Koboldmaki | 15.04.2014 18:14 | FRST-Log (Teil 2): Code:
C:\WINDOWS\system32\SystemResetPlatform
2014-03-26 01:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-03-26 01:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-03-26 01:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-03-26 01:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-03-26 01:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-03-26 01:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-03-26 01:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-03-26 01:54 - 2014-03-25 17:42 - 00000000 ___HD () C:\WINDOWS\system32\CanonIJ Uninstaller Information
2014-03-26 01:54 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-26 01:54 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-03-26 01:54 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-03-26 01:54 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-03-26 01:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-03-26 01:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-03-26 01:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-03-26 01:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-03-26 01:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-26 01:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-26 01:54 - 2012-08-02 15:28 - 00000000 ____D () C:\ProgramData\PRICache
2014-03-26 01:53 - 2014-03-26 01:53 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-03-26 01:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Vorlagen
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Startmenü
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Netzwerkumgebung
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Lokale Einstellungen
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Eigene Dateien
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Druckumgebung
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Documents\Eigene Musik
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Documents\Eigene Bilder
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\AppData\Local\Verlauf
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\AppData\Local\Anwendungsdaten
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 _SHDL () C:\Users\Nina\Anwendungsdaten
2014-03-26 01:52 - 2014-03-26 01:52 - 00000000 ___RD () C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-26 01:47 - 2014-03-26 01:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2014-03-26 01:47 - 2014-03-26 01:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevGen_01009.Wdf
2014-03-26 01:47 - 2014-03-26 01:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevFan_01009.Wdf
2014-03-26 01:47 - 2014-03-26 01:47 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-03-26 01:47 - 2014-03-26 01:47 - 00000000 ____D () C:\Program Files\Realtek
2014-03-26 01:46 - 2014-03-26 01:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_SensorsAlsDriver_01_11_00.Wdf
2014-03-26 01:46 - 2014-03-26 01:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfManager_01009.Wdf
2014-03-26 01:46 - 2014-03-26 01:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevProc_01009.Wdf
2014-03-26 01:46 - 2014-03-26 01:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevPch_01009.Wdf
2014-03-26 01:46 - 2014-03-26 01:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevDram_01009.Wdf
2014-03-26 01:45 - 2013-11-14 00:18 - 00000800 _____ () C:\WINDOWS\PFRO.log
2014-03-26 01:44 - 2014-03-26 01:44 - 00000000 __SHD () C:\Recovery
2014-03-26 01:43 - 2014-03-26 01:43 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-26 01:43 - 2014-03-26 01:43 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-26 01:43 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-03-26 01:42 - 2014-03-26 01:42 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-26 01:42 - 2014-03-26 01:42 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-26 01:42 - 2014-03-26 01:42 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-26 01:42 - 2014-03-26 01:42 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-26 01:42 - 2014-03-26 01:42 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-26 01:42 - 2014-03-26 01:42 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-03-26 01:42 - 2014-03-26 01:42 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-03-26 01:41 - 2014-03-26 01:41 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-03-26 01:41 - 2014-03-26 01:41 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-03-26 01:41 - 2014-03-26 01:41 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-03-26 01:41 - 2014-03-26 01:41 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-26 01:41 - 2014-03-26 01:41 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-26 01:40 - 2014-03-26 01:40 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-26 01:40 - 2014-03-26 01:40 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-26 01:40 - 2014-03-26 01:40 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-26 01:40 - 2014-03-26 01:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-26 01:40 - 2014-03-26 01:40 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-26 01:40 - 2014-03-26 01:40 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-26 01:40 - 2014-03-26 01:40 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-26 01:39 - 2014-03-26 01:39 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-26 01:39 - 2014-03-26 01:39 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-26 01:39 - 2014-03-26 01:39 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-03-26 01:39 - 2014-03-26 01:39 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-26 01:39 - 2014-03-26 01:39 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-26 01:39 - 2014-03-26 01:39 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-03-26 01:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-26 01:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-26 01:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-26 01:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-26 01:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-26 01:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-26 01:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-26 01:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-26 01:38 - 2014-03-26 01:38 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-26 01:38 - 2014-03-26 01:38 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-26 01:38 - 2014-03-26 01:38 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-26 01:38 - 2014-03-26 01:38 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-26 01:38 - 2014-03-26 01:38 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-26 01:38 - 2014-03-26 01:38 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-26 01:38 - 2014-03-26 01:38 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-26 01:38 - 2014-03-26 01:38 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-26 01:38 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-26 01:38 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-26 01:37 - 2014-03-26 01:37 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-26 01:37 - 2014-03-26 01:37 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-26 01:37 - 2014-03-26 01:37 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-26 01:37 - 2014-03-26 01:37 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-26 01:37 - 2014-03-26 01:37 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-26 01:37 - 2014-03-26 01:37 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-26 01:37 - 2014-03-26 01:37 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-26 01:37 - 2014-03-26 01:37 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-26 01:37 - 2014-03-26 01:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-26 01:37 - 2014-03-26 01:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-26 01:36 - 2014-03-26 01:36 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-26 01:36 - 2014-03-26 01:36 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-26 01:36 - 2014-03-26 01:36 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-26 01:36 - 2014-03-26 01:36 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-26 01:36 - 2014-03-26 01:36 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-26 01:36 - 2014-03-26 01:36 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-26 01:36 - 2014-03-26 01:36 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-26 01:36 - 2014-03-26 01:36 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-26 01:35 - 2014-03-26 01:35 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-26 01:35 - 2014-03-26 01:35 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-26 01:35 - 2014-03-26 01:35 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-26 01:35 - 2014-03-26 01:35 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-26 01:35 - 2014-03-26 01:35 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-26 01:35 - 2014-03-26 01:35 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-26 01:35 - 2014-03-26 01:35 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-26 01:35 - 2014-03-26 01:35 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-26 01:35 - 2014-03-26 01:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-26 01:35 - 2014-03-26 01:35 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-26 01:34 - 2014-03-26 01:34 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-26 01:34 - 2014-03-26 01:34 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-26 01:34 - 2014-03-26 01:34 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-03-26 01:32 - 2014-03-26 01:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-03-26 01:32 - 2014-03-26 01:32 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-26 01:32 - 2014-03-26 01:32 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-26 01:32 - 2014-03-26 01:32 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-03-26 01:32 - 2014-03-26 01:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-26 01:23 - 2014-03-19 21:42 - 01800631 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-03-26 00:18 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-03-25 22:39 - 2013-12-12 16:50 - 00000000 ____D () C:\AsusVibeData
2014-03-25 22:39 - 2013-04-26 01:16 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-03-25 22:38 - 2013-04-26 01:20 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-03-25 22:37 - 2013-04-26 01:19 - 00000000 ____D () C:\ProgramData\WildTangent
2014-03-25 17:42 - 2014-03-25 17:42 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-24 04:29 - 2014-03-19 22:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-24 03:28 - 2014-03-21 13:36 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Audacity
2014-03-24 01:03 - 2014-03-24 01:03 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-23 19:42 - 2014-03-23 19:42 - 00002072 _____ () C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intel AT Service.lnk
2014-03-23 19:42 - 2013-04-26 01:18 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 19:42 - 2013-04-26 01:18 - 00000000 ____D () C:\Program Files\mcafee
2014-03-23 19:42 - 2013-04-26 01:18 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-03-23 18:22 - 2014-03-23 18:22 - 00002072 _____ () C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intel Anti-Theft Service.lnk
2014-03-23 15:47 - 2014-03-23 15:47 - 00000000 ____D () C:\sources
2014-03-22 15:16 - 2014-03-22 15:16 - 00000000 ____D () C:\Users\Nina\.pdfsam
2014-03-22 15:14 - 2014-03-22 15:13 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-03-22 15:06 - 2014-03-22 15:05 - 00000000 ____D () C:\Program Files\PDF Split And Merge Basic
2014-03-22 15:05 - 2014-03-22 15:05 - 00000000 ____D () C:\ProgramData\Sun
2014-03-22 15:05 - 2014-03-22 15:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-22 15:04 - 2014-03-22 15:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-22 15:04 - 2014-03-22 15:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-22 15:04 - 2014-03-22 15:04 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-03-22 15:04 - 2014-03-22 15:04 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-22 15:04 - 2014-03-22 15:04 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-22 14:42 - 2014-03-22 14:41 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\PDF Architect
2014-03-22 14:41 - 2014-03-22 14:41 - 00072048 _____ () C:\Users\Nina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-22 14:39 - 2014-03-22 14:39 - 00000000 ____D () C:\Users\Nina\Documents\ASUS
2014-03-22 14:39 - 2014-03-22 14:39 - 00000000 ____D () C:\ProgramData\ASUS
2014-03-22 14:38 - 2014-03-19 21:42 - 00000000 ____D () C:\Users\Nina\AppData\Local\VirtualStore
2014-03-22 14:38 - 2014-03-19 21:42 - 00000000 ____D () C:\Users\Nina\AppData\Local\ASUS
2014-03-22 14:33 - 2014-03-22 14:33 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\PDF Software
2014-03-22 14:01 - 2014-03-22 13:52 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-22 14:01 - 2014-03-19 22:37 - 00000000 ____D () C:\Users\Nina\AppData\Local\Microsoft Help
2014-03-22 13:54 - 2014-03-22 13:54 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\pdfforge
2014-03-22 13:08 - 2014-03-22 13:08 - 00000000 ____D () C:\Users\Nina\Documents\OneNote-Notizbücher
2014-03-21 16:33 - 2014-03-21 16:33 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-21 14:28 - 2013-04-26 01:15 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-21 14:27 - 2014-03-19 21:43 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Adobe
2014-03-21 13:42 - 2014-03-21 13:42 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-03-21 13:36 - 2014-03-21 13:35 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-03-20 22:02 - 2014-03-20 22:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-03-20 13:39 - 2014-03-20 13:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-20 13:16 - 2014-03-20 13:16 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\CyberLink
2014-03-20 13:16 - 2014-03-20 13:16 - 00000000 ____D () C:\Users\Nina\AppData\Local\Power2Go
2014-03-20 13:16 - 2014-03-19 22:52 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-20 01:37 - 2014-03-19 21:47 - 00000000 ____D () C:\Users\Nina\AppData\Local\Avg2014
2014-03-20 01:31 - 2014-03-19 23:05 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Apple Computer
2014-03-19 23:05 - 2014-03-19 23:05 - 00000000 ____D () C:\Users\Nina\AppData\Local\Apple Computer
2014-03-19 23:05 - 2014-03-19 23:02 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-19 23:05 - 2014-03-19 23:02 - 00000000 ____D () C:\Program Files\iTunes
2014-03-19 23:05 - 2014-03-19 23:02 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-19 23:02 - 2014-03-19 23:02 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-19 23:02 - 2014-03-19 23:02 - 00000000 ____D () C:\Program Files\iPod
2014-03-19 23:01 - 2014-03-19 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-03-19 23:01 - 2014-03-19 23:01 - 00000000 ____D () C:\Users\Nina\AppData\Local\Apple
2014-03-19 23:01 - 2014-03-19 23:01 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-19 23:01 - 2014-03-19 22:59 - 00000000 ____D () C:\ProgramData\Apple
2014-03-19 23:00 - 2014-03-19 23:00 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-19 23:00 - 2014-03-19 23:00 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-19 23:00 - 2014-03-19 23:00 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-19 22:58 - 2013-04-26 01:15 - 07112708 _____ () C:\WINDOWS\AsDebug.log
2014-03-19 22:58 - 2013-04-26 01:15 - 01610970 _____ () C:\WINDOWS\AsCDProc.log
2014-03-19 22:57 - 2014-03-19 22:57 - 00002966 _____ () C:\WINDOWS\System32\Tasks\Secure Delete
2014-03-19 22:57 - 2013-12-12 16:45 - 00000000 ____D () C:\Program Files\ASUS
2014-03-19 22:57 - 2013-12-12 16:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-19 22:56 - 2014-03-19 22:54 - 00000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-03-19 22:55 - 2014-03-19 22:52 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-03-19 22:53 - 2014-03-19 22:53 - 00000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-03-19 22:40 - 2014-03-19 22:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-19 22:36 - 2014-03-19 22:36 - 00000000 __RHD () C:\MSOCache
2014-03-19 22:05 - 2014-03-19 22:05 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\WildTangent
2014-03-19 21:53 - 2014-03-19 21:53 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\AVG2014
2014-03-19 21:53 - 2014-03-19 21:52 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-19 21:52 - 2014-03-19 21:52 - 00000000 ___HD () C:\$AVG
2014-03-19 21:52 - 2014-03-19 21:52 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\TuneUp Software
2014-03-19 21:52 - 2014-03-19 21:52 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Opera Software
2014-03-19 21:52 - 2014-03-19 21:52 - 00000000 ____D () C:\Users\Nina\AppData\Local\Opera Software
2014-03-19 21:52 - 2014-03-19 21:52 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-19 21:47 - 2014-03-19 21:47 - 00000000 ____D () C:\Users\Nina\AppData\Local\MFAData
2014-03-19 21:47 - 2013-12-12 16:43 - 00000000 ____D () C:\Program Files\McAfeeEx
2014-03-19 21:45 - 2014-03-19 21:45 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Intel Corporation
2014-03-19 21:44 - 2014-03-19 21:44 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Macromedia
2014-03-19 21:44 - 2014-03-19 21:44 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\ASUS WebStorage
2014-03-19 21:43 - 2014-03-19 21:43 - 00000192 _____ () C:\WINDOWS\FixPatch.log
2014-03-19 21:43 - 2014-03-19 21:43 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-19 21:43 - 2012-08-02 15:33 - 00000000 ____D () C:\WINDOWS\Log
2014-03-19 21:42 - 2014-03-19 21:42 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Intel
2014-03-19 21:42 - 2014-03-19 21:42 - 00000000 ____D () C:\ProgramData\USBChargerPlus
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\ProgramData\uninstall2248658.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-26 01:37] - [2014-03-26 01:37] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-04-12 15:37
==================== End Of Log ============================ Addition-Log: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014
Ran by Nina at 2014-04-15 17:52:38
Running from C:\Users\Nina\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.0 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0011 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4569 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4569 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.3625 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel AT Service (HKLM\...\McAfee Anti-Theft) (Version: 1.0 - McAfee, Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.5.1080 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.07.0000.0730 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{23D486D4-FBE0-40F3-A245-E4D56D094764}) (Version: 3.5.41.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{440d014b-4444-4533-b96d-2910e1ca2bcf}) (Version: 16.7.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.7.0.0297 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6722 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
==================== Restore Points =========================
10-04-2014 01:58:25 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {314D9FCE-3AC4-4B49-9995-74F515CBE323} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {32D4410C-25B6-484B-94DE-A08690786139} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {44D1D232-F2EA-4E1B-8D24-8F102155C314} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-09] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {74D52E48-ACD3-4D3C-AB5A-9A69DD9B28B9} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9AE907C4-480E-4961-AF2B-B781FBDDBEDF} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A0858617-AE0A-4B96-9CDE-A305BE95D7C0} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-02-06] (AsusTek)
Task: {C6ABA78F-94E1-452A-885D-3E660892C213} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E6D6550E-AD12-47ED-A10C-1F897D7C03ED} - System32\Tasks\Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2012-03-14] ()
==================== Loaded Modules (whitelisted) =============
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2013-06-18 12:27 - 2012-07-30 13:26 - 00029056 _____ () C:\WINDOWS\system32\DptfParticipantProcessorService.exe
2013-06-18 12:27 - 2012-07-30 13:27 - 00030592 _____ () C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-03-14 11:59 - 2012-03-14 11:59 - 00556976 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2013-10-01 14:02 - 2013-10-01 14:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-06 22:47 - 2014-04-02 13:19 - 01380704 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-12 16:35 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-24 19:17 - 2012-08-24 19:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-04-06 22:47 - 2014-04-02 13:19 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libglesv2.dll
2014-04-06 22:47 - 2014-04-02 13:19 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libegl.dll
2014-04-06 22:47 - 2014-04-02 13:19 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Nina\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2014 05:06:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2485
Error: (04/15/2014 05:06:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2485
Error: (04/15/2014 05:06:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/15/2014 05:06:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157
Error: (04/15/2014 05:06:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1157
Error: (04/15/2014 05:06:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/15/2014 03:43:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1255734
Error: (04/15/2014 03:43:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1255734
Error: (04/15/2014 03:43:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/15/2014 03:22:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
System errors:
=============
Error: (04/15/2014 10:06:52 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (04/14/2014 05:21:50 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (04/12/2014 06:33:25 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (04/12/2014 06:33:25 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (04/12/2014 02:22:09 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (04/11/2014 10:12:05 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (04/11/2014 09:40:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%3758213661
Error: (04/11/2014 09:40:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%3758213661
Error: (04/11/2014 09:40:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%3758213661
Error: (04/11/2014 09:40:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%3758213661
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 73%
Total physical RAM: 3981.66 MB
Available physical RAM: 1042.52 MB
Total Pagefile: 5773.66 MB
Available Pagefile: 1760 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:185.86 GB) (Free:147.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:258.18 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: ED7BDA07)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 22 GB) (Disk ID: 94332E21)
Partition: GPT Partition Type.
==================== End Of Log ============================ GMER-Log: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-15 18:19:33
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000038 Hitachi_HTS545050A7E380 rev.GG2OA6C0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Nina\AppData\Local\Temp\fxldqpow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff960000ffe00 15 bytes [00, FA, 0E, 02, C0, 9C, 70, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff960000ffe10 11 bytes [00, 00, FC, FF, 80, FA, C0, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\spoolsv.exe[1928] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1928] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1928] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1928] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2256] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2256] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2256] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2256] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2256] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff8195b1f6a 4 bytes [5B, 19, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2256] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff8195b1f82 4 bytes [5B, 19, F8, 7F]
.text C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe[2280] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe[2280] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe[2280] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe[2280] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2456] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2456] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2456] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2456] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2604] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2604] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2604] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2604] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2140] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2140] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2140] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2140] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\Windows\System32\igfxpers.exe[8580] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\Windows\System32\igfxpers.exe[8580] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\Windows\System32\igfxpers.exe[8580] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\Windows\System32\igfxpers.exe[8580] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[6880] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[6880] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[6880] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[6880] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\RunDll32.exe[5800] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\RunDll32.exe[5800] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\RunDll32.exe[5800] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\RunDll32.exe[5800] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[7760] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff829be169a 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[7760] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff829be16a2 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[7760] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff829be181a 4 bytes [BE, 29, F8, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[7760] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff829be1832 4 bytes [BE, 29, F8, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [208:8152] fffff960008e14d0
Thread C:\WINDOWS\Explorer.EXE [6808:4728] 00007ff81098ce30
Thread C:\WINDOWS\Explorer.EXE [6808:7100] 00007ff823b9ec38
Thread C:\WINDOWS\Explorer.EXE [6808:8832] 00007ff8177b1e40
Thread C:\WINDOWS\Explorer.EXE [6808:8588] 00007ff8164bc904
Thread C:\WINDOWS\Explorer.EXE [6808:3604] 00007ff823b9ec38
Thread C:\WINDOWS\Explorer.EXE [6808:7728] 00007ff817fca760
Thread C:\WINDOWS\Explorer.EXE [6808:8760] 00007ff823b9ec38
Thread C:\WINDOWS\Explorer.EXE [6808:8672] 00007ff823b9ec38
Thread C:\WINDOWS\Explorer.EXE [6808:6380] 00007ff822271120
Thread C:\WINDOWS\Explorer.EXE [6808:5628] 00007ff826d664f4
Thread C:\WINDOWS\Explorer.EXE [6808:2156] 00007ff82042efc0
Thread C:\WINDOWS\Explorer.EXE [6808:7268] 00007ff8202bf36c
Thread C:\WINDOWS\Explorer.EXE [6808:7464] 00007ff823a0d6bc
Thread C:\WINDOWS\Explorer.EXE [6808:7992] 00007ff82544d6bc
Thread C:\WINDOWS\Explorer.EXE [6808:6536] 00007ff82544d6bc
Thread C:\WINDOWS\Explorer.EXE [6808:4112] 00007ff82bc32764
Thread C:\WINDOWS\Explorer.EXE [6808:8856] 00007ff82544d6bc
Thread C:\WINDOWS\Explorer.EXE [6808:4644] 00007ff829741b54
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [3028:4132] 0000000001386374
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [3028:7116] 00000000622b0b6e
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [3028:8628] 00000000622b0b6e
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [3028:6616] 0000000062408c39
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [3028:6492] 00000000622b0b6e
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ---- |