Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8.1: Virensuche [Whitescreen + Webcam] nach Wiederherstellung (https://www.trojaner-board.de/163480-windows-8-1-virensuche-whitescreen-webcam-wiederherstellung.html)

CLove 02.02.2015 12:39
Windows 8.1: Virensuche [Whitescreen + Webcam] nach Wiederherstellung
 
Hallo liebe Community,

ich habe mir gestern Abend einen Virus eingefangen (White Screen + Webcam Aufruf). Habe direkt das System wiederherstellen lassen (Daten waren auf OneDrive gesichert).

Da es sich aber um eine bloße Wiederherstellung handelt, bin ich mir einfach unsicher, ob wirklich alles restlos entfernt wurde. Ich hoffe ihr könnt mir helfen. Kaspersky + Malware Byte finden nichts, aber das heißt ja nicht zwingend etwas.

Kleines Zusatzproblem: Mein Laptop (Acer Aspire V5-573G) hat neben der normalen 1 TB Festplatte einen 8 Gigabyte SSD Speicher für das Betriebssystem. Dieser wird unter dem Arbeitsplatz nicht angezeigt und ich weiß nicht, ob Kaspersky und Co diesen Bereich überhaupt durchsuchen.


Nach dem FAQ liefere ich folgende Logs:

Defogger:

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:09 on 02/02/2015 (Christian)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST:

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Christian (administrator) on CHRIS on 02-02-2015 12:09:17
Running from C:\Users\Christian\Desktop
Loaded Profiles: Christian (Available profiles: Christian)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Pokki) C:\Users\Christian\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688984 2013-09-30] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\...\RunOnce: [Application Restart #1] => C:\Users\Christian\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1715082490-1160310528-2700504390-1001 -> DefaultScope {45A916D3-E7DD-4D42-82B7-BFC867B6AA91} URL =
SearchScopes: HKU\S-1-5-21-1715082490-1160310528-2700504390-1001 -> {45A916D3-E7DD-4D42-82B7-BFC867B6AA91} URL =
SearchScopes: HKU\S-1-5-21-1715082490-1160310528-2700504390-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 134.96.7.100 134.96.7.99 134.96.7.5

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-02]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-02]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-02]

Chrome:
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-01]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-01]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-01]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-01]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-01]
CHR Extension: (Google-Suche) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-01]
CHR Extension: (Google Tabellen) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-01]
CHR Extension: (AdBlock) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-01]
CHR Extension: (Premiumize.me) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm [2015-02-01]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-01]
CHR Extension: (Google Mail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-01]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-18] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-02-02] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [799944 2015-02-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-02-02] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-02-02] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [427736 2013-08-09] (Realsil Semiconductor Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 12:09 - 2015-02-02 12:09 - 00018838 _____ () C:\Users\Christian\Desktop\FRST.txt
2015-02-02 12:09 - 2015-02-02 12:09 - 00000480 _____ () C:\Users\Christian\Desktop\defogger_disable.log
2015-02-02 12:09 - 2015-02-02 12:09 - 00000000 ____D () C:\FRST
2015-02-02 12:09 - 2015-02-02 12:09 - 00000000 _____ () C:\Users\Christian\defogger_reenable
2015-02-02 11:00 - 2015-01-24 21:20 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-02 11:00 - 2015-01-24 21:20 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 10:17 - 2015-02-02 10:17 - 00050477 _____ () C:\Users\Christian\Desktop\Defogger.exe
2015-02-02 10:15 - 2015-02-02 10:15 - 00380416 _____ () C:\Users\Christian\Downloads\4lyrtrd3.exe
2015-02-02 10:15 - 2015-02-02 10:15 - 00380416 _____ () C:\Users\Christian\Desktop\4lyrtrd3.exe
2015-02-02 10:15 - 2015-02-02 10:09 - 02131456 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2015-02-02 10:09 - 2015-02-02 10:09 - 02131456 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-02-02 10:01 - 2015-02-02 10:01 - 02194432 _____ () C:\Users\Christian\Downloads\AdwCleaner_4.109.exe
2015-02-02 10:01 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-02-02 09:53 - 2015-02-02 10:13 - 743680000 _____ () C:\Users\Christian\Downloads\X16-33089.iso
2015-02-02 09:48 - 2015-02-02 09:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-02 09:48 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-02 09:01 - 2015-02-02 09:01 - 00002120 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-02-02 09:01 - 2015-02-02 09:01 - 00000000 ____D () C:\Users\Christian\AppData\Local\Intel_Corporation
2015-02-02 09:01 - 2015-02-02 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-02-02 09:01 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-02-02 09:00 - 2015-02-02 12:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-02 09:00 - 2015-02-02 09:00 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-02-02 09:00 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-02-02 08:58 - 2015-02-02 09:00 - 204166464 _____ () C:\Users\Christian\Downloads\kis15.0.1.415de_6844.exe
2015-02-02 08:44 - 2015-02-02 08:52 - 00000000 ____D () C:\NPE
2015-02-02 08:33 - 2015-02-02 08:55 - 00000000 ____D () C:\Users\Christian\AppData\Local\NPE
2015-02-02 08:32 - 2015-02-02 08:32 - 03077776 ____N (Symantec Corporation) C:\Users\Christian\Downloads\NPE.exe
2015-02-02 08:32 - 2015-02-02 08:32 - 00896280 _____ () C:\Users\Christian\Downloads\Norton_Removal_Tool.exe
2015-02-02 08:20 - 2015-02-02 08:20 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Christian\Downloads\tdsskiller.exe
2015-02-02 08:19 - 2014-03-20 05:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-02-02 08:19 - 2014-03-20 04:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-02-02 08:19 - 2014-03-20 04:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-02-02 08:19 - 2014-03-20 01:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-02-02 08:19 - 2014-03-20 01:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2015-02-02 08:19 - 2014-03-20 00:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-02-02 08:19 - 2014-03-20 00:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-02-02 08:19 - 2014-03-20 00:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2015-02-02 08:19 - 2014-03-19 06:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2015-02-02 08:19 - 2014-03-19 06:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-02-02 08:19 - 2014-03-19 06:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2015-02-02 08:19 - 2014-03-19 06:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-02-02 08:19 - 2014-03-11 16:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2015-02-02 08:19 - 2014-03-11 15:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2015-02-02 08:19 - 2014-03-08 21:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-02-02 08:19 - 2014-03-08 16:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2015-02-02 08:19 - 2014-03-08 12:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-02-02 08:19 - 2014-03-08 10:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2015-02-02 08:19 - 2014-03-08 09:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2015-02-02 08:19 - 2014-03-08 09:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2015-02-02 08:19 - 2014-03-08 09:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2015-02-02 08:19 - 2014-03-08 08:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-02-02 08:19 - 2014-03-08 08:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2015-02-02 08:19 - 2014-03-08 08:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-02-02 08:19 - 2014-03-08 08:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-02-02 08:19 - 2014-03-08 07:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-02-02 08:19 - 2014-03-08 07:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-02-02 08:19 - 2014-03-08 07:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2015-02-02 08:19 - 2014-03-08 07:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-02-02 08:19 - 2014-03-08 06:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-02-02 08:19 - 2014-03-08 06:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-02-02 08:19 - 2014-03-06 15:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-02-02 08:19 - 2014-03-06 15:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2015-02-02 08:19 - 2014-03-06 13:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-02-02 08:19 - 2014-03-06 12:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-02-02 08:19 - 2014-03-06 12:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2015-02-02 08:19 - 2014-03-06 11:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-02-02 08:19 - 2014-03-06 10:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-02-02 08:19 - 2014-03-06 10:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-02-02 08:19 - 2014-03-06 10:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-02-02 08:19 - 2014-03-06 10:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-02-02 08:19 - 2014-03-06 10:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-02-02 08:19 - 2014-03-06 10:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-02-02 08:19 - 2014-03-06 10:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2015-02-02 08:19 - 2014-03-06 09:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2015-02-02 08:19 - 2014-03-06 09:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-02-02 08:19 - 2014-03-06 09:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2015-02-02 08:19 - 2014-03-06 09:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-02-02 08:19 - 2014-03-06 08:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-02-02 08:19 - 2014-03-06 08:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-02-02 08:19 - 2014-03-06 08:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2015-02-02 08:19 - 2014-03-06 07:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-02-02 08:19 - 2014-03-06 07:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2015-02-02 08:19 - 2014-03-06 07:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2015-02-02 08:19 - 2014-03-06 07:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-02-02 08:19 - 2014-03-06 07:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2015-02-02 08:19 - 2014-03-06 07:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2015-02-02 08:19 - 2014-03-06 07:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2015-02-02 08:19 - 2014-03-06 07:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2015-02-02 08:19 - 2014-03-06 07:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2015-02-02 08:19 - 2014-03-06 06:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2015-02-02 08:19 - 2014-03-06 06:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2015-02-02 08:19 - 2014-03-06 06:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2015-02-02 08:19 - 2014-03-04 13:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-02-02 08:19 - 2014-03-04 12:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-02-02 08:19 - 2014-03-04 08:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-02-02 08:19 - 2014-03-04 08:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-02-02 08:19 - 2014-03-04 08:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2015-02-02 08:19 - 2014-03-04 08:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2015-02-02 08:19 - 2014-03-04 07:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2015-02-02 08:19 - 2014-03-04 07:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-02-02 08:19 - 2014-03-04 07:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2015-02-02 08:19 - 2014-03-04 07:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2015-02-02 08:19 - 2014-03-04 07:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2015-02-02 08:19 - 2014-03-04 07:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2015-02-02 08:19 - 2014-03-04 07:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-02-02 08:19 - 2014-03-04 07:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2015-02-02 08:19 - 2014-03-04 06:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2015-02-02 08:19 - 2014-03-04 06:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-02-02 08:19 - 2013-12-24 00:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-02-02 08:19 - 2013-12-24 00:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-02-02 08:17 - 2015-02-02 08:17 - 00000000 ____D () C:\ProgramData\Sun
2015-02-02 08:16 - 2015-02-02 08:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-02 08:16 - 2015-02-02 08:16 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-02 08:16 - 2015-02-02 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-02 08:15 - 2015-02-02 08:15 - 00639400 _____ (Oracle Corporation) C:\Users\Christian\Downloads\chromeinstall-8u31.exe
2015-02-02 08:15 - 2015-02-02 08:15 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-02 08:12 - 2015-02-02 08:12 - 00065893 _____ () C:\Users\Christian\Downloads\antivir11_rootkit.zip
2015-02-02 08:11 - 2015-02-02 08:11 - 09370136 _____ () C:\Users\Christian\Downloads\avz4.zip
2015-02-02 08:09 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-02-02 08:09 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-02-02 08:09 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-02-02 08:09 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-02-02 08:08 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-02-02 08:08 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-02-02 08:08 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-02-02 08:08 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-02-02 08:08 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-02-02 08:08 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-02-02 08:08 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-02-02 08:08 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-02-02 08:08 - 2014-05-19 07:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2015-02-02 08:08 - 2014-05-19 07:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-02-02 08:08 - 2014-05-19 06:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-02-02 08:08 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-02-02 08:08 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2015-02-02 08:08 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2015-02-02 08:08 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2015-02-02 08:08 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2015-02-02 08:08 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2015-02-02 08:08 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2015-02-02 08:08 - 2014-05-03 00:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2015-02-02 08:08 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2015-02-02 08:08 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-02-02 08:08 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-02-02 08:08 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2015-02-02 08:08 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-02-02 08:08 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-02-02 08:08 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-02-02 08:08 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2015-02-02 08:08 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-02-02 08:08 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2015-02-02 08:08 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-02-02 08:08 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-02-02 08:08 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2015-02-02 08:08 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-02-02 08:08 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-02-02 08:08 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2015-02-02 08:08 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-02-02 08:08 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-02-02 08:08 - 2014-04-26 23:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-02-02 08:08 - 2014-04-26 21:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-02-02 08:08 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-02-02 08:08 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-02-02 08:08 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-02-02 08:08 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2015-02-02 08:08 - 2014-04-09 07:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-02-02 08:08 - 2014-04-09 06:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-02-02 08:08 - 2014-03-08 21:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-02-02 08:08 - 2014-03-08 07:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-02-02 08:08 - 2014-03-08 07:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-02-02 08:08 - 2014-03-08 07:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-02-02 08:08 - 2014-03-08 06:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-02-02 08:08 - 2014-03-06 10:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-02-02 08:07 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-02 08:07 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-02 08:07 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-02-02 08:07 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-02-02 08:07 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-02-02 08:07 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-02-02 08:07 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-02 08:07 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-02-02 08:07 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-02-02 08:07 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-02 08:07 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-02-02 08:07 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-02 08:07 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-02-02 08:07 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-02 08:07 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-02-02 08:07 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-02-02 08:07 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-02 08:07 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-02-02 08:07 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-02-02 08:07 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-02-02 08:07 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-02-02 08:07 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2015-02-02 08:07 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-02-02 08:07 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2015-02-02 08:07 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-02-02 08:07 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-02-02 08:07 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-02-02 08:07 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-02 08:07 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-02-02 08:07 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-02-02 08:07 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-02-02 08:07 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-02 08:07 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-02-02 08:07 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-02-02 08:07 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-02-02 08:07 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-02 08:07 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-02-02 08:07 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-02-02 08:07 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-02-02 08:07 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-02-02 08:07 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-02 08:07 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-02-02 08:07 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-02-02 08:07 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-02-02 08:07 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-02-02 08:07 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-02 08:07 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-02-02 08:07 - 2014-06-20 02:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-02-02 08:07 - 2014-06-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-02-02 08:07 - 2014-05-31 07:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-02-02 08:07 - 2014-04-11 06:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-02-02 08:05 - 2015-02-02 08:05 - 00380416 _____ () C:\Users\Christian\Downloads\fvz52uve.exe
2015-02-02 08:04 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-02-02 08:04 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-02-02 08:04 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-02-02 08:04 - 2014-09-07 23:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-02 08:04 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-02-02 08:04 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-02-02 08:04 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-02-02 08:04 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-02-02 08:04 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-02-02 08:04 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-02-02 08:04 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-02-02 08:04 - 2014-08-31 01:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-02-02 08:04 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-02-02 08:04 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-02-02 08:04 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-02-02 08:04 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-02-02 08:04 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-02-02 08:04 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-02-02 08:04 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-02-02 08:04 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-02 08:04 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-02-02 08:04 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-02-02 08:04 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-02-02 08:04 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-02-02 08:04 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-02-02 08:04 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-02-02 08:04 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-02-02 08:04 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-02-02 08:04 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-02-02 08:04 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-02-02 08:04 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-02-02 08:04 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-02-02 08:04 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-02-02 08:04 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-02-02 08:04 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2015-02-02 08:04 - 2014-03-06 07:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-02-02 08:00 - 2015-02-02 08:00 - 05198336 _____ (AVAST Software) C:\Users\Christian\Downloads\aswMBR.exe
2015-02-02 08:00 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-02 08:00 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-02 08:00 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-02 08:00 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-02 08:00 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-02 08:00 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-02 08:00 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-02-02 08:00 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-02 08:00 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-02 08:00 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-02 08:00 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-02 08:00 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-02 08:00 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-02 08:00 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-02-02 08:00 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-02-02 07:59 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-02 07:59 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-02 07:59 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-02 07:59 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-02 07:59 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-02 07:59 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-02 07:59 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-02 07:59 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-02 07:59 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-02 07:59 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-02 07:59 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-02-02 07:59 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-02-02 07:59 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-02 07:59 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-02 07:59 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-02 07:59 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-02 07:59 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-02 07:59 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-02 07:59 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-02 07:59 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-02 07:59 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-02 07:59 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-02 07:59 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-02 07:59 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-02 07:59 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-02 07:59 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-02 07:59 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-02 07:59 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-02 07:59 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-02 07:59 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-02 07:59 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-02 07:59 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-02 07:59 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-02 07:59 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-02 07:59 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-02 07:59 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-02 07:59 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-02 07:59 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-02 07:59 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-02 07:59 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-02 07:59 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-02 07:59 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-02-02 07:59 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-02 07:59 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-02-02 07:59 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-02-02 07:59 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-02 07:59 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-02 07:59 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-02 07:59 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-02 07:59 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-02 07:59 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-02 07:59 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-02-02 07:59 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-02 07:59 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2015-02-02 07:59 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-02 07:59 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-02 07:59 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-02 07:59 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-02-02 07:59 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-02 07:59 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-02 07:59 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-02-02 07:59 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-02-02 07:59 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-02-02 07:59 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-02 07:59 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-02 07:59 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-02-02 07:59 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-02 07:59 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-02-02 07:59 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-02-02 07:59 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-02-02 07:59 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-02-02 07:59 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-02-02 07:59 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-02-02 07:59 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-02-02 07:59 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-02 07:59 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-02 07:59 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-02 07:59 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-02 07:59 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-02-02 07:59 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-02 07:59 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2015-02-02 07:59 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-02 07:59 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-02 07:59 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-02-02 07:59 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-02 07:59 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-02 07:59 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-02-02 07:59 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-02-02 07:59 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-02-02 07:59 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-02 07:59 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-02-02 07:59 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-02-02 07:59 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-02-02 07:59 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-02-02 07:59 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-02 07:59 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-02 07:59 - 2014-06-16 23:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-02-02 07:59 - 2014-06-16 23:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-02-02 07:59 - 2014-06-13 02:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-02-02 07:59 - 2014-06-13 02:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-02-02 07:59 - 2014-06-13 01:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-02-02 07:59 - 2014-06-06 12:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-02-02 07:59 - 2014-06-05 14:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-02-02 07:59 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2015-02-02 07:59 - 2014-05-17 05:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-02-02 07:59 - 2014-04-30 05:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-02-02 07:59 - 2014-04-30 05:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-02-02 07:59 - 2014-04-30 04:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-02-02 07:59 - 2014-04-08 23:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2015-02-02 07:59 - 2014-04-08 23:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2015-02-02 07:59 - 2014-04-08 19:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2015-02-02 07:59 - 2014-04-08 19:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2015-02-02 07:59 - 2014-03-06 13:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-02-02 07:59 - 2014-03-06 13:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-02-02 07:59 - 2014-03-06 13:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-02-02 07:59 - 2014-03-06 12:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-02-02 07:59 - 2014-03-06 07:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-02-02 07:59 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-02 07:59 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-02 07:59 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-02 07:58 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-02 07:58 - 2014-06-05 15:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-02-02 07:58 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-02-02 07:58 - 2014-05-31 11:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-02-02 07:58 - 2014-05-31 11:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-02-02 07:58 - 2014-05-31 11:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-02-02 07:58 - 2014-05-31 11:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-02-02 07:58 - 2014-05-31 07:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-02-02 07:58 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-02-02 07:58 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-02-02 07:58 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-02-02 07:58 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-02-02 07:58 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-02-02 07:58 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2015-02-02 07:58 - 2014-05-17 05:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-02-02 07:58 - 2014-04-11 05:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2015-02-02 07:58 - 2014-04-09 06:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-02-02 07:58 - 2014-04-06 16:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2015-02-02 07:58 - 2014-04-03 05:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-02 07:58 - 2014-04-03 03:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2015-02-02 07:58 - 2014-03-17 03:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2015-02-02 07:58 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-02-02 07:57 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-02 07:57 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-02 07:57 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-02 07:57 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-02-02 07:57 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-02-02 07:57 - 2014-05-30 04:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-02-02 07:57 - 2014-04-18 15:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2015-02-02 07:57 - 2014-04-18 10:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2015-02-02 07:57 - 2014-04-14 10:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-02-02 07:57 - 2014-04-14 09:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-02-02 07:57 - 2014-04-11 05:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-02-02 07:57 - 2014-04-11 04:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-02-02 07:57 - 2014-04-09 12:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-02-02 07:57 - 2014-04-09 07:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-02-02 07:57 - 2014-04-09 04:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-02-02 07:57 - 2014-04-08 03:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-02-02 07:57 - 2014-04-06 17:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-02-02 07:57 - 2014-04-06 17:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-02-02 07:57 - 2014-04-06 17:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-02-02 07:57 - 2014-04-06 17:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2015-02-02 07:57 - 2014-04-06 17:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2015-02-02 07:57 - 2014-04-06 17:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-02-02 07:57 - 2014-04-06 16:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-02-02 07:57 - 2014-04-06 13:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-02 07:57 - 2014-04-06 13:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-02 07:57 - 2014-04-06 13:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2015-02-02 07:57 - 2014-04-06 13:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-02 07:57 - 2014-04-06 13:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-02 07:57 - 2014-04-06 12:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2015-02-02 07:57 - 2014-04-06 11:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-02-02 07:57 - 2014-04-06 11:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-02-02 07:57 - 2014-04-06 11:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2015-02-02 07:57 - 2014-04-06 10:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2015-02-02 07:57 - 2014-04-03 09:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-02 07:57 - 2014-04-03 09:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2015-02-02 07:57 - 2014-04-03 05:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2015-02-02 07:57 - 2014-04-03 03:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-02-02 07:57 - 2014-04-03 03:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-02-02 07:57 - 2014-04-03 03:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2015-02-02 07:57 - 2014-04-01 07:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-02-02 07:57 - 2014-03-31 01:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2015-02-02 07:57 - 2014-03-31 00:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2015-02-02 07:57 - 2014-03-30 23:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-02-02 07:57 - 2014-03-30 23:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-02-02 07:57 - 2014-03-30 23:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-02-02 07:57 - 2014-03-28 16:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-02-02 07:57 - 2014-03-27 07:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-02-02 07:57 - 2014-03-27 06:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-02-02 07:57 - 2014-03-27 05:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-02-02 07:57 - 2014-03-27 05:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2015-02-02 07:57 - 2014-03-27 05:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-02-02 07:57 - 2014-03-27 04:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-02-02 07:57 - 2014-03-27 04:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-02-02 07:57 - 2014-03-27 04:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-02-02 07:57 - 2014-03-20 04:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-02-02 07:57 - 2014-03-19 09:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2015-02-02 07:57 - 2014-03-19 09:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-02-02 07:57 - 2014-03-19 08:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-02 07:57 - 2014-03-19 08:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2015-02-02 07:57 - 2014-03-19 06:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2015-02-02 07:57 - 2014-03-19 06:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2015-02-02 07:57 - 2014-03-19 06:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-02-02 07:57 - 2014-03-19 06:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-02-02 07:57 - 2014-03-19 06:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2015-02-02 07:57 - 2014-03-19 05:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2015-02-02 07:57 - 2014-03-19 05:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-02-02 07:57 - 2014-03-18 09:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-02-02 07:57 - 2014-03-18 06:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-02-02 07:57 - 2014-03-18 05:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-02-02 07:57 - 2014-03-17 06:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-02-02 07:57 - 2014-03-17 05:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-02-02 07:57 - 2014-03-17 04:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-02-02 07:57 - 2014-03-14 07:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-02-02 07:57 - 2014-03-14 07:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-02-02 07:57 - 2014-03-06 13:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-02-02 07:57 - 2014-03-06 10:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2015-02-02 07:57 - 2014-03-06 09:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2015-02-02 07:56 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-02 07:56 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-02-02 07:56 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-02-02 07:56 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-02-02 07:56 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-02-02 07:56 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-02-02 07:56 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-02 07:56 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-02-02 07:56 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-02-02 07:56 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-02-02 07:56 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-02-02 07:56 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-02-02 07:56 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-02-02 07:56 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-02-02 07:56 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-02-02 07:56 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-02-02 07:56 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-02-02 07:56 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-02-02 07:56 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-02-02 07:56 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-02-02 07:56 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-02-02 07:56 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-02-02 07:56 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-02-02 07:56 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-02-02 07:56 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-02-02 07:56 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-02-02 07:56 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-02-02 07:56 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-02-02 07:56 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-02-02 07:56 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-02-02 07:56 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-02-02 07:56 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-02-02 07:56 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-02-02 07:56 - 2014-08-07 03:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-02-02 07:56 - 2014-08-02 04:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-02-02 07:56 - 2014-06-06 14:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-02-02 07:56 - 2014-06-06 13:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-02-02 07:56 - 2014-05-01 14:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2015-02-02 07:56 - 2014-05-01 06:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-02-02 07:56 - 2014-03-13 08:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-02-02 07:56 - 2014-03-13 07:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-02-02 07:55 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-02 07:55 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-02-02 07:55 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-02-02 07:55 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-02-02 07:55 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-02-02 07:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-02-02 07:55 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-02-02 07:55 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2015-02-02 07:55 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-02-02 07:55 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2015-02-02 07:55 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-02-02 07:55 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-02-02 07:55 - 2014-04-11 09:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-02-02 07:55 - 2014-04-11 07:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-02-02 07:55 - 2014-04-11 06:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-02-02 07:55 - 2014-04-11 04:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-02-02 07:55 - 2014-04-11 04:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-02-02 07:55 - 2014-04-11 04:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-02-02 07:55 - 2014-04-11 04:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-02-02 07:55 - 2014-04-11 04:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-02-02 07:55 - 2014-04-11 03:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-02-02 07:55 - 2014-04-11 03:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-02-02 07:55 - 2014-04-11 03:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-02-02 07:54 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-02-02 07:54 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-02-02 07:54 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-02-02 07:54 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-02-02 07:54 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-02-02 07:54 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-02-02 07:54 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-02-02 07:53 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-02 07:53 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-02 06:42 - 2015-02-02 06:42 - 00000000 _____ () C:\Recovery.txt
2015-02-01 22:59 - 2015-02-01 23:01 - 81307064 _____ (Swiss Academic Software) C:\Users\Christian\Downloads\Citavi4Setup.exe
2015-02-01 22:59 - 2015-02-01 22:59 - 17072512 _____ () C:\Users\Christian\Downloads\PDFXVwer2.5.311 (1).zip
2015-02-01 22:52 - 2014-05-31 11:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-02-01 22:52 - 2014-05-31 11:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-02-01 22:52 - 2014-05-31 04:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-02-01 22:52 - 2014-05-31 04:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-02-01 22:52 - 2014-05-31 03:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-02-01 22:52 - 2014-05-31 03:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-02-01 22:52 - 2014-05-31 03:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-02-01 22:52 - 2014-05-31 03:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-02-01 22:52 - 2014-05-31 03:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-02-01 22:51 - 2015-02-01 22:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-01 22:51 - 2015-02-01 22:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-01 22:51 - 2015-01-10 00:30 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-01 22:51 - 2015-01-10 00:30 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 01097872 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-01 22:51 - 2015-01-10 00:29 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-01 22:51 - 2015-01-09 20:47 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-01 22:49 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-01 22:49 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-01 22:48 - 2015-02-01 22:48 - 00000000 ____D () C:\NVIDIA
2015-02-01 22:45 - 2015-02-01 22:45 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\ASCOMP Software
2015-02-01 22:45 - 2015-02-01 22:45 - 00000000 ____D () C:\Program Files (x86)\ASCOMP Software
2015-02-01 22:43 - 2015-02-01 22:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\Christian\Desktop\HiJackThis204.exe
2015-02-01 22:42 - 2015-02-02 08:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 22:42 - 2015-02-01 22:42 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-01 22:42 - 2015-02-01 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-01 22:42 - 2015-02-01 22:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-01 22:42 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-01 22:42 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-01 22:42 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-01 22:41 - 2015-02-01 22:41 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2015-02-01 22:36 - 2015-02-01 22:37 - 359471688 _____ (NVIDIA Corporation) C:\Users\Christian\Downloads\347.25-notebook-win8-win7-64bit-international-whql.exe
2015-02-01 22:36 - 2015-02-01 22:36 - 00000000 ____D () C:\Users\Christian\Documents\Symantec
2015-02-01 22:33 - 2015-02-02 08:56 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-02-01 22:33 - 2015-02-01 22:33 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-02-01 22:33 - 2015-02-01 22:33 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2015-02-01 22:30 - 2015-02-01 22:30 - 00034816 ___SH () C:\Users\Christian\Desktop\Thumbs.db
2015-02-01 22:30 - 2015-02-01 22:30 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2015-02-01 22:22 - 2015-02-02 08:08 - 00000000 ____D () C:\Users\Christian\AppData\Local\CrashDumps
2015-02-01 22:21 - 2015-02-01 22:21 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\WildTangent
2015-02-01 22:18 - 2015-02-02 08:56 - 00000000 ____D () C:\ProgramData\Norton
2015-02-01 22:18 - 2015-02-01 22:18 - 00000000 ____D () C:\Users\Christian\AppData\Local\clear.fi
2015-02-01 22:18 - 2015-02-01 22:18 - 00000000 ____D () C:\Users\Christian\AppData\Local\Acer
2015-02-01 22:16 - 2015-02-01 22:30 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-02-01 22:16 - 2015-02-01 22:16 - 00000000 ____D () C:\Users\Christian\AppData\Local\Razer_Inc
2015-02-01 22:16 - 2015-02-01 22:16 - 00000000 ____D () C:\ProgramData\Razer
2015-02-01 22:04 - 2015-02-02 12:09 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-01 22:04 - 2015-02-02 12:08 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-01 22:04 - 2015-02-01 22:04 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-01 22:04 - 2015-02-01 22:04 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-01 22:04 - 2015-02-01 22:04 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-01 22:04 - 2015-02-01 22:04 - 00000000 ____D () C:\Users\Christian\AppData\Local\Google
2015-02-01 22:04 - 2015-02-01 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-01 22:04 - 2015-02-01 22:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-01 22:03 - 2015-02-01 22:04 - 00000000 ____D () C:\Users\Christian\AppData\Local\Deployment
2015-02-01 22:03 - 2015-02-01 22:03 - 00000000 ____D () C:\Users\Christian\AppData\Local\Apps\2.0
2015-02-01 22:01 - 2015-02-02 10:54 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1715082490-1160310528-2700504390-1001
2015-02-01 22:01 - 2015-02-01 22:01 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieUserList
2015-02-01 22:01 - 2015-02-01 22:01 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieSiteList
2015-02-01 22:01 - 2015-02-01 22:01 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Macromedia
2015-02-01 22:00 - 2015-02-02 12:08 - 00000000 __RDO () C:\Users\Christian\OneDrive
2015-02-01 22:00 - 2015-02-01 22:00 - 00000000 ____D () C:\Users\Public\Pokki
2015-02-01 21:59 - 2015-02-02 07:54 - 00002337 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-01 21:59 - 2015-02-01 22:32 - 00002166 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2015-02-01 21:58 - 2015-02-01 21:58 - 00000000 ____D () C:\Users\Christian\PicStream
2015-02-01 21:56 - 2015-02-01 22:46 - 00000000 ____D () C:\Users\Christian\AppData\Local\VirtualStore
2015-02-01 21:56 - 2015-02-01 22:05 - 00000000 ____D () C:\Users\Christian\AppData\Local\Packages
2015-02-01 21:56 - 2015-02-01 21:56 - 00001458 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-01 21:56 - 2015-02-01 21:56 - 00001280 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2015-02-01 21:56 - 2015-02-01 21:56 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Intel
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Adobe
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\Users\Christian\AppData\Local\NVIDIA
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\Program Files\Accessory Store
2015-02-01 21:55 - 2015-02-02 12:09 - 00000000 ____D () C:\Users\Christian
2015-02-01 21:55 - 2015-02-02 08:53 - 00000000 ____D () C:\Users\Christian\AppData\Local\Pokki
2015-02-01 21:55 - 2015-02-01 21:55 - 00000020 ___SH () C:\Users\Christian\ntuser.ini
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Vorlagen
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Startmenü
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Netzwerkumgebung
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Lokale Einstellungen
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Eigene Dateien
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Druckumgebung
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Documents\Eigene Musik
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Documents\Eigene Bilder
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\AppData\Local\Verlauf
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\AppData\Local\Anwendungsdaten
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Anwendungsdaten
2015-02-01 21:55 - 2014-06-11 05:11 - 00000000 ___RD () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-01 21:55 - 2014-03-18 11:33 - 00000000 ___RD () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-01 21:55 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-01 21:55 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-01 21:55 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-01 21:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Programme
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-02 11:03 - 2014-06-11 05:05 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-02-02 11:03 - 2014-06-11 05:05 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-02-02 11:03 - 2014-03-18 11:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-02 10:59 - 2013-08-22 15:46 - 00023528 _____ () C:\Windows\setupact.log
2015-02-02 10:59 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-02 10:59 - 2013-08-22 15:44 - 00346960 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-02 10:58 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-02 10:56 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-02 10:56 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-02-02 10:55 - 2014-06-10 19:37 - 01779175 _____ () C:\Windows\WindowsUpdate.log
2015-02-02 10:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-02 10:52 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-02 09:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-02 09:05 - 2014-08-20 18:04 - 00799944 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-02-02 09:05 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-02-02 09:05 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-02-02 09:05 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-02-02 09:00 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-02-02 08:56 - 2014-03-18 10:54 - 00719764 _____ () C:\Windows\PFRO.log
2015-02-02 06:42 - 2013-08-22 16:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-02-01 22:51 - 2014-06-10 19:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-01 22:51 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-02-01 22:50 - 2014-06-10 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-01 22:21 - 2014-05-27 05:08 - 00000000 ____D () C:\Windows\oem
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\ProgramData\Acer
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-01 22:17 - 2014-06-10 20:25 - 00000000 ____D () C:\ProgramData\OEM
2015-02-01 22:14 - 2014-05-27 05:08 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-01 22:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\restore
2015-02-01 21:59 - 2014-05-27 05:46 - 00000000 ___HD () C:\OEM
2015-02-01 21:56 - 2014-05-27 05:48 - 00000000 ____D () C:\Windows\Panther
2015-02-01 20:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-01 20:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-01 20:43 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default

==================== Files in the root of some directories =======

2014-06-10 20:08 - 2014-06-10 20:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Christian\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\Christian\AppData\Local\Temp\AOPSetup.exe
C:\Users\Christian\AppData\Local\Temp\octF5C2.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-05-27 04:49

==================== End Of Log ============================

CLove 02.02.2015 12:41
Teil 2:
 
Addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Christian at 2015-02-02 12:10:12
Running from C:\Users\Christian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.04)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.103.2020.206 - Alps Electric)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Host App Service (HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\...\Pokki) (Version: 0.269.5.460 - Pokki)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{26AA61D4-B04D-4E0D-8E20-94A8FF2EE64D}) (Version: 4.2.40.2439 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
Pokki Start Menu (HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\...\Pokki_Start_Menu) (Version: 0.269.5.460 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21238 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1715082490-1160310528-2700504390-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

01-02-2015 22:07:39 eBay Worldwide wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03D6B953-5880-4BC8-8735-D9DEFFA0F88C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-31] (Microsoft Corporation)
Task: {13A0305C-47BB-4200-987C-2CD5929615E5} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-07-08] (Dolby Laboratories Inc.)
Task: {3F838EC8-10AE-4803-AD3A-84331CD3C35F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe
Task: {6F198B59-D743-48E5-8E75-66CBFB2A5816} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
Task: {710ED092-BDC3-46A9-AD8C-2D63271D6627} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-01] (Google Inc.)
Task: {A88A6E15-DA8E-43AF-AB25-84C7C572E827} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
Task: {F51DC9C7-CBA2-4BC2-899D-E2A904E4B2B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-01] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-02-01 22:51 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-12 18:06 - 2013-08-12 18:06 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-12 18:06 - 2013-08-12 18:06 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-12 18:06 - 2013-08-12 18:06 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-06-10 20:27 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-07-08 17:53 - 2013-07-08 17:53 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-06-10 19:40 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-06-10 20:35 - 2014-01-03 13:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-02-01 22:04 - 2015-01-27 04:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
2015-02-01 22:04 - 2015-01-27 04:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libegl.dll
2015-02-01 22:04 - 2015-01-27 04:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Christian\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1715082490-1160310528-2700504390-500 - Administrator - Disabled)
Christian (S-1-5-21-1715082490-1160310528-2700504390-1001 - Administrator - Enabled) => C:\Users\Christian
Gast (S-1-5-21-1715082490-1160310528-2700504390-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1715082490-1160310528-2700504390-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2015 10:55:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/02/2015 10:54:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/02/2015 10:54:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/02/2015 10:54:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/02/2015 08:08:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fvz52uve.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: fvz52uve.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x17bc
Startzeit der fehlerhaften Anwendung: 0xfvz52uve.exe0
Pfad der fehlerhaften Anwendung: fvz52uve.exe1
Pfad des fehlerhaften Moduls: fvz52uve.exe2
Berichtskennung: fvz52uve.exe3
Vollständiger Name des fehlerhaften Pakets: fvz52uve.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fvz52uve.exe5

Error: (02/02/2015 08:07:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fvz52uve.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: fvz52uve.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1008
Startzeit der fehlerhaften Anwendung: 0xfvz52uve.exe0
Pfad der fehlerhaften Anwendung: fvz52uve.exe1
Pfad des fehlerhaften Moduls: fvz52uve.exe2
Berichtskennung: fvz52uve.exe3
Vollständiger Name des fehlerhaften Pakets: fvz52uve.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fvz52uve.exe5

Error: (02/02/2015 08:06:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fvz52uve.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: fvz52uve.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x176c
Startzeit der fehlerhaften Anwendung: 0xfvz52uve.exe0
Pfad der fehlerhaften Anwendung: fvz52uve.exe1
Pfad des fehlerhaften Moduls: fvz52uve.exe2
Berichtskennung: fvz52uve.exe3
Vollständiger Name des fehlerhaften Pakets: fvz52uve.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fvz52uve.exe5

Error: (02/02/2015 08:05:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fvz52uve.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: fvz52uve.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x174
Startzeit der fehlerhaften Anwendung: 0xfvz52uve.exe0
Pfad der fehlerhaften Anwendung: fvz52uve.exe1
Pfad des fehlerhaften Moduls: fvz52uve.exe2
Berichtskennung: fvz52uve.exe3
Vollständiger Name des fehlerhaften Pakets: fvz52uve.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fvz52uve.exe5

Error: (02/02/2015 07:54:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (02/02/2015 07:54:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.


System errors:
=============
Error: (02/02/2015 10:59:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/02/2015 10:55:26 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/02/2015 10:55:20 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/02/2015 10:55:19 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/02/2015 10:55:19 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/02/2015 10:55:19 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/02/2015 10:55:17 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/02/2015 10:55:16 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/02/2015 10:55:16 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/02/2015 10:55:14 AM) (Source: DCOM) (EventID: 10010) (User: CHRIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}


Microsoft Office Sessions:
=========================
Error: (02/02/2015 10:55:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (02/02/2015 10:54:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009280

Error: (02/02/2015 10:54:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009280

Error: (02/02/2015 10:54:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009280

Error: (02/02/2015 08:08:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fvz52uve.exe2.1.19357.052e7ea83fvz52uve.exe2.1.19357.052e7ea83c0000005000011aa17bc01d03eb70d373d60C:\Users\Christian\Downloads\fvz52uve.exeC:\Users\Christian\Downloads\fvz52uve.exe507ad1b0-aaaa-11e4-8262-c45444832e11

Error: (02/02/2015 08:07:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fvz52uve.exe2.1.19357.052e7ea83fvz52uve.exe2.1.19357.052e7ea83c0000005000011aa100801d03eb6ed403cdbC:\Users\Christian\Downloads\fvz52uve.exeC:\Users\Christian\Downloads\fvz52uve.exe2e5cd437-aaaa-11e4-8262-c45444832e11

Error: (02/02/2015 08:06:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fvz52uve.exe2.1.19357.052e7ea83fvz52uve.exe2.1.19357.052e7ea83c0000005000011aa176c01d03eb6b22996e8C:\Users\Christian\Downloads\fvz52uve.exeC:\Users\Christian\Downloads\fvz52uve.exef1c65951-aaa9-11e4-8262-c45444832e11

Error: (02/02/2015 08:05:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fvz52uve.exe2.1.19357.052e7ea83fvz52uve.exe2.1.19357.052e7ea83c0000005000011aa17401d03eb6a5801a82C:\Users\Christian\Downloads\fvz52uve.exeC:\Users\Christian\Downloads\fvz52uve.exee6f7b52e-aaa9-11e4-8262-c45444832e11

Error: (02/02/2015 07:54:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Christian\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (02/02/2015 07:54:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Christian\AppData\Local\Pokki\Engine\HostAppService.exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 26%
Total physical RAM: 8072.27 MB
Available physical RAM: 5945.82 MB
Total Pagefile: 9992.27 MB
Available Pagefile: 7782.82 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:898.59 GB) (Free:855.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6C3BD5B1)

Partition: GPT Partition Type.

==================== End Of Log ============================
GMER: Problem: Gmer startet mit Fehlermeldung, dass er auf Windows\system32\config\system nicht zugreifen kann, da ein anderes Programm da drauf zugreift. (Quick-)Scan funktioniert dann aber, endete aber mit der selben Fehlermeldung.



Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-02 12:31:03
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002b ST1000LM014-1EJ164 rev.SM14 931,51GB
Running: 4lyrtrd3.exe; Driver: C:\Users\CHRIST~1\AppData\Local\Temp\fgldqpod.sys


---- User code sections - GMER 2.1 ----

.text  C:\Windows\system32\nvvsvc.exe[1020] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                              00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\nvvsvc.exe[1020] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                              00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\nvvsvc.exe[1020] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                  00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\nvvsvc.exe[1020] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                  00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\WLANExt.exe[1436] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                              00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\WLANExt.exe[1436] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                              00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\WLANExt.exe[1436] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\WLANExt.exe[1436] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1800] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                  00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1800] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                  00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1800] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                      00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1800] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                      00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1800] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                                        00007ffc65dd1f6a 4 bytes [DD, 65, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1800] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                                        00007ffc65dd1f82 4 bytes [DD, 65, FC, 7F]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[1952] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[1952] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[1952] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                    00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[1952] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                    00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1320] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                              00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1320] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                              00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1320] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                  00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1320] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                  00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[1916] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                        00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[1916] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                        00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[1916] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                          00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[1916] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                          00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\wbem\wmiprvse.exe[2692] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                        00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\wbem\wmiprvse.exe[2692] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                        00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\wbem\wmiprvse.exe[2692] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                          00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Windows\system32\wbem\wmiprvse.exe[2692] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                          00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\Apoint.exe[4904] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                        00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\Apoint.exe[4904] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                        00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\Apoint.exe[4904] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                            00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\Apoint.exe[4904] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                            00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\ApMsgFwd.exe[5036] C:\Windows\system32\PSAPI.dll!GetModuleBaseNameA + 506                                                                      00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\ApMsgFwd.exe[5036] C:\Windows\system32\PSAPI.dll!GetModuleBaseNameA + 514                                                                      00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\ApMsgFwd.exe[5036] C:\Windows\system32\PSAPI.dll!QueryWorkingSet + 118                                                                          00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\ApMsgFwd.exe[5036] C:\Windows\system32\PSAPI.dll!QueryWorkingSet + 142                                                                          00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\Apntex.exe[5104] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                        00007ffc724d169a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\Apntex.exe[5104] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                        00007ffc724d16a2 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\Apntex.exe[5104] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                            00007ffc724d181a 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files\Apoint2K\Apntex.exe[5104] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                            00007ffc724d1832 4 bytes [4D, 72, FC, 7F]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 112                                        00007ffc729a2bd4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 436                                            00007ffc729a2ef0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllPath + 415                                              00007ffc729a3757 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlReleasePath + 132                                              00007ffc729a4a54 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlReleasePath + 491                                              00007ffc729a4bbb 8 bytes {JMP 0xfffffffffffffff3}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateTagHeap + 312                                            00007ffc729a4cfc 8 bytes {JMP 0xffffffffffffffb1}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlTryEnterCriticalSection + 291                                  00007ffc729a511f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlTryEnterCriticalSection + 676                                  00007ffc729a52a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 2
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                                      00007ffc729a6964 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 824                                    00007ffc729aabf4 8 bytes {JMP 0xffffffffffffffd1}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 987                                    00007ffc729aac97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceComplete + 736                                          00007ffc729ab218 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 448                              00007ffc729ab88c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 288                          00007ffc729abc38 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                            00007ffc729abe94 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 168                                              00007ffc729ac408 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlDeregisterWaitEx + 683                                        00007ffc729ac74f 8 bytes {JMP 0xffffffffffffffd6}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                                      00007ffc729acdfb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlGetLocaleFileMappingAddress + 151                              00007ffc729acfaf 8 bytes {JMP 0xffffffffffffffd9}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlpInitializeLangRegistryInfo + 36                              00007ffc729acfdc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                                            00007ffc729ada20 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlpMuiRegLoadRegistryInfo + 224                                  00007ffc729ae120 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlGetActiveActivationContext + 751                              00007ffc729afcab 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlIsCriticalSectionLockedByThread + 296                          00007ffc729b0694 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!LdrShutdownProcess + 772                                          00007ffc729b17cc 8 bytes {JMP 0xffffffffffffffc7}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextUnsafeFast + 403                      00007ffc729b3267 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                                          00007ffc729b3aa8 8 bytes {JMP 0xffffffffffffffcd}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                                          00007ffc729b3b30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 2
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlInitAnsiString + 324                                          00007ffc729b5734 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlAppendUnicodeStringToString + 143                              00007ffc729b57cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToRelativeNtPathName_U_WithStatus + 32              00007ffc729b6c18 8 bytes [70, 6C, 15, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToRelativeNtPathName_U_WithStatus + 67              00007ffc729b6c3b 8 bytes [60, 6C, 15, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlHashUnicodeString + 367                                        00007ffc729b813b 8 bytes {JMP 0xffffffffffffffcd}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlHashUnicodeString + 971                                        00007ffc729b8397 8 bytes [40, 6C, 15, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlAppendUnicodeToString + 159                                    00007ffc729b843f 8 bytes [30, 6C, 15, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToNtPathName_U_WithStatus + 872                    00007ffc729b8824 8 bytes [20, 6C, 15, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!RtlAnsiCharToUnicodeChar + 115                                    00007ffc729bd3b3 8 bytes {JMP 0xffffffffffffffc5}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                            00007ffc72a21740 8 bytes {JMP QWORD [RIP-0x693af]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                          00007ffc72a218c0 8 bytes {JMP QWORD [RIP-0x69487]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                00007ffc72a218f0 8 bytes {JMP QWORD [RIP-0x6acde]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                              00007ffc72a21a10 8 bytes {JMP QWORD [RIP-0x698db]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                  00007ffc72a21ac0 8 bytes {JMP QWORD [RIP-0x6ae8b]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                  00007ffc72a22180 8 bytes {JMP QWORD [RIP-0x63432]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                00007ffc72a22480 8 bytes {JMP QWORD [RIP-0x650d3]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                00007ffc72a22d00 8 bytes {JMP QWORD [RIP-0x6a4e2]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 389                                            0000000077471385 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 386                                            0000000077471512 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                                  0000000077471551 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuSetStackPointer + 23                                        0000000077471577 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                                        00000000774717e7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                                            0000000077471834 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 1                                    0000000077471841 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 17                                  0000000077471851 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 3
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                              0000000077472c1c 8 bytes [DC, 6A, 15, 7F, 00, 00, 00, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 112                            00007ffc729a2bd4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 436                                00007ffc729a2ef0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllPath + 415                                  00007ffc729a3757 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlReleasePath + 132                                  00007ffc729a4a54 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlReleasePath + 491                                  00007ffc729a4bbb 8 bytes {JMP 0xfffffffffffffff3}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateTagHeap + 312                                00007ffc729a4cfc 8 bytes {JMP 0xffffffffffffffb1}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlTryEnterCriticalSection + 291                      00007ffc729a511f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlTryEnterCriticalSection + 676                      00007ffc729a52a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 2
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                          00007ffc729a6964 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 824                        00007ffc729aabf4 8 bytes {JMP 0xffffffffffffffd1}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 987                        00007ffc729aac97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceComplete + 736                              00007ffc729ab218 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 448                  00007ffc729ab88c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 288              00007ffc729abc38 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                00007ffc729abe94 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 168                                  00007ffc729ac408 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlDeregisterWaitEx + 683                            00007ffc729ac74f 8 bytes {JMP 0xffffffffffffffd6}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                          00007ffc729acdfb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlGetLocaleFileMappingAddress + 151                  00007ffc729acfaf 8 bytes {JMP 0xffffffffffffffd9}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlpInitializeLangRegistryInfo + 36                  00007ffc729acfdc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                                00007ffc729ada20 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlpMuiRegLoadRegistryInfo + 224                      00007ffc729ae120 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlGetActiveActivationContext + 751                  00007ffc729afcab 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlIsCriticalSectionLockedByThread + 296              00007ffc729b0694 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!LdrShutdownProcess + 772                              00007ffc729b17cc 8 bytes {JMP 0xffffffffffffffc7}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextUnsafeFast + 403          00007ffc729b3267 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                              00007ffc729b3aa8 8 bytes {JMP 0xffffffffffffffcd}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                              00007ffc729b3b30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 2
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlInitAnsiString + 324                              00007ffc729b5734 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlAppendUnicodeStringToString + 143                  00007ffc729b57cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToRelativeNtPathName_U_WithStatus + 32  00007ffc729b6c18 8 bytes [70, 6C, 67, 7E, 00, 00, 00, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToRelativeNtPathName_U_WithStatus + 67  00007ffc729b6c3b 8 bytes [60, 6C, 67, 7E, 00, 00, 00, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlHashUnicodeString + 367                            00007ffc729b813b 8 bytes {JMP 0xffffffffffffffcd}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlHashUnicodeString + 971                            00007ffc729b8397 8 bytes [40, 6C, 67, 7E, 00, 00, 00, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlAppendUnicodeToString + 159                        00007ffc729b843f 8 bytes [30, 6C, 67, 7E, 00, 00, 00, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToNtPathName_U_WithStatus + 872        00007ffc729b8824 8 bytes [20, 6C, 67, 7E, 00, 00, 00, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!RtlAnsiCharToUnicodeChar + 115                        00007ffc729bd3b3 8 bytes {JMP 0xffffffffffffffc5}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                00007ffc72a21740 8 bytes {JMP QWORD [RIP-0x693af]}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                              00007ffc72a218c0 8 bytes {JMP QWORD [RIP-0x69487]}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                    00007ffc72a218f0 8 bytes {JMP QWORD [RIP-0x6acde]}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                  00007ffc72a21a10 8 bytes {JMP QWORD [RIP-0x698db]}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                      00007ffc72a21ac0 8 bytes {JMP QWORD [RIP-0x6ae8b]}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                      00007ffc72a22180 8 bytes {JMP QWORD [RIP-0x63432]}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                    00007ffc72a22480 8 bytes {JMP QWORD [RIP-0x650d3]}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                    00007ffc72a22d00 8 bytes {JMP QWORD [RIP-0x6a4e2]}
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 389                                0000000077471385 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 386                                0000000077471512 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                      0000000077471551 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuSetStackPointer + 23                            0000000077471577 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                            00000000774717e7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                                0000000077471834 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 1                        0000000077471841 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 17                      0000000077471851 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 3
.text  C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[4660] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                  0000000077472c1c 8 bytes [DC, 6A, 67, 7E, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 112                                            00007ffc729a2bd4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 436                                                00007ffc729a2ef0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllPath + 415                                                  00007ffc729a3757 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlReleasePath + 132                                                00007ffc729a4a54 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlReleasePath + 491                                                00007ffc729a4bbb 8 bytes {JMP 0xfffffffffffffff3}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateTagHeap + 312                                              00007ffc729a4cfc 8 bytes {JMP 0xffffffffffffffb1}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlTryEnterCriticalSection + 291                                    00007ffc729a511f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlTryEnterCriticalSection + 676                                    00007ffc729a52a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 2
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                                          00007ffc729a6964 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 824                                      00007ffc729aabf4 8 bytes {JMP 0xffffffffffffffd1}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 987                                      00007ffc729aac97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceComplete + 736                                            00007ffc729ab218 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 448                                00007ffc729ab88c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 288                              00007ffc729abc38 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                                00007ffc729abe94 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 168                                                  00007ffc729ac408 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlDeregisterWaitEx + 683                                            00007ffc729ac74f 8 bytes {JMP 0xffffffffffffffd6}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                                          00007ffc729acdfb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlGetLocaleFileMappingAddress + 151                                00007ffc729acfaf 8 bytes {JMP 0xffffffffffffffd9}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlpInitializeLangRegistryInfo + 36                                  00007ffc729acfdc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                                              00007ffc729ada20 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlpMuiRegLoadRegistryInfo + 224                                    00007ffc729ae120 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlGetActiveActivationContext + 751                                  00007ffc729afcab 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlIsCriticalSectionLockedByThread + 296                            00007ffc729b0694 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!LdrShutdownProcess + 772                                            00007ffc729b17cc 8 bytes {JMP 0xffffffffffffffc7}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextUnsafeFast + 403                        00007ffc729b3267 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                                              00007ffc729b3aa8 8 bytes {JMP 0xffffffffffffffcd}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                                              00007ffc729b3b30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 2
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlInitAnsiString + 324                                              00007ffc729b5734 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlAppendUnicodeStringToString + 143                                00007ffc729b57cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToRelativeNtPathName_U_WithStatus + 32                00007ffc729b6c18 8 bytes [70, 6C, CE, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToRelativeNtPathName_U_WithStatus + 67                00007ffc729b6c3b 8 bytes [60, 6C, CE, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlHashUnicodeString + 367                                          00007ffc729b813b 8 bytes {JMP 0xffffffffffffffcd}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlHashUnicodeString + 971                                          00007ffc729b8397 8 bytes [40, 6C, CE, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlAppendUnicodeToString + 159                                      00007ffc729b843f 8 bytes [30, 6C, CE, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToNtPathName_U_WithStatus + 872                        00007ffc729b8824 8 bytes [20, 6C, CE, 7F, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!RtlAnsiCharToUnicodeChar + 115                                      00007ffc729bd3b3 8 bytes {JMP 0xffffffffffffffc5}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                              00007ffc72a21740 8 bytes {JMP QWORD [RIP-0x693af]}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                            00007ffc72a218c0 8 bytes {JMP QWORD [RIP-0x69487]}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                  00007ffc72a218f0 8 bytes {JMP QWORD [RIP-0x6acde]}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                00007ffc72a21a10 8 bytes {JMP QWORD [RIP-0x698db]}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                    00007ffc72a21ac0 8 bytes {JMP QWORD [RIP-0x6ae8b]}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                    00007ffc72a22180 8 bytes {JMP QWORD [RIP-0x63432]}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                  00007ffc72a22480 8 bytes {JMP QWORD [RIP-0x650d3]}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                  00007ffc72a22d00 8 bytes {JMP QWORD [RIP-0x6a4e2]}
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 389                                              0000000077471385 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 386                                              0000000077471512 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                                    0000000077471551 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuSetStackPointer + 23                                          0000000077471577 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                                          00000000774717e7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                                              0000000077471834 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 1                                      0000000077471841 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 17                                      0000000077471851 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 3
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5100] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                                0000000077472c1c 8 bytes [DC, 6A, CE, 7F, 00, 00, 00, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 112                                                                    00007ffc729a2bd4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 436                                                                        00007ffc729a2ef0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllPath + 415                                                                          00007ffc729a3757 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlReleasePath + 132                                                                          00007ffc729a4a54 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlReleasePath + 491                                                                          00007ffc729a4bbb 8 bytes {JMP 0xfffffffffffffff3}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateTagHeap + 312                                                                        00007ffc729a4cfc 8 bytes {JMP 0xffffffffffffffb1}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlTryEnterCriticalSection + 291                                                              00007ffc729a511f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlTryEnterCriticalSection + 676                                                              00007ffc729a52a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 2
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                                                                  00007ffc729a6964 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 824                                                                00007ffc729aabf4 8 bytes {JMP 0xffffffffffffffd1}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 987                                                                00007ffc729aac97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceComplete + 736                                                                      00007ffc729ab218 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 448                                                          00007ffc729ab88c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 288                                                      00007ffc729abc38 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                                                        00007ffc729abe94 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 168                                                                          00007ffc729ac408 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlDeregisterWaitEx + 683                                                                    00007ffc729ac74f 8 bytes {JMP 0xffffffffffffffd6}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                                                                  00007ffc729acdfb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlGetLocaleFileMappingAddress + 151                                                          00007ffc729acfaf 8 bytes {JMP 0xffffffffffffffd9}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlpInitializeLangRegistryInfo + 36                                                          00007ffc729acfdc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                                                                        00007ffc729ada20 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlpMuiRegLoadRegistryInfo + 224                                                              00007ffc729ae120 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlGetActiveActivationContext + 751                                                          00007ffc729afcab 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlIsCriticalSectionLockedByThread + 296                                                      00007ffc729b0694 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!LdrShutdownProcess + 772                                                                      00007ffc729b17cc 8 bytes {JMP 0xffffffffffffffc7}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextUnsafeFast + 403                                                  00007ffc729b3267 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                                                                      00007ffc729b3aa8 8 bytes {JMP 0xffffffffffffffcd}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                                                                      00007ffc729b3b30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 2
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlInitAnsiString + 324                                                                      00007ffc729b5734 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlAppendUnicodeStringToString + 143                                                          00007ffc729b57cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToRelativeNtPathName_U_WithStatus + 32                                          00007ffc729b6c18 8 bytes [70, 6C, F8, 7F, 00, 00, 00, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToRelativeNtPathName_U_WithStatus + 67                                          00007ffc729b6c3b 8 bytes [60, 6C, F8, 7F, 00, 00, 00, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlHashUnicodeString + 367                                                                    00007ffc729b813b 8 bytes {JMP 0xffffffffffffffcd}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlHashUnicodeString + 971                                                                    00007ffc729b8397 8 bytes [40, 6C, F8, 7F, 00, 00, 00, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlAppendUnicodeToString + 159                                                                00007ffc729b843f 8 bytes [30, 6C, F8, 7F, 00, 00, 00, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlDosPathNameToNtPathName_U_WithStatus + 872                                                00007ffc729b8824 8 bytes [20, 6C, F8, 7F, 00, 00, 00, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!RtlAnsiCharToUnicodeChar + 115                                                                00007ffc729bd3b3 8 bytes {JMP 0xffffffffffffffc5}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                                        00007ffc72a21740 8 bytes {JMP QWORD [RIP-0x693af]}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                                                      00007ffc72a218c0 8 bytes {JMP QWORD [RIP-0x69487]}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                            00007ffc72a218f0 8 bytes {JMP QWORD [RIP-0x6acde]}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                          00007ffc72a21a10 8 bytes {JMP QWORD [RIP-0x698db]}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                                              00007ffc72a21ac0 8 bytes {JMP QWORD [RIP-0x6ae8b]}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                                              00007ffc72a22180 8 bytes {JMP QWORD [RIP-0x63432]}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                                            00007ffc72a22480 8 bytes {JMP QWORD [RIP-0x650d3]}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                                            00007ffc72a22d00 8 bytes {JMP QWORD [RIP-0x6a4e2]}
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 389                                                                        0000000077471385 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 386                                                                        0000000077471512 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                                                              0000000077471551 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuSetStackPointer + 23                                                                    0000000077471577 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                                                                    00000000774717e7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                                                                        0000000077471834 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 1                                                                0000000077471841 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 17                                                              0000000077471851 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                                                      * 3
.text  C:\Users\Christian\Desktop\4lyrtrd3.exe[1428] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                                                          0000000077472c1c 8 bytes [DC, 6A, F8, 7F, 00, 00, 00, ...]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [688:712]                                                                                                                                  fffff960008b7b90
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:1756]                                                                                                                                0000000000c56983
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3068]                                                                                                                                0000000074837c20
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2104]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:1280]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:1312]                                                                                                                                00000000748668d7
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2532]                                                                                                                                0000000073436d20
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2776]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2724]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2816]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2936]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2932]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2928]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2924]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2916]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2980]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:584]                                                                                                                                  0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2988]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2992]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:672]                                                                                                                                  0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2496]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2052]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2552]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2528]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2764]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2548]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2212]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2780]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:556]                                                                                                                                  0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2912]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2392]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3076]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3080]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3084]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3088]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3092]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3120]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3128]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3132]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3144]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3148]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3152]                                                                                                                                0000000073541bf5
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3156]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3160]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3188]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3192]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3196]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3200]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3204]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3208]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3212]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3216]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3228]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3232]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3236]                                                                                                                                00000000721cbf09
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3240]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3244]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3256]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3260]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3264]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3268]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3272]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3276]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3280]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3284]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3288]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3292]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3296]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3300]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3304]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3308]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3312]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3316]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3320]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3328]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3332]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3344]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3348]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3352]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3356]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3360]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3488]                                                                                                                                00000000708f69c0
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3492]                                                                                                                                00000000708f69c0
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3496]                                                                                                                                0000000070950060
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3500]                                                                                                                                00000000708c9fc8
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3528]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3584]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3592]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:824]                                                                                                                                  0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2564]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:1528]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:896]                                                                                                                                  0000000073041120
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:144]                                                                                                                                  0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2176]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5000]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:6120]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4216]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:1180]                                                                                                                                0000000061d725b8
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3404]                                                                                                                                0000000061d725b8
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2704]                                                                                                                                0000000061d725b8
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5396]                                                                                                                                0000000061d725b8
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2252]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2976]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:560]                                                                                                                                  0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4384]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4372]                                                                                                                                0000000074a0a4c5
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2296]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3884]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2644]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5004]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4244]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5464]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5028]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5664]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:1200]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4212]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4680]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4076]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5572]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4676]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3856]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:752]                                                                                                                                  0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2972]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3704]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3656]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:4416]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:1832]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:6128]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:2720]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5624]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:3544]                                                                                                                                0000000074c5c59c
Thread  C:\Windows\SYSTEM32\ntdll.dll [1752:5164]                                                                                                                                0000000076fd62d0
Thread  C:\Windows\System32\SettingSyncHost.exe [5348:5368]                                                                                                                      00007ffc56e56da0

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                                                    unknown MBR code

---- EOF - GMER 2.1 ----

Ich hoffe das reicht für den Anfang.


Liebe Grüße

Christian

cosinus 02.02.2015 15:09
Hi,

Zitat:
Kleines Zusatzproblem: Mein Laptop (Acer Aspire V5-573G) hat neben der normalen 1 TB Festplatte einen 8 Gigabyte SSD Speicher für das Betriebssystem. Dieser wird unter dem Arbeitsplatz nicht angezeigt und ich weiß nicht, ob Kaspersky und Co diesen Bereich überhaupt durchsuchen.
Dann hast du eine SSHD, also eine Hybridplatte. Die 8 GB Flashspeicher nutzt die Platte als Cache, du hast da keinen Einfluss drauf, regelt alles die Plattenfirmware. Mal uter uns, ich find solche Platten recht sinnfrei, dann lieber gleich ne richtige SSD.

Bitte mal MBAR laufen lassen:

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

CLove 02.02.2015 15:31
Hallo,

danke für die Erklärung der Festplatte - war jetzt auch kein wirkliches Kaufargument für mich.


Ich habe mbar durchlaufen lassen: hat nichts gefunden. Hier die Log:

Code:
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
  main:    v2015.02.02.03
  rootkit: v2015.01.14.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
Christian :: CHRIS [administrator]

02.02.2015 15:22:00
mbar-log-2015-02-02 (15-22-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 329862
Time elapsed: 6 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Danke im Voraus und beste Grüße

Christian

cosinus 02.02.2015 15:38
Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


CLove 02.02.2015 17:18
AdwCleaner:

Erster Run vor einer Stunde:

Code:
# AdwCleaner v4.109 - Bericht erstellt am 02/02/2015 um 14:29:32
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Christian - CHRIS
# Gestartet von : C:\Users\Christian\Desktop\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.94

[C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}

*************************

AdwCleaner[R0].txt - [1975 octets] - [02/02/2015 14:26:39]
AdwCleaner[S0].txt - [1480 octets] - [02/02/2015 14:29:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1540 octets] ##########

Neu:

Code:
# AdwCleaner v4.109 - Bericht erstellt am 02/02/2015 um 15:38:36
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Christian - CHRIS
# Gestartet von : C:\Users\Christian\Desktop\AdwCleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R0].txt - [1975 octets] - [02/02/2015 14:26:39]
AdwCleaner[R1].txt - [676 octets] - [02/02/2015 15:38:36]
AdwCleaner[S0].txt - [1628 octets] - [02/02/2015 14:29:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [795 octets] ##########

JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Christian on 02.02.2015 at 15:43:26,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.02.2015 at 15:45:36,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST folgt im nächste Post

FRST:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Christian on 02.02.2015 at 15:43:26,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.02.2015 at 15:45:36,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Da ist mir ein Fehler unterlaufen:

FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Christian (administrator) on CHRIS on 02-02-2015 15:46:56
Running from C:\Users\Christian\Desktop
Loaded Profiles: Christian (Available profiles: Christian)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688984 2013-09-30] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\...\RunOnce: [Application Restart #1] => C:\Users\Christian\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1715082490-1160310528-2700504390-1001 -> {45A916D3-E7DD-4D42-82B7-BFC867B6AA91} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 134.96.7.100 134.96.7.99 134.96.7.5

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-02]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-02]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-02]

Chrome:
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-01]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-01]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-01]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-01]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-01]
CHR Extension: (Google-Suche) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-01]
CHR Extension: (Google Tabellen) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-01]
CHR Extension: (AdBlock) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-01]
CHR Extension: (Premiumize.me) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm [2015-02-01]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-01]
CHR Extension: (Google Mail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-01]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-18] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-02-02] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [799944 2015-02-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-02-02] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-02-02] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [427736 2013-08-09] (Realsil Semiconductor Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 15:45 - 2015-02-02 15:45 - 00000618 _____ () C:\Users\Christian\Desktop\JRT.txt
2015-02-02 15:42 - 2015-02-02 15:42 - 01707939 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2015-02-02 15:42 - 2015-02-02 15:42 - 00000000 ____D () C:\Windows\ERUNT
2015-02-02 15:39 - 2015-02-02 15:39 - 00000874 _____ () C:\Users\Christian\Desktop\AdwCleaner[R1].txt
2015-02-02 15:21 - 2015-02-02 15:28 - 00000000 ____D () C:\Users\Christian\Desktop\mbar
2015-02-02 15:21 - 2015-02-02 15:28 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-02 15:21 - 2015-02-02 15:21 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Christian\Desktop\mbar-1.08.3.1004.exe
2015-02-02 14:34 - 2015-02-02 14:34 - 00001628 _____ () C:\Users\Christian\Desktop\AdwCleaner[S0].txt
2015-02-02 14:26 - 2015-02-02 15:39 - 00000000 ____D () C:\AdwCleaner
2015-02-02 12:31 - 2015-02-02 12:31 - 00088974 _____ () C:\Users\Christian\Desktop\gmer.log
2015-02-02 12:21 - 2015-02-02 12:21 - 00000777 _____ () C:\Users\Christian\Desktop\Neues Textdokument.txt
2015-02-02 12:10 - 2015-02-02 12:10 - 00022371 _____ () C:\Users\Christian\Desktop\Addition.txt
2015-02-02 12:09 - 2015-02-02 15:46 - 00018518 _____ () C:\Users\Christian\Desktop\FRST.txt
2015-02-02 12:09 - 2015-02-02 15:46 - 00000000 ____D () C:\FRST
2015-02-02 12:09 - 2015-02-02 12:09 - 00000480 _____ () C:\Users\Christian\Desktop\defogger_disable.log
2015-02-02 12:09 - 2015-02-02 12:09 - 00000000 _____ () C:\Users\Christian\defogger_reenable
2015-02-02 11:00 - 2015-01-24 21:20 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-02 11:00 - 2015-01-24 21:20 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 10:17 - 2015-02-02 10:17 - 00050477 _____ () C:\Users\Christian\Desktop\Defogger.exe
2015-02-02 10:15 - 2015-02-02 10:15 - 00380416 _____ () C:\Users\Christian\Downloads\4lyrtrd3.exe
2015-02-02 10:15 - 2015-02-02 10:15 - 00380416 _____ () C:\Users\Christian\Desktop\4lyrtrd3.exe
2015-02-02 10:15 - 2015-02-02 10:09 - 02131456 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2015-02-02 10:09 - 2015-02-02 10:09 - 02131456 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-02-02 10:01 - 2015-02-02 10:01 - 02194432 _____ () C:\Users\Christian\Desktop\AdwCleaner_4.109.exe
2015-02-02 10:01 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-02-02 09:53 - 2015-02-02 10:13 - 743680000 _____ () C:\Users\Christian\Downloads\X16-33089.iso
2015-02-02 09:48 - 2015-02-02 09:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-02 09:48 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-02 09:01 - 2015-02-02 09:01 - 00002120 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-02-02 09:01 - 2015-02-02 09:01 - 00000000 ____D () C:\Users\Christian\AppData\Local\Intel_Corporation
2015-02-02 09:01 - 2015-02-02 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-02-02 09:01 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-02-02 09:00 - 2015-02-02 15:37 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-02 09:00 - 2015-02-02 09:00 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-02-02 09:00 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-02-02 08:58 - 2015-02-02 09:00 - 204166464 _____ () C:\Users\Christian\Downloads\kis15.0.1.415de_6844.exe
2015-02-02 08:44 - 2015-02-02 08:52 - 00000000 ____D () C:\NPE
2015-02-02 08:33 - 2015-02-02 08:55 - 00000000 ____D () C:\Users\Christian\AppData\Local\NPE
2015-02-02 08:32 - 2015-02-02 08:32 - 03077776 ____N (Symantec Corporation) C:\Users\Christian\Downloads\NPE.exe
2015-02-02 08:32 - 2015-02-02 08:32 - 00896280 _____ () C:\Users\Christian\Downloads\Norton_Removal_Tool.exe
2015-02-02 08:20 - 2015-02-02 08:20 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Christian\Downloads\tdsskiller.exe
2015-02-02 08:19 - 2014-03-20 05:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-02-02 08:19 - 2014-03-20 04:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-02-02 08:19 - 2014-03-20 04:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-02-02 08:19 - 2014-03-20 01:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-02-02 08:19 - 2014-03-20 01:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2015-02-02 08:19 - 2014-03-20 00:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-02-02 08:19 - 2014-03-20 00:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-02-02 08:19 - 2014-03-20 00:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2015-02-02 08:19 - 2014-03-19 06:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2015-02-02 08:19 - 2014-03-19 06:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-02-02 08:19 - 2014-03-19 06:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2015-02-02 08:19 - 2014-03-19 06:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-02-02 08:19 - 2014-03-11 16:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2015-02-02 08:19 - 2014-03-11 15:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2015-02-02 08:19 - 2014-03-08 21:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-02-02 08:19 - 2014-03-08 16:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2015-02-02 08:19 - 2014-03-08 12:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-02-02 08:19 - 2014-03-08 10:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2015-02-02 08:19 - 2014-03-08 09:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2015-02-02 08:19 - 2014-03-08 09:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2015-02-02 08:19 - 2014-03-08 09:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2015-02-02 08:19 - 2014-03-08 08:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-02-02 08:19 - 2014-03-08 08:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2015-02-02 08:19 - 2014-03-08 08:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-02-02 08:19 - 2014-03-08 08:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-02-02 08:19 - 2014-03-08 07:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-02-02 08:19 - 2014-03-08 07:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-02-02 08:19 - 2014-03-08 07:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2015-02-02 08:19 - 2014-03-08 07:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-02-02 08:19 - 2014-03-08 06:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-02-02 08:19 - 2014-03-08 06:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-02-02 08:19 - 2014-03-06 15:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-02-02 08:19 - 2014-03-06 15:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2015-02-02 08:19 - 2014-03-06 13:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-02-02 08:19 - 2014-03-06 12:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-02-02 08:19 - 2014-03-06 12:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2015-02-02 08:19 - 2014-03-06 11:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-02-02 08:19 - 2014-03-06 10:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-02-02 08:19 - 2014-03-06 10:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-02-02 08:19 - 2014-03-06 10:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-02-02 08:19 - 2014-03-06 10:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-02-02 08:19 - 2014-03-06 10:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-02-02 08:19 - 2014-03-06 10:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-02-02 08:19 - 2014-03-06 10:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2015-02-02 08:19 - 2014-03-06 09:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2015-02-02 08:19 - 2014-03-06 09:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-02-02 08:19 - 2014-03-06 09:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2015-02-02 08:19 - 2014-03-06 09:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-02-02 08:19 - 2014-03-06 08:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-02-02 08:19 - 2014-03-06 08:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-02-02 08:19 - 2014-03-06 08:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2015-02-02 08:19 - 2014-03-06 07:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-02-02 08:19 - 2014-03-06 07:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2015-02-02 08:19 - 2014-03-06 07:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2015-02-02 08:19 - 2014-03-06 07:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-02-02 08:19 - 2014-03-06 07:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2015-02-02 08:19 - 2014-03-06 07:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2015-02-02 08:19 - 2014-03-06 07:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2015-02-02 08:19 - 2014-03-06 07:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2015-02-02 08:19 - 2014-03-06 07:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2015-02-02 08:19 - 2014-03-06 06:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2015-02-02 08:19 - 2014-03-06 06:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2015-02-02 08:19 - 2014-03-06 06:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2015-02-02 08:19 - 2014-03-04 13:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-02-02 08:19 - 2014-03-04 12:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-02-02 08:19 - 2014-03-04 08:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-02-02 08:19 - 2014-03-04 08:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-02-02 08:19 - 2014-03-04 08:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2015-02-02 08:19 - 2014-03-04 08:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2015-02-02 08:19 - 2014-03-04 07:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2015-02-02 08:19 - 2014-03-04 07:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-02-02 08:19 - 2014-03-04 07:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2015-02-02 08:19 - 2014-03-04 07:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2015-02-02 08:19 - 2014-03-04 07:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2015-02-02 08:19 - 2014-03-04 07:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2015-02-02 08:19 - 2014-03-04 07:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-02-02 08:19 - 2014-03-04 07:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2015-02-02 08:19 - 2014-03-04 06:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2015-02-02 08:19 - 2014-03-04 06:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-02-02 08:19 - 2013-12-24 00:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-02-02 08:19 - 2013-12-24 00:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-02-02 08:17 - 2015-02-02 08:17 - 00000000 ____D () C:\ProgramData\Sun
2015-02-02 08:16 - 2015-02-02 08:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-02 08:16 - 2015-02-02 08:16 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-02 08:16 - 2015-02-02 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-02 08:15 - 2015-02-02 08:15 - 00639400 _____ (Oracle Corporation) C:\Users\Christian\Downloads\chromeinstall-8u31.exe
2015-02-02 08:15 - 2015-02-02 08:15 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-02 08:12 - 2015-02-02 08:12 - 00065893 _____ () C:\Users\Christian\Downloads\antivir11_rootkit.zip
2015-02-02 08:11 - 2015-02-02 08:11 - 09370136 _____ () C:\Users\Christian\Downloads\avz4.zip
2015-02-02 08:09 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-02-02 08:09 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-02-02 08:09 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-02-02 08:09 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-02-02 08:08 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-02-02 08:08 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-02-02 08:08 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-02-02 08:08 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-02-02 08:08 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-02-02 08:08 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-02-02 08:08 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-02-02 08:08 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-02-02 08:08 - 2014-05-19 07:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2015-02-02 08:08 - 2014-05-19 07:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-02-02 08:08 - 2014-05-19 06:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-02-02 08:08 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-02-02 08:08 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2015-02-02 08:08 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2015-02-02 08:08 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2015-02-02 08:08 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2015-02-02 08:08 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2015-02-02 08:08 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2015-02-02 08:08 - 2014-05-03 00:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2015-02-02 08:08 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2015-02-02 08:08 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-02-02 08:08 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-02-02 08:08 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2015-02-02 08:08 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-02-02 08:08 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-02-02 08:08 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-02-02 08:08 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2015-02-02 08:08 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-02-02 08:08 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2015-02-02 08:08 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-02-02 08:08 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-02-02 08:08 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2015-02-02 08:08 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-02-02 08:08 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-02-02 08:08 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2015-02-02 08:08 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-02-02 08:08 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-02-02 08:08 - 2014-04-26 23:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-02-02 08:08 - 2014-04-26 21:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-02-02 08:08 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-02-02 08:08 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-02-02 08:08 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-02-02 08:08 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2015-02-02 08:08 - 2014-04-09 07:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-02-02 08:08 - 2014-04-09 06:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-02-02 08:08 - 2014-03-08 21:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-02-02 08:08 - 2014-03-08 07:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-02-02 08:08 - 2014-03-08 07:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-02-02 08:08 - 2014-03-08 07:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-02-02 08:08 - 2014-03-08 06:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-02-02 08:08 - 2014-03-06 10:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-02-02 08:07 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-02 08:07 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-02 08:07 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-02-02 08:07 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-02-02 08:07 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-02-02 08:07 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-02-02 08:07 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-02 08:07 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-02-02 08:07 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-02-02 08:07 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-02 08:07 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-02-02 08:07 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-02 08:07 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-02-02 08:07 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-02 08:07 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-02-02 08:07 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-02-02 08:07 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-02 08:07 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-02-02 08:07 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-02-02 08:07 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-02-02 08:07 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-02-02 08:07 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2015-02-02 08:07 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-02-02 08:07 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2015-02-02 08:07 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-02-02 08:07 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-02-02 08:07 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-02-02 08:07 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-02 08:07 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-02-02 08:07 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-02-02 08:07 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-02-02 08:07 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-02 08:07 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-02-02 08:07 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-02-02 08:07 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-02-02 08:07 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-02 08:07 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-02-02 08:07 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-02-02 08:07 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-02-02 08:07 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-02-02 08:07 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-02 08:07 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-02-02 08:07 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-02-02 08:07 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-02-02 08:07 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-02-02 08:07 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-02 08:07 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-02-02 08:07 - 2014-06-20 02:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-02-02 08:07 - 2014-06-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-02-02 08:07 - 2014-05-31 07:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-02-02 08:07 - 2014-04-11 06:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-02-02 08:05 - 2015-02-02 08:05 - 00380416 _____ () C:\Users\Christian\Downloads\fvz52uve.exe
2015-02-02 08:04 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-02-02 08:04 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-02-02 08:04 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-02-02 08:04 - 2014-09-07 23:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-02 08:04 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-02-02 08:04 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-02-02 08:04 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-02-02 08:04 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-02-02 08:04 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-02-02 08:04 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-02-02 08:04 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-02-02 08:04 - 2014-08-31 01:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-02-02 08:04 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-02-02 08:04 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-02-02 08:04 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-02-02 08:04 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-02-02 08:04 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-02-02 08:04 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-02-02 08:04 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-02-02 08:04 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-02 08:04 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-02-02 08:04 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-02-02 08:04 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-02-02 08:04 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-02-02 08:04 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-02-02 08:04 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-02-02 08:04 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-02-02 08:04 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-02-02 08:04 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-02-02 08:04 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-02-02 08:04 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-02-02 08:04 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-02-02 08:04 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-02-02 08:04 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-02-02 08:04 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2015-02-02 08:04 - 2014-03-06 07:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-02-02 08:00 - 2015-02-02 08:00 - 05198336 _____ (AVAST Software) C:\Users\Christian\Downloads\aswMBR.exe
2015-02-02 08:00 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-02 08:00 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-02 08:00 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-02 08:00 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-02 08:00 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-02 08:00 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-02 08:00 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-02-02 08:00 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-02 08:00 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-02 08:00 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-02 08:00 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-02 08:00 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-02 08:00 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-02 08:00 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-02-02 08:00 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-02-02 07:59 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-02 07:59 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-02 07:59 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-02 07:59 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-02 07:59 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-02 07:59 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-02 07:59 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-02 07:59 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-02 07:59 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-02 07:59 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-02 07:59 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-02-02 07:59 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-02-02 07:59 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-02 07:59 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-02 07:59 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-02 07:59 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-02 07:59 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-02 07:59 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-02 07:59 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-02 07:59 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-02 07:59 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-02 07:59 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-02 07:59 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-02 07:59 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-02 07:59 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-02 07:59 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-02 07:59 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-02 07:59 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-02 07:59 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-02 07:59 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-02 07:59 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-02 07:59 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-02 07:59 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-02 07:59 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-02 07:59 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-02 07:59 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-02 07:59 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-02 07:59 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-02 07:59 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-02 07:59 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-02 07:59 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-02 07:59 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-02-02 07:59 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-02 07:59 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-02-02 07:59 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-02-02 07:59 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-02 07:59 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-02 07:59 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-02 07:59 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-02 07:59 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-02 07:59 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-02 07:59 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-02-02 07:59 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-02 07:59 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2015-02-02 07:59 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-02 07:59 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-02 07:59 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-02 07:59 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-02-02 07:59 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-02 07:59 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-02 07:59 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-02-02 07:59 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-02-02 07:59 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-02-02 07:59 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-02 07:59 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-02 07:59 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-02-02 07:59 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-02 07:59 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-02-02 07:59 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-02-02 07:59 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-02-02 07:59 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-02-02 07:59 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-02-02 07:59 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-02-02 07:59 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-02-02 07:59 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-02 07:59 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-02 07:59 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-02 07:59 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-02 07:59 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-02-02 07:59 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-02 07:59 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2015-02-02 07:59 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-02 07:59 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-02 07:59 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-02-02 07:59 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-02 07:59 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-02 07:59 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-02-02 07:59 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-02-02 07:59 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-02-02 07:59 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-02 07:59 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-02-02 07:59 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-02-02 07:59 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-02-02 07:59 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-02-02 07:59 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-02 07:59 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-02 07:59 - 2014-06-16 23:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-02-02 07:59 - 2014-06-16 23:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-02-02 07:59 - 2014-06-13 02:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-02-02 07:59 - 2014-06-13 02:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-02-02 07:59 - 2014-06-13 01:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-02-02 07:59 - 2014-06-06 12:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-02-02 07:59 - 2014-06-05 14:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-02-02 07:59 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2015-02-02 07:59 - 2014-05-17 05:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-02-02 07:59 - 2014-04-30 05:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-02-02 07:59 - 2014-04-30 05:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-02-02 07:59 - 2014-04-30 04:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-02-02 07:59 - 2014-04-08 23:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2015-02-02 07:59 - 2014-04-08 23:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2015-02-02 07:59 - 2014-04-08 19:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2015-02-02 07:59 - 2014-04-08 19:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2015-02-02 07:59 - 2014-03-06 13:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-02-02 07:59 - 2014-03-06 13:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-02-02 07:59 - 2014-03-06 13:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-02-02 07:59 - 2014-03-06 12:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-02-02 07:59 - 2014-03-06 07:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-02-02 07:59 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-02 07:59 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-02 07:59 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-02 07:58 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-02 07:58 - 2014-06-05 15:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-02-02 07:58 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-02-02 07:58 - 2014-05-31 11:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-02-02 07:58 - 2014-05-31 11:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-02-02 07:58 - 2014-05-31 11:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-02-02 07:58 - 2014-05-31 11:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-02-02 07:58 - 2014-05-31 07:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-02-02 07:58 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-02-02 07:58 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-02-02 07:58 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-02-02 07:58 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-02-02 07:58 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-02-02 07:58 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2015-02-02 07:58 - 2014-05-17 05:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-02-02 07:58 - 2014-04-11 05:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2015-02-02 07:58 - 2014-04-09 06:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-02-02 07:58 - 2014-04-06 16:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2015-02-02 07:58 - 2014-04-03 05:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-02 07:58 - 2014-04-03 03:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2015-02-02 07:58 - 2014-03-17 03:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2015-02-02 07:58 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-02-02 07:57 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-02 07:57 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-02 07:57 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-02 07:57 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-02-02 07:57 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-02-02 07:57 - 2014-05-30 04:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-02-02 07:57 - 2014-04-18 15:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2015-02-02 07:57 - 2014-04-18 10:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2015-02-02 07:57 - 2014-04-14 10:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-02-02 07:57 - 2014-04-14 09:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-02-02 07:57 - 2014-04-11 05:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-02-02 07:57 - 2014-04-11 04:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-02-02 07:57 - 2014-04-09 12:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-02-02 07:57 - 2014-04-09 07:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-02-02 07:57 - 2014-04-09 04:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-02-02 07:57 - 2014-04-08 03:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-02-02 07:57 - 2014-04-06 17:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-02-02 07:57 - 2014-04-06 17:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-02-02 07:57 - 2014-04-06 17:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-02-02 07:57 - 2014-04-06 17:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2015-02-02 07:57 - 2014-04-06 17:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2015-02-02 07:57 - 2014-04-06 17:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-02-02 07:57 - 2014-04-06 17:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-02-02 07:57 - 2014-04-06 16:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-02-02 07:57 - 2014-04-06 16:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-02-02 07:57 - 2014-04-06 13:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-02 07:57 - 2014-04-06 13:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-02 07:57 - 2014-04-06 13:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2015-02-02 07:57 - 2014-04-06 13:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-02 07:57 - 2014-04-06 13:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-02 07:57 - 2014-04-06 12:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2015-02-02 07:57 - 2014-04-06 11:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-02-02 07:57 - 2014-04-06 11:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-02-02 07:57 - 2014-04-06 11:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2015-02-02 07:57 - 2014-04-06 10:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2015-02-02 07:57 - 2014-04-03 09:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-02 07:57 - 2014-04-03 09:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2015-02-02 07:57 - 2014-04-03 05:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2015-02-02 07:57 - 2014-04-03 03:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-02-02 07:57 - 2014-04-03 03:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-02-02 07:57 - 2014-04-03 03:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2015-02-02 07:57 - 2014-04-01 07:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-02-02 07:57 - 2014-03-31 01:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2015-02-02 07:57 - 2014-03-31 00:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2015-02-02 07:57 - 2014-03-30 23:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-02-02 07:57 - 2014-03-30 23:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-02-02 07:57 - 2014-03-30 23:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-02-02 07:57 - 2014-03-28 16:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-02-02 07:57 - 2014-03-27 07:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-02-02 07:57 - 2014-03-27 06:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-02-02 07:57 - 2014-03-27 05:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-02-02 07:57 - 2014-03-27 05:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2015-02-02 07:57 - 2014-03-27 05:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-02-02 07:57 - 2014-03-27 04:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-02-02 07:57 - 2014-03-27 04:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-02-02 07:57 - 2014-03-27 04:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-02-02 07:57 - 2014-03-20 04:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-02-02 07:57 - 2014-03-19 09:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2015-02-02 07:57 - 2014-03-19 09:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-02-02 07:57 - 2014-03-19 08:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-02 07:57 - 2014-03-19 08:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2015-02-02 07:57 - 2014-03-19 06:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2015-02-02 07:57 - 2014-03-19 06:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2015-02-02 07:57 - 2014-03-19 06:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-02-02 07:57 - 2014-03-19 06:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-02-02 07:57 - 2014-03-19 06:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2015-02-02 07:57 - 2014-03-19 05:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2015-02-02 07:57 - 2014-03-19 05:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-02-02 07:57 - 2014-03-18 09:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-02-02 07:57 - 2014-03-18 06:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-02-02 07:57 - 2014-03-18 05:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-02-02 07:57 - 2014-03-17 06:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-02-02 07:57 - 2014-03-17 05:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-02-02 07:57 - 2014-03-17 04:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-02-02 07:57 - 2014-03-14 07:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-02-02 07:57 - 2014-03-14 07:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-02-02 07:57 - 2014-03-06 13:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-02-02 07:57 - 2014-03-06 10:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2015-02-02 07:57 - 2014-03-06 09:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2015-02-02 07:56 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-02 07:56 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-02-02 07:56 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-02 07:56 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-02-02 07:56 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-02-02 07:56 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-02-02 07:56 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-02-02 07:56 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-02 07:56 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-02-02 07:56 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-02-02 07:56 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-02-02 07:56 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-02-02 07:56 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-02-02 07:56 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-02-02 07:56 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-02-02 07:56 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-02-02 07:56 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-02-02 07:56 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-02-02 07:56 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-02-02 07:56 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-02-02 07:56 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-02-02 07:56 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-02-02 07:56 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-02-02 07:56 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-02-02 07:56 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-02-02 07:56 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-02-02 07:56 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-02-02 07:56 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-02-02 07:56 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-02-02 07:56 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-02-02 07:56 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-02-02 07:56 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-02-02 07:56 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-02-02 07:56 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-02-02 07:56 - 2014-08-07 03:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-02-02 07:56 - 2014-08-02 04:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-02-02 07:56 - 2014-06-06 14:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-02-02 07:56 - 2014-06-06 13:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-02-02 07:56 - 2014-05-01 14:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2015-02-02 07:56 - 2014-05-01 06:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-02-02 07:56 - 2014-03-13 08:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-02-02 07:56 - 2014-03-13 07:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-02-02 07:55 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-02 07:55 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-02-02 07:55 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-02-02 07:55 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-02-02 07:55 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-02-02 07:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-02-02 07:55 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-02-02 07:55 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2015-02-02 07:55 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-02-02 07:55 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2015-02-02 07:55 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-02-02 07:55 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-02-02 07:55 - 2014-04-11 09:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-02-02 07:55 - 2014-04-11 07:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-02-02 07:55 - 2014-04-11 06:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-02-02 07:55 - 2014-04-11 04:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-02-02 07:55 - 2014-04-11 04:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-02-02 07:55 - 2014-04-11 04:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-02-02 07:55 - 2014-04-11 04:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-02-02 07:55 - 2014-04-11 04:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-02-02 07:55 - 2014-04-11 03:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-02-02 07:55 - 2014-04-11 03:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-02-02 07:55 - 2014-04-11 03:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-02-02 07:54 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-02-02 07:54 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-02-02 07:54 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-02-02 07:54 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-02-02 07:54 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-02-02 07:54 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-02-02 07:54 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-02-02 07:53 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-02 07:53 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-02 06:42 - 2015-02-02 06:42 - 00000000 _____ () C:\Recovery.txt
2015-02-01 22:59 - 2015-02-01 23:01 - 81307064 _____ (Swiss Academic Software) C:\Users\Christian\Downloads\Citavi4Setup.exe
2015-02-01 22:59 - 2015-02-01 22:59 - 17072512 _____ () C:\Users\Christian\Downloads\PDFXVwer2.5.311 (1).zip
2015-02-01 22:52 - 2014-05-31 11:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-02-01 22:52 - 2014-05-31 11:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-02-01 22:52 - 2014-05-31 04:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-02-01 22:52 - 2014-05-31 04:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-02-01 22:52 - 2014-05-31 03:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-02-01 22:52 - 2014-05-31 03:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-02-01 22:52 - 2014-05-31 03:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-02-01 22:52 - 2014-05-31 03:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-02-01 22:52 - 2014-05-31 03:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-02-01 22:51 - 2015-02-01 22:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-01 22:51 - 2015-02-01 22:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-01 22:51 - 2015-01-10 00:30 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-01 22:51 - 2015-01-10 00:30 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 01097872 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-01 22:51 - 2015-01-10 00:29 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-02-01 22:51 - 2015-01-10 00:29 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-01 22:51 - 2015-01-09 20:47 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-01 22:49 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-01 22:49 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-01 22:49 - 2015-01-10 09:07 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-01 22:48 - 2015-02-01 22:48 - 00000000 ____D () C:\NVIDIA
2015-02-01 22:45 - 2015-02-01 22:45 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\ASCOMP Software
2015-02-01 22:45 - 2015-02-01 22:45 - 00000000 ____D () C:\Program Files (x86)\ASCOMP Software
2015-02-01 22:43 - 2015-02-01 22:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\Christian\Desktop\HiJackThis204.exe
2015-02-01 22:42 - 2015-02-02 15:21 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 22:42 - 2015-02-02 15:21 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-01 22:42 - 2015-02-01 22:42 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-01 22:42 - 2015-02-01 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-01 22:42 - 2015-02-01 22:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-01 22:42 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-01 22:42 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-01 22:41 - 2015-02-01 22:41 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2015-02-01 22:36 - 2015-02-01 22:37 - 359471688 _____ (NVIDIA Corporation) C:\Users\Christian\Downloads\347.25-notebook-win8-win7-64bit-international-whql.exe
2015-02-01 22:36 - 2015-02-01 22:36 - 00000000 ____D () C:\Users\Christian\Documents\Symantec
2015-02-01 22:33 - 2015-02-02 08:56 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-02-01 22:33 - 2015-02-01 22:33 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-02-01 22:33 - 2015-02-01 22:33 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2015-02-01 22:30 - 2015-02-01 22:30 - 00034816 ___SH () C:\Users\Christian\Desktop\Thumbs.db
2015-02-01 22:30 - 2015-02-01 22:30 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2015-02-01 22:22 - 2015-02-02 08:08 - 00000000 ____D () C:\Users\Christian\AppData\Local\CrashDumps
2015-02-01 22:21 - 2015-02-01 22:21 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\WildTangent
2015-02-01 22:18 - 2015-02-02 08:56 - 00000000 ____D () C:\ProgramData\Norton
2015-02-01 22:18 - 2015-02-01 22:18 - 00000000 ____D () C:\Users\Christian\AppData\Local\clear.fi
2015-02-01 22:18 - 2015-02-01 22:18 - 00000000 ____D () C:\Users\Christian\AppData\Local\Acer
2015-02-01 22:16 - 2015-02-01 22:30 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-02-01 22:16 - 2015-02-01 22:16 - 00000000 ____D () C:\Users\Christian\AppData\Local\Razer_Inc
2015-02-01 22:16 - 2015-02-01 22:16 - 00000000 ____D () C:\ProgramData\Razer
2015-02-01 22:04 - 2015-02-02 14:33 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-01 22:04 - 2015-02-02 14:09 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-01 22:04 - 2015-02-01 22:04 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-01 22:04 - 2015-02-01 22:04 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-01 22:04 - 2015-02-01 22:04 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-01 22:04 - 2015-02-01 22:04 - 00000000 ____D () C:\Users\Christian\AppData\Local\Google
2015-02-01 22:04 - 2015-02-01 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-01 22:04 - 2015-02-01 22:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-01 22:03 - 2015-02-01 22:04 - 00000000 ____D () C:\Users\Christian\AppData\Local\Deployment
2015-02-01 22:03 - 2015-02-01 22:03 - 00000000 ____D () C:\Users\Christian\AppData\Local\Apps\2.0
2015-02-01 22:01 - 2015-02-02 12:27 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1715082490-1160310528-2700504390-1001
2015-02-01 22:01 - 2015-02-01 22:01 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieUserList
2015-02-01 22:01 - 2015-02-01 22:01 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieSiteList
2015-02-01 22:01 - 2015-02-01 22:01 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Macromedia
2015-02-01 22:00 - 2015-02-02 14:33 - 00000000 ___DO () C:\Users\Christian\OneDrive
2015-02-01 22:00 - 2015-02-01 22:00 - 00000000 ____D () C:\Users\Public\Pokki
2015-02-01 21:59 - 2015-02-02 07:54 - 00002337 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-01 21:59 - 2015-02-01 22:32 - 00002166 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2015-02-01 21:58 - 2015-02-01 21:58 - 00000000 ____D () C:\Users\Christian\PicStream
2015-02-01 21:56 - 2015-02-01 22:46 - 00000000 ____D () C:\Users\Christian\AppData\Local\VirtualStore
2015-02-01 21:56 - 2015-02-01 22:05 - 00000000 ____D () C:\Users\Christian\AppData\Local\Packages
2015-02-01 21:56 - 2015-02-01 21:56 - 00001458 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-01 21:56 - 2015-02-01 21:56 - 00001280 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2015-02-01 21:56 - 2015-02-01 21:56 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Intel
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Adobe
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\Users\Christian\AppData\Local\NVIDIA
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2015-02-01 21:56 - 2015-02-01 21:56 - 00000000 ____D () C:\Program Files\Accessory Store
2015-02-01 21:55 - 2015-02-02 12:09 - 00000000 ____D () C:\Users\Christian
2015-02-01 21:55 - 2015-02-02 08:53 - 00000000 ____D () C:\Users\Christian\AppData\Local\Pokki
2015-02-01 21:55 - 2015-02-01 21:55 - 00000020 ___SH () C:\Users\Christian\ntuser.ini
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Vorlagen
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Startmenü
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Netzwerkumgebung
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Lokale Einstellungen
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Eigene Dateien
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Druckumgebung
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Documents\Eigene Musik
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Documents\Eigene Bilder
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\AppData\Local\Verlauf
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\AppData\Local\Anwendungsdaten
2015-02-01 21:55 - 2015-02-01 21:55 - 00000000 _SHDL () C:\Users\Christian\Anwendungsdaten
2015-02-01 21:55 - 2014-06-11 05:11 - 00000000 ___RD () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-01 21:55 - 2014-03-18 11:33 - 00000000 ___RD () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-01 21:55 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-01 21:55 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-01 21:55 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-01 21:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Programme
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-02-01 20:43 - 2015-02-01 20:43 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 15:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-02 14:34 - 2014-06-11 05:05 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-02-02 14:34 - 2014-06-11 05:05 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-02-02 14:34 - 2014-03-18 11:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-02 14:30 - 2014-03-18 10:54 - 00723984 _____ () C:\Windows\PFRO.log
2015-02-02 14:30 - 2013-08-22 15:46 - 00023785 _____ () C:\Windows\setupact.log
2015-02-02 14:30 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-02 14:29 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-02 10:59 - 2013-08-22 15:44 - 00346960 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-02 10:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-02 10:56 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-02-02 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-02 10:56 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-02-02 10:55 - 2014-06-10 19:37 - 01779175 _____ () C:\Windows\WindowsUpdate.log
2015-02-02 10:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-02 10:52 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-02 09:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-02 09:05 - 2014-08-20 18:04 - 00799944 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-02-02 09:05 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-02-02 09:05 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-02-02 09:05 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-02-02 09:00 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-02-02 06:42 - 2013-08-22 16:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-02-01 22:51 - 2014-06-10 19:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-01 22:51 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-02-01 22:50 - 2014-06-10 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-01 22:21 - 2014-05-27 05:08 - 00000000 ____D () C:\Windows\oem
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\ProgramData\Acer
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-01 22:21 - 2014-05-27 04:58 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-01 22:17 - 2014-06-10 20:25 - 00000000 ____D () C:\ProgramData\OEM
2015-02-01 22:14 - 2014-05-27 05:08 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-01 22:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\restore
2015-02-01 21:59 - 2014-05-27 05:46 - 00000000 ___HD () C:\OEM
2015-02-01 21:56 - 2014-05-27 05:48 - 00000000 ____D () C:\Windows\Panther
2015-02-01 20:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-01 20:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-01 20:43 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default

==================== Files in the root of some directories =======

2014-06-10 20:08 - 2014-06-10 20:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Christian\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\Christian\AppData\Local\Temp\AOPSetup.exe
C:\Users\Christian\AppData\Local\Temp\octF5C2.tmp.exe
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe
C:\Users\Christian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-05-27 04:49

==================== End Of Log ============================
--- --- ---

--- --- ---

cosinus 02.02.2015 21:52
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\...\RunOnce: [Application Restart #1] => C:\Users\Christian\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1715082490-1160310528-2700504390-1001 -> {45A916D3-E7DD-4D42-82B7-BFC867B6AA91} URL =
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
C:\Users\Christian\AppData\Local\Pokki
C:\ProgramData\DP45977C.lfl
EmptyTemp:
Hosts:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


CLove 03.02.2015 08:54
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by Christian at 2015-02-03 08:48:44 Run:1
Running from C:\Users\Christian\Desktop
Loaded Profiles: Christian (Available profiles: Christian)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\...\RunOnce: [Application Restart #1] => C:\Users\Christian\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1715082490-1160310528-2700504390-1001 -> {45A916D3-E7DD-4D42-82B7-BFC867B6AA91} URL =
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
C:\Users\Christian\AppData\Local\Pokki
C:\ProgramData\DP45977C.lfl
EmptyTemp:
Hosts:
*****************

HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #1 => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1715082490-1160310528-2700504390-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45A916D3-E7DD-4D42-82B7-BFC867B6AA91}" => Key deleted successfully.
HKCR\CLSID\{45A916D3-E7DD-4D42-82B7-BFC867B6AA91} => Key not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
C:\Users\Christian\AppData\Local\Pokki => Moved successfully.
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 29.4 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-03 08:51:52)<=

C:\ProgramData\DP45977C.lfl => Is moved successfully.

==== End of Fixlog 08:51:52 ====

cosinus 03.02.2015 11:50
Kaspersky komplett deaktivieren, dann den Fix wiederholen


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:21 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131