladene Profile: conchitta (Verfügbare Profile: conchitta)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM\...\Run: [] => [X]
DeleteKey: HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\fromdoctopdf.dl.myway.com
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKEY_USERS\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\fromdoctopdf.dl.myway.com => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5977446 B
Java, Flash, Steam htmlcache => 1347 B
Windows/system/drivers => 5332481 B
Edge => 0 B
Chrome => 859482675 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 246073 B
systemprofile32 => 128 B
LocalService => 781 B
NetworkService => 75668 B
conchitta => 156509823 B

RecycleBin => 4537736 B
EmptyTemp: => 992.3 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 01:59:41 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4722a6e775b2b44280a7d9114d328de0
# end=init
# utc_time=2016-08-27 12:53:25
# local_time=2016-08-27 02:53:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4722a6e775b2b44280a7d9114d328de0
# end=init
# utc_time=2016-08-27 01:08:41
# local_time=2016-08-27 03:08:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30556
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4722a6e775b2b44280a7d9114d328de0
# end=updated
# utc_time=2016-08-27 01:19:49
# local_time=2016-08-27 03:19:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4722a6e775b2b44280a7d9114d328de0
# engine=30556
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-08-27 03:26:10
# local_time=2016-08-27 05:26:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 95102072 0 0
# scanned=300056
# found=0
# cleaned=0
# scan_time=7580

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.14.265
www.hitmanpro.com

   Computer name . . . . : LAPTOP
   Windows . . . . . . . : 6.3.0.9600.X64/2
   User name . . . . . . : LAPTOP\conchitta
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-08-27 06:17:51
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 42s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 5

   Objects scanned . . . : 1.506.849
   Files scanned . . . . : 30.058
   Remnants scanned  . . : 403.224 files / 1.073.567 keys

Suspicious files ____________________________________________________________

   C:\Users\conchitta\Desktop\FRST-OlderVersion\FRST64 (1).exe
      Size . . . . . . . : 2.396.672 bytes
      Age  . . . . . . . : 3.3 days (2016-08-23 22:31:37)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : B013E81A02D8CD690103C7900F14CCFAACC063D1945767361BA4715778CF0790
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\conchitta\Desktop\FRST64.exe
      Size . . . . . . . : 2.396.160 bytes
      Age  . . . . . . . : 1.2 days (2016-08-26 02:25:44)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 00FD54D2E366B2B2D2DB896529515EF75E2ED62BCB1BEE88AF63D45DF7DD5FF0
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -5.5s C:\Windows\SysWOW64\d2d1.dll
         -5.2s C:\Windows\WinSxS\amd64_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.3.9600.17415_none_f83d7eb4a994f43b\WMVCORE.DLL
         -4.1s C:\Windows\WinSxS\amd64_microsoft-windows-msxml60_31bf3856ad364e35_6.3.9600.17415_none_7978f7296a93e21b\msxml6.dll
         -3.3s C:\Windows\System32\mssrch.dll
         -2.9s C:\Windows\System32\xpsrchvw.exe
         -1.7s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E764A384-A6C8-414A-9412-20A69B09D0E9}
         -1.5s C:\Windows\WinSxS\amd64_microsoft-windows-xpsifilter_31bf3856ad364e35_6.3.9600.17415_none_5de02e5feef6d2ba\XpsFilt.dll
         -0.5s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.5s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.4s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.4s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.2s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
         -0.2s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
          0.0s C:\Users\conchitta\Desktop\FRST64.exe
          0.4s C:\Windows\SysWOW64\msftedit.dll
          1.8s C:\Windows\System32\d2d1.dll
          5.0s C:\Windows\System32\tquery.dll
          5.0s C:\Users\conchitta\Desktop\FRST-OlderVersion\
          6.9s C:\Windows\System32\UIRibbon.dll
          7.4s C:\Windows\Prefetch\FRST64 (1).EXE-5D75BF01.pf
          8.8s C:\Windows\WinSxS\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.9.9600.17415_none_4276a3b0c101abc2\wuaueng.dll
          8.8s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{3A18C826-658A-4BB1-9226-CE9BD4E70F9F}
         10.1s C:\Windows\SysWOW64\msmpeg2vdec.dll
         11.5s C:\Windows\WinSxS\x86_microsoft-windows-t..s-clientactivexcore_31bf3856ad364e35_6.3.9600.17415_none_c4da671fe1083843\mstscax.dll
         13.8s C:\Windows\WinSxS\wow64_microsoft-windows-installer-engine_31bf3856ad364e35_6.3.9600.17415_none_feda2364bba2f3f8\msi.dll
         15.2s C:\Windows\System32\msftedit.dll
         16.7s C:\Windows\WinSxS\amd64_microsoft-windows-installer-engine_31bf3856ad364e35_6.3.9600.17415_none_f4857912874231fd\msi.dll
         17.0s C:\Windows\SystemResources\Windows.UI.SettingsApp\Windows.UI.SettingsApp.pri
         17.1s C:\Windows\SystemResources\Windows.UI.SkyDrive\Windows.UI.SkyDrive.pri
         17.2s C:\Windows\FileManager\FileManager\themes\generic.xbf
         18.1s C:\Windows\WinSxS\amd64_microsoft-windows-t..s-clientactivexcore_31bf3856ad364e35_6.3.9600.17415_none_20f902a39965a979\mstscax.dll
         18.2s C:\Windows\Prefetch\FRST64.EXE-0359B1FF.pf
         18.5s C:\Windows\WinSxS\amd64_microsoft-windows-offlinefiles-service_31bf3856ad364e35_6.3.9600.17415_none_fade8cf1351db776\cscsvc.dll
         18.9s C:\Windows\WinSxS\amd64_microsoft-windows-skydrive-syncengine_31bf3856ad364e35_6.3.9600.17415_none_1e11500d28d3212d\SyncEngine.dll
         19.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..yncengine.resources_31bf3856ad364e35_6.3.9600.17418_en-us_9bd90ef0da088599\SyncEngine.dll.mui
         19.3s C:\Windows\WinSxS\amd64_microsoft-windows-g..ppolicy-policymaker_31bf3856ad364e35_6.3.9600.17415_none_28542fda1cb966de\gpprefcl.dll
         19.4s C:\Windows\WinSxS\wow64_microsoft-windows-g..ppolicy-policymaker_31bf3856ad364e35_6.3.9600.17415_none_32a8da2c511a28d9\gpprefcl.dll
         19.6s C:\Windows\WinSxS\amd64_microsoft-windows-a..ence-telemetry-sdbs_31bf3856ad364e35_6.3.9600.17362_none_f8f5c76e1de65721\sysmain32runtime.sdb
         19.8s C:\Windows\WinSxS\wow64_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.3.9600.17238_none_076f3a9cfa782a5d\sysmain.sdb
         20.0s C:\Windows\WinSxS\amd64_microsoft-windows-a..ence-telemetry-sdbs_31bf3856ad364e35_6.3.9600.17362_none_f8f5c76e1de65721\sysmain32.sdb
         20.1s C:\Windows\WinSxS\amd64_microsoft-windows-a..ence-telemetry-sdbs_31bf3856ad364e35_6.3.9600.17362_none_f8f5c76e1de65721\drvmain64.sdb
         20.2s C:\Windows\apppatch\apppatch64\sysmain.sdb
         20.3s C:\Windows\WinSxS\amd64_microsoft-windows-a..ence-telemetry-sdbs_31bf3856ad364e35_6.3.9600.17362_none_f8f5c76e1de65721\sysmain64.sdb
         20.4s C:\Windows\WinSxS\amd64_microsoft-windows-a..ence-telemetry-sdbs_31bf3856ad364e35_6.3.9600.17362_none_f8f5c76e1de65721\drvmain32.sdb
         20.5s C:\Windows\WinSxS\amd64_microsoft-windows-a..ence-telemetry-sdbs_31bf3856ad364e35_6.3.9600.17362_none_f8f5c76e1de65721\sysmain64runtime.sdb
         21.0s C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17415_none_5d3b5c8787e08564\ntoskrnl.exe
         21.3s C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_a0642b9c64ff90d4\swenum.sys
         21.6s C:\Windows\WinSxS\amd64_microsoft-windows-offlinefiles-core_31bf3856ad364e35_6.3.9600.17415_none_8f5343ce2fa4bd12\csc.sys
         21.8s C:\Windows\System32\msmpeg2vdec.dll
         23.7s C:\Windows\SysWOW64\Windows.UI.Search.dll
         24.4s C:\Windows\WinSxS\amd64_microsoft-windows-filemanager.appxmain_31bf3856ad364e35_6.3.9600.17415_none_e2bbb168f9b1ed05\FileManagerApp.dll
         24.7s C:\Windows\WinSxS\amd64_microsoft-windows-filemanager.appxmain_31bf3856ad364e35_6.3.9600.17415_none_e2bbb168f9b1ed05\FileManagerLogger.dll
         25.4s C:\Windows\WinSxS\amd64_microsoft-windows-mediaviewer-main_31bf3856ad364e35_6.3.9600.17415_none_76b33eb138bd6e86\WindowsInternal.Inbox.Media.Viewer.dll
         26.0s C:\Windows\WinSxS\amd64_microsoft-hyper-v-vstack-vmwp_31bf3856ad364e35_6.3.9600.17393_none_25f3075333c8cb20\vmwp.exe
         26.3s C:\Windows\apppatch\msimain.sdb
         27.0s C:\Windows\WinSxS\amd64_microsoft-windows-reader-shell.setup_31bf3856ad364e35_6.3.9600.17415_none_dc73db89e4ec2969\glcndFilter.dll
         27.7s C:\Windows\WinSxS\amd64_microsoft-windows-data-pdf_31bf3856ad364e35_6.3.9600.17415_none_e75fbdce676c5705\Windows.Data.Pdf.dll
         28.1s C:\Windows\WinSxS\x86_microsoft-windows-data-pdf_31bf3856ad364e35_6.3.9600.17415_none_8b41224aaf0ee5cf\Windows.Data.Pdf.dll
         28.3s C:\Windows\System32\atlthunk.dll
         28.6s C:\Windows\WinSxS\x86_microsoft-windows-reader-shell.setup_31bf3856ad364e35_6.3.9600.17415_none_805540062c8eb833\glcndFilter.dll
         29.0s C:\Windows\WinSxS\amd64_microsoft-windows-store-service_31bf3856ad364e35_6.3.9600.17415_none_b0f0b0818ad5e9c7\WSService.dll
         30.4s C:\Windows\System32\Windows.UI.Search.dll
         31.9s C:\Windows\WinSxS\amd64_microsoft-hyper-v-vstack-vmms_31bf3856ad364e35_6.3.9600.17401_none_27a7d14b32a5a76b\vmms.exe
         32.6s C:\Windows\WinSxS\amd64_microsoft-hyper-v-vstack-config_31bf3856ad364e35_6.3.9600.17401_none_e65ccb212a33c3f4\vsconfig.dll


Potential Unwanted Programs _________________________________________________

   C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS (DriverRestore)
      Size . . . . . . . : 22.200 bytes
      Age  . . . . . . . : 4.1 days (2016-08-23 03:44:26)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 05F052C64D192CF69A462A5EC16DDA0D43CA5D0245900C9FCB9201685A2E7748
      Product  . . . . . : DriverAgent
      Publisher  . . . . : Phoenix Technologies
      Description  . . . : DriverAgent Direct I/O for 64-bit Windows
      Version  . . . . . : 6.0
      Copyright  . . . . : EnTech Taiwan, 1997-2009
      RSA Key Size . . . : 2048
      Service  . . . . . : DrvAgent64
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -2.0
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\DrvAgent64\
      Forensic Cluster
         -13.6s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_EF79A545C782BBA655019EC0ADB90AE2
         -13.6s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_EF79A545C782BBA655019EC0ADB90AE2
         -13.5s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\37570AF16029C559A6224EE4AF54691D
         -13.5s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\37570AF16029C559A6224EE4AF54691D
         -13.4s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9F08575E2099C04869F34A6342C1C728_2E227E603BAD01C3AE7596A0912A2605
         -13.4s C:\Users\conchitta\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9F08575E2099C04869F34A6342C1C728_2E227E603BAD01C3AE7596A0912A2605
         -12.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{7C942A17-CF8F-40F0-B129-26CBB4BC29E7}
         -12.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{C1CC39C5-B6F0-402A-B6E4-54E11E8E2887}
         -8.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E390F716-930A-4FA2-A36E-94A3B7381B2A}
         -5.0s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{A54D37C4-89BE-4F52-BF3F-EB6D6FF0421C}
          0.0s C:\Windows\SysWOW64\drivers\DrvAgent64.SYS
          0.8s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{A7F0B5D4-BAB8-4EA7-A1A3-36CCA8C61101}

   HKLM\SYSTEM\ControlSet001\Services\DrvAgent64\ (DriverRestore)
   HKLM\SYSTEM\CurrentControlSet\Services\DrvAgent64\ (DriverRestore)

Conchitta · 27.08.2016, 06:09

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
durchgeführt von conchitta (Administrator) auf LAPTOP (27-08-2016 07:00:47)
Gestartet von C:\Users\conchitta\Desktop
Geladene Profile: conchitta (Verfügbare Profile: conchitta)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{43E58378-14D6-46FD-A79E-249BDB43ACB6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{487EEA56-C5C0-467D-9F44-2AB104B012E8}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2751898029-2148813506-1804420663-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2751898029-2148813506-1804420663-1001 -> DefaultScope {230CC18E-06AA-43E1-9D14-820C97C8ACF6} URL = 

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-22] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()

Chrome: 
=======
CHR Profile: C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-23]
CHR Extension: (Google Drive) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-23]
CHR Extension: (YouTube) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-23]
CHR Extension: (Google Tabellen) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-22]
CHR Extension: (Google Docs Offline) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-23]
CHR Extension: (FromDocToPDF) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2016-08-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-22]
CHR Extension: (Google Mail) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\conchitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-23]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [Datei ist nicht signiert]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-27 06:56 - 2016-08-27 06:56 - 00001465 _____ C:\Users\conchitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-27 06:54 - 2016-08-27 06:54 - 00575344 _____ C:\WINDOWS\Minidump\082716-139859-01.dmp
2016-08-27 06:54 - 2016-08-27 06:54 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-27 06:52 - 2016-08-27 06:52 - 634131131 _____ C:\WINDOWS\MEMORY.DMP
2016-08-27 06:16 - 2016-08-27 06:23 - 00000000 ____D C:\ProgramData\HitmanPro
2016-08-27 04:53 - 2016-08-27 04:54 - 11438608 _____ (SurfRight B.V.) C:\Users\conchitta\Desktop\HitmanPro_x64.exe
2016-08-27 02:52 - 2016-08-27 02:52 - 00000000 ____D C:\Program Files (x86)\ESET
2016-08-27 02:43 - 2016-08-27 02:44 - 02870984 _____ (ESET) C:\Users\conchitta\Desktop\esetsmartinstaller_deu.exe
2016-08-27 01:58 - 2016-08-27 01:59 - 00002633 _____ C:\Users\conchitta\Desktop\Fixlog.txt
2016-08-26 21:50 - 2016-08-26 21:50 - 00009075 _____ C:\Users\conchitta\Desktop\SearchReg.txt
2016-08-26 16:10 - 2016-07-02 06:29 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 16:10 - 2016-07-02 06:29 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-26 08:27 - 2016-08-26 08:28 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-08-26 03:59 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-26 03:59 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-26 03:49 - 2016-08-26 03:49 - 00077227 _____ C:\Users\conchitta\Desktop\mbam(1).txt
2016-08-26 03:32 - 2016-05-25 15:22 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-08-26 03:32 - 2016-05-25 15:22 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-08-26 03:32 - 2016-05-25 15:12 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-08-26 03:32 - 2016-05-25 15:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-08-26 03:18 - 2015-10-13 19:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-08-26 03:18 - 2015-10-13 19:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-08-26 03:18 - 2014-10-31 06:50 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2016-08-26 03:18 - 2014-10-31 05:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2016-08-26 03:18 - 2014-10-31 05:23 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2016-08-26 03:18 - 2014-10-31 05:22 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2016-08-26 03:18 - 2014-10-31 05:18 - 04840960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2016-08-26 03:18 - 2014-10-31 05:18 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-08-26 03:18 - 2014-10-31 05:09 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2016-08-26 03:18 - 2014-10-31 04:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2016-08-26 03:18 - 2014-10-31 04:06 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-08-26 03:16 - 2014-10-31 07:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2016-08-26 03:16 - 2014-10-31 07:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2016-08-26 03:16 - 2014-10-31 07:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2016-08-26 03:16 - 2014-10-31 07:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2016-08-26 03:16 - 2014-10-31 07:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2016-08-26 03:16 - 2014-10-31 07:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2016-08-26 03:16 - 2014-10-31 07:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-26 03:16 - 2014-10-31 07:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2016-08-26 03:16 - 2014-10-31 06:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-08-26 03:16 - 2014-10-31 06:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-26 03:16 - 2014-10-31 06:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2016-08-26 03:16 - 2014-10-31 06:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2016-08-26 03:16 - 2014-10-31 06:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2016-08-26 03:16 - 2014-10-31 06:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2016-08-26 03:16 - 2014-10-31 06:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2016-08-26 03:16 - 2014-10-31 06:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2016-08-26 03:16 - 2014-10-31 06:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2016-08-26 03:16 - 2014-10-31 06:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2016-08-26 03:16 - 2014-10-31 05:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2016-08-26 03:16 - 2014-10-31 05:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2016-08-26 03:16 - 2014-10-31 05:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2016-08-26 03:16 - 2014-10-31 05:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2016-08-26 03:16 - 2014-10-31 05:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2016-08-26 03:16 - 2014-10-31 05:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2016-08-26 03:16 - 2014-10-31 05:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2016-08-26 03:16 - 2014-10-31 05:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-26 03:16 - 2014-10-31 05:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2016-08-26 03:16 - 2014-10-31 05:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-08-26 03:16 - 2014-10-31 05:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-26 03:16 - 2014-10-31 05:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2016-08-26 03:16 - 2014-10-31 05:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2016-08-26 03:16 - 2014-10-31 05:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2016-08-26 03:16 - 2014-10-31 04:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-26 03:16 - 2014-10-31 04:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2016-08-26 03:16 - 2014-10-31 04:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2016-08-26 03:16 - 2014-10-31 04:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2016-08-26 03:16 - 2014-10-31 04:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2016-08-26 03:16 - 2014-10-31 04:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2016-08-26 03:16 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-26 03:16 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2016-08-26 03:16 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-26 03:15 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-08-26 03:15 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-08-26 03:15 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-08-26 03:15 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-26 03:15 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-08-26 03:14 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-08-26 03:14 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-08-26 03:14 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-08-26 03:14 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-08-26 03:14 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-26 03:14 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-26 03:14 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-08-26 03:14 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-08-26 03:14 - 2015-12-03 21:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-08-26 03:14 - 2015-12-03 20:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-08-26 03:14 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2016-08-26 03:14 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2016-08-26 03:13 - 2016-01-10 19:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-26 03:13 - 2016-01-10 18:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-26 03:06 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-08-26 03:06 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-08-26 03:06 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-08-26 03:06 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-08-26 03:06 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-08-26 03:06 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-08-26 03:06 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-08-26 03:06 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-08-26 02:47 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-26 02:47 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-26 02:47 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-26 02:47 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-26 02:47 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-26 02:47 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-08-26 02:47 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2016-08-26 02:46 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-26 02:46 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-26 02:46 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-08-26 02:46 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-08-26 02:46 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-26 02:46 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-26 02:46 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-26 02:46 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-08-26 02:45 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-26 02:45 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-08-26 02:45 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-08-26 02:45 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-26 02:45 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-08-26 02:45 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-08-26 02:45 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-08-26 02:45 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-08-26 02:45 - 2016-01-10 19:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-08-26 02:45 - 2016-01-10 19:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-08-26 02:45 - 2016-01-10 19:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-08-26 02:45 - 2016-01-10 19:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-08-26 02:45 - 2016-01-10 19:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-08-26 02:45 - 2016-01-10 18:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-08-26 02:45 - 2016-01-10 18:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-08-26 02:45 - 2016-01-10 18:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-08-26 02:45 - 2016-01-10 18:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-08-26 02:45 - 2015-12-02 17:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-08-26 02:45 - 2015-12-02 17:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-08-26 02:44 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-26 02:44 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-08-26 02:44 - 2015-12-05 07:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-08-26 02:44 - 2015-12-05 07:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-08-26 02:44 - 2015-12-03 20:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-08-26 02:44 - 2015-12-03 20:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-08-26 02:44 - 2015-12-03 20:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-08-26 02:44 - 2015-12-03 20:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-08-26 02:44 - 2015-12-03 20:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-08-26 02:44 - 2015-12-03 19:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-08-26 02:44 - 2015-12-03 19:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-08-26 02:44 - 2015-12-03 19:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-08-26 02:44 - 2015-12-03 19:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-08-26 02:44 - 2015-12-03 19:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-08-26 02:44 - 2015-12-03 19:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-08-26 02:44 - 2015-12-03 19:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-08-26 02:44 - 2015-12-03 19:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-08-26 02:44 - 2015-12-03 19:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-08-26 02:44 - 2015-12-03 19:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-08-26 02:44 - 2015-12-03 18:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-08-26 02:44 - 2015-12-03 18:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-08-26 02:44 - 2014-12-09 03:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-08-26 02:44 - 2014-10-29 04:46 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-08-26 02:43 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-26 02:43 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-26 02:43 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-26 02:43 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-26 02:42 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-26 02:42 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-26 02:42 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-08-26 02:42 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-08-26 02:42 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-08-26 02:42 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-08-26 02:42 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-26 02:42 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-08-26 02:42 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-08-26 02:42 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-08-26 02:42 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-26 02:42 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-26 02:42 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-26 02:42 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-26 02:42 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-26 02:42 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-08-26 02:42 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-26 02:42 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-26 02:42 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-26 02:42 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-26 02:42 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-26 02:42 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-26 02:42 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-26 02:42 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-26 02:42 - 2016-06-11 19:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-08-26 02:42 - 2016-06-11 19:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-08-26 02:42 - 2016-06-11 19:20 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-08-26 02:42 - 2016-06-11 18:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-08-26 02:42 - 2016-06-11 18:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-08-26 02:42 - 2016-06-11 18:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-08-26 02:42 - 2016-02-08 22:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-08-26 02:42 - 2016-02-08 20:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-08-26 02:42 - 2016-02-08 19:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-08-26 02:42 - 2015-11-10 02:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-08-26 02:42 - 2015-11-10 01:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-08-26 02:42 - 2015-09-10 19:18 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2016-08-26 02:42 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2016-08-26 02:42 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2016-08-26 02:42 - 2015-09-10 18:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-08-26 02:42 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2016-08-26 02:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2016-08-26 02:42 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2016-08-26 02:42 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2016-08-26 02:42 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2016-08-26 02:42 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2016-08-26 02:42 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-08-26 02:42 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-08-26 02:42 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2016-08-26 02:39 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-08-26 02:39 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-08-26 02:39 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-08-26 02:39 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-08-26 02:39 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-08-26 02:39 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-08-26 02:39 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-08-26 02:39 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-08-26 02:39 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-08-26 02:39 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-08-26 02:39 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-08-26 02:39 - 2015-11-05 10:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-08-26 02:39 - 2015-08-27 04:43 - 22372152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-26 02:39 - 2015-08-27 04:42 - 19795904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-26 02:39 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-08-26 02:39 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-08-26 02:39 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-08-26 02:39 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-08-26 02:39 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2016-08-26 02:37 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-08-26 02:37 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-08-26 02:37 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-08-26 02:37 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-08-26 02:36 - 2016-06-11 21:45 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-26 02:36 - 2016-02-11 22:17 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-26 02:36 - 2016-02-11 22:17 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-26 02:36 - 2016-02-11 22:17 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-26 02:36 - 2016-02-11 22:17 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-26 02:36 - 2016-02-11 22:17 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-26 02:36 - 2016-02-11 22:16 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-26 02:36 - 2016-02-09 20:07 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-08-26 02:34 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-26 02:34 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-26 02:33 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-26 02:33 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-26 02:33 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-26 02:32 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2016-08-26 02:32 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-08-26 02:32 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-08-26 02:32 - 2014-12-12 02:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-08-26 02:32 - 2014-12-08 21:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-08-26 02:32 - 2014-12-08 21:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-08-26 02:32 - 2014-12-08 21:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2016-08-26 02:32 - 2014-12-08 21:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2016-08-26 02:32 - 2014-12-08 21:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-08-26 02:32 - 2014-12-08 21:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2016-08-26 02:32 - 2014-12-08 21:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2016-08-26 02:31 - 2015-11-21 18:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-08-26 02:31 - 2015-11-21 18:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-08-26 02:31 - 2015-11-21 18:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-08-26 02:31 - 2015-11-21 18:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-08-26 02:30 - 2014-12-12 04:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2016-08-26 02:29 - 2016-08-27 06:31 - 00026235 _____ C:\Users\conchitta\Desktop\Addition.txt
2016-08-26 02:28 - 2016-08-27 07:00 - 00013507 _____ C:\Users\conchitta\Desktop\FRST.txt
2016-08-26 02:27 - 2014-10-29 04:08 - 18822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-26 02:27 - 2014-10-29 03:33 - 15157760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-26 02:26 - 2014-10-29 05:59 - 03460472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-08-26 02:26 - 2014-10-29 05:59 - 00014144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swenum.sys
2016-08-26 02:26 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2016-08-26 02:26 - 2014-10-29 03:02 - 14354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-26 02:26 - 2014-10-29 02:50 - 12749824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-26 02:26 - 2014-10-29 02:46 - 09530368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-26 02:26 - 2014-10-29 02:37 - 06386176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-26 02:26 - 2014-10-07 08:45 - 03307112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-08-26 02:25 - 2016-08-26 02:25 - 02396160 _____ (Farbar) C:\Users\conchitta\Desktop\FRST64.exe
2016-08-26 02:25 - 2016-08-26 02:25 - 00000000 ____D C:\Users\conchitta\Desktop\FRST-OlderVersion
2016-08-26 02:25 - 2014-10-29 06:00 - 02314952 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-08-26 02:25 - 2014-10-29 06:00 - 02229168 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-08-26 02:25 - 2014-10-29 05:58 - 00014528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2016-08-26 02:25 - 2014-10-29 05:57 - 03138720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2016-08-26 02:25 - 2014-10-29 05:57 - 03118096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-08-26 02:25 - 2014-10-29 05:57 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-08-26 02:25 - 2014-10-29 05:57 - 01286048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-08-26 02:25 - 2014-10-29 05:52 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-26 02:25 - 2014-10-29 05:52 - 01509688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-08-26 02:25 - 2014-10-29 05:12 - 01907384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-08-26 02:25 - 2014-10-29 05:11 - 02689392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2016-08-26 02:25 - 2014-10-29 05:11 - 01024200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2016-08-26 02:25 - 2014-10-29 05:10 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-08-26 02:25 - 2014-10-29 04:59 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-08-26 02:25 - 2014-10-29 04:29 - 04483072 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-08-26 02:25 - 2014-10-29 04:24 - 04418560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-26 02:25 - 2014-10-29 04:10 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-08-26 02:25 - 2014-10-29 03:57 - 02924032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2016-08-26 02:25 - 2014-10-29 03:56 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-08-26 02:25 - 2014-10-29 03:51 - 00941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2016-08-26 02:25 - 2014-10-29 03:47 - 02072064 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2016-08-26 02:25 - 2014-10-29 03:45 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2016-08-26 02:25 - 2014-10-29 03:39 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-08-26 02:25 - 2014-10-29 03:38 - 04690432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-08-26 02:25 - 2014-10-29 03:35 - 04709888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-08-26 02:25 - 2014-10-29 03:35 - 03256320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-08-26 02:25 - 2014-10-29 03:34 - 03097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-08-26 02:25 - 2014-10-29 03:31 - 02941952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-08-26 02:25 - 2014-10-29 03:28 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-08-26 02:25 - 2014-10-29 03:26 - 03561984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-08-26 02:25 - 2014-10-29 03:22 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-08-26 02:25 - 2014-10-29 03:15 - 02259456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-08-26 02:25 - 2014-10-29 03:12 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-08-26 02:25 - 2014-10-29 03:08 - 02608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-08-26 02:25 - 2014-10-29 03:08 - 02542080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-08-26 02:25 - 2014-10-29 03:08 - 02174976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-08-26 02:25 - 2014-10-29 03:08 - 01822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-08-26 02:25 - 2014-10-29 03:05 - 03273216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-08-26 02:25 - 2014-10-29 03:03 - 04067840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-08-26 02:25 - 2014-10-29 03:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-08-26 02:25 - 2014-10-29 02:54 - 01945600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-08-26 02:25 - 2014-10-29 02:52 - 02554880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-08-26 02:25 - 2014-10-29 02:52 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-08-26 02:25 - 2014-10-29 02:48 - 03056128 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-08-26 02:25 - 2014-10-29 02:46 - 01919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2016-08-26 02:25 - 2014-10-29 02:46 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-26 02:25 - 2014-10-29 02:42 - 01922560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-08-26 02:25 - 2014-10-29 02:39 - 02814464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-08-26 02:25 - 2014-10-07 05:44 - 02890296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-08-26 02:24 - 2014-10-29 06:10 - 01816008 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-08-26 02:24 - 2014-10-29 06:04 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-08-26 02:24 - 2014-10-29 05:57 - 01576312 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-08-26 02:24 - 2014-10-29 05:55 - 01543768 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2016-08-26 02:24 - 2014-10-29 05:52 - 01518504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-26 02:24 - 2014-10-29 05:52 - 01165744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-08-26 02:24 - 2014-10-29 05:52 - 01064720 _____ (Microsoft Corporation) C:\WINDOWS\system32\drmv2clt.dll
2016-08-26 02:24 - 2014-10-29 05:52 - 00988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-26 02:24 - 2014-10-29 05:52 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-08-26 02:24 - 2014-10-29 05:52 - 00952384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-08-26 02:24 - 2014-10-29 05:52 - 00821696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-08-26 02:24 - 2014-10-29 05:18 - 00016504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psapi.dll
2016-08-26 02:24 - 2014-10-29 05:15 - 01612480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-08-26 02:24 - 2014-10-29 05:12 - 01946144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-08-26 02:24 - 2014-10-29 05:10 - 01178104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2016-08-26 02:24 - 2014-10-29 05:07 - 01321192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-26 02:24 - 2014-10-29 05:07 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-08-26 02:24 - 2014-10-29 05:07 - 00857384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-26 02:24 - 2014-10-29 05:07 - 00785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-08-26 02:24 - 2014-10-29 05:05 - 00890128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drmv2clt.dll
2016-08-26 02:24 - 2014-10-29 04:50 - 01192960 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2016-08-26 02:24 - 2014-10-29 04:31 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlceqp40.dll
2016-08-26 02:24 - 2014-10-29 04:28 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpssvcs.dll
2016-08-26 02:24 - 2014-10-29 04:25 - 00785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\blackbox.dll
2016-08-26 02:24 - 2014-10-29 04:17 - 02003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2016-08-26 02:24 - 2014-10-29 04:08 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-08-26 02:24 - 2014-10-29 04:00 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-08-26 02:24 - 2014-10-29 03:56 - 01526784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2016-08-26 02:24 - 2014-10-29 03:50 - 01289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2016-08-26 02:24 - 2014-10-29 03:48 - 01080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-08-26 02:24 - 2014-10-29 03:45 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\blackbox.dll
2016-08-26 02:24 - 2014-10-29 03:44 - 02984448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-26 02:24 - 2014-10-29 03:43 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-26 02:24 - 2014-10-29 03:42 - 03724800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2016-08-26 02:24 - 2014-10-29 03:37 - 01563136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2016-08-26 02:24 - 2014-10-29 03:34 - 01114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2016-08-26 02:24 - 2014-10-29 03:32 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-08-26 02:24 - 2014-10-29 03:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-08-26 02:24 - 2014-10-29 03:25 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-08-26 02:24 - 2014-10-29 03:25 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2016-08-26 02:24 - 2014-10-29 03:24 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-08-26 02:24 - 2014-10-29 03:24 - 02364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2016-08-26 02:24 - 2014-10-29 03:22 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-08-26 02:24 - 2014-10-29 03:21 - 01250816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-08-26 02:24 - 2014-10-29 03:19 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-08-26 02:24 - 2014-10-29 03:18 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-08-26 02:24 - 2014-10-29 03:17 - 01402368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2016-08-26 02:24 - 2014-10-29 03:16 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-26 02:24 - 2014-10-29 03:14 - 03553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-08-26 02:24 - 2014-10-29 03:11 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-08-26 02:24 - 2014-10-29 03:10 - 02469888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-08-26 02:24 - 2014-10-29 03:03 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-08-26 02:24 - 2014-10-29 03:03 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-08-26 02:24 - 2014-10-29 03:01 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-08-26 02:24 - 2014-10-29 03:01 - 00843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-08-26 02:24 - 2014-10-29 02:59 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-08-26 02:24 - 2014-10-29 02:58 - 03442688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-08-26 02:24 - 2014-10-29 02:56 - 01248256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-08-26 02:24 - 2014-10-29 02:56 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-08-26 02:24 - 2014-10-29 02:56 - 01001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-08-26 02:24 - 2014-10-29 02:52 - 02170368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-08-26 02:24 - 2014-10-29 02:52 - 01461248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-08-26 02:24 - 2014-10-29 02:50 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-08-26 02:24 - 2014-10-29 02:50 - 01482752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-08-26 02:24 - 2014-10-29 02:47 - 02090496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-08-26 02:24 - 2014-10-29 02:42 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-08-26 02:24 - 2014-10-29 02:41 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2016-08-26 02:24 - 2014-10-29 02:41 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-08-26 02:24 - 2014-10-29 02:41 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-08-26 02:24 - 2014-10-29 02:40 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-08-26 02:24 - 2014-10-29 02:39 - 01000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-08-26 02:24 - 2014-10-29 02:36 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-08-26 02:24 - 2014-10-29 02:35 - 01668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-08-26 02:24 - 2014-10-29 02:35 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-08-26 02:24 - 2014-10-15 10:32 - 02025792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-08-26 02:23 - 2014-10-29 06:09 - 01950280 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-08-26 02:23 - 2014-10-29 06:09 - 01239576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-08-26 02:23 - 2014-10-29 05:57 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-08-26 02:23 - 2014-10-29 05:57 - 00643064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-08-26 02:23 - 2014-10-29 05:55 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-08-26 02:23 - 2014-10-29 05:55 - 00730824 _____ (Microsoft Corporation) C:\WINDOWS\system32\clbcatq.dll
2016-08-26 02:23 - 2014-10-29 05:52 - 00634768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-26 02:23 - 2014-10-29 05:52 - 00580024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2016-08-26 02:23 - 2014-10-29 05:52 - 00444728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2016-08-26 02:23 - 2014-10-29 05:18 - 01782912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-08-26 02:23 - 2014-10-29 05:18 - 01103768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-08-26 02:23 - 2014-10-29 05:18 - 00848568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-08-26 02:23 - 2014-10-29 05:10 - 01287112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-08-26 02:23 - 2014-10-29 05:10 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-08-26 02:23 - 2014-10-29 05:08 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-08-26 02:23 - 2014-10-29 05:07 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-08-26 02:23 - 2014-10-29 05:07 - 00705008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-08-26 02:23 - 2014-10-29 05:07 - 00551064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-26 02:23 - 2014-10-29 05:07 - 00482360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
2016-08-26 02:23 - 2014-10-29 04:56 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-08-26 02:23 - 2014-10-29 04:48 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2016-08-26 02:23 - 2014-10-29 04:43 - 00685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll
2016-08-26 02:23 - 2014-10-29 04:36 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlcese40.dll
2016-08-26 02:23 - 2014-10-29 04:33 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlsrv32.dll
2016-08-26 02:23 - 2014-10-29 04:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70804.dll
2016-08-26 02:23 - 2014-10-29 04:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70404.dll
2016-08-26 02:23 - 2014-10-29 04:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB7001E.dll
2016-08-26 02:23 - 2014-10-29 04:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70011.dll
2016-08-26 02:23 - 2014-10-29 04:29 - 01246720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ogldrv.dll
2016-08-26 02:23 - 2014-10-29 04:27 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2016-08-26 02:23 - 2014-10-29 04:26 - 00771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2016-08-26 02:23 - 2014-10-29 04:11 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-08-26 02:23 - 2014-10-29 04:08 - 00858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2016-08-26 02:23 - 2014-10-29 04:08 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmnet.dll
2016-08-26 02:23 - 2014-10-29 04:07 - 06692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-26 02:23 - 2014-10-29 04:04 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WavDest.dll
2016-08-26 02:23 - 2014-10-29 04:03 - 00832000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2016-08-26 02:23 - 2014-10-29 03:59 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2016-08-26 02:23 - 2014-10-29 03:53 - 01065984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-08-26 02:23 - 2014-10-29 03:53 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2016-08-26 02:23 - 2014-10-29 03:49 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlceqp40.dll
2016-08-26 02:23 - 2014-10-29 03:47 - 01096192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ogldrv.dll
2016-08-26 02:23 - 2014-10-29 03:47 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpssvcs.dll
2016-08-26 02:23 - 2014-10-29 03:46 - 01497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-26 02:23 - 2014-10-29 03:45 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-08-26 02:23 - 2014-10-29 03:45 - 00672768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2016-08-26 02:23 - 2014-10-29 03:43 - 01092608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2016-08-26 02:23 - 2014-10-29 03:42 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2016-08-26 02:23 - 2014-10-29 03:40 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-08-26 02:23 - 2014-10-29 03:39 - 01571328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-08-26 02:23 - 2014-10-29 03:37 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2016-08-26 02:23 - 2014-10-29 03:36 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2016-08-26 02:23 - 2014-10-29 03:33 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-08-26 02:23 - 2014-10-29 03:32 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2016-08-26 02:23 - 2014-10-29 03:30 - 06465536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-26 02:23 - 2014-10-29 03:30 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-08-26 02:23 - 2014-10-29 03:20 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-08-26 02:23 - 2014-10-29 03:18 - 01050624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2016-08-26 02:23 - 2014-10-29 03:17 - 00829952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-08-26 02:23 - 2014-10-29 03:14 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2016-08-26 02:23 - 2014-10-29 03:14 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-08-26 02:23 - 2014-10-29 03:12 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2016-08-26 02:23 - 2014-10-29 03:12 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2016-08-26 02:23 - 2014-10-29 03:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2016-08-26 02:23 - 2014-10-29 03:09 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-26 02:23 - 2014-10-29 03:09 - 00873984 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll
2016-08-26 02:23 - 2014-10-29 03:09 - 00658944 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-08-26 02:23 - 2014-10-29 03:08 - 01478144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-08-26 02:23 - 2014-10-29 03:08 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-08-26 02:23 - 2014-10-29 03:07 - 01396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-08-26 02:23 - 2014-10-29 03:07 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-08-26 02:23 - 2014-10-29 03:07 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2016-08-26 02:23 - 2014-10-29 03:05 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-08-26 02:23 - 2014-10-29 03:04 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-08-26 02:23 - 2014-10-29 03:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-08-26 02:23 - 2014-10-29 03:03 - 00740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-08-26 02:23 - 2014-10-29 03:01 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2016-08-26 02:23 - 2014-10-29 03:00 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2016-08-26 02:23 - 2014-10-29 02:59 - 01636864 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2016-08-26 02:23 - 2014-10-29 02:56 - 01337344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-08-26 02:23 - 2014-10-29 02:56 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-26 02:23 - 2014-10-29 02:55 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceApi.dll
2016-08-26 02:23 - 2014-10-29 02:53 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-26 02:23 - 2014-10-29 02:52 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-08-26 02:23 - 2014-10-29 02:52 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-08-26 02:23 - 2014-10-29 02:52 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-08-26 02:23 - 2014-10-29 02:51 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-08-26 02:23 - 2014-10-29 02:48 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2016-08-26 02:23 - 2014-10-29 02:46 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2016-08-26 02:23 - 2014-10-29 02:46 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-08-26 02:23 - 2014-10-29 02:45 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-08-26 02:23 - 2014-10-29 02:45 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-08-26 02:23 - 2014-10-29 02:45 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-26 02:23 - 2014-10-29 02:42 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-26 02:23 - 2014-10-29 02:42 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-08-26 02:23 - 2014-10-29 02:41 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-08-26 02:23 - 2014-10-29 02:38 - 01262080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2016-08-26 02:23 - 2014-10-29 02:37 - 00724480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-26 02:23 - 2014-10-29 02:35 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2016-08-26 02:23 - 2014-10-29 02:35 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-26 02:23 - 2014-10-29 02:33 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-08-26 02:23 - 2014-10-29 02:31 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-26 02:23 - 2014-10-29 02:30 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2016-08-26 02:23 - 2014-10-13 04:41 - 01114432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-08-26 02:23 - 2014-10-09 00:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-26 02:23 - 2014-07-04 23:29 - 00478528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2016-08-26 02:22 - 2014-10-29 06:10 - 00430728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-26 02:22 - 2014-10-29 06:09 - 01309744 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2016-08-26 02:22 - 2014-10-29 06:00 - 00544408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-08-26 02:22 - 2014-10-29 06:00 - 00379568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-08-26 02:22 - 2014-10-29 05:57 - 00725672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-08-26 02:22 - 2014-10-29 05:57 - 00662120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.exe
2016-08-26 02:22 - 2014-10-29 05:55 - 00426120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-26 02:22 - 2014-10-29 05:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-08-26 02:22 - 2014-10-29 05:52 - 00405456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-08-26 02:22 - 2014-10-29 05:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-08-26 02:22 - 2014-10-29 05:52 - 00356936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-08-26 02:22 - 2014-10-29 05:12 - 00430176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-08-26 02:22 - 2014-10-29 05:11 - 00488064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-08-26 02:22 - 2014-10-29 05:10 - 00569128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clbcatq.dll
2016-08-26 02:22 - 2014-10-29 05:10 - 00492232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-08-26 02:22 - 2014-10-29 05:07 - 00409040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-08-26 02:22 - 2014-10-29 05:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-08-26 02:22 - 2014-10-29 05:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-08-26 02:22 - 2014-10-29 05:07 - 00331048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2016-08-26 02:22 - 2014-10-29 04:48 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2016-08-26 02:22 - 2014-10-29 04:42 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2016-08-26 02:22 - 2014-10-29 04:40 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2016-08-26 02:22 - 2014-10-29 04:33 - 07558144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0011.dll
2016-08-26 02:22 - 2014-10-29 04:31 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2016-08-26 02:22 - 2014-10-29 04:29 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2016-08-26 02:22 - 2014-10-29 04:27 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll
2016-08-26 02:22 - 2014-10-29 04:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2016-08-26 02:22 - 2014-10-29 04:25 - 00995328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2016-08-26 02:22 - 2014-10-29 04:25 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdohlp.dll
2016-08-26 02:22 - 2014-10-29 04:24 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSNP.ax
2016-08-26 02:22 - 2014-10-29 04:22 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2016-08-26 02:22 - 2014-10-29 04:20 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnp.dll
2016-08-26 02:22 - 2014-10-29 04:18 - 06259712 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-08-26 02:22 - 2014-10-29 04:18 - 04616704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData001d.dll
2016-08-26 02:22 - 2014-10-29 04:18 - 02140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2016-08-26 02:22 - 2014-10-29 04:18 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2016-08-26 02:22 - 2014-10-29 04:17 - 04621312 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0414.dll
2016-08-26 02:22 - 2014-10-29 04:17 - 04620288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0816.dll
2016-08-26 02:22 - 2014-10-29 04:17 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000d.dll
2016-08-26 02:22 - 2014-10-29 04:16 - 04621312 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0010.dll
2016-08-26 02:22 - 2014-10-29 04:16 - 04616704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0416.dll
2016-08-26 02:22 - 2014-10-29 04:16 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-08-26 02:22 - 2014-10-29 04:11 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-08-26 02:22 - 2014-10-29 04:11 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2016-08-26 02:22 - 2014-10-29 04:10 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2016-08-26 02:22 - 2014-10-29 04:09 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2016-08-26 02:22 - 2014-10-29 04:08 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2016-08-26 02:22 - 2014-10-29 04:08 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\difxapi.dll
2016-08-26 02:22 - 2014-10-29 04:07 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2016-08-26 02:22 - 2014-10-29 04:06 - 02902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-08-26 02:22 - 2014-10-29 04:06 - 01313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2016-08-26 02:22 - 2014-10-29 04:06 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2016-08-26 02:22 - 2014-10-29 04:06 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-08-26 02:22 - 2014-10-29 04:05 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-08-26 02:22 - 2014-10-29 04:03 - 02334720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-08-26 02:22 - 2014-10-29 04:00 - 01861632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-08-26 02:22 - 2014-10-29 04:00 - 00652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2016-08-26 02:22 - 2014-10-29 04:00 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2016-08-26 02:22 - 2014-10-29 03:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2016-08-26 02:22 - 2014-10-29 03:59 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2016-08-26 02:22 - 2014-10-29 03:59 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncInfrastructure.dll
2016-08-26 02:22 - 2014-10-29 03:57 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-08-26 02:22 - 2014-10-29 03:57 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-26 02:22 - 2014-10-29 03:57 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2016-08-26 02:22 - 2014-10-29 03:56 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-08-26 02:22 - 2014-10-29 03:56 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2016-08-26 02:22 - 2014-10-29 03:54 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscp.dll
2016-08-26 02:22 - 2014-10-29 03:54 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-08-26 02:22 - 2014-10-29 03:53 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-08-26 02:22 - 2014-10-29 03:53 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlcese40.dll
2016-08-26 02:22 - 2014-10-29 03:52 - 02829312 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-08-26 02:22 - 2014-10-29 03:50 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlsrv32.dll
2016-08-26 02:22 - 2014-10-29 03:49 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2016-08-26 02:22 - 2014-10-29 03:49 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-08-26 02:22 - 2014-10-29 03:48 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsmsnap.dll
2016-08-26 02:22 - 2014-10-29 03:48 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70804.dll
2016-08-26 02:22 - 2014-10-29 03:48 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70404.dll
2016-08-26 02:22 - 2014-10-29 03:48 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB7001E.dll
2016-08-26 02:22 - 2014-10-29 03:48 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70011.dll
2016-08-26 02:22 - 2014-10-29 03:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2016-08-26 02:22 - 2014-10-29 03:46 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-08-26 02:22 - 2014-10-29 03:44 - 00872960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2016-08-26 02:22 - 2014-10-29 03:42 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2016-08-26 02:22 - 2014-10-29 03:36 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-08-26 02:22 - 2014-10-29 03:36 - 01252864 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-08-26 02:22 - 2014-10-29 03:36 - 00943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2016-08-26 02:22 - 2014-10-29 03:36 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-08-26 02:22 - 2014-10-29 03:36 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-08-26 02:22 - 2014-10-29 03:34 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-08-26 02:22 - 2014-10-29 03:34 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2016-08-26 02:22 - 2014-10-29 03:33 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2016-08-26 02:22 - 2014-10-29 03:33 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2016-08-26 02:22 - 2014-10-29 03:32 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2016-08-26 02:22 - 2014-10-29 03:32 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmnet.dll
2016-08-26 02:22 - 2014-10-29 03:31 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-08-26 02:22 - 2014-10-29 03:31 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2016-08-26 02:22 - 2014-10-29 03:30 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2016-08-26 02:22 - 2014-10-29 03:30 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2016-08-26 02:22 - 2014-10-29 03:30 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-08-26 02:22 - 2014-10-29 03:30 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-08-26 02:22 - 2014-10-29 03:29 - 02848768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-08-26 02:22 - 2014-10-29 03:28 - 02213888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-08-26 02:22 - 2014-10-29 03:27 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2016-08-26 02:22 - 2014-10-29 03:27 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2016-08-26 02:22 - 2014-10-29 03:25 - 01058816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2016-08-26 02:22 - 2014-10-29 03:24 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-08-26 02:22 - 2014-10-29 03:24 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-26 02:22 - 2014-10-29 03:22 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-08-26 02:22 - 2014-10-29 03:22 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2016-08-26 02:22 - 2014-10-29 03:22 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2016-08-26 02:22 - 2014-10-29 03:21 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-08-26 02:22 - 2014-10-29 03:20 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2016-08-26 02:22 - 2014-10-29 03:20 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2016-08-26 02:22 - 2014-10-29 03:20 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-08-26 02:22 - 2014-10-29 03:19 - 02714624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-08-26 02:22 - 2014-10-29 03:19 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-08-26 02:22 - 2014-10-29 03:19 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2016-08-26 02:22 - 2014-10-29 03:18 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2016-08-26 02:22 - 2014-10-29 03:17 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-08-26 02:22 - 2014-10-29 03:16 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMActivate_isv.exe
2016-08-26 02:22 - 2014-10-29 03:16 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc.dll
2016-08-26 02:22 - 2014-10-29 03:16 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc_isv.dll
2016-08-26 02:22 - 2014-10-29 03:16 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-08-26 02:22 - 2014-10-29 03:15 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-08-26 02:22 - 2014-10-29 03:15 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMActivate.exe
2016-08-26 02:22 - 2014-10-29 03:12 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-08-26 02:22 - 2014-10-29 03:12 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2016-08-26 02:22 - 2014-10-29 03:11 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-08-26 02:22 - 2014-10-29 03:10 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2016-08-26 02:22 - 2014-10-29 03:09 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-08-26 02:22 - 2014-10-29 03:09 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-08-26 02:22 - 2014-10-29 03:09 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2016-08-26 02:22 - 2014-10-29 03:07 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-08-26 02:22 - 2014-10-29 03:07 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-08-26 02:22 - 2014-10-29 03:07 - 00594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-08-26 02:22 - 2014-10-29 03:07 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-08-26 02:22 - 2014-10-29 03:06 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-08-26 02:22 - 2014-10-29 03:06 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-08-26 02:22 - 2014-10-29 03:06 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2016-08-26 02:22 - 2014-10-29 03:04 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2016-08-26 02:22 - 2014-10-29 03:03 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-26 02:22 - 2014-10-29 03:03 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-08-26 02:22 - 2014-10-29 03:03 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2016-08-26 02:22 - 2014-10-29 03:02 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-08-26 02:22 - 2014-10-29 03:01 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2016-08-26 02:22 - 2014-10-29 03:00 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-08-26 02:22 - 2014-10-29 02:59 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-08-26 02:22 - 2014-10-29 02:59 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2016-08-26 02:22 - 2014-10-29 02:59 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-08-26 02:22 - 2014-10-29 02:59 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-08-26 02:22 - 2014-10-29 02:58 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-08-26 02:22 - 2014-10-29 02:58 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-08-26 02:22 - 2014-10-29 02:58 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-08-26 02:22 - 2014-10-29 02:57 - 01065472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10.dll
2016-08-26 02:22 - 2014-10-29 02:57 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2016-08-26 02:22 - 2014-10-29 02:57 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc_isv.dll
2016-08-26 02:22 - 2014-10-29 02:57 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-08-26 02:22 - 2014-10-29 02:56 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-08-26 02:22 - 2014-10-29 02:55 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2016-08-26 02:22 - 2014-10-29 02:55 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2016-08-26 02:22 - 2014-10-29 02:54 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-08-26 02:22 - 2014-10-29 02:54 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-08-26 02:22 - 2014-10-29 02:52 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-08-26 02:22 - 2014-10-29 02:52 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-08-26 02:22 - 2014-10-29 02:52 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-08-26 02:22 - 2014-10-29 02:52 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-08-26 02:22 - 2014-10-29 02:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2016-08-26 02:22 - 2014-10-29 02:51 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2016-08-26 02:22 - 2014-10-29 02:50 - 00624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-08-26 02:22 - 2014-10-29 02:50 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-08-26 02:22 - 2014-10-29 02:50 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-08-26 02:22 - 2014-10-29 02:48 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2016-08-26 02:22 - 2014-10-29 02:48 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-08-26 02:22 - 2014-10-29 02:48 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2016-08-26 02:22 - 2014-10-29 02:47 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-08-26 02:22 - 2014-10-29 02:47 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrv.dll
2016-08-26 02:22 - 2014-10-29 02:47 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-08-26 02:22 - 2014-10-29 02:45 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-08-26 02:22 - 2014-10-29 02:45 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceApi.dll
2016-08-26 02:22 - 2014-10-29 02:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-08-26 02:22 - 2014-10-29 02:43 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-08-26 02:22 - 2014-10-29 02:43 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-08-26 02:22 - 2014-10-29 02:42 - 00608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-08-26 02:22 - 2014-10-29 02:42 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-08-26 02:22 - 2014-10-29 02:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2016-08-26 02:22 - 2014-10-29 02:39 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-08-26 02:22 - 2014-10-29 02:39 - 00454144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2016-08-26 02:22 - 2014-10-29 02:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrv.dll
2016-08-26 02:22 - 2014-10-29 02:36 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-26 02:22 - 2014-10-29 02:35 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2016-08-26 02:22 - 2014-10-29 02:35 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2016-08-26 02:22 - 2014-10-29 02:35 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2016-08-26 02:22 - 2014-09-10 08:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-08-26 02:21 - 2014-10-29 06:04 - 00324864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-08-26 02:21 - 2014-10-29 05:59 - 00520536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-08-26 02:21 - 2014-10-29 05:59 - 00415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-08-26 02:21 - 2014-10-29 05:59 - 00230816 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2016-08-26 02:21 - 2014-10-29 05:57 - 00256744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-08-26 02:21 - 2014-10-29 05:55 - 00359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2016-08-26 02:21 - 2014-10-29 05:55 - 00019264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
2016-08-26 02:21 - 2014-10-29 05:53 - 00687496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2016-08-26 02:21 - 2014-10-29 05:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-08-26 02:21 - 2014-10-29 05:52 - 00311448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-08-26 02:21 - 2014-10-29 05:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-08-26 02:21 - 2014-10-29 05:18 - 00320736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-26 02:21 - 2014-10-29 05:15 - 00245296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-08-26 02:21 - 2014-10-29 05:12 - 00403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2016-08-26 02:21 - 2014-10-29 05:10 - 00367248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-26 02:21 - 2014-10-29 05:07 - 00320256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-08-26 02:21 - 2014-10-29 05:06 - 00800008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2016-08-26 02:21 - 2014-10-29 04:49 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp60.dll
2016-08-26 02:21 - 2014-10-29 04:45 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glmf32.dll
2016-08-26 02:21 - 2014-10-29 04:45 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msls31.dll
2016-08-26 02:21 - 2014-10-29 04:44 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-08-26 02:21 - 2014-10-29 04:37 - 02329088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0404.dll
2016-08-26 02:21 - 2014-10-29 04:34 - 03438592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0804.dll
2016-08-26 02:21 - 2014-10-29 04:31 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2016-08-26 02:21 - 2014-10-29 04:28 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2016-08-26 02:21 - 2014-10-29 04:27 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskraid.exe
2016-08-26 02:21 - 2014-10-29 04:24 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-08-26 02:21 - 2014-10-29 04:23 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offfilt.dll
2016-08-26 02:21 - 2014-10-29 04:21 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2016-08-26 02:21 - 2014-10-29 04:19 - 09732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000a.dll
2016-08-26 02:21 - 2014-10-29 04:18 - 02403328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2016-08-26 02:21 - 2014-10-29 04:17 - 03231232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData004b.dll
2016-08-26 02:21 - 2014-10-29 04:17 - 01926144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0022.dll
2016-08-26 02:21 - 2014-10-29 04:16 - 03235840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0039.dll
2016-08-26 02:21 - 2014-10-29 04:16 - 03209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData004a.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 03209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData004e.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 03209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0049.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 03209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0047.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 03209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0046.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 03209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0020.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0026.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0024.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData001b.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll
2016-08-26 02:21 - 2014-10-29 04:15 - 01904640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData002a.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 03209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData004c.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 03209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0045.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 02075136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0027.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0c1a.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData081a.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData001a.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0018.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000f.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 02073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0003.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 01904640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData003e.dll
2016-08-26 02:21 - 2014-10-29 04:14 - 01904640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0021.dll
2016-08-26 02:21 - 2014-10-29 04:12 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2016-08-26 02:21 - 2014-10-29 04:11 - 00478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2016-08-26 02:21 - 2014-10-29 04:04 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\filemgmt.dll
2016-08-26 02:21 - 2014-10-29 04:02 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xwizards.dll
2016-08-26 02:21 - 2014-10-29 04:01 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2016-08-26 02:21 - 2014-10-29 04:01 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-26 02:21 - 2014-10-29 03:58 - 01040384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2016-08-26 02:21 - 2014-10-29 03:57 - 01479168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-08-26 02:21 - 2014-10-29 03:57 - 01431552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxpTaskSync.dll
2016-08-26 02:21 - 2014-10-29 03:56 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDSp.dll
2016-08-26 02:21 - 2014-10-29 03:56 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-08-26 02:21 - 2014-10-29 03:55 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2016-08-26 02:21 - 2014-10-29 03:54 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2016-08-26 02:21 - 2014-10-29 03:54 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2016-08-26 02:21 - 2014-10-29 03:52 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-08-26 02:21 - 2014-10-29 03:52 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2016-08-26 02:21 - 2014-10-29 03:52 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-08-26 02:21 - 2014-10-29 03:52 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netdiagfx.dll
2016-08-26 02:21 - 2014-10-29 03:51 - 07331840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0011.dll
2016-08-26 02:21 - 2014-10-29 03:50 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdri.dll
2016-08-26 02:21 - 2014-10-29 03:49 - 00478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2016-08-26 02:21 - 2014-10-29 03:49 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax