FRST 1f Code:
2015-05-27 09:46 - 2014-10-29 03:28 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PATHPING.EXE
2015-05-27 09:46 - 2014-10-29 03:28 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mountvol.exe
2015-05-27 09:46 - 2014-10-29 03:28 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2015-05-27 09:46 - 2014-10-29 03:28 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrssrv.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\whhelper.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBthProxy.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TCPSVCS.EXE
2015-05-27 09:46 - 2014-10-29 03:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msidle.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TcpipSetup.dll
2015-05-27 09:46 - 2014-10-29 03:28 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\backgroundTaskHost.exe
2015-05-27 09:46 - 2014-10-29 03:28 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\loadperf.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentprf.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\setx.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\lodctr.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspatcha.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\unlodctr.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecEdit.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cacls.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EventAggregation.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsparse.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fltMC.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysntfy.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecerts.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ARP.EXE
2015-05-27 09:46 - 2014-10-29 03:27 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedcli.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhapi.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\PING.EXE
2015-05-27 09:46 - 2014-10-29 03:27 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerClient.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TRACERT.EXE
2015-05-27 09:46 - 2014-10-29 03:27 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Register-CimProvider.exe
2015-05-27 09:46 - 2014-10-29 03:27 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2015-05-27 09:46 - 2014-10-29 03:27 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\HOSTNAME.EXE
2015-05-27 09:46 - 2014-10-29 03:27 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringIeProvider.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidnsp.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypttpmeksvc.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\pots.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VaultCmd.exe
2015-05-27 09:46 - 2014-10-29 03:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\chkdsk.exe
2015-05-27 09:46 - 2014-10-29 03:26 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\userinitext.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRINFO.EXE
2015-05-27 09:46 - 2014-10-29 03:26 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityRtapiPal.dll
2015-05-27 09:46 - 2014-10-29 03:26 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpcsvc.dll
2015-05-27 09:46 - 2014-10-29 03:25 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipsec.dll
2015-05-27 09:46 - 2014-10-29 03:25 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogonext.dll
2015-05-27 09:46 - 2014-10-29 03:25 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tpmcompc.dll
2015-05-27 09:46 - 2014-10-29 03:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncuprov.dll
2015-05-27 09:46 - 2014-10-29 03:25 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2015-05-27 09:46 - 2014-10-29 03:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2015-05-27 09:46 - 2014-10-29 03:25 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsext.dll
2015-05-27 09:46 - 2014-10-29 03:24 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\procinst.dll
2015-05-27 09:46 - 2014-10-29 03:23 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-05-27 09:46 - 2014-10-29 03:23 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2015-05-27 09:46 - 2014-10-29 03:23 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Background.ps.dll
2015-05-27 09:46 - 2014-10-29 03:23 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxStreamingDataSourcePS.dll
2015-05-27 09:46 - 2014-10-29 03:22 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-05-27 09:46 - 2014-10-29 03:22 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2015-05-27 09:46 - 2014-10-29 03:22 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngcredui.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipconfig.exe
2015-05-27 09:46 - 2014-10-29 03:21 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-05-27 09:46 - 2014-10-29 03:21 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallButtons.ProxyStub.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ROUTE.EXE
2015-05-27 09:46 - 2014-10-29 03:21 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragproxy.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHostProxy.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeSyncTask.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfmifsproxy.dll
2015-05-27 09:46 - 2014-10-29 03:21 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllhst3g.exe
2015-05-27 09:46 - 2014-10-29 03:20 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpapimig.exe
2015-05-27 09:46 - 2014-10-29 03:20 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NETSTAT.EXE
2015-05-27 09:46 - 2014-10-29 03:20 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2015-05-27 09:46 - 2014-10-29 03:20 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommonPal.dll
2015-05-27 09:46 - 2014-10-29 03:20 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentTask.dll
2015-05-27 09:46 - 2014-10-29 03:20 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2015-05-27 09:46 - 2014-10-29 03:19 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpauto.dll
2015-05-27 09:46 - 2014-10-29 03:19 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschapext.dll
2015-05-27 09:46 - 2014-10-29 03:19 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2015-05-27 09:46 - 2014-10-29 03:17 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2015-05-27 09:46 - 2014-10-29 03:16 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2015-05-27 09:46 - 2014-10-29 03:16 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetmib1.dll
2015-05-27 09:46 - 2014-10-29 03:15 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrshost.exe
2015-05-27 09:46 - 2014-10-29 03:14 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\nci.dll
2015-05-27 09:46 - 2014-10-29 03:12 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwaninst.dll
2015-05-27 09:46 - 2014-10-29 03:12 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2015-05-27 09:46 - 2014-10-29 03:11 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2015-05-27 09:46 - 2014-10-29 03:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifmon.dll
2015-05-27 09:46 - 2014-10-29 03:08 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrs.exe
2015-05-27 09:46 - 2014-10-29 03:06 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2015-05-27 09:46 - 2014-10-29 03:06 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
2015-05-27 09:46 - 2014-10-29 03:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpapi.dll
2015-05-27 09:46 - 2014-10-29 03:06 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprext.dll
2015-05-27 09:46 - 2014-10-29 03:06 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_ISCII.DLL
2015-05-27 09:46 - 2014-10-29 03:06 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2015-05-27 09:46 - 2014-10-29 03:05 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprmsg.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lodctr.exe
2015-05-27 09:46 - 2014-10-29 03:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unlodctr.exe
2015-05-27 09:46 - 2014-10-29 03:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vpnikeapi.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcsubs.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\snmpapi.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schedcli.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PING.EXE
2015-05-27 09:46 - 2014-10-29 03:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mskeyprotcli.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fltLib.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PATHPING.EXE
2015-05-27 09:46 - 2014-10-29 03:05 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshqos.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mountvol.exe
2015-05-27 09:46 - 2014-10-29 03:05 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TRACERT.EXE
2015-05-27 09:46 - 2014-10-29 03:05 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemEventsBrokerClient.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmsgapi.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2015-05-27 09:46 - 2014-10-29 03:05 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\whhelper.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2015-05-27 09:46 - 2014-10-29 03:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winrssrv.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBthProxy.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TCPSVCS.EXE
2015-05-27 09:46 - 2014-10-29 03:05 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msidle.dll
2015-05-27 09:46 - 2014-10-29 03:05 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\backgroundTaskHost.exe
2015-05-27 09:46 - 2014-10-29 03:05 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2015-05-27 09:46 - 2014-10-29 03:04 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2015-05-27 09:46 - 2014-10-29 03:04 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2015-05-27 09:46 - 2014-10-29 03:04 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pots.dll
2015-05-27 09:46 - 2014-10-29 03:04 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2015-05-27 09:46 - 2014-10-29 03:04 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fltMC.exe
2015-05-27 09:46 - 2014-10-29 03:04 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ARP.EXE
2015-05-27 09:46 - 2014-10-29 03:04 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2015-05-27 09:46 - 2014-10-29 03:04 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userinitext.dll
2015-05-27 09:46 - 2014-10-29 03:04 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Register-CimProvider.exe
2015-05-27 09:46 - 2014-10-29 03:04 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2015-05-27 09:46 - 2014-10-29 03:04 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HOSTNAME.EXE
2015-05-27 09:46 - 2014-10-29 03:04 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpcsvc.dll
2015-05-27 09:46 - 2014-10-29 03:03 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2015-05-27 09:46 - 2014-10-29 03:03 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidnsp.dll
2015-05-27 09:46 - 2014-10-29 03:03 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRINFO.EXE
2015-05-27 09:46 - 2014-10-29 03:03 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityRtapiPal.dll
2015-05-27 09:46 - 2014-10-29 03:02 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipsec.dll
2015-05-27 09:46 - 2014-10-29 03:02 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2015-05-27 09:46 - 2014-10-29 03:01 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2015-05-27 09:46 - 2014-10-29 03:01 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vss_ps.dll
2015-05-27 09:46 - 2014-10-29 03:01 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2015-05-27 09:46 - 2014-10-29 03:01 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.ps.dll
2015-05-27 09:46 - 2014-10-29 03:01 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2015-05-27 09:46 - 2014-10-29 03:01 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2015-05-27 09:46 - 2014-10-29 03:01 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Background.ps.dll
2015-05-27 09:46 - 2014-10-29 03:00 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipconfig.exe
2015-05-27 09:46 - 2014-10-29 03:00 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-05-27 09:46 - 2014-10-29 03:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2015-05-27 09:46 - 2014-10-29 03:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvps.dll
2015-05-27 09:46 - 2014-10-29 03:00 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ROUTE.EXE
2015-05-27 09:46 - 2014-10-29 03:00 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.RemoteDesktop.dll
2015-05-27 09:46 - 2014-10-29 03:00 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2015-05-27 09:46 - 2014-10-29 03:00 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsExt.dll
2015-05-27 09:46 - 2014-10-29 03:00 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommonPal.dll
2015-05-27 09:46 - 2014-10-29 03:00 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallButtons.ProxyStub.dll
2015-05-27 09:46 - 2014-10-29 03:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfmifsproxy.dll
2015-05-27 09:46 - 2014-10-29 02:59 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschapext.dll
2015-05-27 09:46 - 2014-10-29 02:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2015-05-27 09:46 - 2014-10-29 02:58 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-05-27 09:46 - 2014-10-29 02:58 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdPHost.dll
2015-05-27 09:46 - 2014-10-29 02:58 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2015-05-27 09:46 - 2014-10-29 02:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Startupscan.dll
2015-05-27 09:46 - 2014-10-29 02:58 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootim.exe
2015-05-27 09:46 - 2014-10-29 02:57 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2015-05-27 09:46 - 2014-10-29 02:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winrshost.exe
2015-05-27 09:46 - 2014-10-29 02:57 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2015-05-27 09:46 - 2014-10-29 02:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2015-05-27 09:46 - 2014-10-29 02:56 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nci.dll
2015-05-27 09:46 - 2014-10-29 02:55 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CheckNetIsolation.exe
2015-05-27 09:46 - 2014-10-29 02:55 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaProxy.exe
2015-05-27 09:46 - 2014-10-29 02:54 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaUacHelper.exe
2015-05-27 09:46 - 2014-10-29 02:53 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifmon.dll
2015-05-27 09:46 - 2014-10-29 02:50 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2015-05-27 09:46 - 2014-10-29 02:50 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2015-05-27 09:46 - 2014-10-29 02:48 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2015-05-27 09:46 - 2014-10-29 02:46 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2015-05-27 09:46 - 2014-10-29 02:46 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Startupscan.dll
2015-05-27 09:46 - 2014-10-29 02:45 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2015-05-27 09:46 - 2014-10-29 02:44 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
2015-05-27 09:46 - 2014-10-29 02:44 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaUacHelper.exe
2015-05-27 09:46 - 2014-10-07 05:30 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-05-27 09:46 - 2014-10-07 05:29 - 00107520 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-05-27 09:46 - 2014-10-07 05:29 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-05-27 09:46 - 2014-10-07 05:29 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-05-27 09:46 - 2014-06-21 09:33 - 00212736 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2015-05-27 09:27 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-27 09:27 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-27 09:27 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-27 09:27 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-27 09:27 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-27 09:27 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-27 09:27 - 2014-10-31 06:50 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2015-05-27 09:27 - 2014-10-31 05:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-05-27 09:27 - 2014-10-31 05:23 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-05-27 09:27 - 2014-10-31 05:22 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2015-05-27 09:27 - 2014-10-31 05:18 - 04840960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-05-27 09:27 - 2014-10-31 05:09 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-05-27 09:27 - 2014-10-31 04:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2015-05-27 09:23 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-27 09:23 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-27 09:23 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-27 09:23 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-27 09:23 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-27 09:23 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-27 09:23 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-27 09:23 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-27 09:23 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-27 09:23 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-27 09:23 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-27 09:23 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-27 09:23 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-27 09:23 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-27 09:23 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-27 09:23 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-27 09:23 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-27 09:23 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-27 09:23 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-27 09:23 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-27 09:23 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-27 09:23 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-27 09:23 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-27 09:23 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-27 09:23 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-27 09:23 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-27 09:23 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-27 09:23 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-27 09:23 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-27 09:23 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-27 09:23 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-27 09:23 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-27 09:23 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-27 09:23 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-27 09:23 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-27 09:23 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-27 09:23 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-27 09:23 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-27 09:23 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-27 09:23 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-27 09:23 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-27 09:23 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-27 09:23 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-27 09:23 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-27 09:23 - 2014-10-29 04:42 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2015-05-27 09:23 - 2014-10-29 03:19 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-05-27 09:23 - 2014-10-29 02:59 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-05-27 09:10 - 2015-05-27 09:10 - 00332792 _____ (Vidoz Limited) C:\Users\***** *****\Downloads\Nicht bestätigt 446607.crdownload
2015-05-27 08:41 - 2015-05-27 08:41 - 02223104 _____ C:\Users\***** *****\Downloads\adwcleaner_4.205.exe
2015-05-27 08:40 - 2015-05-27 08:40 - 02209792 _____ C:\Users\***** *****\Downloads\adwcleaner_4.205 (1).exe
2015-05-26 18:24 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-26 18:24 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-26 18:24 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-26 18:24 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-26 18:24 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-26 18:24 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-26 18:24 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-26 18:24 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-26 18:24 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-26 18:24 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-26 18:24 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-26 18:24 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-26 18:24 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-26 18:24 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-26 18:24 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-26 18:24 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-26 18:24 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-26 18:24 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-26 18:24 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-26 18:24 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-26 18:24 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-26 18:24 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-26 18:24 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-26 18:24 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-26 18:24 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-26 18:24 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-26 18:24 - 2014-10-29 04:45 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2015-05-26 18:24 - 2014-10-29 04:44 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-05-26 18:24 - 2014-10-29 04:00 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2015-05-26 18:24 - 2014-10-29 04:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2015-05-26 18:24 - 2014-10-29 03:58 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShextAutoplay.exe
2015-05-26 18:24 - 2014-10-29 03:57 - 00324608 ____C (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2015-05-26 18:24 - 2014-10-29 03:54 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2015-05-26 18:24 - 2014-10-29 03:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShextAutoplay.exe
2015-05-26 18:24 - 2014-10-29 03:22 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2015-05-26 18:23 - 2015-03-13 02:29 - 00410017 _____ C:\WINDOWS\system32\ApnDatabase.xml
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-22 20:17 - 2012-08-29 05:42 - 00000360 _____ C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job
2015-06-22 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-22 19:57 - 2014-11-09 11:01 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-22 19:55 - 2012-08-29 05:43 - 00000000 ____D C:\ProgramData\WinClon
2015-06-22 19:52 - 2014-11-09 11:01 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-22 19:52 - 2013-08-22 16:46 - 00326496 _____ C:\WINDOWS\setupact.log
2015-06-22 19:52 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-22 19:51 - 2014-09-23 23:06 - 00081986 _____ C:\WINDOWS\PFRO.log
2015-06-22 19:49 - 2014-11-07 08:22 - 00000000 ____D C:\Users\***** *****
2015-06-22 15:06 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-22 15:06 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\TAPI
2015-06-22 14:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-22 14:08 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-22 13:50 - 2014-11-07 08:13 - 01772282 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-22 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-05-28 22:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PLA
2015-05-28 22:30 - 2015-05-08 23:45 - 00000000 ____D C:\Program Files (x86)\5d3675e6-b894-4bc0-a3fb-1a99812acfbe
2015-05-28 22:30 - 2015-04-12 01:08 - 00000000 ____D C:\Users\***** *****\AppData\Roaming\Rainmaker Software Group LLC.
2015-05-28 22:30 - 2015-01-24 14:17 - 00000000 ____D C:\Program Files (x86)\6a79f4f3-35ed-4b7f-9c94-9d8ed4125a93
2015-05-28 21:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppCompat
2015-05-28 21:50 - 2014-09-24 08:17 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-28 21:50 - 2014-09-24 07:43 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-05-28 21:50 - 2014-09-24 07:43 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-05-28 21:45 - 2014-11-07 09:06 - 00003926 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E49FCC51-61D3-483F-9921-DEA8E605F06D}
2015-05-28 21:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-05-28 21:14 - 2015-04-16 21:08 - 00000000 ____D C:\Program Files (x86)\Clean the Junk
2015-05-28 21:08 - 2013-01-16 20:19 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-484924946-752710417-643280108-1001
2015-05-28 20:18 - 2014-11-09 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-28 20:18 - 2014-11-07 08:55 - 00001015 _____ C:\Users\***** *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-28 20:12 - 2015-05-08 23:43 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-28 19:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-28 19:31 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-05-28 18:34 - 2013-08-22 17:37 - 00005217 _____ C:\WINDOWS\DtcInstall.log
2015-05-28 18:31 - 2013-08-22 16:44 - 00410728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-05-28 18:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Camera
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Com
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-05-28 18:16 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-05-28 18:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-05-28 18:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-05-28 18:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-05-28 18:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-05-28 18:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2015-05-28 18:15 - 2013-08-22 17:36 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-05-28 18:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-05-28 18:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-05-28 18:15 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-05-28 18:14 - 2015-04-07 15:57 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-28 18:14 - 2015-04-07 15:57 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-28 18:14 - 2014-09-24 08:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-28 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\WindowsPowerShell
2015-05-28 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-05-28 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-05-28 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-05-27 11:43 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-27 11:12 - 2013-11-27 17:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-27 11:01 - 2013-01-25 19:26 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-27 10:47 - 2013-08-22 17:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-05-27 10:47 - 2013-08-22 17:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-05-26 18:38 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-26 18:09 - 2015-04-21 01:10 - 00000020 _____ C:\Users\***** *****\AppData\Roaming\appdataFr3.bin
==================== Files in the root of some directories =======
2015-04-21 01:10 - 2015-05-26 18:09 - 0000020 _____ () C:\Users\***** *****\AppData\Roaming\appdataFr3.bin
2015-01-24 14:18 - 2015-01-24 14:17 - 0613057 _____ (CMI Limited) C:\Users\***** *****\AppData\Local\nsiE6A2.tmp
2015-01-24 15:23 - 2015-01-24 15:23 - 0628496 _____ (CMI Limited) C:\Users\***** *****\AppData\Local\nsmCBA3.tmp
2015-05-28 19:03 - 2015-05-28 19:05 - 0011838 _____ () C:\Users\***** *****\AppData\Local\Temp-log.txt
2012-08-29 05:38 - 2012-08-08 06:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-29 05:38 - 2012-08-07 12:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-22 20:03
==================== End of log ============================ Addition
[CODE]
Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by ***** ***** at 2015-06-22 20:30:18
Running from C:\Users\***** *****\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-484924946-752710417-643280108-500 - Administrator - Disabled)
***** ***** (S-1-5-21-484924946-752710417-643280108-1001 - Administrator - Enabled) => C:\Users\***** *****
Gast (S-1-5-21-484924946-752710417-643280108-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AMD Catalyst Install Manager (HKLM\...\{C81A2726-7169-75AF-62C4-250BBB638924}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
LiveUpdateWPP (HKLM-x32\...\LiveUpdateWPP) (Version: - Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version: - Microsoft)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Ninja Loader (HKLM-x32\...\Ninja Loader) (Version: 164.0.0.1703 - CLICK YES BELOW LP)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.6.0.27 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.5.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{3D7275C7-8549-46AF-8B59-82A3EF301B31}) (Version: 2.0.8 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{49271148-3C6B-4F2B-B8C9-FFDE243B8FEA}) (Version: 2.0.15 - Samsung Electronics CO., LTD.)
User Guide (HKLM-x32\...\{5D4E117D-FC6A-4FB8-81E3-BEFFAE2F7BE6}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
WEB.DE MailCheck für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.0.4 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.1.0 - 1&1 Mail & Media GmbH)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
26-05-2015 18:39:30 Windows Update
22-06-2015 16:29:53 Geplanter Prüfpunkt
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {010AEAE6-5A08-4523-B0B8-938664C902BE} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-08-24] (Samsung Electronics CO., LTD.)
Task: {06DB4D9A-5A72-4141-8F01-24258062849C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {06E00D1D-725B-4748-A88B-2F2D57851F15} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {156CA460-8D8F-4A7C-A506-E71440EE19D0} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {4CC813D0-67A7-41B2-95CD-755097E27369} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {5719C990-CE7A-4335-9877-7EFE0410F3E2} - \SMW_UpdateTask_Time_323332383633363832302d23787845322a5b3434322d57 No Task File <==== ATTENTION
Task: {5D8CFDF9-6412-4CCC-8C30-84412D22A348} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-08-23] (SEC)
Task: {6F40C783-288F-4B7F-82EA-F602051E981B} - System32\Tasks\GNVLNUPDH => C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe <==== ATTENTION
Task: {9FD2802A-F402-4249-BEF3-A0A818332A2F} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {9FFA3DED-C765-45EA-ABFC-3495646E37F6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {AC8201D0-CC74-49E2-9E50-3F59F6D52D1E} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {B0B73ED0-1FA5-4D57-81CE-CC78E7AD3EA0} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {BEF2779E-98C5-4D66-8FF9-54E952352E9A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-27] (Microsoft Corporation)
Task: {C527B6D1-228F-4CBD-83A2-933B081ADA70} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe [2014-12-06] (Symantec Corporation)
Task: {E7F8807D-C231-4E96-A988-61F66ED2F60D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {E81D0B9F-9ABA-404D-AA58-726A734D9315} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {EA89DE75-C2FB-4090-A867-BECC9B0001CC} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {F3B0FC95-5164-44CD-8238-AD6C7B81DD05} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (Whitelisted) ==============
2014-07-04 22:33 - 2014-07-04 22:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00076920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-08-10 11:28 - 2012-08-10 11:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-10 11:23 - 2012-08-10 11:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2014-07-04 22:33 - 2014-07-04 22:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-08-24 11:10 - 2012-08-24 11:10 - 04238968 _____ () C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
2015-05-01 11:44 - 2015-05-01 11:44 - 00109160 _____ () C:\Program Files (x86)\Ninja Loader\Modules\Core.dll
2015-05-01 11:43 - 2015-05-01 11:43 - 00058984 _____ () C:\Program Files (x86)\Ninja Loader\Modules\BdUdr.dll
2015-05-01 11:44 - 2015-05-01 11:44 - 00041576 _____ () C:\Program Files (x86)\Ninja Loader\Modules\WInIn.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00028280 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 01015416 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2015-05-01 11:43 - 2015-05-01 11:43 - 00039528 _____ () C:\Program Files (x86)\Ninja Loader\Modules\ArSp.dll
2015-05-01 11:43 - 2015-05-01 11:43 - 00117352 _____ () C:\Program Files (x86)\Ninja Loader\Modules\BrSp.dll
2015-05-01 11:44 - 2015-05-01 11:44 - 00090728 _____ () C:\Program Files (x86)\Ninja Loader\Modules\CdPrc.dll
2015-05-01 11:44 - 2015-05-01 11:44 - 00096872 _____ () C:\Program Files (x86)\Ninja Loader\Modules\WbSt.dll
2015-05-01 11:44 - 2015-05-01 11:44 - 00056424 _____ () C:\Program Files (x86)\Ninja Loader\Modules\WdCtl.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-12-13 11:55 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.6.0.27\wincfi39.dll
2015-05-08 23:41 - 2015-03-26 16:13 - 01091584 _____ () C:\Users\***** *****\AppData\Local\Ninja Loader\Discover\libglesv2.dll
2015-05-08 23:41 - 2015-03-26 16:13 - 00167936 _____ () C:\Users\***** *****\AppData\Local\Ninja Loader\Discover\libEGL.dll
2015-05-08 23:41 - 2015-03-26 16:39 - 08569856 _____ () C:\Users\***** *****\AppData\Local\Ninja Loader\Discover\pdf.dll
2015-05-08 23:41 - 2015-03-26 16:18 - 00324608 _____ () C:\Users\***** *****\AppData\Local\Ninja Loader\Discover\ppGoogleNaClPluginChrome.dll
2015-05-08 23:41 - 2015-03-26 16:14 - 00880128 _____ () C:\Users\***** *****\AppData\Local\Ninja Loader\Discover\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwf.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwr.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwf.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CMWFP => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwr.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-484924946-752710417-643280108-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\***** *****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: Media is not connected to internet.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0B41B74A-F632-469D-BB19-4981E280EF9C}] => (Allow) LPort=1900
FirewallRules: [{235E06D0-1A4C-4ADC-8E80-A85E94133660}] => (Allow) LPort=2869
FirewallRules: [{3E2A7571-7013-4CD2-8388-6339F7F6C912}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{312CCD82-D033-41A5-B03E-F492EE4E469A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/28/2015 06:48:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Quick Starter.exe, Version 1.0.0.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1314
Startzeit: 01d099645f3d57af
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
Berichts-ID: 2e4b9c72-0559-11e5-beaf-50b7c33b5c5a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/28/2015 06:35:30 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3364) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (05/27/2015 10:13:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: *****)
Description: Product: globalupdate Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/26/2015 06:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000022
Fehleroffset: 0x0009d4f2
ID des fehlerhaften Prozesses: 0x1568
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (05/08/2015 11:55:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e20
Startzeit: 01d089d9948e8770
Endzeit: 67
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: fda6bd2e-f5cc-11e4-beac-50b7c33b5c5a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/08/2015 11:43:58 PM) (Source: MsiInstaller) (EventID: 11316) (User: *****)
Description: Product: globalupdate Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (04/21/2015 01:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000022
Fehleroffset: 0x0009d4f2
ID des fehlerhaften Prozesses: 0x118c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (04/17/2015 02:29:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2188
Startzeit: 01d07909bc5eb204
Endzeit: 78
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 50275a76-e4fd-11e4-beaa-50b7c33b5c5a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/17/2015 02:26:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1898
Startzeit: 01d079089319058d
Endzeit: 140
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: f79cf896-e4fc-11e4-beaa-50b7c33b5c5a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/14/2015 10:18:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
System errors:
=============
Error: (06/22/2015 07:52:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppEx Networks Accelerator LWF" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (06/22/2015 07:52:10 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (06/22/2015 06:05:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppEx Networks Accelerator LWF" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (06/22/2015 06:05:42 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (06/22/2015 06:04:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/22/2015 06:04:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Norton Online Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/22/2015 06:04:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Norton Internet Security" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/22/2015 06:04:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/22/2015 06:04:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ZAtheros Bt&Wlan Coex Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/22/2015 06:04:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Ninja Loader Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (05/28/2015 06:48:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Quick Starter.exe1.0.0.12131401d099645f3d57af4294967295C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe2e4b9c72-0559-11e5-beaf-50b7c33b5c5a
Error: (05/28/2015 06:35:30 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3364WindowsMail0:
Error: (05/27/2015 10:13:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: *****)
Description: Product: globalupdate Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (05/26/2015 06:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9ntdll.dll6.3.9600.17736550f42c2c00000220009d4f2156801d097cee9508b57C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\ntdll.dll27981144-03c2-11e5-beac-50b7c33b5c5a
Error: (05/08/2015 11:55:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416e2001d089d9948e877067C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEfda6bd2e-f5cc-11e4-beac-50b7c33b5c5a
Error: (05/08/2015 11:43:58 PM) (Source: MsiInstaller) (EventID: 11316) (User: *****)
Description: Product: globalupdate Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/21/2015 01:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9ntdll.dll6.3.9600.17736550f42c2c00000220009d4f2118c01d07bbedcd93dccC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\ntdll.dll1b4baca8-e7b2-11e4-beab-50b7c33b5c5a
Error: (04/17/2015 02:29:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416218801d07909bc5eb20478C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE50275a76-e4fd-11e4-beaa-50b7c33b5c5a
Error: (04/17/2015 02:26:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416189801d079089319058d140C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEf79cf896-e4fc-11e4-beaa-50b7c33b5c5a
Error: (04/14/2015 10:18:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
==================== Memory info ===========================
Processor: AMD A6-4455M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 15%
Total physical RAM: 7640.44 MB
Available physical RAM: 6481.87 MB
Total Pagefile: 14552.45 MB
Available Pagefile: 13119.7 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:441.83 GB) (Free:393.6 GB) NTFS
==================== MBR & Partition Table ==================
==================== End of log ============================ --- --- ---
GMER. Hat allerdings ein paar Fehler während des Scans geschmissen, hat wohl nicht auf alles Zugriff bekommen. Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-22 20:37:39
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002c rev. 0,00MB
Running: Gmer-19357.exe; Driver: C:\Users\EVASTE~1\AppData\Local\Temp\pxldapow.sys
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [604:628] fffff9600092a2d0
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior
---- EOF - GMER 2.1 ----
Puhh, ich hoffe das ist O.K. so ? |