| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Vista: AVG findet einen RootkitWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.12.2016, 15:12
| #1 |
 |  Windows Vista: AVG findet einen Rootkit Schönen guten Tag , bei der heutigen Systemüberprüfung fand AVG einen Rootkit (?), welcher sich nicht entfernen lässt. Inline-Hook win32k.sys EngProbeForRead+0x95->0xFFFFF95FFA7D893F. Außerdem erhalte ich bei jedem Systemstart folgende Warnung: "ERROR: System Fan has failed. Press F2 to continue" Ich bin dankbar für jede Hilfe. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Suiolirim (Administrator) auf SUIOLIRIM (27-12-2016 14:21:21)
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Geladene Profile: Suiolirim (Verfügbare Profile: Suiolirim)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\UninstMon\PubMonitor.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Run: [Google Update] => C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-24] (Google Inc.)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
GroupPolicy\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9CA86A35-94EC-4BED-A5DB-38C113AD5714}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{A615081A-DB1C-42C8-8B6A-0E4FEC46738B}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {F137222E-6DE9-44E9-8EF2-CC5A8D3833BB} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM -> {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM -> {F137222E-6DE9-44E9-8EF2-CC5A8D3833BB} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll [2009-10-18] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-18] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Browsing Protection Class -> {C6867EB7-8350-4856-877F-93CF8AE3DC9C} -> Keine Datei
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default [2016-12-27]
FF NetworkProxy: Mozilla\Firefox\Profiles\bysl5o0l.default -> no_proxies_on", ""
FF Extension: (Grooveshark Unlocker) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\groovesharkUnlocker@overlord1337.xpi [2016-12-26]
FF Extension: (Distrust) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\trustme@gness.com [2009-04-14] [ist nicht signiert]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-29] [ist nicht signiert]
FF Extension: (NoScript) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-25]
FF Extension: (BugMeNot Plugin) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2016-12-25]
FF Extension: (WOT) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-05-17] [ist nicht signiert]
FF Extension: (Fasterfox) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a99} [2009-04-14] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-25]
FF Extension: (Greasemonkey) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-12-25]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-11.xml [2010-06-23]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-12.xml [2010-06-30]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-13.xml [2010-07-01]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-14.xml [2010-07-27]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-15.xml [2011-02-13]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-16.xml [2011-02-13]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-17.xml [2011-03-06]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-18.xml [2011-03-22]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-19.xml [2011-05-02]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-20.xml [2011-06-20]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-21.xml [2011-06-29]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-22.xml [2011-08-18]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-23.xml [2011-09-04]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-24.xml [2011-09-16]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-25.xml [2011-10-05]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\icqplugin-26.xml [2011-11-19]
FF SearchPlugin: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\winamp-search.xml [2009-04-30]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2016-12-24] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-12-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (Eset Plugin) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-07-06] [ist nicht signiert]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-14] (Google)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-02-14] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Limited)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-02-14] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npigl.dll [2007-02-12] (Indiepath Ltd)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll [2009-07-03] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-01-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\49.0.2623.112\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (igLoader) - C:\Program Files (x86)\Mozilla Firefox\plugins\npigl.dll (Indiepath Ltd)
CHR Plugin: (ijji Auto Install Plugin for Mozilla) - C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll (NHN USA Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Google Updater) - C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\Suiolirim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Keine Datei
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Keine Datei
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\Default [2016-12-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-24]
StartMenuInternet: Google Chrome - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [69632 2008-07-14] () [Datei ist nicht signiert]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert]
S2 gupdate1c986c7e6048a9a; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-08] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3404560 2010-01-04] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
S2 F-Secure Gatekeeper Handler Starter; "C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe" [X]
S3 FSDFWD; "C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe" [X]
S2 FSMA; "C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE" [X]
S3 FSORSPClient; "C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe" [X]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S1 Beep; kein ImagePath
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-09-03] (Brother Industries Ltd.)
R1 FSES; C:\Windows\System32\drivers\fses.sys [46664 2011-04-30] (F-Secure Corporation)
R1 FSFW; C:\Windows\System32\drivers\fsdfw.sys [95784 2011-04-30] (F-Secure Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42248 2012-11-15] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-24] (REALiX(tm))
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89432 2012-08-13] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2012-11-15] (Kaspersky Lab)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-10-06] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-10-06] (Nokia)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4774 2012-02-02] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-15] (Anchorfree Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2009-10-06] (Nokia)
U0 aswVmm; kein ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 dump_wmimmc; \??\C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [X]
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Corporate Edition\kerneld.amd64 [X]
S3 F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [X]
S1 F-Secure HIPS; \??\C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [X]
S1 fsvista; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\Sandra.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\SUIOLIRIM\AppData\Local\Temp\001408.tmp [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 12:34 - 2016-12-27 12:34 - 01496584 _____ C:\Users\Suiolirim\Downloads\gmer-2.2.19882 - CHIP-Installer.exe
2016-12-27 01:11 - 2016-12-27 01:33 - 00000000 ____D C:\Users\TEMP
2016-12-27 00:32 - 2016-10-07 17:12 - 02528768 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-27 00:32 - 2016-10-07 16:52 - 01544704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-27 00:27 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-12-27 00:27 - 2014-12-08 02:37 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-12-27 00:14 - 2016-03-10 18:07 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-27 00:14 - 2016-03-10 17:43 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2VDEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ADEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-12-27 00:09 - 2015-12-05 18:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-12-27 00:09 - 2015-12-05 17:41 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01539072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01127424 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01090560 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-12-27 00:09 - 2015-12-05 17:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00819200 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 01571328 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-12-27 00:09 - 2015-12-05 17:39 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-12-27 00:09 - 2015-12-05 17:22 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-12-27 00:09 - 2013-10-30 05:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-12-27 00:09 - 2013-10-30 03:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-12-27 00:06 - 2016-11-08 18:09 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-27 00:06 - 2016-11-08 18:02 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-27 00:04 - 2015-11-05 10:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-12-27 00:04 - 2015-11-05 09:55 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-12-27 00:04 - 2015-11-05 08:54 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-12-26 23:59 - 2016-09-10 17:44 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-12-26 23:59 - 2016-09-10 17:27 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-12-26 23:51 - 2015-07-10 20:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-12-26 23:51 - 2015-07-10 20:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-12-26 23:39 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-12-26 23:39 - 2015-11-02 17:44 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-12-26 23:38 - 2015-09-02 22:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-12-26 23:38 - 2015-09-02 22:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-12-26 23:30 - 2016-03-18 19:15 - 01915392 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-12-26 23:30 - 2016-03-18 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-26 23:30 - 2016-03-18 18:10 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-12-26 23:30 - 2016-03-18 18:10 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-26 23:22 - 2016-10-04 15:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-26 23:17 - 2016-11-09 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-26 23:17 - 2016-11-09 16:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-26 23:15 - 2016-10-07 17:19 - 04692712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-26 23:15 - 2016-08-12 20:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-26 23:15 - 2016-03-22 00:00 - 01589168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-26 23:15 - 2016-03-22 00:00 - 01171488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-26 23:11 - 2016-04-09 22:17 - 00975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-12-26 23:11 - 2016-04-09 21:48 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-12-26 23:09 - 2016-03-18 19:15 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-12-26 23:09 - 2016-03-18 19:15 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-12-26 23:09 - 2016-03-18 18:10 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-12-26 23:06 - 2016-11-11 18:14 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-26 23:06 - 2016-11-11 17:59 - 00648704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-26 23:01 - 2016-10-27 17:16 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-26 23:01 - 2016-10-27 17:03 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-26 22:59 - 2016-03-04 17:52 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-12-26 22:59 - 2016-03-04 17:40 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-12-26 22:57 - 2015-05-31 09:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-12-26 22:57 - 2015-05-31 08:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-12-26 22:55 - 2015-10-10 16:48 - 00736192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-12-26 22:53 - 2016-06-25 17:04 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-12-26 22:53 - 2016-06-25 17:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-26 22:53 - 2016-06-25 17:04 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-12-26 22:53 - 2016-06-25 17:03 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-12-26 22:53 - 2016-06-25 17:03 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-12-26 22:53 - 2016-06-25 16:09 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-12-26 22:53 - 2016-06-25 16:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-12-26 22:53 - 2016-06-25 15:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-12-26 22:43 - 2016-03-17 20:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-12-26 22:43 - 2016-03-17 18:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-12-26 22:43 - 2016-03-17 18:45 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-12-26 22:43 - 2016-02-06 03:12 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-26 22:43 - 2016-02-06 03:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-26 22:43 - 2016-02-06 03:01 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-26 22:43 - 2016-02-06 01:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-26 22:42 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-12-26 22:42 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-12-26 22:42 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-12-26 22:42 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-12-26 22:42 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-12-26 22:42 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-12-26 22:39 - 2015-05-04 23:51 - 10627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-12-26 22:39 - 2015-05-04 23:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-12-26 22:39 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-12-26 22:39 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-12-26 22:39 - 2015-05-04 23:33 - 13427712 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-12-26 22:39 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-12-26 22:39 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-12-26 22:39 - 2015-05-04 23:32 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-12-26 22:39 - 2015-05-04 22:39 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-12-26 22:39 - 2015-05-04 22:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-12-26 22:37 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-12-26 22:37 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-12-26 22:37 - 2015-07-09 15:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-12-26 22:31 - 2015-07-18 16:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-12-26 22:26 - 2016-10-17 23:20 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-26 22:26 - 2016-10-17 23:20 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 01019904 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-26 22:26 - 2016-10-17 23:19 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-26 22:26 - 2016-10-17 23:19 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:05 - 00807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-26 22:26 - 2016-10-17 23:04 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-12-26 22:26 - 2016-10-17 23:04 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-12-26 22:26 - 2016-10-17 23:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-26 22:26 - 2016-10-17 23:04 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-12-26 22:26 - 2016-10-07 17:13 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-26 22:26 - 2016-10-07 17:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-26 22:26 - 2016-10-07 16:52 - 00573952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-26 22:26 - 2016-10-07 16:51 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-26 22:24 - 2016-02-06 03:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-12-26 22:24 - 2014-10-10 02:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-12-26 22:24 - 2014-10-10 02:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-26 22:24 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-26 22:24 - 2014-10-10 00:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-26 22:24 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-26 22:22 - 2016-08-03 17:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-12-26 22:22 - 2016-08-03 16:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-12-26 22:22 - 2016-08-03 15:41 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-12-26 22:22 - 2016-08-03 15:40 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-12-26 22:22 - 2016-08-03 15:40 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-12-26 22:20 - 2016-11-16 18:20 - 00364776 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-26 22:20 - 2016-05-10 16:55 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-12-26 22:20 - 2016-05-10 16:54 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-12-26 22:20 - 2016-05-10 16:54 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-12-26 22:20 - 2016-05-10 15:55 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-12-26 22:20 - 2016-05-10 15:55 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-12-26 22:20 - 2016-05-10 15:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-12-26 22:16 - 2014-06-06 05:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-12-26 22:16 - 2014-06-06 05:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-12-26 22:12 - 2016-12-26 22:12 - 00541952 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuMSI7623.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 00013972 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuUI7623.txt
2016-12-26 22:12 - 2015-07-29 01:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-26 22:12 - 2015-07-29 01:31 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-26 22:12 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-12-26 22:12 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-12-26 22:12 - 2014-10-03 02:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-12-26 22:12 - 2014-10-03 02:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-12-26 22:12 - 2014-10-03 02:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-12-26 22:12 - 2014-10-03 02:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-12-26 22:12 - 2014-10-03 02:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-12-26 22:12 - 2014-10-03 00:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2016-12-26 22:11 - 2016-12-26 22:12 - 01303922 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64MSI7583.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 00014024 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64UI7583.txt
2016-12-26 22:09 - 2015-04-24 16:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-12-26 22:09 - 2015-04-24 16:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-12-26 22:07 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-12-26 22:07 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-12-26 22:07 - 2015-11-10 17:40 - 01683968 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-12-26 22:07 - 2015-11-10 17:40 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-12-26 22:07 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-12-26 22:07 - 2015-01-29 02:33 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-12-26 22:06 - 2015-03-05 03:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-12-26 22:06 - 2015-03-05 02:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-12-26 22:06 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-12-26 22:06 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-12-26 22:06 - 2014-12-06 03:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-12-26 22:06 - 2014-12-06 03:54 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-12-26 22:06 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-12-26 22:06 - 2014-08-27 01:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-12-26 22:05 - 2015-07-21 16:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2016-12-26 22:05 - 2015-07-21 16:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-12-26 22:05 - 2015-07-21 16:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-12-26 22:05 - 2015-07-21 16:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2016-12-26 22:05 - 2015-04-11 00:33 - 00384512 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-12-26 22:05 - 2015-04-11 00:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\services.exe
2016-12-26 22:05 - 2014-12-06 03:54 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-12-26 22:04 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-12-26 22:04 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-12-26 22:04 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-12-26 22:04 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-12-26 22:04 - 2015-11-13 16:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-12-26 22:03 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-12-26 22:03 - 2014-10-24 01:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdohlp.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-12-26 22:02 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbeio.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasads.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasdatastore.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-12-26 22:02 - 2016-01-30 03:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-12-26 22:02 - 2016-01-30 03:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-12-26 22:02 - 2016-01-30 03:43 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-12-26 22:02 - 2016-01-30 03:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-12-26 22:02 - 2016-01-30 03:43 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-12-26 22:02 - 2016-01-30 03:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-12-26 22:02 - 2016-01-30 02:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-12-26 22:02 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iashost.exe
2016-12-26 22:02 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-12-26 22:01 - 2015-08-05 16:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-12-26 22:00 - 2016-11-20 17:57 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-26 22:00 - 2016-11-20 15:16 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-26 22:00 - 2016-11-20 15:13 - 00521448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-26 22:00 - 2016-11-20 15:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-26 22:00 - 2016-10-08 17:08 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-26 22:00 - 2016-10-08 17:07 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-26 22:00 - 2016-10-08 16:51 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-26 22:00 - 2016-08-10 17:12 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-26 22:00 - 2016-08-10 17:12 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-26 22:00 - 2016-08-10 16:44 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-26 22:00 - 2016-08-10 16:43 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-26 22:00 - 2016-05-14 16:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-26 22:00 - 2016-05-14 16:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-26 22:00 - 2016-03-18 19:15 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-26 22:00 - 2016-02-06 03:12 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-26 22:00 - 2016-02-06 03:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-26 22:00 - 2016-02-06 03:01 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-26 22:00 - 2016-02-06 02:59 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-26 22:00 - 2015-06-27 15:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-26 22:00 - 2015-06-27 15:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-26 22:00 - 2015-01-09 01:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-26 21:59 - 2016-11-08 18:10 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-26 21:59 - 2016-11-08 18:01 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-26 21:59 - 2015-10-13 15:45 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-12-26 21:59 - 2015-10-13 15:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-12-26 21:59 - 2015-06-17 16:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-26 21:59 - 2015-06-17 16:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-26 21:59 - 2014-06-02 22:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-26 21:59 - 2014-06-02 22:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-26 21:59 - 2014-06-02 22:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-26 21:59 - 2014-06-02 21:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-26 21:59 - 2014-06-02 11:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-26 21:59 - 2014-06-02 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-26 21:56 - 2016-10-17 23:19 - 00975872 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-26 21:56 - 2016-10-17 23:04 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-26 21:56 - 2016-09-15 01:23 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-26 21:56 - 2016-09-15 01:01 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-12-26 21:56 - 2016-04-09 21:53 - 00901352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-12-26 21:56 - 2016-04-09 21:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00726016 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-12-26 21:55 - 2016-05-12 16:56 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-12-26 21:55 - 2016-05-12 16:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-12-26 21:55 - 2016-05-12 16:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-12-26 21:55 - 2016-05-12 16:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-12-26 21:55 - 2016-05-12 16:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-12-26 21:53 - 2016-02-02 16:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-12-26 21:49 - 2016-11-20 18:12 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-26 21:49 - 2016-11-20 17:55 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-26 21:49 - 2015-07-01 16:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-12-26 21:49 - 2015-07-01 16:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-12-26 21:17 - 2014-01-30 11:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-12-26 21:17 - 2014-01-30 08:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-12-26 21:17 - 2013-10-11 05:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-12-26 21:17 - 2013-10-11 05:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-12-26 21:17 - 2013-10-11 03:29 - 00217074 _____ C:\Windows\system32\WFP.TMF
2016-12-26 21:17 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-12-26 21:16 - 2016-11-09 01:44 - 18807296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-26 21:16 - 2016-11-09 01:41 - 02351104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-26 21:16 - 2016-11-09 01:36 - 10941952 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 01392640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-26 21:16 - 2016-11-09 01:34 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-26 21:16 - 2016-11-09 01:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-26 21:16 - 2016-11-09 01:33 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-26 21:16 - 2016-11-09 01:33 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-12-26 21:16 - 2016-11-09 01:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-12-26 21:16 - 2016-11-09 01:06 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-26 21:16 - 2016-11-09 01:05 - 12841472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-26 21:16 - 2016-11-09 01:03 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-26 21:16 - 2016-11-09 01:02 - 09756160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-26 21:16 - 2016-11-09 01:01 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-26 21:16 - 2016-11-09 01:01 - 01129984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 01805312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-26 21:16 - 2016-11-09 01:00 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-26 21:16 - 2016-11-09 01:00 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-26 21:16 - 2016-11-09 00:59 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-12-26 21:16 - 2016-11-09 00:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-12-26 21:16 - 2014-04-05 10:10 - 01422784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-12-26 21:16 - 2013-10-03 16:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-26 21:16 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-26 21:15 - 2013-10-22 10:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-12-26 21:15 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-12-26 21:15 - 2013-10-11 05:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-12-26 21:15 - 2013-10-11 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-12-26 21:15 - 2013-10-11 03:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-12-26 21:15 - 2013-10-11 03:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-12-26 21:15 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-12-26 21:15 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-12-26 21:15 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2016-12-26 21:15 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-12-26 21:15 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-12-26 18:22 - 2016-11-08 16:49 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-26 17:46 - 2016-09-08 15:39 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-12-26 17:46 - 2016-09-08 15:39 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-12-26 17:36 - 2016-12-26 17:36 - 00001628 _____ C:\Users\Suiolirim\Downloads\sg_backup_2016-12-26-1736.spg
2016-12-25 17:11 - 2016-12-25 17:11 - 00383208 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01561600 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00486912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-12-25 17:07 - 2016-12-25 17:07 - 00000041 _____ C:\Windows\woubak-pwrscheme-temp.txt
2016-12-25 17:07 - 2016-12-25 17:07 - 00000041 _____ C:\Windows\woubak-pwrscheme-act.txt
2016-12-24 20:29 - 2016-12-27 13:52 - 00002894 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Suiolirim)
2016-12-24 20:29 - 2016-12-24 20:31 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\IObit
2016-12-24 20:29 - 2016-12-24 20:30 - 00002083 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-12-24 20:29 - 2016-12-24 20:29 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-12-24 20:29 - 2016-12-24 20:29 - 00003262 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\Windows\IObit
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\ProgramData\ProductData
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-12-24 20:28 - 2016-12-25 12:53 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\IObit
2016-12-24 20:03 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\AVG
2016-12-24 20:02 - 2016-12-24 20:02 - 00000805 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-12-24 20:02 - 2016-12-24 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-24 19:59 - 2016-12-24 19:59 - 00000000 ___HD C:\$AVG
2016-12-24 19:57 - 2016-12-27 14:18 - 00000000 ____D C:\ProgramData\MFAData
2016-12-24 19:57 - 2016-12-24 19:57 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\MFAData
2016-12-24 19:52 - 2016-12-26 22:01 - 00003564 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-24 19:52 - 2016-12-24 19:57 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-24 19:52 - 2016-12-24 19:52 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\CEF
2016-12-24 19:50 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Avg
2016-12-24 19:50 - 2016-12-24 19:59 - 00000000 ____D C:\ProgramData\Avg
2016-12-24 19:50 - 2016-12-24 19:56 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\AvgSetupLog
2016-12-24 18:53 - 2016-12-24 18:53 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000UA
2016-12-24 18:53 - 2016-12-24 18:53 - 00003368 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000Core
2016-12-24 17:57 - 2016-12-27 14:04 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Mozilla
2016-12-24 17:56 - 2016-12-24 18:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-24 17:24 - 2016-12-24 17:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-24 17:24 - 2016-12-24 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-12-24 17:24 - 2016-12-24 17:24 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-12-24 17:24 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-24 17:24 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-01 02:18 - 2016-12-01 02:18 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-30 08:04 - 2016-11-30 08:04 - 00298240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 14:21 - 2013-10-30 09:29 - 00000000 ____D C:\FRST
2016-12-27 13:39 - 2009-02-04 13:54 - 00001064 _____ C:\Windows\Tasks\Google Software Updater.job
2016-12-27 13:31 - 2010-02-11 14:51 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-12-27 13:31 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-27 13:31 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-27 13:31 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-27 13:30 - 2006-11-02 16:42 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-27 13:24 - 2013-10-29 21:41 - 00000000 ____D C:\Windows\ERUNT
2016-12-27 13:15 - 2008-09-13 06:16 - 00696342 _____ C:\Windows\system32\perfh007.dat
2016-12-27 13:15 - 2008-09-13 06:16 - 00156498 _____ C:\Windows\system32\perfc007.dat
2016-12-27 13:15 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\inf
2016-12-27 13:15 - 2006-11-02 13:46 - 01632730 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-27 12:48 - 2009-07-06 19:46 - 01608186 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-27 01:32 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2016-12-27 01:07 - 2009-02-02 17:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-27 00:37 - 2006-11-02 16:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-12-27 00:37 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-12-27 00:37 - 2006-11-02 14:33 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-27 00:36 - 2013-10-31 16:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-12-27 00:36 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-12-26 23:29 - 2013-07-15 18:55 - 00000000 ____D C:\Windows\system32\MRT
2016-12-26 23:23 - 2006-11-02 13:35 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-12-26 22:24 - 2010-06-05 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-26 18:26 - 2006-11-02 16:21 - 00463984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-26 18:23 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\tracing
2016-12-25 15:26 - 2013-06-10 15:07 - 00000000 ____D C:\Program Files (x86)\DevPro
2016-12-25 15:17 - 2009-02-02 15:45 - 00000000 ____D C:\Users\Suiolirim
2016-12-25 15:12 - 2010-08-06 15:08 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-12-25 15:09 - 2011-09-19 15:13 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-25 15:08 - 2008-09-12 20:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-25 15:03 - 2011-05-08 15:32 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Unity
2016-12-25 15:02 - 2009-02-15 14:57 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Macromedia
2016-12-25 15:02 - 2009-02-02 16:04 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Adobe
2016-12-25 15:02 - 2009-02-02 16:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-12-25 15:02 - 2008-09-12 20:56 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-24 20:29 - 2011-03-02 13:42 - 00000000 ____D C:\ProgramData\IObit
2016-12-24 20:29 - 2011-03-02 13:41 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-24 20:02 - 2011-04-22 15:49 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\TuneUp Software
2016-12-24 19:50 - 2009-05-23 09:33 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Downloaded Installations
2016-12-24 18:58 - 2013-02-08 16:54 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-24 18:58 - 2013-02-08 16:54 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-24 18:52 - 2013-02-28 15:51 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148260198865912
2016-12-24 18:52 - 2013-02-08 16:55 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148260198784910
2016-12-24 18:51 - 2013-02-08 16:55 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148260198497907
2016-12-24 18:40 - 2012-04-25 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-24 17:59 - 2011-10-08 14:11 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-24 17:46 - 2009-02-02 16:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-24 17:40 - 2010-05-26 13:15 - 00002059 _____ C:\Users\Suiolirim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-24 17:33 - 2009-02-02 15:46 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Adobe
2016-12-24 17:24 - 2013-01-06 19:32 - 00000903 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-24 17:24 - 2013-01-06 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-12-24 17:24 - 2009-05-20 15:05 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\Malwarebytes
2016-12-24 17:24 - 2009-05-20 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-24 17:19 - 2011-06-15 13:27 - 00002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-12-24 17:18 - 2009-06-30 14:25 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-24 17:18 - 2009-06-30 14:25 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-03-08 16:33 - 2013-03-08 16:33 - 0000191 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFX5SA.log
2011-03-13 12:04 - 2011-03-13 12:22 - 0000041 _____ () C:\Users\Suiolirim\AppData\Roaming\TheHunterSettings_live.cfg
2011-02-21 12:25 - 2015-04-06 15:39 - 0000254 _____ () C:\Users\Suiolirim\AppData\Roaming\wklnhst.dat
2009-03-08 16:26 - 2010-02-27 16:31 - 0001100 _____ () C:\Users\Suiolirim\AppData\Local\d3d8caps.dat
2009-05-09 19:07 - 2013-05-16 12:56 - 0001356 _____ () C:\Users\Suiolirim\AppData\Local\d3d9caps.dat
2009-02-22 20:10 - 2010-04-14 12:51 - 0001460 _____ () C:\Users\Suiolirim\AppData\Local\d3d9caps64.dat
2009-02-02 19:46 - 2009-12-20 19:22 - 0007168 _____ () C:\Users\Suiolirim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-27 22:02 - 2015-04-09 13:40 - 0348394 _____ () C:\Users\Suiolirim\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2010-03-27 22:02 - 2010-03-27 22:02 - 0000002 _____ () C:\Users\Suiolirim\AppData\Local\dd_dotnetfx35error.txt
2010-03-27 22:02 - 2015-04-09 13:40 - 0240504 _____ () C:\Users\Suiolirim\AppData\Local\dd_dotnetfx35install.txt
2009-06-09 13:57 - 2009-06-09 13:57 - 0402640 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI0710.txt
2013-02-08 16:54 - 2013-02-08 16:54 - 0364352 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI08CA.txt
2009-06-09 14:00 - 2009-06-09 14:00 - 0415660 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI08CC.txt
2010-04-02 18:56 - 2010-04-02 18:58 - 0418332 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI110D.txt
2010-04-02 18:58 - 2010-04-02 18:58 - 0407074 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI1295.txt
2010-03-30 13:17 - 2010-03-30 13:17 - 0442364 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI2358.txt
2011-09-16 15:05 - 2011-09-16 15:05 - 0512626 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI24ED.txt
2011-05-18 11:52 - 2011-05-18 11:52 - 0361952 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI3D99.txt
2010-08-06 15:09 - 2010-08-06 15:09 - 0427316 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI57C6.txt
2011-05-06 16:16 - 2011-05-06 16:16 - 0366200 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI5DE5.txt
2009-10-12 06:43 - 2009-10-12 06:43 - 0366808 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI60F5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0353238 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI62B5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0400340 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI62BC.txt
2011-05-04 11:26 - 2011-05-04 11:26 - 0360800 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI639F.txt
2009-04-04 11:15 - 2009-04-04 11:15 - 0417434 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI6604.txt
2011-05-12 20:38 - 2011-05-12 20:38 - 0427518 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI7AB9.txt
2011-04-19 15:13 - 2011-04-19 15:13 - 0364108 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI7CE1.txt
2009-06-09 13:57 - 2009-06-09 13:57 - 0012046 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI0710.txt
2013-02-08 16:54 - 2013-02-08 16:54 - 0014102 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI08CA.txt
2009-06-09 14:00 - 2009-06-09 14:00 - 0012158 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI08CC.txt
2010-04-02 18:56 - 2010-04-02 18:58 - 0016562 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI110D.txt
2010-04-02 18:58 - 2010-04-02 18:58 - 0016042 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI1295.txt
2010-03-30 13:17 - 2010-03-30 13:17 - 0013882 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI2358.txt
2011-09-16 14:31 - 2011-09-16 15:06 - 0016292 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI24ED.txt
2011-05-18 11:52 - 2011-05-18 11:52 - 0013346 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI3D99.txt
2010-08-06 15:09 - 2010-08-06 15:09 - 0013538 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI57C6.txt
2011-05-06 16:16 - 2011-05-06 16:16 - 0015098 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI5DE5.txt
2009-10-12 06:43 - 2009-10-12 06:43 - 0011170 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI60F5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0014622 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI62B5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0014390 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI62BC.txt
2011-05-04 11:26 - 2011-05-04 11:26 - 0013298 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI639F.txt
2009-04-04 11:15 - 2009-04-04 11:15 - 0011410 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI6604.txt
2011-05-12 20:38 - 2011-05-12 20:38 - 0014288 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI7AB9.txt
2011-04-19 15:13 - 2011-04-19 15:13 - 0014346 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI7CE1.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 0541952 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuMSI7623.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 0013972 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuUI7623.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 1303922 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64MSI7583.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 0014024 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64UI7583.txt
2011-04-03 19:15 - 2011-04-03 19:15 - 0000096 _____ () C:\Users\Suiolirim\AppData\Local\fusioncache.dat
2010-03-27 22:02 - 2015-04-09 13:40 - 0006904 _____ () C:\Users\Suiolirim\AppData\Local\uxeventlog.txt
2011-10-15 14:44 - 2011-10-15 14:45 - 0001850 _____ () C:\ProgramData\1318686248.2288.bin
2011-04-19 16:50 - 2011-04-27 12:01 - 1555999 _____ () C:\ProgramData\bdinstall.bin
2008-09-12 21:06 - 2008-09-12 21:06 - 0000349 _____ () C:\ProgramData\hpzinstall.log
2009-12-18 20:20 - 2009-12-18 20:20 - 0000000 _____ () C:\ProgramData\leverage.drm.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Suiolirim\hash.dat
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\runouce.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-27 13:43
==================== Ende von FRST.txt ============================
|
|
27.12.2016, 15:13
| #2 |
| | Windows Vista: AVG findet einen RootkitCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Suiolirim (27-12-2016 14:23:24)
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-02-02 13:39:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1653470619-1168622029-2061882709-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1653470619-1168622029-2061882709-1004 - Limited - Enabled)
Gast (S-1-5-21-1653470619-1168622029-2061882709-501 - Limited - Disabled)
Suiolirim (S-1-5-21-1653470619-1168622029-2061882709-1000 - Administrator - Enabled) => C:\Users\Suiolirim
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
A.V.A (HKLM-x32\...\{42AF51C0-4028-46CF-B616-FB1F75286457}) (Version: 24.18.03866 - A.V.A)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Reader X (10.1.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AVG (Version: 16.141.7996 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4749 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.141.7996 - AVG Technologies)
Bloodline Champions (HKLM-x32\...\{6C90C4C4-559D-4FE8-A4BF-37550E74D1FC}) (Version: 1.0.0 - Stunlock Studios)
Cards_Calendar_OrderGift_DoMorePlugout (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: .1707 - CyberLink Corp.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version: - )
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Free Audio CD Burner version 1.2 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.2 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Limited.)
Google Chrome (HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version: - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version: - )
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.0.26 - S2 Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Advisor (HKLM-x32\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Demo (HKLM-x32\...\{97ABD26A-3249-46CB-B2E2-F66E64B2E480}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM-x32\...\{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}) (Version: 5.7.0.2693 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 1.36.003 - Portrait Displays, Inc.)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Update (HKLM-x32\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
igLoader (HKLM\...\igLoader) (Version: 3.0.0.0 - Indiepath Ltd)
ijji REACTOR (HKLM-x32\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
JDownloader 0.9 (HKLM-x32\...\1489-3350-5074-6281) (Version: 0.9 - AppWork GmbH)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2913 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.50.1040 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}) (Version: 12.00.1280 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
Mafia II - Demo (HKLM-x32\...\Steam App 50280) (Version: - 2K Czech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - THQ)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM-x32\...\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}) (Version: 6.10.050 - muvee Technologies)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version: - NCsoft)
Neffy 1,3,29,0 (HKLM-x32\...\Neffy) (Version: 1,3,29,0 - CDNetworks)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{C50EF365-2898-489A-B6C7-30DAA466E9A2}) (Version: 7.1.23.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.40.6 - Nokia)
Nokia PC Suite (x32 Version: 7.1.40.6 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version: - Hewlett-Packard)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.2 - Pando Networks Inc.)
PC Connectivity Solution (HKLM-x32\...\{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}) (Version: 9.44.0.3 - Nokia)
Pivot Software (x32 Version: 8.21.013 - Portrait Displays, Inc.) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.4109 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.)
PowerDirector (x32 Version: 6.5.2926 - CyberLink Corp.) Hidden
Pro Evolution Soccer 2013 DEMO2 (HKLM-x32\...\{E244E649-B7FB-4644-B387-CA882AEC7577}) (Version: 1.00.0000 - KONAMI)
PSSWCORE (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
Python 2.5.2 (HKLM-x32\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
SDK (x32 Version: 1.40.002 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1405.0 - Hi-Rez Studios)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
sp41119 (HKLM\...\sp41119) (Version: - Hewlett-Packard)
sp44626 (HKLM-x32\...\sp44626) (Version: - Hewlett-Packard)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spider-Man(TM) - Web of Shadows (x32 Version: 1.0 - Activision) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (x32 Version: - ) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Spider-Man(TM) - Web of Shadows-Spiel (HKLM-x32\...\InstallShield_{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}) (Version: 1.1 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Suffering (remove only) (HKLM-x32\...\The Suffering) (Version: 1.7.0.11.2.4.3 - Midway Home Entertainment Inc.)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6.0 - Texas Instruments Incorporated)
Tiggit (HKLM-x32\...\{B2F036FE-A916-4EBB-8621-5403444940D3}_is1) (Version: - )
TmNationsForever Update 2010-03-15 (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.980.1 - Hi-Rez Studios)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (x32 Version: 110.0.171.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4) (HKLM\...\8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA) (Version: 06/01/2009 7.01.0.4 - Nokia)
Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2) (HKLM\...\05B59228C7E1C21DFBE89260F879BD95880548D8) (Version: 10/05/2009 4.2 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\ChromeHTML: -> C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03324EB8-3058-4313-B9EE-950B21C99340} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster\AutoUpdate.exe
Task: {0876C721-124D-482C-99CC-C227984A5313} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000Core => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {1999CD70-9319-4CFE-A0BA-D9C090D34E00} - System32\Tasks\{BEE4217B-8ABE-4656-AF30-A1E53573390E} => pcalua.exe -a C:\Users\Suiolirim\Downloads\codec_sniper.exe -d C:\Users\Suiolirim\Downloads
Task: {371EDA46-91D3-487E-8BFB-AD3438044152} - System32\Tasks\{C47CCFEC-B5BF-4BDC-B6AC-ECF2C3FFBE23} => pcalua.exe -a C:\Users\Suiolirim\Downloads\sp39950.exe -d C:\Users\Suiolirim\Downloads
Task: {37241EC8-CE22-470A-8D14-C4635CA28E96} - System32\Tasks\Google Updater and Installer => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {3C04BABF-0B0E-41B2-9840-775B8BE83B34} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {468EF5B9-5FB1-4743-B57F-2607EADD3A6C} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {69DE6AF7-90C9-49F6-AD87-448F63F65C7B} - System32\Tasks\{8882EA47-8D98-4195-8E81-8829D8EE1259} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {797F9A29-E4B1-4A89-95EC-E0C6390E174A} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {909EF21F-8367-4215-B19B-D2D63CD93DE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {A70CC805-CD67-4C58-8BA3-C23E1D557A95} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {AAF676D5-7928-48FE-847C-178D6882F5E0} - System32\Tasks\{07BB79A0-80F9-418A-AABC-0A8C1849E8E6} => pcalua.exe -a C:\Users\Suiolirim\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\Suiolirim\Downloads
Task: {B9494889-CE9C-4519-B409-3E15B8F62C99} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-14] (Google) <==== ACHTUNG
Task: {BB9E3695-D6AB-41FF-A947-7790F913FD62} - System32\Tasks\Driver Booster SkipUAC (Suiolirim) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {CC5DB0D3-211A-4178-AAC6-8C2DD660C736} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE551541-E9D7-4613-AC11-CAD718A79641} - System32\Tasks\{427676C2-46CD-43AE-B1E5-74F84C5F9AEB} => pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {D078570E-9D97-4A49-A19A-5B2BDC527CD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {E396FCA1-66F1-4B58-A20C-846BE4DB237A} - System32\Tasks\{473F0C77-2CCD-4EDB-BA86-019EA51AA096} => pcalua.exe -a "C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe" -d "C:\Program Files (x86)\ICQ6Toolbar"
Task: {EEAE5D3F-FDF6-4E0B-901C-F530C5162126} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {F0C531CD-5438-4DB3-8688-84F50D9FD370} - System32\Tasks\{CE75FCDC-B7D3-434D-8B4F-3FDBAF6014C1} => pcalua.exe -a C:\Users\Suiolirim\Downloads\UDKInstall-UncleFred.exe -d C:\Users\Suiolirim\Downloads
Task: {FF994E75-520F-481A-9643-222BEA60F6CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000UA => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A5EDC403-DA13-4BD5-8F96-610C0E80242D}.job => C:\Windows\system32\msfeedssync.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Suiolirim\Desktop\Desktop\Spiele\A.V.A.lnk -> C:\Program Files (x86)\ijji\ijji REACTOR\REACTOR.exe (NHN Corporation) -> redirect:hxxp://reactor.ijji.com/index.nhn?gameid=u_ava
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2009-02-08 15:44 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-06-03 11:35 - 2013-04-30 03:46 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2009-02-05 16:19 - 2008-07-14 13:43 - 00069632 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
2016-12-24 19:52 - 2016-12-24 19:51 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [286]
AlternateDataStreams: C:\ProgramData\TEMP:364682BC [234]
AlternateDataStreams: C:\ProgramData\TEMP:BD36345D [200]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7582 mehr Seiten.
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7478 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 13:34 - 2013-10-30 16:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Suiolirim\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^Users^Suiolirim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Suiolirim\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: facemoods => "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Suiolirim\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => %SystemRoot%\system32\dfsr.exe
FirewallRules: [{142CF540-DB64-465E-A8C1-9F78FA381836}] => c:\Program Files (x86)\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{B71241FB-92BA-49E3-A31E-3A7F3F0DFD3A}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{A17A4EDB-D87B-4B68-A02B-747FAC300F23}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{0BDA7AAB-DCA1-435C-A48F-6E216D97E904}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{666B2C21-AD76-4154-880B-30198A16A391}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{9916A79E-A0E1-448C-9440-99A722F4A146}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{940E7A3E-C940-423C-AD06-29A4B695EADE}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{1BB2C654-2F8B-4A45-A6A5-E0D583FCCFF0}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{1920CFB5-3D03-45C7-9232-7316A42DA08F}C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe] => C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{801523C9-9625-4A22-B5DA-012AB9CDBBE6}C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe] => C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{296C58F4-423F-4733-A6C8-0266D853859F}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{BB74B909-F12D-4DC5-AA76-EC51D725D96A}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{FF0D0FF4-F437-4C3E-8D79-4B926E9D2389}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [TCP Query User{6E4270A5-4F0B-497B-BD9E-9806BC81A6BA}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C5820BA9-E570-4520-B7AC-772C07A81D24}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{15D6A789-2649-4B96-80F0-F825DF2AD011}] => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{BEE99D8C-1502-4FF9-B3E3-1923215121C4}] => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [TCP Query User{9AF4BE5F-C323-4E8D-AB2C-92559E9024F6}C:\ijji\english\ava\binaries\ava.exe] => C:\ijji\english\ava\binaries\ava.exe
FirewallRules: [UDP Query User{1C7EA198-6846-4BA1-B6B9-BC20A756C3EE}C:\ijji\english\ava\binaries\ava.exe] => C:\ijji\english\ava\binaries\ava.exe
FirewallRules: [{E3240DF4-D51C-4D38-9EAB-623834D37138}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{820FCAF3-31E0-4205-B709-F34BFBB6CA59}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{C290CB18-BDDD-4357-8C8A-B9B268D7AA7A}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{14D48E4D-66F0-4E59-9D3C-F365B36C3768}] => LPort=8394
FirewallRules: [{D2764897-B2FE-4D38-83AC-3A21A01D18D7}] => LPort=8394
FirewallRules: [{C5A80CCF-0D8F-45A8-9397-820E756CBD92}] => LPort=6983
FirewallRules: [{2779EC5B-8F17-44FB-8EAA-4402A80FC8C2}] => LPort=6983
FirewallRules: [{A96A26A7-A94C-4032-97BB-8400AB0A5626}] => LPort=6895
FirewallRules: [{2FD91BFF-97D6-4913-9AD5-A222762A64D6}] => LPort=6895
FirewallRules: [{8DF2CC18-8566-4E98-A4B6-BFA8FF2D5F89}] => LPort=8394
FirewallRules: [{C6A02ED0-E470-444A-B0CF-8752F9177DF1}] => LPort=8394
FirewallRules: [{E1ED97B3-7BD3-4BCE-9F93-B6934D645BD8}] => LPort=6971
FirewallRules: [{3ECC23F2-B8A7-4727-91CA-32BA5732E411}] => LPort=6971
FirewallRules: [{A9804527-902B-430E-8E68-627A9C721CFD}] => LPort=6992
FirewallRules: [{F9EDCFA4-89A5-4DB2-B0DB-343725E338D6}] => LPort=6992
FirewallRules: [{A04224C7-1161-4930-A4A1-71B503C62F2A}] => LPort=8395
FirewallRules: [{AAEE3DC0-D134-4141-9029-735A288FB41B}] => LPort=8395
FirewallRules: [{A7A12F77-9901-4FBD-B010-1B8D18D431B5}] => LPort=6989
FirewallRules: [{A10E189B-D236-4463-9DD8-3F7812C74C96}] => LPort=6989
FirewallRules: [{6D96D44D-BDD6-44C7-BFBE-3031B0AD141D}] => LPort=8396
FirewallRules: [{AD3D861F-41C7-45FC-989B-F567BB336D85}] => LPort=8396
FirewallRules: [{9A3E605E-B6AE-4B4D-9F78-7211B2D7ABD0}] => LPort=6987
FirewallRules: [{CD230630-6598-460B-A8DF-9E8CB966BF04}] => LPort=6987
FirewallRules: [TCP Query User{E1FF3428-E405-42AA-8F4E-F62BBC6563C2}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{7B2F750A-F25D-4AC8-94EE-784E2D6E7B7D}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{A5014B5F-EB16-458A-9B18-0E192C5479C0}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{97D7FCFA-8F3D-45E9-9B9E-F41E726566A2}] => svchost.exe
FirewallRules: [{ED8D12EA-84FA-43BD-B4D5-84BB31EFF679}] => LPort=6969
FirewallRules: [{759E874B-F517-4DE1-9011-1548BAF9F2CB}] => LPort=6969
FirewallRules: [{12F593EB-C1D8-45C3-A234-FFB3507F4AA6}] => LPort=6887
FirewallRules: [{CE01052E-243A-4D1B-BACE-CBEEC2FA5B8D}] => LPort=6887
FirewallRules: [{161FFAA0-791D-42AB-A8F8-771AC048803C}] => LPort=6993
FirewallRules: [{E5446C2A-E718-4EB7-B98B-2E1DF101D142}] => LPort=6993
FirewallRules: [{93955E75-5EC8-45D8-8FC1-139404C5C7A3}] => LPort=6928
FirewallRules: [{5EFFC13D-8A46-4DCB-AC86-0F3C65BE1489}] => LPort=6928
FirewallRules: [{8776558C-D184-4828-8C7A-C5A089F5760A}] => LPort=6932
FirewallRules: [{A978E1E9-B712-476A-8D3D-0DEE1A19FA75}] => LPort=6932
FirewallRules: [{C0952C5D-9782-432C-9726-5B09B1F0D48E}] => LPort=6966
FirewallRules: [{99087EDA-484F-48C3-B6B0-1532CFF72BA0}] => LPort=6966
FirewallRules: [{BA80CDAD-145A-4D29-AE7F-0E1359A82B89}] => LPort=6951
FirewallRules: [{C863FF2E-1B91-4E0B-B75C-D1781ECD7FEA}] => LPort=6951
FirewallRules: [{61E53A93-0F1A-4FA4-9FD1-2DDCDBE0E9DC}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{91B6BA44-B87D-45E4-858F-743C7FD808A5}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{2116F8AC-598A-4C93-8182-BB9D504AED82}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{77CD8069-8BC3-45B6-A309-55A4A8F08FE4}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{50134214-C0A4-4EEC-95E0-75BCD64C2F2B}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{60570471-4616-4BC9-8FEA-1F2583535B30}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{CCFC29F3-1D6A-4CCF-ADA8-C96ADD82C573}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{3B453461-7FBC-40E2-83E7-AA2E0341CB95}] => LPort=80
FirewallRules: [{052CC513-CDE1-49FE-B133-1D21BBDBDABE}] => LPort=80
FirewallRules: [{B5E2656E-15C0-41B7-9769-A920CDEC2102}] => LPort=80
FirewallRules: [{4E0BA1D0-8A0D-41D0-A50A-135BF5479A13}] => LPort=6886
FirewallRules: [{162EFF4E-559C-42A4-AD5D-06A191ED3AEE}] => LPort=6886
FirewallRules: [{3E545E1E-550A-4926-A29E-B2BF6DE5C90F}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{B3979143-560D-4E60-9A26-988424B5CF5F}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{5AFEF734-8FF3-4146-87E4-AA5D6B810544}] => LPort=6942
FirewallRules: [{C710B987-8D89-4FF5-B0B3-842C96383D80}] => LPort=6942
FirewallRules: [TCP Query User{93AD976D-2DD9-46E3-81BB-807D48059F3D}C:\riot games\league of legends\lol.launcher.exe] => C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [UDP Query User{85D588FD-75AE-4335-9F6A-10DEA033EC54}C:\riot games\league of legends\lol.launcher.exe] => C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [TCP Query User{E7338126-609A-4EAC-B423-4F5526DC0D11}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{D6129EA7-10E2-4E43-9597-4B0D2D4DFC8C}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{A5D4D5B6-CDE6-4F47-BFBE-54245A900907}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0F000594-AA61-45E8-B4E2-0DA479D33ED5}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{170F4ADD-F2FA-4DDF-8B82-122EAFFA6D72}] => C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{37C7F240-4AD1-4FA7-8FF0-4C93A865B756}] => C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{61829264-178A-4C46-941D-14035D91AE3F}] => C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{30E6ACDF-B210-4870-9D13-EC3F5187EF55}] => C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D9E8AC58-D0C3-4243-B21C-0EF4BE946695}] => C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{C7988D9A-6F21-4EDF-8FAF-F2DC42FB1150}] => C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F9220BDC-0B89-48B9-97C8-EEEA3D6547E6}] => C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{B43DB5D8-CF3B-413A-B2AC-AEEF5E428EE1}C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{DDEE711F-EA90-4CF9-B8AB-4A76BEE6C872}C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [TCP Query User{328D7D41-E260-4F31-9192-E0ACDF98B84C}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [UDP Query User{DF5BFEA2-C531-46AD-B058-644F3AD49A9E}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [TCP Query User{8C871AAA-97CE-4F37-B428-32981CCBF79E}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{0519083D-2865-45D7-B2E5-DB4347C1DE67}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{490F30FC-5C8B-4F68-82CB-0161A6091219}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{AC54CEF7-EF4E-4681-AE4C-E3FA25413122}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{221CD564-6E30-46D6-9E20-1A768EE03FB9}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{2D72EBD4-D438-4A2D-8AA7-05CABE373ABD}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{A68F557A-9F61-474E-8175-F75A35B25C4E}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{55524AEE-DFDB-4B01-A374-DD3BCD83C159}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [{D21EAE32-A14F-49E1-9386-CD6ABD8F71CB}] => C:\Program Files (x86)\Steam\SteamApps\kedmaron\source sdk base 2007\hl2.exe
FirewallRules: [{32C7BBFE-2E99-4246-B40B-5584AA3EC12F}] => C:\Program Files (x86)\Steam\SteamApps\kedmaron\source sdk base 2007\hl2.exe
FirewallRules: [{06A4FD4D-085A-417A-AFDA-FD4A9F157F76}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{997517F3-F8E0-484A-A7E4-78B9A0E280C3}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{AF2831CF-3C76-4487-9E4F-B95FE3FD86C8}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{787C5A52-0D0A-4002-96E5-9688C88B0C93}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [TCP Query User{F36D63AD-DB72-4F02-803D-FC83F41E19F5}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{442F9794-F04B-47A3-865C-27B923C49C6A}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{2AD5586E-7429-4E08-B9B9-F54C8F59DC33}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{9E3FAE17-C13A-4527-9254-6B9BB3EFBFC8}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [{CEB4543E-C57B-43FD-A6F4-AA7B227D2031}] => C:\Users\Suiolirim\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{9BE6A3EE-5667-4017-B5D9-C83797F59CF4}] => C:\Users\Suiolirim\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{DF792DD1-43ED-41D2-9F57-849F45725C7F}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{EDE7D6F0-5871-4845-B1A5-D7E22B23FEE7}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{83C90927-DA80-406F-B96A-43CBA6B95C83}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{9CF67B40-23CD-4756-BDB7-8BEF5012481B}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{5782FB5B-74E0-47CF-8B86-66DF517A6204}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E68A430B-2682-4D72-90C9-15B9B6847694}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3FCDC4A2-7E0E-41D4-8A86-CAAC7770CE23}C:\program files (x86)\orbitdownloader\orbitnet.exe] => C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{4F1E5257-F211-4208-B9B4-038E24F101AE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{123CBE76-2CF1-4915-A0F9-FD5CB8948EEE}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{A5042C3D-F620-42A4-A380-8F90788CFD4B}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{B2407D88-C8FB-47EF-86BD-6EF9D0F5F96F}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{CD37A3F8-B1F9-414D-98C5-13ED42373B90}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{01CF36B3-53D7-48B4-9B03-3251C957E619}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{0D6B3718-AF62-4995-A42C-634B511D87E3}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{368B8E69-5C8A-4808-8689-91DD33666A80}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{C8CF3C1D-C545-4CE2-8B24-3180A6C42E23}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{96F4B891-987E-452A-8688-2A1AE5AB2450}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{39A261AC-57D7-4222-9865-41279AA2CEEF}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{4A0BEB63-24CD-42F3-82EF-2AC6D1272F5A}C:\program files (x86)\lf2_v2.0a\lf2.exe] => C:\program files (x86)\lf2_v2.0a\lf2.exe
FirewallRules: [UDP Query User{B7159DF2-A378-4D19-885B-060C67C4736B}C:\program files (x86)\lf2_v2.0a\lf2.exe] => C:\program files (x86)\lf2_v2.0a\lf2.exe
FirewallRules: [{F053A9A1-EC50-494B-A6ED-30DED1174676}] => C:\Program Files (x86)\Electronic Arts\BattleForge\Bootstrapper.exe
FirewallRules: [{ECEF42B0-05D7-4A8B-B2D5-529BF3272D35}] => C:\Program Files (x86)\Electronic Arts\BattleForge\Bootstrapper.exe
FirewallRules: [{C254FA8F-C296-4875-88D9-F06A68F4FE1E}] => C:\Program Files (x86)\Electronic Arts\BattleForge\BattleForge.exe
FirewallRules: [{E4361063-FE81-404F-BD9A-C59F57562962}] => C:\Program Files (x86)\Electronic Arts\BattleForge\BattleForge.exe
FirewallRules: [TCP Query User{112D5F12-DE4E-4004-8692-A1ECBC54AE19}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{6DBB1113-CA30-44DB-AA16-CC35918FCDCC}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{1BE5DCA5-2A5E-40BF-921F-2839CF6F2E11}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{B0B987FB-8864-4489-9068-8E6AB1310D4B}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{F749247B-CA0E-4BD7-96B0-6A58B58D4D5A}C:\program files (x86)\runes of magic\client.exe] => C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{3FA3A994-70B0-4072-8782-FAC5B7DFA64F}C:\program files (x86)\runes of magic\client.exe] => C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{D4CA132A-27A4-4CE8-BF4E-62AFAD46B7E5}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{3283DAF6-2824-4798-88EC-1E4076B1728F}] => C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{4DF6379A-6331-45EA-AC01-8F8FE68CFFAD}] => C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{638F4C0A-FFDE-4F03-ACC5-5BCAC95116B4}] => C:\WINDOWS\Temp\~os2F79.tmp\ossproxy.exe
FirewallRules: [{B75C269B-90FA-44DE-9C34-18B2932F28EE}] => C:\WINDOWS\Temp\~osFF46.tmp\ossproxy.exe
FirewallRules: [{75F3DB81-1D2E-4B89-AF6A-CFF76E7E550F}] => C:\WINDOWS\Temp\~os9D29.tmp\ossproxy.exe
FirewallRules: [TCP Query User{EABC7109-3C89-4250-9A38-66678391F70E}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [UDP Query User{C23095AC-B05A-4868-8487-F461563ADD37}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [TCP Query User{C7D693FF-A488-4E11-BCEB-309D1EFD3E32}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [UDP Query User{61E89F01-72B1-4A94-91BA-E0AC0F6026C8}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [TCP Query User{E3A69D0F-B2B8-4EB6-A704-D25F25197AB9}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [UDP Query User{47FE9A67-8C3A-42C1-A50E-B79A49945843}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [TCP Query User{C78CB71C-CC8F-4B76-ABF5-3D595AAB70F1}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [UDP Query User{2FAB23CD-A439-4EF8-AE65-5D7F7A462F36}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [{0FDC3F9C-04FE-492A-A79A-B02FAFE579F7}] => C:\Users\Suiolirim\AppData\Local\Temp\7zSE4C4.tmp\SymNRT.exe
FirewallRules: [{06C28427-8487-4CB0-9142-EDC4AFC7F72F}] => C:\Users\Suiolirim\AppData\Local\Temp\7zSE4C4.tmp\SymNRT.exe
FirewallRules: [{97CDE443-BC5A-421B-8A8A-3BB20F7DB2AE}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
FirewallRules: [{F0BD004A-576A-4377-9316-4ADD7FF18DC5}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
FirewallRules: [{FEC2E465-A314-4324-B91A-81E6BC2BCFA3}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{1D41AFF8-7624-4CC3-AF42-9062E776303E}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{EE479594-F653-4E16-B152-F8F14AFC937E}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{838348B6-1652-4D24-A732-DC46BC18CF50}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{E0289FFB-3EEF-4184-922D-0C8B46E30345}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{D8BD6308-CA1E-4029-B10D-B57683C3B311}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{AD13FE61-E214-4308-821B-52C3707F9AB6}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{8F00C1CB-3CA1-4895-9442-ABE57F581F08}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{4BE23B6B-C2FF-4CFF-880C-95309DB9787A}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{E3B6BD91-6567-47E3-ADAE-735B8943CEA1}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B92DEA49-6D76-4240-A313-E31E422B5115}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B62C89A7-6336-4307-A8B7-0E39807DFA7A}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B659E396-83DD-4484-A277-C39F12E853BD}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS681B.tmp\SymNRT.exe
FirewallRules: [{F576D727-7DEA-4496-A354-9BEDE7ADD1B2}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS681B.tmp\SymNRT.exe
FirewallRules: [{945CB294-6051-49AF-923F-43C432A68E10}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS5F26.tmp\SymNRT.exe
FirewallRules: [{4C6E9204-A037-420E-80BA-417E429CC713}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS5F26.tmp\SymNRT.exe
FirewallRules: [{0B2B42F7-1871-4B4E-BB35-828F2F9F8B1B}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{CBC7A2CD-E43E-4F6E-B6DA-9B28A5F44391}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{2AF45CE1-7A03-44D4-BBD6-7DCB490D5436}] => C:\Program Files (x86)\BitTorrent\bittorrent.exe
FirewallRules: [{070BA28A-1491-44DC-84B4-B20EBEDF6629}] => C:\Program Files (x86)\BitTorrent\bittorrent.exe
FirewallRules: [TCP Query User{DF740346-0168-4F28-80D6-69CD84AB20AA}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{4FD0DC72-B64A-4A45-8132-F59C028EEFFB}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [{E2D0B330-83EF-4332-8FA5-D2CE9A8643CE}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{A5D3560A-694E-415D-9081-53F7DFA5A692}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{53FD7FE9-28FC-4296-8B83-78B173776DEC}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{FDCA922A-E158-4E38-8E22-086CDA408762}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{7BE0E932-197D-4407-A713-9C998D0E4E91}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{E4E5FE6A-3176-4185-B524-A97D09D3AEB7}] => C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{CD3846B0-EF6A-45D0-A183-CE5B3C61CADD}] => C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{3577C9B0-D9C5-45F3-9D0A-FA1F6F058BF0}] => C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C441440-1B93-4701-913F-41774EA23F6B}] => C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{30B7C787-CBAF-4048-9796-DE3133FF112C}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe] => C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{8912F681-8E06-4AF3-B489-746C21EAB615}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe] => C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe
FirewallRules: [TCP Query User{96A221CB-F866-41A0-BE68-B18361907904}C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe] => C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe
FirewallRules: [UDP Query User{8B96A856-917C-4C6E-AD79-7AC5E155C364}C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe] => C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe
FirewallRules: [{D32E0499-661A-4779-8E26-5B587243BE7B}] => C:\Cs 1.6\Steam.exe
FirewallRules: [{FB6F4FD6-12BF-4D44-B281-8F4875B3124B}] => C:\Cs 1.6\Steam.exe
FirewallRules: [{D9EBE7F8-0324-4189-A9D6-EBB773C17F86}] => C:\Users\Suiolirim\AppData\Local\Temp\ijjiOptimizer.exe
FirewallRules: [{5BC5D678-A2FF-4647-B859-57F6E347DDCC}] => C:\Users\Suiolirim\AppData\Local\Temp\ijjiOptimizer.exe
FirewallRules: [TCP Query User{6385691A-9447-42C9-9B2E-B18E5D7DC435}C:\soldat2\soldat.exe] => C:\soldat2\soldat.exe
FirewallRules: [UDP Query User{3863E502-4198-464C-92B6-1F301BDCA9A8}C:\soldat2\soldat.exe] => C:\soldat2\soldat.exe
FirewallRules: [TCP Query User{698BE46D-87A0-430F-8586-23D12B1973AB}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [UDP Query User{DE05E973-9F2B-4456-ACF8-74AEF60577B7}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [TCP Query User{F2A7F3FC-EC6F-4171-94E6-924BC4F2FCEF}C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{7389077C-02F9-4FEA-AA26-BCFBBF712AE2}C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{DB6D63B3-092B-4426-ACC1-9DB22C3D4562}C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{2C0D4C1D-4428-41A9-ACD8-5AA5618786A5}C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{907CFEAA-1FF5-429F-821E-48D9A9F84A19}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{4A6C56D9-EDD1-4D26-B9DE-8C743448EB0A}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{C56193DC-E430-49A5-A8D4-4A4763E60F63}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{B1CA55F8-2A25-4619-87C9-EF2E0E1C993B}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{A4EB908A-D57C-44C7-89A2-77DADF45D973}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{6295282A-53FC-4AE1-A484-36D5BB4B92E6}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{CE6702D4-9DD4-49BC-B0A8-AF958F71E4AF}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{E29F5297-E873-42A0-A8D1-CE09E5A500C4}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [TCP Query User{1CFE621F-1CEB-4D76-AF71-0E4BDBA192AB}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [UDP Query User{97B0F469-9067-448C-A18C-2A09B05D25C7}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [{F10C861E-DC16-4269-9F30-AB88FE56A749}] => C:\Games\air\LolClient.exe
FirewallRules: [{04B84668-252C-4FDD-92ED-23C2734E1628}] => C:\Games\air\LolClient.exe
FirewallRules: [{8FDA3253-ED10-42EC-BB6C-EA6C9BD53C16}] => C:\Games\game\League of Legends.exe
FirewallRules: [{B07DED30-29DB-4594-B74D-FC2534A04BBE}] => C:\Games\game\League of Legends.exe
FirewallRules: [TCP Query User{BEBBC708-6C78-4F37-8031-EB723B05801E}C:\program files (x86)\heroes of newerth\hon.exe] => C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [UDP Query User{788B43DE-D4B1-4EA7-B4AD-8F282F438BCE}C:\program files (x86)\heroes of newerth\hon.exe] => C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [{6520B0AA-EC1D-4B8C-BB1C-111610C5CA53}] => C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{8D9EFAD6-AF8D-4146-A93F-D027958A96E3}] => C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{F7FEE872-64ED-4AF5-A018-D30D370C75E4}] => C:\Program Files (x86)\theHunter\game\theHunter.exe
FirewallRules: [{2B9C99B5-0242-4B3E-B995-965A00372346}] => C:\Program Files (x86)\theHunter\game\theHunter.exe
FirewallRules: [TCP Query User{EF27C3D8-398E-40A4-ADDC-D8BC95C3F684}C:\program files (x86)\devpro\devpro_lan.exe] => C:\program files (x86)\devpro\devpro_lan.exe
FirewallRules: [UDP Query User{33CAA96D-1711-4FFD-BD56-4F46464F9924}C:\program files (x86)\devpro\devpro_lan.exe] => C:\program files (x86)\devpro\devpro_lan.exe
FirewallRules: [TCP Query User{A9ED4002-7A57-48E7-B795-30595ACA2EA2}C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe
FirewallRules: [UDP Query User{06EB48A4-5422-4CAC-9EB9-9C7FAD04D9F8}C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe
FirewallRules: [TCP Query User{3EC0E2CF-DEA9-4C51-9947-CEC76A765BD2}C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe] => C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe
FirewallRules: [UDP Query User{61612DA4-F1E5-4BD4-B209-1133759DD96E}C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe] => C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe
FirewallRules: [{FF9E5FDA-BF4C-4041-AD35-BF85E2AEC875}] => C:\Program Files (x86)\Activision\Spider-Man - Web of Shadows\image\pc\Spider-Man Web of Shadows.exe
FirewallRules: [{125FF535-789C-4856-AF6F-B0A8D4168A4A}] => C:\Program Files (x86)\Activision\Spider-Man - Web of Shadows\image\pc\Spider-Man Web of Shadows.exe
FirewallRules: [TCP Query User{C3C08D20-40B9-4675-BDA3-93BD1A4BD83D}C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe] => C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe
FirewallRules: [UDP Query User{E3419AF2-CB6B-4F5F-937C-26446748B66B}C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe] => C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe
FirewallRules: [{86D92C95-CDD9-43F2-A13A-2A5002859A92}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{043BEABF-FD86-4D68-955F-EC4F131C1CD4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A0698A7-E529-4834-BBA6-49D2CA1AEEFB}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3A5EB6FB-71DD-441E-9A9C-CEE72EC3D1DC}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5A813D49-D9EE-4303-9EDB-10C53A4EEF09}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6160C656-30EA-49C3-8AF7-72C4EDAEEA49}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BDCD0FCC-DB7C-4E5F-BA4E-6BB3D428B3D4}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C80D91EE-8854-4F93-A790-C0D2F5E91F86}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{AA8A4988-CF3B-4B39-B274-13612F249C17}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{1CB2C1FC-38D6-4D67-839F-F21388A3121E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{17C163B0-538E-48B5-A435-00E01A3D1C3D}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{616442F7-6FDF-4877-81BC-71C628B02919}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{A649B2CB-C0AE-4CC7-89D7-41274F5192B7}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{90D4E229-023D-4A84-8DD2-22A361919B0D}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
==================== Wiederherstellungspunkte =========================
02-05-2015 12:03:54 Geplanter Prüfpunkt
03-05-2015 14:04:40 Geplanter Prüfpunkt
13-05-2015 11:46:28 Geplanter Prüfpunkt
16-05-2015 15:49:34 Geplanter Prüfpunkt
19-05-2015 11:08:58 Geplanter Prüfpunkt
21-05-2015 13:42:18 Geplanter Prüfpunkt
22-05-2015 15:45:03 Geplanter Prüfpunkt
28-05-2015 14:37:11 Geplanter Prüfpunkt
02-06-2015 09:44:10 Geplanter Prüfpunkt
11-06-2015 11:44:39 Geplanter Prüfpunkt
12-06-2015 15:46:40 Geplanter Prüfpunkt
14-06-2015 11:16:03 Geplanter Prüfpunkt
25-06-2015 12:18:23 Geplanter Prüfpunkt
26-06-2015 11:56:24 Geplanter Prüfpunkt
30-06-2015 17:03:07 Geplanter Prüfpunkt
05-07-2015 12:37:53 Geplanter Prüfpunkt
29-07-2015 16:26:34 Geplanter Prüfpunkt
30-07-2015 12:50:27 Geplanter Prüfpunkt
31-07-2015 12:33:14 Geplanter Prüfpunkt
21-03-2016 21:29:25 Geplanter Prüfpunkt
24-04-2016 17:08:43 Removed QuickTime
07-07-2016 12:36:22 Geplanter Prüfpunkt
25-08-2016 16:28:07 Geplanter Prüfpunkt
23-10-2016 13:29:11 Geplanter Prüfpunkt
25-10-2016 21:44:18 Geplanter Prüfpunkt
24-12-2016 17:40:21 Removed Java 7 Update 45
24-12-2016 17:43:16 Removed QuickTime
24-12-2016 18:59:16 Removed Apple Application Support
24-12-2016 19:04:32 Removed Apple Software Update
24-12-2016 19:57:24 Installed AVG 2016
24-12-2016 19:58:19 Installed AVG
25-12-2016 14:56:40 Geplanter Prüfpunkt
25-12-2016 15:05:04 Removed System Requirements Lab CYRI
25-12-2016 15:06:28 ??????? Counter-Strike 1.6
25-12-2016 15:07:01 chip 1-click download service wurde entfernt.
25-12-2016 17:08:42 Windows-Modulinstallation
26-12-2016 17:45:49 Windows Update
26-12-2016 18:21:53 Windows Update
26-12-2016 21:46:53 Windows Update
27-12-2016 12:24:55 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #5
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #6
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #7
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #8
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #9
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/27/2016 01:33:50 AM) (Source: profsvc) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
Error: (12/27/2016 01:15:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung sidebar.exe, Version 6.0.6002.18005, Zeitstempel 0x49e035b8, fehlerhaftes Modul avghooka.dll, Version 16.141.0.7996, Zeitstempel 0x58526173, Ausnahmecode 0xc0000005, Fehleroffset 0x0000000000003d3b,
Prozess-ID 0x1234, Anwendungsstartzeit 01d25fd64aa69aff.
Error: (12/27/2016 01:11:22 AM) (Source: profsvc) (EventID: 1502) (User: SUIOLIRIM)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigter lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (12/27/2016 01:11:22 AM) (Source: profsvc) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. for C:\Users\Suiolirim\ntuser.dat
Error: (12/26/2016 11:57:27 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (12/26/2016 11:57:26 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Error: (12/26/2016 11:29:17 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Das Zusammenstellen der Leistungsindikatorendaten vom Dienst "PolicyAgent" wurde deaktiviert, da mindestens ein Fehler von der Leistungsindikatorenbibliothek für diesen Dienst verursacht wurde. Die Fehler, die diese Aktion erzwungen haben, wurden in das Ereignisprotokoll der Anwendung geschrieben. Die Fehler müssen behoben werden, bevor die Leistungsindikatoren für diesen Dienst aktiviert werden.
Error: (12/26/2016 11:29:17 PM) (Source: Perflib) (EventID: 1005) (User: )
Description: Die Open-Prozedur "OpenIPSecPerformanceData" in der DLL "C:\Windows\System32\ipsecsvc.dll" für den "PolicyAgent"-Dienst wurde nicht gefunden. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/26/2016 11:29:17 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "PNRPsvc" in der DLL "C:\Windows\system32\pnrpperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/26/2016 11:29:16 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Die Collect-Prozedur für den "EmdCache"-Dienst in der DLL "C:\Windows\system32\emdmgmt.dll" hat eine Ausnahme verursacht oder einen ungültigen Status zurückgegeben. Die von der Leistungsindikatoren-DLL zurückgegebenen Leistungsdaten werden nicht im Perf Data Block zurückgegeben. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Ausnahmecode oder den Statuscode.
Systemfehler:
=============
Error: (12/27/2016 01:34:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "UPnP-Gerätehost" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
Error: (12/27/2016 01:34:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (12/27/2016 01:34:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 01:34:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Beep
Lbd
Error: (12/27/2016 01:34:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (12/27/2016 01:34:10 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/27/2016 01:34:10 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/27/2016 01:34:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 01:29:55 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/27/2016 01:09:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "UPnP-Gerätehost" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
CodeIntegrity:
===================================
Date: 2016-12-27 14:23:17.860
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:23:16.955
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:23:16.284
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:23:15.614
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:23:14.771
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:23:14.054
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:23:13.211
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:23:12.494
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:22:35.490
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 14:22:34.835
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) 9650 Quad-Core Processor
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 4093.58 MB
Verfügbarer physikalischer RAM: 2248.14 MB
Summe virtueller Speicher: 10139.08 MB
Verfügbarer virtueller Speicher: 8006.08 MB
==================== Laufwerke ================================
Drive c: (HP) (Fixed) (Total:582.63 GB) (Free:319.94 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.54 GB) (Free:1.83 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=582.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
27.12.2016, 19:53
| #3 |
| /// Malwareteam   | Windows Vista: AVG findet einen Rootkit Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
27.12.2016, 20:15
| #4 |
| | Windows Vista: AVG findet einen Rootkit Vielen Dank. Hier die Logfile: Code:
ATTFilter 20:07:16.0846 0x17f0 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
20:07:38.0333 0x17f0 ============================================================
20:07:38.0333 0x17f0 Current date / time: 2016/12/27 20:07:38.0333
20:07:38.0333 0x17f0 SystemInfo:
20:07:38.0333 0x17f0
20:07:38.0333 0x17f0 OS Version: 6.0.6002 ServicePack: 2.0
20:07:38.0333 0x17f0 Product type: Workstation
20:07:38.0333 0x17f0 ComputerName: SUIOLIRIM
20:07:38.0333 0x17f0 UserName: Suiolirim
20:07:38.0333 0x17f0 Windows directory: C:\Windows
20:07:38.0333 0x17f0 System windows directory: C:\Windows
20:07:38.0333 0x17f0 Running under WOW64
20:07:38.0333 0x17f0 Processor architecture: Intel x64
20:07:38.0333 0x17f0 Number of processors: 4
20:07:38.0333 0x17f0 Page size: 0x1000
20:07:38.0333 0x17f0 Boot type: Normal boot
20:07:38.0333 0x17f0 CodeIntegrityOptions = 0x00000001
20:07:38.0333 0x17f0 ============================================================
20:07:38.0559 0x17f0 KLMD registered as C:\Windows\system32\drivers\22166475.sys
20:07:38.0559 0x17f0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 6002.19700, osProperties = 0x1
20:07:39.0200 0x17f0 System UUID: {21B22E23-C97C-08C7-C5CF-2588087A7DD8}
20:07:39.0827 0x17f0 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:07:39.0828 0x17f0 ============================================================
20:07:39.0828 0x17f0 \Device\Harddisk0\DR0:
20:07:39.0828 0x17f0 MBR partitions:
20:07:39.0828 0x17f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48D4099A
20:07:39.0828 0x17f0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48D409D9, BlocksNum 0x1B164E8
20:07:39.0828 0x17f0 ============================================================
20:07:39.0859 0x17f0 C: <-> \Device\Harddisk0\DR0\Partition1
20:07:39.0906 0x17f0 D: <-> \Device\Harddisk0\DR0\Partition2
20:07:39.0906 0x17f0 ============================================================
20:07:39.0906 0x17f0 Initialize success
20:07:39.0906 0x17f0 ============================================================
20:09:04.0066 0x11e8 ============================================================
20:09:04.0066 0x11e8 Scan started
20:09:04.0066 0x11e8 Mode: Manual; SigCheck; TDLFS;
20:09:04.0066 0x11e8 ============================================================
20:09:04.0066 0x11e8 KSN ping started
20:09:04.0300 0x11e8 KSN ping finished: true
20:09:05.0314 0x11e8 ================ Scan system memory ========================
20:09:05.0314 0x11e8 System memory - ok
20:09:05.0314 0x11e8 ================ Scan services =============================
20:09:05.0454 0x11e8 [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI C:\Windows\system32\drivers\acpi.sys
20:09:05.0626 0x11e8 ACPI - ok
20:09:05.0751 0x11e8 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:09:05.0766 0x11e8 AdobeARMservice - ok
20:09:05.0829 0x11e8 [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:09:05.0860 0x11e8 adp94xx - ok
20:09:05.0891 0x11e8 [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:09:05.0969 0x11e8 adpahci - ok
20:09:06.0000 0x11e8 [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:09:06.0016 0x11e8 adpu160m - ok
20:09:06.0063 0x11e8 [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:09:06.0078 0x11e8 adpu320 - ok
20:09:06.0125 0x11e8 [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:09:06.0172 0x11e8 AeLookupSvc - ok
20:09:06.0234 0x11e8 [ 8C771D6FBEE9D6F2E7DDE165940CB513, 1DDD7B495D12446F7FF206102D64D92D063C84EEA8D2F015F727721DC970BBE1 ] AFD C:\Windows\system32\drivers\afd.sys
20:09:06.0312 0x11e8 AFD - ok
20:09:06.0344 0x11e8 [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:09:06.0359 0x11e8 agp440 - ok
20:09:06.0375 0x11e8 [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:09:06.0406 0x11e8 aic78xx - ok
20:09:06.0422 0x11e8 [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG C:\Windows\System32\alg.exe
20:09:06.0453 0x11e8 ALG - ok
20:09:06.0468 0x11e8 [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide C:\Windows\system32\drivers\aliide.sys
20:09:06.0484 0x11e8 aliide - ok
20:09:06.0515 0x11e8 [ DDEA39A56B801A675E118429AF6A30D2, D61A702E8777514A6926D1D5EB180F33C6317871013B355E7C17FE37C14C5D7F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:09:06.0562 0x11e8 AMD External Events Utility - ok
20:09:06.0624 0x11e8 AMD FUEL Service - ok
20:09:06.0640 0x11e8 [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide C:\Windows\system32\drivers\amdide.sys
20:09:06.0656 0x11e8 amdide - ok
20:09:06.0687 0x11e8 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
20:09:06.0702 0x11e8 amdiox64 - ok
20:09:06.0718 0x11e8 [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:09:06.0765 0x11e8 AmdK8 - ok
20:09:07.0186 0x11e8 [ 7F2BDD27F3611041D6B0D6C565A748A7, F74A3589253AAEDAFB15D5C439771339FC3B78B1CE51409A630822B653D4885D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:09:07.0794 0x11e8 amdkmdag - ok
20:09:07.0841 0x11e8 [ 8E2A3479CF4E871F37D0F023692E6694, BE995D5679ABEF800E24208A068C44A10607305A8C328FF29A11DCAAB4D18FBB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:09:07.0872 0x11e8 amdkmdap - ok
20:09:07.0919 0x11e8 [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:09:07.0935 0x11e8 AODDriver4.01 - ok
20:09:07.0982 0x11e8 [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:09:07.0982 0x11e8 AODDriver4.1 - ok
20:09:08.0028 0x11e8 [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo C:\Windows\System32\appinfo.dll
20:09:08.0044 0x11e8 Appinfo - ok
20:09:08.0075 0x11e8 [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc C:\Windows\system32\drivers\arc.sys
20:09:08.0091 0x11e8 arc - ok
20:09:08.0106 0x11e8 [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:09:08.0122 0x11e8 arcsas - ok
20:09:08.0231 0x11e8 [ 08FC11F6416923BBC614C28B4180E9A7, C829380F10E3EE92A38F2D59ED0D5B1D27B577021307E0C2C23EC901D0479006 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:09:08.0262 0x11e8 aspnet_state - ok
20:09:08.0278 0x11e8 [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:09:08.0325 0x11e8 AsyncMac - ok
20:09:08.0340 0x11e8 [ E68D9B3A3905619732F7FE039466A623, 74C0B29E54EF064660B9C756E03D5A7EB78F261EFF768EB6E74D261FBD34340D ] atapi C:\Windows\system32\drivers\atapi.sys
20:09:08.0356 0x11e8 atapi - ok
20:09:08.0387 0x11e8 [ 917692CDF8E1CE00D9752FA40615338B, 13CC566C3DC5C5EAC956A6D7AC0181231388C018639372E273CEAEC55575EBB4 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH6.sys
20:09:08.0403 0x11e8 AtiHDAudioService - ok
20:09:08.0418 0x11e8 [ A48798722F2A9654E22226F3EADB203B, 5CB69C55EA09D75FCD23BD8735AA127A9E98BA5BC9E04A54F62F7ACD35B64FAE ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:09:08.0450 0x11e8 AtiHdmiService - ok
20:09:08.0840 0x11e8 [ 7F2BDD27F3611041D6B0D6C565A748A7, F74A3589253AAEDAFB15D5C439771339FC3B78B1CE51409A630822B653D4885D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:09:10.0821 0x11e8 atikmdag - ok
20:09:11.0024 0x11e8 [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:09:11.0226 0x11e8 AudioEndpointBuilder - ok
20:09:11.0273 0x11e8 [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:09:11.0320 0x11e8 AudioSrv - ok
20:09:11.0445 0x11e8 [ EBE91430DEC70E1F81D1C48B31160CAE, DFFF9663D797D7E289EEB5591ACFED49454FAEB9840CBCB319B60043CD989550 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
20:09:11.0523 0x11e8 Avgdiska - ok
20:09:14.0705 0x11e8 [ 00749A4447C5C734DC71136A89B46F1E, 1FECD2F467666220FF8277A7CF86F10833D5CBDF865A32177FCCC4228A916453 ] AVGIDSAgent C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
20:09:15.0017 0x11e8 AVGIDSAgent - ok
20:09:15.0126 0x11e8 [ 9BAA0BB74497AA3FD81C652EF2E0A9F9, EF12DC76EE4B7267BF66E7B793462C3A990AB768213F7B2C1B43B942526996BB ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:09:15.0204 0x11e8 AVGIDSDriver - ok
20:09:15.0329 0x11e8 [ D4CCC55958DC87A0F7EF8A809BE5D656, D2CA777B31B894C5C5AC1D8CE088138DE3A69CB342B647649546EA2987F8D20B ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
20:09:15.0407 0x11e8 AVGIDSHA - ok
20:09:15.0516 0x11e8 [ 1DABB9FB732FD97B63C03AC8C3637E8C, 4CC8EE8F7E7677223068E86C32B6AEFE19628A92522E6C395FD3ABF42895DD22 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
20:09:15.0594 0x11e8 Avgldx64 - ok
20:09:15.0750 0x11e8 [ 301E95F388C93D3C73EE35E3693C6A97, 512BA2905EDCC900B12037701A120EE527A14894BF562610F3CF57A65D20FCD5 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
20:09:15.0860 0x11e8 Avgloga - ok
20:09:15.0906 0x11e8 [ A8524438C36CEB9C1F6C6CF7CC56FC7B, 984AA0DA36D3586D5C525B41AD378DD1FC5F446105FF8306C541B116305BF152 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
20:09:15.0969 0x11e8 Avgmfx64 - ok
20:09:15.0984 0x11e8 [ 2A0D6982D0492BF6266E64F25C23EAE8, 7400F85784C0658B4DF6C7424E3ACDCF421D8293D247E80D6AEE14FA91EBFBDC ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
20:09:16.0062 0x11e8 Avgrkx64 - ok
20:09:16.0172 0x11e8 [ 77886F050DE9D0296B4BA7D7AD13A0BA, 132DADE478A11207984AF96A7049C872AFB02E46A5B4149050D3BC1A96F995ED ] avgsvc C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
20:09:16.0250 0x11e8 avgsvc - ok
20:09:16.0281 0x11e8 [ 62106EC9E7AE887CC4A627206E082296, 3947A8A74C60D5E2709277A80D45B78DA07F3CDC01A8C260BD230EEFDAB145AB ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
20:09:16.0328 0x11e8 Avgtdia - ok
20:09:16.0328 0x11e8 [ 1EEB894456B375A486950D343F6DB81F, C5D6EBAC49A4AABE360EE2FA791628C164608FAF5CF37049368CE061D8ABFC10 ] avguniva C:\Windows\system32\DRIVERS\avguniva.sys
20:09:16.0359 0x11e8 avguniva - ok
20:09:16.0406 0x11e8 [ 0601C2A047EAB534E4AD98B9FC99C413, 4D79488B24A0C5384ACCC18B28CB3E7610FC1879A9AA0D7B6C17873051314C3B ] avgwd C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
20:09:16.0452 0x11e8 avgwd - ok
20:09:16.0468 0x11e8 Beep - ok
20:09:16.0530 0x11e8 [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE C:\Windows\System32\bfe.dll
20:09:16.0593 0x11e8 BFE - ok
20:09:16.0686 0x11e8 [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS C:\Windows\system32\qmgr.dll
20:09:16.0811 0x11e8 BITS - ok
20:09:16.0827 0x11e8 [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:09:16.0874 0x11e8 blbdrive - ok
20:09:16.0905 0x11e8 [ B36BFEB725497294F8922BD3E9978DBC, 41D3F4F69196A66B0801B8C2AE890E7BB8641D48B3F6DABAEBAF5FA304AFF875 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:09:16.0952 0x11e8 bowser - ok
20:09:16.0967 0x11e8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:09:16.0998 0x11e8 BrFiltLo - ok
20:09:17.0014 0x11e8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:09:17.0045 0x11e8 BrFiltUp - ok
20:09:17.0076 0x11e8 [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser C:\Windows\System32\browser.dll
20:09:17.0123 0x11e8 Browser - ok
20:09:17.0154 0x11e8 [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:09:17.0217 0x11e8 Brserid - ok
20:09:17.0279 0x11e8 [ 80E52EF092F3DAD03E0EE15E64F97245, D3BAFEBA95C9FC96945F47134F617695B48F5C67E26526D99D8D85DC39737F8A ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
20:09:17.0295 0x11e8 BrSerIf - ok
20:09:17.0342 0x11e8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:09:17.0404 0x11e8 BrSerWdm - ok
20:09:17.0435 0x11e8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:09:17.0513 0x11e8 BrUsbMdm - ok
20:09:17.0529 0x11e8 [ 601CB966FFFEBC6806626DC8E7AA0EF2, 34208A23F48C60C52144C02D4E157D3057E9DE7D46ECB4246A521BEBB261F446 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
20:09:17.0544 0x11e8 BrUsbSer - ok
20:09:17.0560 0x11e8 [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:09:17.0622 0x11e8 BTHMODEM - ok
20:09:17.0654 0x11e8 catchme - ok
20:09:17.0669 0x11e8 [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:09:17.0716 0x11e8 cdfs - ok
20:09:17.0732 0x11e8 [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:09:17.0763 0x11e8 cdrom - ok
20:09:17.0794 0x11e8 [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc C:\Windows\System32\certprop.dll
20:09:17.0825 0x11e8 CertPropSvc - ok
20:09:17.0841 0x11e8 [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass C:\Windows\system32\drivers\circlass.sys
20:09:17.0872 0x11e8 circlass - ok
20:09:17.0934 0x11e8 [ BEF9281E6766550D6F024B66316E3B23, A0074C658F76C91124CBD73CA0410C0EB2F924D2A834E76569F7E5039F5BC0DD ] CLFS C:\Windows\system32\CLFS.sys
20:09:17.0966 0x11e8 CLFS - ok
20:09:18.0028 0x11e8 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:09:18.0044 0x11e8 clr_optimization_v2.0.50727_32 - ok
20:09:18.0090 0x11e8 [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:09:18.0137 0x11e8 clr_optimization_v2.0.50727_64 - ok
20:09:18.0200 0x11e8 [ 40554ADA608F31A73BC002041BFBCED4, 8A4FB3B824EC49392A206BF14381AAE389C0E683B4ED0E89F5362746222E1FBA ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:09:18.0215 0x11e8 clr_optimization_v4.0.30319_32 - ok
20:09:18.0262 0x11e8 [ 7CD17E6A27D64F672DEA52E9D144B08E, 566CB07531BEBFB704E2BE2D33F49B5D9F962D7931B2BABC1BA2F4015C651CBE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:09:18.0278 0x11e8 clr_optimization_v4.0.30319_64 - ok
20:09:18.0293 0x11e8 [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:09:18.0309 0x11e8 cmdide - ok
20:09:18.0324 0x11e8 [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:09:18.0340 0x11e8 Compbatt - ok
20:09:18.0340 0x11e8 COMSysApp - ok
20:09:18.0371 0x11e8 cpuz135 - ok
20:09:18.0371 0x11e8 [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:09:18.0387 0x11e8 crcdisk - ok
20:09:18.0418 0x11e8 [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:09:18.0449 0x11e8 CryptSvc - ok
20:09:18.0480 0x11e8 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch C:\Windows\system32\rpcss.dll
20:09:18.0558 0x11e8 DcomLaunch - ok
20:09:18.0605 0x11e8 [ 16F2E8AD0F123EE6C1D8DB8AB971A12F, C404A2C714FB20F689EA9E0035FD2DD4E1E0AADBEEF4EB510A7CEC794DB50382 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:09:18.0636 0x11e8 DfsC - ok
20:09:18.0777 0x11e8 [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR C:\Windows\system32\DFSR.exe
20:09:19.0042 0x11e8 DFSR - ok
20:09:19.0089 0x11e8 [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:09:19.0136 0x11e8 Dhcp - ok
20:09:19.0167 0x11e8 [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk C:\Windows\system32\drivers\disk.sys
20:09:19.0182 0x11e8 disk - ok
20:09:19.0229 0x11e8 [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:09:19.0245 0x11e8 Dnscache - ok
20:09:19.0292 0x11e8 [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc C:\Windows\System32\dot3svc.dll
20:09:19.0338 0x11e8 dot3svc - ok
20:09:19.0370 0x11e8 [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS C:\Windows\system32\dps.dll
20:09:19.0416 0x11e8 DPS - ok
20:09:19.0448 0x11e8 [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:09:19.0463 0x11e8 drmkaud - ok
20:09:19.0494 0x11e8 [ 1DB483097AA009C069CAFEBDAB4C57F3, D853A3FA3F61E5FC514836924464CF9AE0C7797F0E0D1B0F564C70443CEB5D00 ] DTSRVC C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
20:09:19.0510 0x11e8 DTSRVC - detected UnsignedFile.Multi.Generic ( 1 )
20:09:19.0838 0x11e8 Detect skipped due to KSN trusted
20:09:19.0838 0x11e8 DTSRVC - ok
20:09:19.0931 0x11e8 dump_wmimmc - ok
20:09:19.0978 0x11e8 [ 51991007674FB3548BE592F5071E747C, 4F73EBBAD41689057FC4CDB1570BA1C668A906722D302E00D87FACF024B514FC ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:09:20.0056 0x11e8 DXGKrnl - ok
20:09:20.0087 0x11e8 [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
20:09:20.0118 0x11e8 E1G60 - ok
20:09:20.0150 0x11e8 [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost C:\Windows\System32\eapsvc.dll
20:09:20.0181 0x11e8 EapHost - ok
20:09:20.0212 0x11e8 [ 665E1507E129DC598C6EB390A10AC05B, 851018D4DB6E80FC27445EA13B8AADC340746CB6E71908F9B05EB094C4BB78D9 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:09:20.0228 0x11e8 Ecache - ok
20:09:20.0290 0x11e8 [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:09:20.0321 0x11e8 ehRecvr - ok
20:09:20.0337 0x11e8 [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched C:\Windows\ehome\ehsched.exe
20:09:20.0352 0x11e8 ehSched - ok
20:09:20.0399 0x11e8 [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart C:\Windows\ehome\ehstart.dll
20:09:20.0415 0x11e8 ehstart - ok
20:09:20.0430 0x11e8 [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:09:20.0462 0x11e8 elxstor - ok
20:09:20.0508 0x11e8 [ E10597CED1246F81C87F00E67E7C6855, 67B5A552D5988FD20C35FC5AEF557456C73CB3DAC88E7735A3E15E7F3B6C0D73 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:09:20.0571 0x11e8 EMDMgmt - ok
20:09:20.0586 0x11e8 [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:09:20.0618 0x11e8 ErrDev - ok
20:09:20.0664 0x11e8 [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem C:\Windows\system32\es.dll
20:09:20.0711 0x11e8 EventSystem - ok
20:09:20.0711 0x11e8 EverestDriver - ok
20:09:20.0758 0x11e8 [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat C:\Windows\system32\drivers\exfat.sys
20:09:20.0805 0x11e8 exfat - ok
20:09:20.0805 0x11e8 ezSharedSvc - ok
20:09:20.0805 0x11e8 F-Secure Gatekeeper - ok
20:09:20.0836 0x11e8 F-Secure Gatekeeper Handler Starter - ok
20:09:20.0836 0x11e8 F-Secure HIPS - ok
20:09:20.0867 0x11e8 [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:09:20.0930 0x11e8 fastfat - ok
20:09:20.0945 0x11e8 [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:09:20.0992 0x11e8 fdc - ok
20:09:21.0008 0x11e8 [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost C:\Windows\system32\fdPHost.dll
20:09:21.0054 0x11e8 fdPHost - ok
20:09:21.0070 0x11e8 [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub C:\Windows\system32\fdrespub.dll
20:09:21.0132 0x11e8 FDResPub - ok
20:09:21.0148 0x11e8 [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:09:21.0164 0x11e8 FileInfo - ok
20:09:21.0164 0x11e8 [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:09:21.0210 0x11e8 Filetrace - ok
20:09:21.0226 0x11e8 [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:09:21.0273 0x11e8 flpydisk - ok
20:09:21.0288 0x11e8 [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:09:21.0320 0x11e8 FltMgr - ok
20:09:21.0382 0x11e8 [ 8D89EB9F229CA9ACD2E973C33C9AD85B, 57D49FC2348E4685EF71DCD8A1BEFDFEF5B50CEE0204B769BA35946421F12A89 ] FontCache C:\Windows\system32\FntCache.dll
20:09:21.0460 0x11e8 FontCache - ok
20:09:21.0507 0x11e8 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:09:21.0522 0x11e8 FontCache3.0.0.0 - ok
20:09:21.0522 0x11e8 FSDFWD - ok
20:09:21.0554 0x11e8 [ 81491719AD2F5BB3563334F87C82F734, 1A2628BD459B0BECC0FB842E83B265D1E6D6263E66EAB321ED697D23C500062A ] FSES C:\Windows\system32\drivers\fses.sys
20:09:21.0569 0x11e8 FSES - ok
20:09:21.0600 0x11e8 [ B5B3D6EB4F40ABFC4F28BE0E5B5538E5, 6C84AEFEA5F4A3956B613ABEB477D3D9A29A686482C22B4926921DE674288D19 ] FSFW C:\Windows\system32\drivers\fsdfw.sys
20:09:21.0616 0x11e8 FSFW - ok
20:09:21.0616 0x11e8 FSMA - ok
20:09:21.0632 0x11e8 FSORSPClient - ok
20:09:21.0632 0x11e8 fsvista - ok
20:09:21.0663 0x11e8 [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:09:21.0694 0x11e8 Fs_Rec - ok
20:09:21.0725 0x11e8 [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:09:21.0741 0x11e8 gagp30kx - ok
20:09:21.0788 0x11e8 [ D2D54891B2CAB5C9B8EA4081A093E04A, 2916C140AB571D28DA23C2C746B7FFEF6986B7F39AB4285AAC05A5E6B358A5BD ] gpsvc C:\Windows\System32\gpsvc.dll
20:09:21.0834 0x11e8 gpsvc - ok
20:09:21.0866 0x11e8 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate1c986c7e6048a9a C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:09:21.0881 0x11e8 gupdate1c986c7e6048a9a - ok
20:09:21.0912 0x11e8 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:09:21.0928 0x11e8 gupdatem - ok
20:09:22.0006 0x11e8 [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:09:22.0022 0x11e8 gusvc - ok
20:09:22.0053 0x11e8 [ 68E732382B32417FF61FD663259B4B09, 10C5365AEAC46DF4F5F6A8F96D15141B4709851D4752613233E57EB20CE16446 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:09:22.0084 0x11e8 HdAudAddService - ok
20:09:22.0131 0x11e8 [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:09:22.0209 0x11e8 HDAudBus - ok
20:09:22.0240 0x11e8 [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:09:22.0302 0x11e8 HidBth - ok
20:09:22.0318 0x11e8 [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:09:22.0380 0x11e8 HidIr - ok
20:09:22.0412 0x11e8 [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv C:\Windows\System32\hidserv.dll
20:09:22.0443 0x11e8 hidserv - ok
20:09:22.0474 0x11e8 [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:09:22.0490 0x11e8 HidUsb - ok
20:09:22.0536 0x11e8 [ 1256F6834307B38594CEB034BAF52568, 166938B5C61C816BF9D894A5378AA889ABA5CF866208083C713D229AA30022A5 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
20:09:22.0536 0x11e8 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
20:09:23.0129 0x11e8 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
20:09:23.0129 0x11e8 Force sending object to P2P due to detect: HiPatchService
20:09:23.0363 0x11e8 Object send P2P result: true
20:09:23.0566 0x11e8 [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:09:23.0597 0x11e8 hkmsvc - ok
20:09:23.0628 0x11e8 [ A3A30438C48D2D71556E120C9C7BA7A0, 4C1353DB10E943A89C3FBC5EDE052A163698BDB11B5506D26A89EDB0DAC8A5B2 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
20:09:23.0644 0x11e8 HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
20:09:23.0972 0x11e8 Detect skipped due to KSN trusted
20:09:23.0972 0x11e8 HP Health Check Service - ok
20:09:23.0987 0x11e8 [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:09:24.0003 0x11e8 HpCISSs - ok
20:09:24.0096 0x11e8 [ 37B08E0921417BEB7A39FA80E47D43FC, 8FABB8A20B4E124A0C329DCFA71331BBF547EF9E52A64D460AEF56F04A61DB63 ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
20:09:24.0112 0x11e8 HssDRV6 - ok
20:09:24.0190 0x11e8 [ 3EC456E454E7CF930B6B2FF3D1A9ED2F, 3006A9302077DFE4E4207FA461CAD008A5998409B7ED4644840EAD28AF562A21 ] HssSrv C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
20:09:24.0221 0x11e8 HssSrv - ok
20:09:24.0268 0x11e8 [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:09:24.0315 0x11e8 HTTP - ok
20:09:24.0393 0x11e8 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
20:09:24.0408 0x11e8 HWiNFO32 - ok
20:09:24.0424 0x11e8 [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:09:24.0440 0x11e8 i2omp - ok
20:09:24.0455 0x11e8 [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:09:24.0486 0x11e8 i8042prt - ok
20:09:24.0518 0x11e8 [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:09:24.0549 0x11e8 iaStorV - ok
20:09:24.0627 0x11e8 [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:09:24.0674 0x11e8 idsvc - ok
20:09:24.0705 0x11e8 [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:09:24.0720 0x11e8 iirsp - ok
20:09:24.0783 0x11e8 [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT C:\Windows\System32\ikeext.dll
20:09:24.0861 0x11e8 IKEEXT - ok
20:09:25.0032 0x11e8 [ 8CAA2A543155675D09B0D5239E31EC99, 033CF96E110136A59E01C4D26FE3681862C0993938959059A37A34DC1C0E1D49 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:09:25.0235 0x11e8 IntcAzAudAddService - ok
20:09:25.0266 0x11e8 [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide C:\Windows\system32\drivers\intelide.sys
20:09:25.0298 0x11e8 intelide - ok
20:09:25.0313 0x11e8 [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:09:25.0344 0x11e8 intelppm - ok
20:09:25.0376 0x11e8 [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:09:25.0422 0x11e8 IPBusEnum - ok
20:09:25.0454 0x11e8 [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:09:25.0469 0x11e8 IpFilterDriver - ok
20:09:25.0516 0x11e8 [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:09:25.0547 0x11e8 iphlpsvc - ok
20:09:25.0547 0x11e8 IpInIp - ok
20:09:25.0578 0x11e8 [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:09:25.0610 0x11e8 IPMIDRV - ok
20:09:25.0641 0x11e8 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:09:25.0672 0x11e8 IPNAT - ok
20:09:25.0688 0x11e8 [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:09:25.0734 0x11e8 IRENUM - ok
20:09:25.0750 0x11e8 [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:09:25.0766 0x11e8 isapnp - ok
20:09:25.0797 0x11e8 [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:09:25.0828 0x11e8 iScsiPrt - ok
20:09:25.0844 0x11e8 [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:09:25.0859 0x11e8 iteatapi - ok
20:09:25.0875 0x11e8 [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:09:25.0890 0x11e8 iteraid - ok
20:09:25.0906 0x11e8 [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:09:25.0922 0x11e8 kbdclass - ok
20:09:25.0937 0x11e8 [ BF8783A5066CFECF45095459E8010FA7, 90845E1A154189258B2754C4FF8E6732AA462FF3777E8DFBAF8246C7C5B2740D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:09:25.0968 0x11e8 kbdhid - ok
20:09:26.0031 0x11e8 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso C:\Windows\system32\lsass.exe
20:09:26.0046 0x11e8 KeyIso - ok
20:09:26.0156 0x11e8 [ 65F3B81FA285EAB641F5E6EF7AEB984D, FD0243B08309D5C0AB1A90EEFB14FEF7457A27E6174D2924298674119AEFAF7D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
20:09:26.0234 0x11e8 KLIF - ok
20:09:26.0280 0x11e8 [ 4E76398AEF64CB6D782CFEB99B4EAE55, ED8CDC9A454FD6C7C907B1983259DB85FF76F4B85CD501D4679BB4035F16ACA2 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
20:09:26.0296 0x11e8 KMWDFILTER - ok
20:09:26.0343 0x11e8 [ DDB5EF7210DBC82946DA899D892E63DB, 69AAC73D722C3CEE5B958F6F35E572B50E8E0FBEB0299F37A26E5F805E9710E1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:09:26.0390 0x11e8 KSecDD - ok
20:09:26.0421 0x11e8 [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:09:26.0452 0x11e8 ksthunk - ok
20:09:26.0499 0x11e8 [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:09:26.0577 0x11e8 KtmRm - ok
20:09:26.0608 0x11e8 [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:09:26.0639 0x11e8 LanmanServer - ok
20:09:26.0670 0x11e8 [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:09:26.0702 0x11e8 LanmanWorkstation - ok
20:09:26.0717 0x11e8 Lbd - ok
20:09:26.0764 0x11e8 [ DFEFF67508D3A9AEB1A85D7B0F513B24, 34A02E6BEAFB22B1527C72E0E2D65FA1DBCFB022672116BFF4A903FBBEA8419D ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:09:26.0780 0x11e8 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
20:09:27.0107 0x11e8 Detect skipped due to KSN trusted
20:09:27.0107 0x11e8 LightScribeService - ok
20:09:27.0138 0x11e8 [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:09:27.0185 0x11e8 lltdio - ok
20:09:27.0232 0x11e8 [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:09:27.0279 0x11e8 lltdsvc - ok
20:09:27.0310 0x11e8 [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts C:\Windows\System32\lmhsvc.dll
20:09:27.0341 0x11e8 lmhosts - ok
20:09:27.0372 0x11e8 [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:09:27.0388 0x11e8 LSI_FC - ok
20:09:27.0404 0x11e8 [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:09:27.0419 0x11e8 LSI_SAS - ok
20:09:27.0450 0x11e8 [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:09:27.0466 0x11e8 LSI_SCSI - ok
20:09:27.0482 0x11e8 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv C:\Windows\system32\drivers\luafv.sys
20:09:27.0528 0x11e8 luafv - ok
20:09:27.0560 0x11e8 [ B2085E335F2B57077B0CBADB6F1245CD, 69C81753B2ABAE8C89CEDADFCB73FB332E5FCD555576959AD412BF036EC9E343 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
20:09:27.0591 0x11e8 lvpopf64 - ok
20:09:27.0622 0x11e8 [ 7717A2CB550267860D3933F3FBA0216F, 77CDFEE372FE28559AA11908B166729E819BC328235D0AF73446863AD9EFF76B ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
20:09:27.0638 0x11e8 LVPr2M64 - ok
20:09:27.0638 0x11e8 [ 7717A2CB550267860D3933F3FBA0216F, 77CDFEE372FE28559AA11908B166729E819BC328235D0AF73446863AD9EFF76B ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
20:09:27.0653 0x11e8 LVPr2Mon - ok
20:09:27.0700 0x11e8 [ 8EBEB7E7A0C3D295CA6BBCFA942C6AA8, BAE0A7DDA3869FB5FE0897EEE1C3C6C411C7314515D10461C5C246D43EF1BA3E ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
20:09:27.0731 0x11e8 LVPrcS64 - ok
20:09:27.0778 0x11e8 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
20:09:27.0809 0x11e8 LVRS64 - ok
20:09:27.0996 0x11e8 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
20:09:28.0230 0x11e8 LVUVC64 - ok
20:09:28.0293 0x11e8 [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:09:28.0324 0x11e8 Mcx2Svc - ok
20:09:28.0340 0x11e8 [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas C:\Windows\system32\drivers\megasas.sys
20:09:28.0355 0x11e8 megasas - ok
20:09:28.0386 0x11e8 [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:09:28.0433 0x11e8 MegaSR - ok
20:09:28.0464 0x11e8 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS C:\Windows\system32\mmcss.dll
20:09:28.0511 0x11e8 MMCSS - ok
20:09:28.0527 0x11e8 [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem C:\Windows\system32\drivers\modem.sys
20:09:28.0574 0x11e8 Modem - ok
20:09:28.0589 0x11e8 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:09:28.0636 0x11e8 monitor - ok
20:09:28.0652 0x11e8 [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:09:28.0667 0x11e8 mouclass - ok
20:09:28.0683 0x11e8 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:09:28.0730 0x11e8 mouhid - ok
20:09:28.0761 0x11e8 [ 108DE0E4E7B0F53F5764F9A241F7A4E6, 0D7688E322FE1DD21BAC1324DC9F27D1007E8417717A0EF8637768D318654CDA ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:09:28.0776 0x11e8 MountMgr - ok
20:09:28.0839 0x11e8 [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:09:28.0854 0x11e8 MozillaMaintenance - ok
20:09:28.0870 0x11e8 [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio C:\Windows\system32\drivers\mpio.sys
20:09:28.0901 0x11e8 mpio - ok
20:09:28.0901 0x11e8 [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:09:28.0932 0x11e8 mpsdrv - ok
20:09:28.0979 0x11e8 [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:09:29.0057 0x11e8 MpsSvc - ok
20:09:29.0104 0x11e8 [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:09:29.0135 0x11e8 Mraid35x - ok
20:09:29.0182 0x11e8 [ DCC3EF8C5F891539390B65BEFFA96AEC, A60AEB24E0422131178C81C40C70B089CEDC11E4539AABDFE2F48B9972BA56E7 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:09:29.0198 0x11e8 MRxDAV - ok
20:09:29.0260 0x11e8 [ B31DB7D6E624479EA20FEE17E712A44C, E316244BD83698793A66EA185BE1395827C7A9D5B73B60592BBF6413BFCF52F1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:09:29.0291 0x11e8 mrxsmb - ok
20:09:29.0322 0x11e8 [ 2EB4A3EDA9FBECEC53CA2BB0853E2B66, 0DBA1CB6A9A97E9406111F724F82A009B9492A4D602FCD288FB907830E070E0E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:09:29.0354 0x11e8 mrxsmb10 - ok
20:09:29.0385 0x11e8 [ 3F979D9CE02323CB3EBD15174732C8C1, 2B8301222B582012A86B85F45374E3B1A562D1EC61DE6A3F5AF611C3B38F409C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:09:29.0400 0x11e8 mrxsmb20 - ok
20:09:29.0416 0x11e8 [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci C:\Windows\system32\drivers\msahci.sys
20:09:29.0432 0x11e8 msahci - ok
20:09:29.0447 0x11e8 [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:09:29.0463 0x11e8 msdsm - ok
20:09:29.0494 0x11e8 [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC C:\Windows\System32\msdtc.exe
20:09:29.0541 0x11e8 MSDTC - ok
20:09:29.0572 0x11e8 [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:09:29.0619 0x11e8 Msfs - ok
20:09:29.0634 0x11e8 [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:09:29.0650 0x11e8 msisadrv - ok
20:09:29.0681 0x11e8 [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:09:29.0728 0x11e8 MSiSCSI - ok
20:09:29.0728 0x11e8 msiserver - ok
20:09:29.0744 0x11e8 [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:09:29.0775 0x11e8 MSKSSRV - ok
20:09:29.0790 0x11e8 [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:09:29.0837 0x11e8 MSPCLOCK - ok
20:09:29.0837 0x11e8 [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:09:29.0884 0x11e8 MSPQM - ok
20:09:29.0915 0x11e8 [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:09:29.0946 0x11e8 MsRPC - ok
20:09:29.0962 0x11e8 [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:09:29.0978 0x11e8 mssmbios - ok
20:09:29.0993 0x11e8 [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:09:30.0024 0x11e8 MSTEE - ok
20:09:30.0040 0x11e8 [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup C:\Windows\system32\Drivers\mup.sys
20:09:30.0087 0x11e8 Mup - ok
20:09:30.0134 0x11e8 [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent C:\Windows\system32\qagentRT.dll
20:09:30.0180 0x11e8 napagent - ok
20:09:30.0212 0x11e8 [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:09:30.0243 0x11e8 NativeWifiP - ok
20:09:30.0305 0x11e8 [ 54803EAE413ED3AB97976674B0EF122A, B06D419B84EA1FB9EA218D5379F2DD32B0739D029A51DD75CA74C01F25BAA806 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:09:30.0352 0x11e8 NDIS - ok
20:09:30.0399 0x11e8 [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:09:30.0414 0x11e8 NdisTapi - ok
20:09:30.0430 0x11e8 [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:09:30.0492 0x11e8 Ndisuio - ok
20:09:30.0508 0x11e8 [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:09:30.0539 0x11e8 NdisWan - ok
20:09:30.0555 0x11e8 [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:09:30.0586 0x11e8 NDProxy - ok
20:09:30.0602 0x11e8 [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:09:30.0633 0x11e8 NetBIOS - ok
20:09:30.0680 0x11e8 [ 2EE680D31D685C0DB4F6D5A68F418A96, 27A41F194BA54BC5B27E063AEAB465862A9F73A86AF7B81646E0E08A4FC3510D ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:09:30.0773 0x11e8 netbt - ok
20:09:30.0804 0x11e8 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon C:\Windows\system32\lsass.exe
20:09:30.0820 0x11e8 Netlogon - ok
20:09:30.0851 0x11e8 [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman C:\Windows\System32\netman.dll
20:09:30.0914 0x11e8 Netman - ok
20:09:30.0992 0x11e8 [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:09:31.0023 0x11e8 NetMsmqActivator - ok
20:09:31.0070 0x11e8 [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:09:31.0085 0x11e8 NetPipeActivator - ok
20:09:31.0132 0x11e8 [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm C:\Windows\System32\netprofm.dll
20:09:31.0194 0x11e8 netprofm - ok
20:09:31.0194 0x11e8 [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:09:31.0226 0x11e8 NetTcpActivator - ok
20:09:31.0226 0x11e8 [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:09:31.0257 0x11e8 NetTcpPortSharing - ok
20:09:31.0257 0x11e8 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:09:31.0272 0x11e8 nfrd960 - ok
20:09:31.0304 0x11e8 [ 9DC33E66BB7E6470BFE8AA9EF5FBED43, 23E583B264BBD7933E3A000F00D646ABE526D1068C41BC24CF93739529FCA339 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:09:31.0335 0x11e8 NlaSvc - ok
20:09:31.0366 0x11e8 [ 4B300DC9B143C99674B6ECD917384155, 74E9DFD1A589B31D62E263930993C0682BB2A74E89ACFF8FAC75E6B71D9A892A ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys
20:09:31.0397 0x11e8 nmwcdcx64 - ok
20:09:31.0428 0x11e8 [ 26CB9318BD38B885EEC67DDF3F17ABC5, 44F79B3DB5F0CAFD8C83D6F452AB391DA4B9C7753648C7356ABCD863C3EE86A4 ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
20:09:31.0460 0x11e8 nmwcdnsux64 - ok
20:09:31.0475 0x11e8 [ DD1D06C2A7E048766482256AB8C755CF, 66494042C114F1795D4190654A07E418240D34C4B3241F6ADACA84823290F263 ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
20:09:31.0506 0x11e8 nmwcdx64 - ok
20:09:31.0522 0x11e8 [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:09:31.0569 0x11e8 Npfs - ok
20:09:31.0584 0x11e8 npggsvc - ok
20:09:31.0584 0x11e8 NPPTNT2 - ok
20:09:31.0600 0x11e8 [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi C:\Windows\system32\nsisvc.dll
20:09:31.0647 0x11e8 nsi - ok
20:09:31.0678 0x11e8 [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:09:31.0709 0x11e8 nsiproxy - ok
20:09:31.0787 0x11e8 [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:09:31.0881 0x11e8 Ntfs - ok
20:09:31.0881 0x11e8 [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null C:\Windows\system32\drivers\Null.sys
20:09:31.0928 0x11e8 Null - ok
20:09:31.0990 0x11e8 [ 13EC5B8A4B82B6DEB739FC577B4217A7, 905FF255580DE25A32B81D66C8D0CB3F62F6A3A41D796D96BCC943DEE4CD447F ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx64.sys
20:09:32.0068 0x11e8 NVENETFD - ok
20:09:32.0115 0x11e8 [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:09:32.0130 0x11e8 nvraid - ok
20:09:32.0146 0x11e8 [ A4B9AF8D1793F67CE894BF051342110F, CC8BED39599A236BE3910C8605D0DE4E2EA95FF0A0645C9066F9767CE0F4E72A ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
20:09:32.0162 0x11e8 nvrd64 - ok
20:09:32.0177 0x11e8 [ 16D36074B84DA72D160233C8D132DC89, B68AB500A052F2FF5B32EC58E32796B9CD06F7C752DBC03B023AD5A0EC826C54 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
20:09:32.0193 0x11e8 nvsmu - ok
20:09:32.0208 0x11e8 [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:09:32.0224 0x11e8 nvstor - ok
20:09:32.0240 0x11e8 [ 7919EE9458B6D84517BC5A598D795931, 8107C703879229323A82913AF3B9E88A14669DA67ADAC22B2A71A1A4D20EBF20 ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
20:09:32.0255 0x11e8 nvstor64 - ok
20:09:32.0271 0x11e8 [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:09:32.0286 0x11e8 nv_agp - ok
20:09:32.0302 0x11e8 NwlnkFlt - ok
20:09:32.0302 0x11e8 NwlnkFwd - ok
20:09:32.0333 0x11e8 [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:09:32.0364 0x11e8 ohci1394 - ok
20:09:32.0442 0x11e8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:09:32.0458 0x11e8 ose - ok
20:09:32.0692 0x11e8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:09:33.0098 0x11e8 osppsvc - ok
20:09:33.0191 0x11e8 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:09:33.0332 0x11e8 p2pimsvc - ok
20:09:33.0378 0x11e8 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc C:\Windows\system32\p2psvc.dll
20:09:33.0425 0x11e8 p2psvc - ok
20:09:33.0456 0x11e8 [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport C:\Windows\system32\drivers\parport.sys
20:09:33.0519 0x11e8 Parport - ok
20:09:33.0550 0x11e8 [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:09:33.0597 0x11e8 partmgr - ok
20:09:33.0628 0x11e8 [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc C:\Windows\System32\pcasvc.dll
20:09:33.0644 0x11e8 PcaSvc - ok
20:09:33.0675 0x11e8 [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:09:33.0690 0x11e8 pccsmcfd - ok
20:09:33.0784 0x11e8 [ 7204F835A4355D1AB2853E57C9FF177C, 85FB9F65AF062AAB2464C2CAEEFA63D41542F565B163455320390278BF87330A ] PCD5SRVC{8AAF211B-043E02A9-05040000} C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms
20:09:33.0815 0x11e8 PCD5SRVC{8AAF211B-043E02A9-05040000} - detected UnsignedFile.Multi.Generic ( 1 )
20:09:34.0158 0x11e8 Detect skipped due to KSN trusted
20:09:34.0158 0x11e8 PCD5SRVC{8AAF211B-043E02A9-05040000} - ok
20:09:34.0221 0x11e8 PcdrNdisuio - ok
20:09:34.0299 0x11e8 [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci C:\Windows\system32\drivers\pci.sys
20:09:34.0330 0x11e8 pci - ok
20:09:34.0346 0x11e8 [ 2657F6C0B78C36D95034BE109336E382, C85CFDA57A64B7CC1BB09225C2F81629CEF21C5F25735B098F214397D6DE0D2C ] pciide C:\Windows\system32\drivers\pciide.sys
20:09:34.0361 0x11e8 pciide - ok
20:09:34.0392 0x11e8 [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:09:34.0408 0x11e8 pcmcia - ok
20:09:34.0439 0x11e8 [ 117EB9A45636991A3D88EABC12111F3F, B9EF4AEEA8E319E730CC82FB3CC076E7A4B04729ECBEA33A2F68F595149B31C3 ] PdiPorts C:\Windows\system32\DRIVERS\PdiPorts.sys
20:09:34.0455 0x11e8 PdiPorts - ok
20:09:34.0486 0x11e8 [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:09:34.0580 0x11e8 PEAUTH - ok
20:09:34.0611 0x11e8 [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:09:34.0642 0x11e8 PerfHost - ok
20:09:34.0720 0x11e8 [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla C:\Windows\system32\pla.dll
20:09:34.0814 0x11e8 pla - ok
20:09:34.0860 0x11e8 [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:09:34.0892 0x11e8 PlugPlay - ok
20:09:34.0938 0x11e8 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:09:35.0001 0x11e8 PNRPAutoReg - ok
20:09:35.0048 0x11e8 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:09:35.0094 0x11e8 PNRPsvc - ok
20:09:35.0157 0x11e8 [ 8E2693CFD14188ABA1254F2946F64EEA, BDF41AB6E29712BBB878FA484392E4BC5BBA2EEDDE127346BCCC8099DBD76E5D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:09:35.0204 0x11e8 PolicyAgent - ok
20:09:35.0266 0x11e8 [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:09:35.0297 0x11e8 PptpMiniport - ok
20:09:35.0313 0x11e8 [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:09:35.0344 0x11e8 Processor - ok
20:09:35.0375 0x11e8 [ EF321BEED9CF3DF60EBA29A1D618AD8A, FE277119BCC9938054DFA670844B31E4F66C19EBC6E59E747F99C38F76A433BD ] ProfSvc C:\Windows\system32\profsvc.dll
20:09:35.0406 0x11e8 ProfSvc - ok
20:09:35.0469 0x11e8 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:09:35.0500 0x11e8 ProtectedStorage - ok
20:09:35.0547 0x11e8 [ 1D0A3F565397D08707F3D75B88586645, 92EC9C26CD446E86C37CB2FAF235B97D68D9682DD240563EC0C81000FAD7AF25 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
20:09:35.0578 0x11e8 Ps2 - ok
20:09:35.0594 0x11e8 [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:09:35.0625 0x11e8 PSched - ok
20:09:35.0703 0x11e8 [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:09:35.0765 0x11e8 ql2300 - ok
20:09:35.0796 0x11e8 [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:09:35.0812 0x11e8 ql40xx - ok
20:09:35.0843 0x11e8 [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE C:\Windows\system32\qwave.dll
20:09:35.0874 0x11e8 QWAVE - ok
20:09:35.0890 0x11e8 [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:09:35.0906 0x11e8 QWAVEdrv - ok
20:09:35.0906 0x11e8 [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:09:35.0952 0x11e8 RasAcd - ok
20:09:35.0968 0x11e8 [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto C:\Windows\System32\rasauto.dll
20:09:36.0015 0x11e8 RasAuto - ok
20:09:36.0030 0x11e8 [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:09:36.0062 0x11e8 Rasl2tp - ok
20:09:36.0108 0x11e8 [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan C:\Windows\System32\rasmans.dll
20:09:36.0155 0x11e8 RasMan - ok
20:09:36.0171 0x11e8 [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:09:36.0186 0x11e8 RasPppoe - ok
20:09:36.0218 0x11e8 [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:09:36.0233 0x11e8 RasSstp - ok
20:09:36.0280 0x11e8 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:09:36.0327 0x11e8 rdbss - ok
20:09:36.0327 0x11e8 [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:09:36.0374 0x11e8 RDPCDD - ok
20:09:36.0405 0x11e8 [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:09:36.0467 0x11e8 rdpdr - ok
20:09:36.0467 0x11e8 [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:09:36.0498 0x11e8 RDPENCDD - ok
20:09:36.0545 0x11e8 [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:09:36.0592 0x11e8 RDPWD - ok
20:09:36.0623 0x11e8 [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:09:36.0670 0x11e8 RemoteAccess - ok
20:09:36.0701 0x11e8 [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:09:36.0732 0x11e8 RemoteRegistry - ok
20:09:36.0748 0x11e8 [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator C:\Windows\system32\locator.exe
20:09:36.0779 0x11e8 RpcLocator - ok
20:09:36.0810 0x11e8 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs C:\Windows\System32\rpcss.dll
20:09:36.0873 0x11e8 RpcSs - ok
20:09:36.0888 0x11e8 [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:09:36.0935 0x11e8 rspndr - ok
20:09:36.0966 0x11e8 [ CE2EF8030932B98832EB2F9580C5B1DD, 4C7AFF42505FBCFF4CEA3DAB32D3BF97BED42180974A33D7816180CF7E8FE377 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:09:36.0998 0x11e8 RSUSBSTOR - ok
20:09:37.0076 0x11e8 [ DABD4AB3D049ECA6AFFD61B63A997728, 6F89D5AF4A02F7FC455922533D14486D4ED86E005523302A917E4F12B70B3794 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:09:37.0107 0x11e8 RtkAudioService - ok
20:09:37.0138 0x11e8 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs C:\Windows\system32\lsass.exe
20:09:37.0154 0x11e8 SamSs - ok
20:09:37.0154 0x11e8 SANDRA - ok
20:09:37.0154 0x11e8 SandraAgentSrv - ok
20:09:37.0169 0x11e8 [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:09:37.0185 0x11e8 sbp2port - ok
20:09:37.0200 0x11e8 [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:09:37.0294 0x11e8 SCardSvr - ok
20:09:37.0356 0x11e8 [ C453886F47A10D44A9B4AFCBF349071D, B677FD3C638436CE84EC7087569CEEF912F59D0B800B4C76A5CC72289243C49B ] Schedule C:\Windows\system32\schedsvc.dll
20:09:37.0419 0x11e8 Schedule - ok
20:09:37.0466 0x11e8 [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:09:37.0497 0x11e8 SCPolicySvc - ok
20:09:37.0512 0x11e8 [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:09:37.0528 0x11e8 SDRSVC - ok
20:09:37.0544 0x11e8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:09:37.0559 0x11e8 secdrv - ok
20:09:37.0590 0x11e8 [ 251F63DD48559F73766E1159F94A6BD1, 4B18A3DDA49E6E189F44CBFB6387444EE4556B29F040E93A6798B3ACEAE0C382 ] seclogon C:\Windows\system32\seclogon.dll
20:09:37.0606 0x11e8 seclogon - ok
20:09:37.0606 0x11e8 [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS C:\Windows\system32\sens.dll
20:09:37.0653 0x11e8 SENS - ok
20:09:37.0668 0x11e8 [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:09:37.0731 0x11e8 Serenum - ok
20:09:37.0746 0x11e8 [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial C:\Windows\system32\drivers\serial.sys
20:09:37.0809 0x11e8 Serial - ok
20:09:37.0824 0x11e8 [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:09:37.0856 0x11e8 sermouse - ok
20:09:37.0965 0x11e8 [ 8988D1F32F56B3CD3F0F6C39F8A91A98, FCFA23245AE9AA7EAFE13DD59C123CFC97A5061480831F13A0F6323341927D99 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:09:37.0996 0x11e8 ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
20:09:38.0339 0x11e8 Detect skipped due to KSN trusted
20:09:38.0339 0x11e8 ServiceLayer - ok
20:09:38.0386 0x11e8 [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv C:\Windows\system32\sessenv.dll
20:09:38.0433 0x11e8 SessionEnv - ok
20:09:38.0448 0x11e8 [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:09:38.0480 0x11e8 sffdisk - ok
20:09:38.0495 0x11e8 [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:09:38.0558 0x11e8 sffp_mmc - ok
20:09:38.0573 0x11e8 [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:09:38.0620 0x11e8 sffp_sd - ok
20:09:38.0636 0x11e8 [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:09:38.0698 0x11e8 sfloppy - ok
20:09:38.0745 0x11e8 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:09:38.0807 0x11e8 SharedAccess - ok
20:09:38.0854 0x11e8 [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:09:38.0885 0x11e8 ShellHWDetection - ok
20:09:38.0885 0x11e8 [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:09:38.0916 0x11e8 SiSRaid2 - ok
20:09:38.0932 0x11e8 [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:09:38.0948 0x11e8 SiSRaid4 - ok
20:09:39.0057 0x11e8 [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc C:\Windows\system32\SLsvc.exe
20:09:39.0213 0x11e8 slsvc - ok
20:09:39.0244 0x11e8 [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:09:39.0291 0x11e8 SLUINotify - ok
20:09:39.0306 0x11e8 [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:09:39.0338 0x11e8 Smb - ok
20:09:39.0369 0x11e8 [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:09:39.0384 0x11e8 SNMPTRAP - ok
20:09:39.0431 0x11e8 [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr C:\Windows\system32\drivers\spldr.sys
20:09:39.0447 0x11e8 spldr - ok
20:09:39.0462 0x11e8 [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:09:39.0509 0x11e8 Spooler - ok
20:09:39.0556 0x11e8 [ D8619847EAAF3015B45DE7E473D9BB36, 823D37B348B2FAC762D2EDD89B48185B32E150AE42ADE675D2CBD380A135A11E ] srv C:\Windows\system32\DRIVERS\srv.sys
20:09:39.0634 0x11e8 srv - ok
20:09:39.0650 0x11e8 [ 755A1C892EF4E5EAF7E1495855B1C81B, 4EE31C1E4CF4A9415F143333D6F65C4E47100A5107C0A44164D38F7501226B2A ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:09:39.0665 0x11e8 srv2 - ok
20:09:39.0712 0x11e8 [ 490870B6684EA4AC9B206EBEAC1E4001, E1C39E0BAE611E7F6E1ECA08D386147B5D56D7B5125255552E3B9F21434B7B95 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:09:39.0728 0x11e8 srvnet - ok
20:09:39.0743 0x11e8 [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:09:39.0806 0x11e8 SSDPSRV - ok
20:09:39.0821 0x11e8 [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:09:39.0837 0x11e8 SstpSvc - ok
20:09:39.0884 0x11e8 Steam Client Service - ok
20:09:39.0915 0x11e8 [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc C:\Windows\System32\wiaservc.dll
20:09:39.0962 0x11e8 stisvc - ok
20:09:39.0993 0x11e8 [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:09:40.0008 0x11e8 swenum - ok
20:09:40.0055 0x11e8 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv C:\Windows\System32\swprv.dll
20:09:40.0118 0x11e8 swprv - ok
20:09:40.0133 0x11e8 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:09:40.0149 0x11e8 Symc8xx - ok
20:09:40.0164 0x11e8 [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:09:40.0180 0x11e8 Sym_hi - ok
20:09:40.0180 0x11e8 [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:09:40.0196 0x11e8 Sym_u3 - ok
20:09:40.0242 0x11e8 [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain C:\Windows\system32\sysmain.dll
20:09:40.0320 0x11e8 SysMain - ok
20:09:40.0336 0x11e8 [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
20:09:40.0352 0x11e8 TabletInputService - ok
20:09:40.0383 0x11e8 [ F33FDC72298DF4BF9813A55D21F4EB31, 34AADF5115CA1B275FEF4238B420FE424F0E1D0FFD1606B24A0D594D7305CF1F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
20:09:40.0398 0x11e8 taphss - ok
20:09:40.0430 0x11e8 [ 8B9FD32C71F29DF235A27CE9FF4F19DC, AADDA066557704C311D281347FA5732A9A731A3C8E27B637AFA84D90238B528B ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
20:09:40.0445 0x11e8 taphss6 - ok
20:09:40.0492 0x11e8 [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:09:40.0539 0x11e8 TapiSrv - ok
20:09:40.0539 0x11e8 [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS C:\Windows\System32\tbssvc.dll
20:09:40.0586 0x11e8 TBS - ok
20:09:40.0664 0x11e8 [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:09:40.0742 0x11e8 Tcpip - ok
20:09:40.0820 0x11e8 [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:09:40.0882 0x11e8 Tcpip6 - ok
20:09:40.0929 0x11e8 [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:09:40.0960 0x11e8 tcpipreg - ok
20:09:40.0991 0x11e8 [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:09:41.0022 0x11e8 TDPIPE - ok
20:09:41.0038 0x11e8 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:09:41.0069 0x11e8 TDTCP - ok
20:09:41.0100 0x11e8 [ A47CD175CF72CA5EEDB47C79532A7622, 1F682B002A64D2A8559005651F742DD3AFB50AE5D6DADAF4A75DD08410385FBF ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:09:41.0132 0x11e8 tdx - ok
20:09:41.0163 0x11e8 [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:09:41.0178 0x11e8 TermDD - ok
20:09:41.0225 0x11e8 [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService C:\Windows\System32\termsrv.dll
20:09:41.0272 0x11e8 TermService - ok
20:09:41.0319 0x11e8 [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes C:\Windows\system32\shsvcs.dll
20:09:41.0334 0x11e8 Themes - ok
20:09:41.0366 0x11e8 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER C:\Windows\system32\mmcss.dll
20:09:41.0412 0x11e8 THREADORDER - ok
20:09:41.0428 0x11e8 [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks C:\Windows\System32\trkwks.dll
20:09:41.0459 0x11e8 TrkWks - ok
20:09:41.0506 0x11e8 [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:09:41.0537 0x11e8 TrustedInstaller - ok
20:09:41.0568 0x11e8 [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:09:41.0584 0x11e8 tssecsrv - ok
20:09:41.0600 0x11e8 [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:09:41.0615 0x11e8 tunmp - ok
20:09:41.0631 0x11e8 [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:09:41.0646 0x11e8 tunnel - ok
20:09:41.0662 0x11e8 [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:09:41.0693 0x11e8 uagp35 - ok
20:09:41.0724 0x11e8 [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:09:41.0771 0x11e8 udfs - ok
20:09:41.0787 0x11e8 [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:09:41.0834 0x11e8 UI0Detect - ok
20:09:41.0849 0x11e8 [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:09:41.0865 0x11e8 uliagpkx - ok
20:09:41.0880 0x11e8 [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:09:41.0912 0x11e8 uliahci - ok
20:09:41.0927 0x11e8 [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:09:41.0943 0x11e8 UlSata - ok
20:09:41.0958 0x11e8 [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:09:41.0990 0x11e8 ulsata2 - ok
20:09:42.0021 0x11e8 [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:09:42.0068 0x11e8 umbus - ok
20:09:42.0099 0x11e8 [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost C:\Windows\System32\upnphost.dll
20:09:42.0161 0x11e8 upnphost - ok
20:09:42.0177 0x11e8 [ 69405C5429EF448B319F08042B897FC6, 5AF83C4EAB2C698F4BE18DC355A0F3B3D21C5159C3099780B00A3649238B6115 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
20:09:42.0224 0x11e8 upperdev - ok
20:09:42.0255 0x11e8 [ A565B509000BD3E42A9B93B9FFD40D3D, A22734F2DDAAD743D479D40EA91024F1A16A18D9D6C9FC4F90F3930AD040BFA3 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:09:42.0270 0x11e8 usbaudio - ok
20:09:42.0302 0x11e8 [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:09:42.0333 0x11e8 usbccgp - ok
20:09:42.0364 0x11e8 [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:09:42.0426 0x11e8 usbcir - ok
20:09:42.0442 0x11e8 [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:09:42.0458 0x11e8 usbehci - ok
20:09:42.0489 0x11e8 [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:09:42.0520 0x11e8 usbhub - ok
20:09:42.0536 0x11e8 [ 396041C6EA61202991221AA6A3B16190, 42B2372CF3496F53710C1DEBE49E18B1DAD38F7474A72B0F744DD98EBD3E21E5 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:09:42.0551 0x11e8 usbohci - ok
20:09:42.0567 0x11e8 [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:09:42.0614 0x11e8 usbprint - ok
20:09:42.0629 0x11e8 [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:09:42.0645 0x11e8 usbscan - ok
20:09:42.0676 0x11e8 [ 05AF574F0BC4A29D8AB000FC886E80CC, BB279552CD692F4EC463547C77AFBA906E8F24D844B5131645B0EA70578DEB14 ] usbser C:\Windows\system32\drivers\usbser.sys
20:09:42.0692 0x11e8 usbser - ok
20:09:42.0707 0x11e8 [ 0305D5F7D5751D0AE763250EB78DC5D7, 6F17879B528FC74626F9F9356D36453B935196834919BC0D2612C096EF2ADB74 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
20:09:42.0738 0x11e8 UsbserFilt - ok
20:09:42.0770 0x11e8 [ 2702146BBD36B2AF1514CCC1F914646C, 6943396692E64782F04EA2FE40D3C6B6B5CC4E6DD3CFCB5739015AB509EEB3AE ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:09:42.0785 0x11e8 USBSTOR - ok
20:09:42.0801 0x11e8 [ B2872CBF9F47316ABD0E0C74A1ABA507, E9FB3EEA1D834A035675E22A3224E4E278C4D304F6511822D83250409D62BD3A ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:09:42.0832 0x11e8 usbuhci - ok
20:09:42.0863 0x11e8 [ FC33099877790D51B0927B7039059855, 9EF33DABDBF0EEC60C63137F5FB21B27536B5923F10DF4F66621CC9864EB894E ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:09:42.0910 0x11e8 usbvideo - ok
20:09:42.0941 0x11e8 [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms C:\Windows\System32\uxsms.dll
20:09:42.0972 0x11e8 UxSms - ok
20:09:43.0004 0x11e8 [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds C:\Windows\System32\vds.exe
20:09:43.0066 0x11e8 vds - ok
20:09:43.0082 0x11e8 [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:09:43.0128 0x11e8 vga - ok
20:09:43.0144 0x11e8 [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:09:43.0175 0x11e8 VgaSave - ok
20:09:43.0206 0x11e8 [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide C:\Windows\system32\drivers\viaide.sys
20:09:43.0222 0x11e8 viaide - ok
20:09:43.0222 0x11e8 [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:09:43.0238 0x11e8 volmgr - ok
20:09:43.0284 0x11e8 [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:09:43.0316 0x11e8 volmgrx - ok
20:09:43.0347 0x11e8 [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:09:43.0378 0x11e8 volsnap - ok
20:09:43.0394 0x11e8 [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:09:43.0409 0x11e8 vsmraid - ok
20:09:43.0472 0x11e8 [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS C:\Windows\system32\vssvc.exe
20:09:43.0565 0x11e8 VSS - ok
20:09:43.0628 0x11e8 [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time C:\Windows\system32\w32time.dll
20:09:43.0690 0x11e8 W32Time - ok
20:09:43.0721 0x11e8 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:09:43.0784 0x11e8 WacomPen - ok
20:09:43.0846 0x11e8 [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:09:43.0877 0x11e8 Wanarp - ok
20:09:43.0893 0x11e8 [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:09:43.0924 0x11e8 Wanarpv6 - ok
20:09:44.0064 0x11e8 [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:09:44.0111 0x11e8 wcncsvc - ok
20:09:44.0142 0x11e8 [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:09:44.0174 0x11e8 WcsPlugInService - ok
20:09:44.0205 0x11e8 [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd C:\Windows\system32\drivers\wd.sys
20:09:44.0220 0x11e8 Wd - ok
20:09:44.0267 0x11e8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:09:44.0330 0x11e8 Wdf01000 - ok
20:09:44.0361 0x11e8 [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost C:\Windows\system32\wdi.dll
20:09:44.0423 0x11e8 WdiServiceHost - ok
20:09:44.0439 0x11e8 [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost C:\Windows\system32\wdi.dll
20:09:44.0470 0x11e8 WdiSystemHost - ok
20:09:44.0610 0x11e8 [ 5B8CAF0FE216A57C95E8471A3BE051D6, DB1AB99FCB6B9FD1B22A052DE533D80B3826AD4D0D4890105EF09479FD9A04AB ] WebClient C:\Windows\System32\webclnt.dll
20:09:44.0657 0x11e8 WebClient - ok
20:09:44.0688 0x11e8 [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:09:44.0735 0x11e8 Wecsvc - ok
20:09:44.0751 0x11e8 [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:09:44.0782 0x11e8 wercplsupport - ok
20:09:44.0798 0x11e8 [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc C:\Windows\System32\WerSvc.dll
20:09:44.0829 0x11e8 WerSvc - ok
20:09:44.0860 0x11e8 WinDefend - ok
20:09:44.0860 0x11e8 WinHttpAutoProxySvc - ok
20:09:44.0907 0x11e8 [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:09:44.0954 0x11e8 Winmgmt - ok
20:09:44.0985 0x11e8 WinRing0_1_2_0 - ok
20:09:45.0078 0x11e8 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM C:\Windows\system32\WsmSvc.dll
20:09:45.0203 0x11e8 WinRM - ok
20:09:45.0281 0x11e8 [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc C:\Windows\System32\wlansvc.dll
20:09:45.0344 0x11e8 Wlansvc - ok
20:09:45.0515 0x11e8 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:09:45.0718 0x11e8 wlidsvc - ok
20:09:45.0749 0x11e8 [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:09:45.0796 0x11e8 WmiAcpi - ok
20:09:45.0858 0x11e8 [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:09:45.0890 0x11e8 wmiApSrv - ok
20:09:45.0936 0x11e8 WMPNetworkSvc - ok
20:09:45.0999 0x11e8 [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:09:46.0030 0x11e8 WPCSvc - ok
20:09:46.0046 0x11e8 [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:09:46.0077 0x11e8 WPDBusEnum - ok
20:09:46.0108 0x11e8 [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:09:46.0124 0x11e8 WpdUsb - ok
20:09:46.0248 0x11e8 [ 4278FFA5F9845EA28F828639758AA2A6, 1A0ED05F8F6EF47EE21DFE5C8EB3A25C02C34E0AE260CB6C8FAF53EFEBC53190 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:09:46.0264 0x11e8 WPFFontCache_v0400 - ok
20:09:46.0295 0x11e8 [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:09:46.0342 0x11e8 ws2ifsl - ok
20:09:46.0389 0x11e8 [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc C:\Windows\system32\wscsvc.dll
20:09:46.0404 0x11e8 wscsvc - ok
20:09:46.0404 0x11e8 WSearch - ok
20:09:47.0106 0x11e8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
20:09:47.0247 0x11e8 wuauserv - ok
20:09:47.0294 0x11e8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:09:47.0309 0x11e8 WudfPf - ok
20:09:47.0325 0x11e8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:09:47.0356 0x11e8 WUDFRd - ok
20:09:47.0387 0x11e8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:09:47.0403 0x11e8 wudfsvc - ok
20:09:47.0496 0x11e8 X6va001 - ok
20:09:47.0496 0x11e8 ================ Scan global ===============================
20:09:47.0574 0x11e8 [ 0CF5A36772FCACDA29DE19E3B6843BBB, BB179387AC1F9A20ED6B2418CEF593BE26C2DDD3536B0C9C155F014F40C4BD25 ] C:\Windows\system32\basesrv.dll
20:09:47.0606 0x11e8 [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
20:09:47.0637 0x11e8 [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
20:09:47.0840 0x11e8 [ E8E05C05FBFEBD47FB7DBF7233F15302, 3099E64022E0E5347F7C8EFAD6D6E577157FC6B49386F3203E5438B38AE1EE36 ] C:\Windows\system32\services.exe
20:09:47.0855 0x11e8 [ Global ] - ok
20:09:47.0855 0x11e8 ================ Scan MBR ==================================
20:09:47.0871 0x11e8 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
20:09:50.0117 0x11e8 \Device\Harddisk0\DR0 - ok
20:09:50.0117 0x11e8 ================ Scan VBR ==================================
20:09:50.0117 0x11e8 [ 19D7EEBF226300324EC04FB919517723 ] \Device\Harddisk0\DR0\Partition1
20:09:50.0117 0x11e8 \Device\Harddisk0\DR0\Partition1 - ok
20:09:50.0148 0x11e8 [ 47E08F221A672C56310A42E368D7F0C2 ] \Device\Harddisk0\DR0\Partition2
20:09:50.0195 0x11e8 \Device\Harddisk0\DR0\Partition2 - ok
20:09:50.0195 0x11e8 ================ Scan generic autorun ======================
20:09:50.0944 0x11e8 [ A527E6181F1E58BDF9134DE04AAC2B02, 3E4F7ABDFD468E71A4510A2C193C6EDCE2694175B17C055951BC43AB8E283A20 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:09:51.0630 0x11e8 RTHDVCPL - ok
20:09:51.0755 0x11e8 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:09:51.0833 0x11e8 Adobe ARM - ok
20:09:51.0927 0x11e8 [ 09EB6FF675B6B4D343679F340AAC1B6A, FDCEDC5DD58FE951EF454D0DE44723551060E2000DA688973536A29036654BD2 ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe
20:09:51.0958 0x11e8 AvgUi - ok
20:09:51.0974 0x11e8 [ 09EB6FF675B6B4D343679F340AAC1B6A, FDCEDC5DD58FE951EF454D0DE44723551060E2000DA688973536A29036654BD2 ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe
20:09:51.0989 0x11e8 AVG_UI - ok
20:09:52.0052 0x11e8 [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehTray.exe
20:09:52.0083 0x11e8 ehTray.exe - ok
20:09:52.0176 0x11e8 [ FE9E6388A039441098EB09C070EA5049, 3888822AF992F3BE27E9F973E31EBEE5302901E4A8260A9A6CF6B2BB2A12D173 ] C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
20:09:52.0223 0x11e8 Google Update - ok
20:09:52.0223 0x11e8 Waiting for KSN requests completion. In queue: 6
20:09:53.0253 0x11e8 AV detected via SS2: AVG AntiVirus, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( ), 0x41000 ( enabled : updated )
20:09:53.0268 0x11e8 Win FW state via NFP2: enabled ( trusted )
20:09:53.0440 0x11e8 ============================================================
20:09:53.0440 0x11e8 Scan finished
20:09:53.0440 0x11e8 ============================================================
20:09:53.0440 0x1500 Detected object count: 1
20:09:53.0440 0x1500 Actual detected object count: 1
20:10:36.0584 0x1500 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
20:10:36.0584 0x1500 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:10:52.0826 0x10bc Deinitialize success
|
|
27.12.2016, 21:37
| #5 |
| /// Malwareteam | Windows Vista: AVG findet einen Rootkit hast du vielleicht noch paar Infos zu der angeblichen Rootkit Meldung von deinem Virenschutz? Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Lade dir folgendes Programm herunter und installiere es:  Malwarebytes Anti-Malware
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
27.12.2016, 23:31
| #6 |
| | Windows Vista: AVG findet einen Rootkit Vielen Dank für die zügigen Rückmeldungen. AVG sagt mir folgendes zum Befund: Objektname: %3Cunknown%3E Schweregrad: Mittel Status: Ungelöst Identifiziert durch: Anti - Rootkit Hier die gewünschten Logfiles ( Malwarebytes fand nichts, deshalb poste ich den Logfile von heute Abend; ich war etwas voreilig und habe Malwarebytes bereits nach dem AVG Scan laufen lassen, sorry vielmals dafür (hatte das Programm aber auch schon vorher auf meinem PC). Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 27/12/2016 um 21:48:56
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-26.3 [Lokal]
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (X64)
# Benutzername : Suiolirim - SUIOLIRIM
# Gestartet von : C:\Users\Suiolirim\Desktop\Desktop\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[#] Ordner mit Neustart gelöscht: C:\ProgramData\be920000-1613-447b-a9af-316ead5cb3af
[#] Ordner mit Neustart gelöscht: C:\Users\Suiolirim\AppData\Roaming\ProgSense
[#] Ordner mit Neustart gelöscht: C:\Users\Suiolirim\AppData\Roaming\Uniblue
[#] Ordner mit Neustart gelöscht: C:\Users\Suiolirim\AppData\Roaming\Auslogics
[#] Ordner mit Neustart gelöscht: C:\ProgramData\SecTaskMan
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Uniblue
[#] Ordner mit Neustart gelöscht: C:\ProgramData\ICQ\ICQNewTab
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Auslogics
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\winamp-search.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\HssIE.HssIEApp
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSuiteContactsView
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\HssIE.HssIEApp
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\PCSuiteContactsView
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{528B5866-2BA6-42CE-8F74-39FB23B49767}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\ProgSense
[-] Schlüssel gelöscht: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Auslogics
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ProgSense
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Auslogics
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Trymedia Systems
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Uniblue
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Auslogics
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\ProgSense
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Auslogics
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\facemoods
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "extensions.snipit.searchAssistEnabled" - true
[-] Firefox Einstellungen bereinigt: "weboftrust.search.ask.display" - "Ask.com Web Search"
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [5093 Bytes] - [27/12/2016 21:48:56]
C:\AdwCleaner\AdwCleaner[R0].txt - [47395 Bytes] - [29/10/2013 21:26:26]
C:\AdwCleaner\AdwCleaner[R1].txt - [1102 Bytes] - [31/10/2013 10:30:51]
C:\AdwCleaner\AdwCleaner[S0] 1.txt - [46051 Bytes] - [30/10/2013 15:48:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [46011 Bytes] - [29/10/2013 21:28:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [1164 Bytes] - [31/10/2013 10:35:08]
C:\AdwCleaner\AdwCleaner[S2].txt - [5239 Bytes] - [27/12/2016 21:48:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5609 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 27.12.2016 Suchlaufzeit: 18:20:20 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.12.27.04 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x64 Dateisystem: NTFS Benutzer: Suiolirim Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 370108 Abgelaufene Zeit: 26 Min., 15 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.AuslogicsRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\AUSLOGICS\Registry Cleaner, In Quarantäne, [9ab6618b6f2bd3635c7d8e1c887821df], Registrierungswerte: 2 PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3283DAF6-2824-4798-88EC-1E4076B1728F}, v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|Edge=FALSE|, In Quarantäne, [ff516785207a1323b971dea53cc73ac6] PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{4DF6379A-6331-45EA-AC01-8F8FE68CFFAD}, v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|Edge=FALSE|, In Quarantäne, [c18f7c704753ec4a909ab1d29f642fd1] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 6 PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster, Löschen bei Neustart, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\_temp, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.AuslogicsDiskDefrag, C:\Users\Suiolirim\AppData\Roaming\Auslogics\Disk Defrag, Löschen bei Neustart, [1f31effd6535ff377cc2218bae52a060], PUP.Optional.AuslogicsDiskDefrag, C:\Users\Suiolirim\AppData\Roaming\Auslogics\Disk Defrag\Reports, In Quarantäne, [1f31effd6535ff377cc2218bae52a060], Dateien: 89 PUP.Optional.DownloadSponsor, C:\Users\Suiolirim\AppData\Local\temp\DLeVtqlO.exe.part, In Quarantäne, [e46c727a66340630b8fc683d2ad6b34d], PUP.Optional.DownloadSponsor, C:\Users\Suiolirim\Downloads\gmer-2.2.19882 - CHIP-Installer.exe, In Quarantäne, [bf91effdbae0de589e168e1702fe2ed2], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-11.XML, In Quarantäne, [cf8122cae5b5f244ed8fee5542c1ae52], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-12.XML, In Quarantäne, [bb957676ccce8ea82755cb7825de946c], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-13.XML, In Quarantäne, [9cb49c50e6b4f93d97e53c07659eb54b], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-14.XML, In Quarantäne, [a5ab8666bcde51e55923e162e81bfb05], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-15.XML, In Quarantäne, [68e8b23ad7c395a1720ae75c19ea57a9], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-16.XML, In Quarantäne, [a6aa6d7f4654df577a0272d162a1fc04], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-17.XML, In Quarantäne, [68e8c02c7327f541126ab0937f84db25], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-18.XML, In Quarantäne, [cd83d21a9307dd59c8b4d073b74cd828], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-19.XML, In Quarantäne, [f95779734a501026067692b1db28fc04], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-20.XML, In Quarantäne, [2a266f7df2a856e01f5d0b385da6936d], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-21.XML, In Quarantäne, [3917d5175149082ed5a71132a55e39c7], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-22.XML, In Quarantäne, [8bc528c4049680b6e09c84bf7d8622de], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-23.XML, In Quarantäne, [014fa4483763b4822f4d7cc77f843ec2], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-24.XML, In Quarantäne, [b19f10dc25752c0a91eb1132689bce32], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-25.XML, In Quarantäne, [c888ae3eb6e4be7887f566dd51b2a55b], PUP.Optional.ICQPlugin, C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\searchplugins\ICQPLUGIN-26.XML, In Quarantäne, [9bb56a829efc043298e4430054af7789], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\error.log, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\last_scan.dat, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\settings.dat, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100407.205547.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100515.212351.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100329.193627.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100329.193922.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100329.203541.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100330.121222.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100330.182954.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100330.214146.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100331.142626.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100402.201646.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100403.163638.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100404.195622.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100405.114151.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100406.204205.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100408.202325.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100409.201909.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100410.155847.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100412.202409.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100417.214725.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100417.215551.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100421.202300.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100425.200820.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100429.201808.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100430.201802.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100509.201229.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100526.171208.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100530.202624.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100604.123344.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100610.123104.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100615.103217.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100623.114854.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\backup\20100701.123500.zip, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100403-163634_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100329-193621_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100329-193900_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100329-203536_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100330-121155_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100330-182952_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100330-214144_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100331-142337_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100402-201522_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100404-195620_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100405-114149_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100406-204202_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100407-203835_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100408-202321_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100409-201254_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100410-155844_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100412-202407_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100417-214723_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100417-215547_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100421-202252_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100425-200818_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100429-201756_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100430-201759_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100509-201228_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100515-212350_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100526-171206_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100530-202623_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\100604-123340_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\20100610-123101_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\20100615-103214_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\20100623-114852_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\20100701-123458_repair.xml, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\history\latest_scan_results.html, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.Uniblue, C:\Users\Suiolirim\AppData\Roaming\Uniblue\RegistryBooster\_temp\ub.exe, In Quarantäne, [c18fa943bfdb082edd70aedf40c01be5], PUP.Optional.AuslogicsDiskDefrag, C:\Users\Suiolirim\AppData\Roaming\Auslogics\Disk Defrag\Reports\Disk_Defrag_Report.html, In Quarantäne, [1f31effd6535ff377cc2218bae52a060], PUP.Optional.AuslogicsDiskDefrag, C:\Users\Suiolirim\AppData\Roaming\Auslogics\Disk Defrag\Reports\Disk_Defrag_Report.xml, In Quarantäne, [1f31effd6535ff377cc2218bae52a060], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Geändert von Suiolirim (27.12.2016 um 23:47 Uhr) |
|
27.12.2016, 23:39
| #7 |
| | Windows Vista: AVG findet einen RootkitCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Suiolirim (Administrator) auf SUIOLIRIM (27-12-2016 22:56:19)
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Geladene Profile: Suiolirim (Verfügbare Profile: Suiolirim)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\SysWOW64\conime.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\UninstMon\PubMonitor.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Run: [Google Update] => C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-24] (Google Inc.)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
GroupPolicy\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9CA86A35-94EC-4BED-A5DB-38C113AD5714}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{A615081A-DB1C-42C8-8B6A-0E4FEC46738B}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll [2009-10-18] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-18] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Browsing Protection Class -> {C6867EB7-8350-4856-877F-93CF8AE3DC9C} -> Keine Datei
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default [2016-12-27]
FF NetworkProxy: Mozilla\Firefox\Profiles\bysl5o0l.default -> no_proxies_on", ""
FF Extension: (Grooveshark Unlocker) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\groovesharkUnlocker@overlord1337.xpi [2016-12-26]
FF Extension: (Distrust) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\trustme@gness.com [2009-04-14] [ist nicht signiert]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-29] [ist nicht signiert]
FF Extension: (NoScript) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-25]
FF Extension: (BugMeNot Plugin) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2016-12-25]
FF Extension: (WOT) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-05-17] [ist nicht signiert]
FF Extension: (Fasterfox) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a99} [2009-04-14] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-25]
FF Extension: (Greasemonkey) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-12-25]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2016-12-24] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-12-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (Eset Plugin) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-07-06] [ist nicht signiert]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-14] (Google)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-02-14] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Limited)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-02-14] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npigl.dll [2007-02-12] (Indiepath Ltd)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll [2009-07-03] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-01-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\49.0.2623.112\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (igLoader) - C:\Program Files (x86)\Mozilla Firefox\plugins\npigl.dll (Indiepath Ltd)
CHR Plugin: (ijji Auto Install Plugin for Mozilla) - C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll (NHN USA Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Google Updater) - C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\Suiolirim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Keine Datei
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Keine Datei
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\Default [2016-12-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-24]
StartMenuInternet: Google Chrome - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [69632 2008-07-14] () [Datei ist nicht signiert]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert]
S2 gupdate1c986c7e6048a9a; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-08] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3404560 2010-01-04] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
S2 F-Secure Gatekeeper Handler Starter; "C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe" [X]
S3 FSDFWD; "C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe" [X]
S2 FSMA; "C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE" [X]
S3 FSORSPClient; "C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe" [X]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S1 Beep; kein ImagePath
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-09-03] (Brother Industries Ltd.)
R1 FSES; C:\Windows\System32\drivers\fses.sys [46664 2011-04-30] (F-Secure Corporation)
R1 FSFW; C:\Windows\System32\drivers\fsdfw.sys [95784 2011-04-30] (F-Secure Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42248 2012-11-15] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-24] (REALiX(tm))
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89432 2012-08-13] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2012-11-15] (Kaspersky Lab)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-10-06] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-10-06] (Nokia)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4774 2012-02-02] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-15] (Anchorfree Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2009-10-06] (Nokia)
U0 aswVmm; kein ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 dump_wmimmc; \??\C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [X]
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Corporate Edition\kerneld.amd64 [X]
S3 F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [X]
S1 F-Secure HIPS; \??\C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [X]
S1 fsvista; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\Sandra.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\SUIOLIRIM\AppData\Local\Temp\001408.tmp [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 21:40 - 2016-12-27 21:41 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-12-27 21:10 - 2016-12-27 21:10 - 00000000 ____H C:\Windows\SwSys2.bmp
2016-12-27 21:10 - 2016-12-27 21:10 - 00000000 ____H C:\Windows\SwSys1.bmp
2016-12-27 20:07 - 2016-12-27 20:10 - 00192922 _____ C:\TDSSKiller.3.1.0.12_27.12.2016_20.07.16_log.txt
2016-12-27 01:11 - 2016-12-27 01:33 - 00000000 ____D C:\Users\TEMP
2016-12-27 00:32 - 2016-10-07 17:12 - 02528768 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-27 00:32 - 2016-10-07 16:52 - 01544704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-27 00:27 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-12-27 00:27 - 2014-12-08 02:37 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-12-27 00:14 - 2016-03-10 18:07 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-27 00:14 - 2016-03-10 17:43 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2VDEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ADEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-12-27 00:09 - 2015-12-05 18:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-12-27 00:09 - 2015-12-05 17:41 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01539072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01127424 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01090560 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-12-27 00:09 - 2015-12-05 17:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00819200 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 01571328 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-12-27 00:09 - 2015-12-05 17:39 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-12-27 00:09 - 2015-12-05 17:22 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-12-27 00:09 - 2013-10-30 05:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-12-27 00:09 - 2013-10-30 03:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-12-27 00:06 - 2016-11-08 18:09 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-27 00:06 - 2016-11-08 18:02 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-27 00:04 - 2015-11-05 10:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-12-27 00:04 - 2015-11-05 09:55 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-12-27 00:04 - 2015-11-05 08:54 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-12-26 23:59 - 2016-09-10 17:44 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-12-26 23:59 - 2016-09-10 17:27 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-12-26 23:51 - 2015-07-10 20:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-12-26 23:51 - 2015-07-10 20:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-12-26 23:39 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-12-26 23:39 - 2015-11-02 17:44 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-12-26 23:38 - 2015-09-02 22:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-12-26 23:38 - 2015-09-02 22:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-12-26 23:30 - 2016-03-18 19:15 - 01915392 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-12-26 23:30 - 2016-03-18 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-26 23:30 - 2016-03-18 18:10 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-12-26 23:30 - 2016-03-18 18:10 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-26 23:22 - 2016-10-04 15:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-26 23:17 - 2016-11-09 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-26 23:17 - 2016-11-09 16:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-26 23:15 - 2016-10-07 17:19 - 04692712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-26 23:15 - 2016-08-12 20:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-26 23:15 - 2016-03-22 00:00 - 01589168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-26 23:15 - 2016-03-22 00:00 - 01171488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-26 23:11 - 2016-04-09 22:17 - 00975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-12-26 23:11 - 2016-04-09 21:48 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-12-26 23:09 - 2016-03-18 19:15 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-12-26 23:09 - 2016-03-18 19:15 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-12-26 23:09 - 2016-03-18 18:10 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-12-26 23:06 - 2016-11-11 18:14 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-26 23:06 - 2016-11-11 17:59 - 00648704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-26 23:01 - 2016-10-27 17:16 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-26 23:01 - 2016-10-27 17:03 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-26 22:59 - 2016-03-04 17:52 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-12-26 22:59 - 2016-03-04 17:40 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-12-26 22:57 - 2015-05-31 09:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-12-26 22:57 - 2015-05-31 08:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-12-26 22:55 - 2015-10-10 16:48 - 00736192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-12-26 22:53 - 2016-06-25 17:04 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-12-26 22:53 - 2016-06-25 17:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-26 22:53 - 2016-06-25 17:04 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-12-26 22:53 - 2016-06-25 17:03 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-12-26 22:53 - 2016-06-25 17:03 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-12-26 22:53 - 2016-06-25 16:09 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-12-26 22:53 - 2016-06-25 16:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-12-26 22:53 - 2016-06-25 15:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-12-26 22:43 - 2016-03-17 20:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-12-26 22:43 - 2016-03-17 18:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-12-26 22:43 - 2016-03-17 18:45 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-12-26 22:43 - 2016-02-06 03:12 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-26 22:43 - 2016-02-06 03:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-26 22:43 - 2016-02-06 03:01 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-26 22:43 - 2016-02-06 01:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-26 22:42 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-12-26 22:42 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-12-26 22:42 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-12-26 22:42 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-12-26 22:42 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-12-26 22:42 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-12-26 22:39 - 2015-05-04 23:51 - 10627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-12-26 22:39 - 2015-05-04 23:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-12-26 22:39 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-12-26 22:39 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-12-26 22:39 - 2015-05-04 23:33 - 13427712 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-12-26 22:39 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-12-26 22:39 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-12-26 22:39 - 2015-05-04 23:32 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-12-26 22:39 - 2015-05-04 22:39 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-12-26 22:39 - 2015-05-04 22:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-12-26 22:37 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-12-26 22:37 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-12-26 22:37 - 2015-07-09 15:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-12-26 22:31 - 2015-07-18 16:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-12-26 22:26 - 2016-10-17 23:20 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-26 22:26 - 2016-10-17 23:20 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 01019904 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-26 22:26 - 2016-10-17 23:19 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-26 22:26 - 2016-10-17 23:19 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:05 - 00807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-26 22:26 - 2016-10-17 23:04 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-12-26 22:26 - 2016-10-17 23:04 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-12-26 22:26 - 2016-10-17 23:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-26 22:26 - 2016-10-17 23:04 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-12-26 22:26 - 2016-10-07 17:13 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-26 22:26 - 2016-10-07 17:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-26 22:26 - 2016-10-07 16:52 - 00573952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-26 22:26 - 2016-10-07 16:51 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-26 22:24 - 2016-02-06 03:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-12-26 22:24 - 2014-10-10 02:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-12-26 22:24 - 2014-10-10 02:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-26 22:24 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-26 22:24 - 2014-10-10 00:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-26 22:24 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-26 22:22 - 2016-08-03 17:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-12-26 22:22 - 2016-08-03 16:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-12-26 22:22 - 2016-08-03 15:41 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-12-26 22:22 - 2016-08-03 15:40 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-12-26 22:22 - 2016-08-03 15:40 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-12-26 22:20 - 2016-11-16 18:20 - 00364776 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-26 22:20 - 2016-05-10 16:55 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-12-26 22:20 - 2016-05-10 16:54 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-12-26 22:20 - 2016-05-10 16:54 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-12-26 22:20 - 2016-05-10 15:55 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-12-26 22:20 - 2016-05-10 15:55 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-12-26 22:20 - 2016-05-10 15:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-12-26 22:16 - 2014-06-06 05:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-12-26 22:16 - 2014-06-06 05:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-12-26 22:12 - 2016-12-26 22:12 - 00541952 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuMSI7623.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 00013972 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuUI7623.txt
2016-12-26 22:12 - 2015-07-29 01:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-26 22:12 - 2015-07-29 01:31 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-26 22:12 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-12-26 22:12 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-12-26 22:12 - 2014-10-03 02:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-12-26 22:12 - 2014-10-03 02:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-12-26 22:12 - 2014-10-03 02:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-12-26 22:12 - 2014-10-03 02:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-12-26 22:12 - 2014-10-03 02:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-12-26 22:12 - 2014-10-03 00:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2016-12-26 22:11 - 2016-12-26 22:12 - 01303922 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64MSI7583.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 00014024 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64UI7583.txt
2016-12-26 22:09 - 2015-04-24 16:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-12-26 22:09 - 2015-04-24 16:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-12-26 22:07 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-12-26 22:07 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-12-26 22:07 - 2015-11-10 17:40 - 01683968 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-12-26 22:07 - 2015-11-10 17:40 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-12-26 22:07 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-12-26 22:07 - 2015-01-29 02:33 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-12-26 22:06 - 2015-03-05 03:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-12-26 22:06 - 2015-03-05 02:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-12-26 22:06 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-12-26 22:06 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-12-26 22:06 - 2014-12-06 03:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-12-26 22:06 - 2014-12-06 03:54 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-12-26 22:06 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-12-26 22:06 - 2014-08-27 01:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-12-26 22:05 - 2015-07-21 16:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2016-12-26 22:05 - 2015-07-21 16:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-12-26 22:05 - 2015-07-21 16:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-12-26 22:05 - 2015-07-21 16:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2016-12-26 22:05 - 2015-04-11 00:33 - 00384512 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-12-26 22:05 - 2015-04-11 00:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\services.exe
2016-12-26 22:05 - 2014-12-06 03:54 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-12-26 22:04 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-12-26 22:04 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-12-26 22:04 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-12-26 22:04 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-12-26 22:04 - 2015-11-13 16:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-12-26 22:03 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-12-26 22:03 - 2014-10-24 01:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdohlp.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-12-26 22:02 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbeio.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasads.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasdatastore.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-12-26 22:02 - 2016-01-30 03:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-12-26 22:02 - 2016-01-30 03:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-12-26 22:02 - 2016-01-30 03:43 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-12-26 22:02 - 2016-01-30 03:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-12-26 22:02 - 2016-01-30 03:43 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-12-26 22:02 - 2016-01-30 03:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-12-26 22:02 - 2016-01-30 02:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-12-26 22:02 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iashost.exe
2016-12-26 22:02 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-12-26 22:01 - 2015-08-05 16:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-12-26 22:00 - 2016-11-20 17:57 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-26 22:00 - 2016-11-20 15:16 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-26 22:00 - 2016-11-20 15:13 - 00521448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-26 22:00 - 2016-11-20 15:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-26 22:00 - 2016-10-08 17:08 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-26 22:00 - 2016-10-08 17:07 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-26 22:00 - 2016-10-08 16:51 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-26 22:00 - 2016-08-10 17:12 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-26 22:00 - 2016-08-10 17:12 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-26 22:00 - 2016-08-10 16:44 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-26 22:00 - 2016-08-10 16:43 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-26 22:00 - 2016-05-14 16:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-26 22:00 - 2016-05-14 16:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-26 22:00 - 2016-03-18 19:15 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-26 22:00 - 2016-02-06 03:12 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-26 22:00 - 2016-02-06 03:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-26 22:00 - 2016-02-06 03:01 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-26 22:00 - 2016-02-06 02:59 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-26 22:00 - 2015-06-27 15:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-26 22:00 - 2015-06-27 15:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-26 22:00 - 2015-01-09 01:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-26 21:59 - 2016-11-08 18:10 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-26 21:59 - 2016-11-08 18:01 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-26 21:59 - 2015-10-13 15:45 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-12-26 21:59 - 2015-10-13 15:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-12-26 21:59 - 2015-06-17 16:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-26 21:59 - 2015-06-17 16:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-26 21:59 - 2014-06-02 22:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-26 21:59 - 2014-06-02 22:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-26 21:59 - 2014-06-02 22:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-26 21:59 - 2014-06-02 21:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-26 21:59 - 2014-06-02 11:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-26 21:59 - 2014-06-02 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-26 21:56 - 2016-10-17 23:19 - 00975872 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-26 21:56 - 2016-10-17 23:04 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-26 21:56 - 2016-09-15 01:23 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-26 21:56 - 2016-09-15 01:01 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-12-26 21:56 - 2016-04-09 21:53 - 00901352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-12-26 21:56 - 2016-04-09 21:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00726016 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-12-26 21:55 - 2016-05-12 16:56 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-12-26 21:55 - 2016-05-12 16:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-12-26 21:55 - 2016-05-12 16:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-12-26 21:55 - 2016-05-12 16:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-12-26 21:55 - 2016-05-12 16:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-12-26 21:53 - 2016-02-02 16:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-12-26 21:49 - 2016-11-20 18:12 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-26 21:49 - 2016-11-20 17:55 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-26 21:49 - 2015-07-01 16:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-12-26 21:49 - 2015-07-01 16:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-12-26 21:17 - 2014-01-30 11:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-12-26 21:17 - 2014-01-30 08:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-12-26 21:17 - 2013-10-11 05:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-12-26 21:17 - 2013-10-11 05:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-12-26 21:17 - 2013-10-11 03:29 - 00217074 _____ C:\Windows\system32\WFP.TMF
2016-12-26 21:17 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-12-26 21:16 - 2016-11-09 01:44 - 18807296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-26 21:16 - 2016-11-09 01:41 - 02351104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-26 21:16 - 2016-11-09 01:36 - 10941952 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 01392640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-26 21:16 - 2016-11-09 01:34 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-26 21:16 - 2016-11-09 01:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-26 21:16 - 2016-11-09 01:33 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-26 21:16 - 2016-11-09 01:33 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-12-26 21:16 - 2016-11-09 01:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-12-26 21:16 - 2016-11-09 01:06 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-26 21:16 - 2016-11-09 01:05 - 12841472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-26 21:16 - 2016-11-09 01:03 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-26 21:16 - 2016-11-09 01:02 - 09756160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-26 21:16 - 2016-11-09 01:01 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-26 21:16 - 2016-11-09 01:01 - 01129984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 01805312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-26 21:16 - 2016-11-09 01:00 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-26 21:16 - 2016-11-09 01:00 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-26 21:16 - 2016-11-09 00:59 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-12-26 21:16 - 2016-11-09 00:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-12-26 21:16 - 2014-04-05 10:10 - 01422784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-12-26 21:16 - 2013-10-03 16:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-26 21:16 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-26 21:15 - 2013-10-22 10:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-12-26 21:15 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-12-26 21:15 - 2013-10-11 05:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-12-26 21:15 - 2013-10-11 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-12-26 21:15 - 2013-10-11 03:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-12-26 21:15 - 2013-10-11 03:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-12-26 21:15 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-12-26 21:15 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-12-26 21:15 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2016-12-26 21:15 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-12-26 21:15 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-12-26 18:22 - 2016-11-08 16:49 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-26 17:46 - 2016-09-08 15:39 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-12-26 17:46 - 2016-09-08 15:39 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-12-26 17:36 - 2016-12-26 17:36 - 00001628 _____ C:\Users\Suiolirim\Downloads\sg_backup_2016-12-26-1736.spg
2016-12-25 17:11 - 2016-12-25 17:11 - 00383208 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01561600 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00486912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-12-25 17:07 - 2016-12-25 17:07 - 00000041 _____ C:\Windows\woubak-pwrscheme-temp.txt
2016-12-25 17:07 - 2016-12-25 17:07 - 00000041 _____ C:\Windows\woubak-pwrscheme-act.txt
2016-12-24 20:29 - 2016-12-27 22:11 - 00002894 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Suiolirim)
2016-12-24 20:29 - 2016-12-24 20:31 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\IObit
2016-12-24 20:29 - 2016-12-24 20:30 - 00002083 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-12-24 20:29 - 2016-12-24 20:29 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-12-24 20:29 - 2016-12-24 20:29 - 00003262 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\Windows\IObit
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\ProgramData\ProductData
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-12-24 20:28 - 2016-12-25 12:53 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\IObit
2016-12-24 20:03 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\AVG
2016-12-24 20:02 - 2016-12-24 20:02 - 00000805 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-12-24 20:02 - 2016-12-24 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-24 19:59 - 2016-12-24 19:59 - 00000000 ___HD C:\$AVG
2016-12-24 19:57 - 2016-12-27 22:57 - 00000000 ____D C:\ProgramData\MFAData
2016-12-24 19:57 - 2016-12-24 19:57 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\MFAData
2016-12-24 19:52 - 2016-12-27 22:39 - 00003564 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-24 19:52 - 2016-12-24 19:57 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-24 19:52 - 2016-12-24 19:52 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\CEF
2016-12-24 19:50 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Avg
2016-12-24 19:50 - 2016-12-24 19:59 - 00000000 ____D C:\ProgramData\Avg
2016-12-24 19:50 - 2016-12-24 19:56 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\AvgSetupLog
2016-12-24 18:53 - 2016-12-24 18:53 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000UA
2016-12-24 18:53 - 2016-12-24 18:53 - 00003368 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000Core
2016-12-24 17:57 - 2016-12-27 21:38 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Mozilla
2016-12-24 17:56 - 2016-12-24 18:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-24 17:24 - 2016-12-27 21:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-24 17:24 - 2016-12-24 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-12-24 17:24 - 2016-12-24 17:24 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-12-24 17:24 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-24 17:24 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-01 02:18 - 2016-12-01 02:18 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-30 08:04 - 2016-11-30 08:04 - 00298240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 22:56 - 2013-10-30 09:29 - 00000000 ____D C:\FRST
2016-12-27 21:51 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-27 21:51 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-27 21:51 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-27 21:50 - 2010-02-11 14:51 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-12-27 21:49 - 2006-11-02 16:42 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-27 21:48 - 2013-10-29 21:26 - 00000000 ____D C:\AdwCleaner
2016-12-27 21:48 - 2009-04-05 13:25 - 00000680 __RSH C:\Users\Suiolirim\ntuser.pol
2016-12-27 21:48 - 2009-02-02 15:45 - 00000000 ____D C:\Users\Suiolirim
2016-12-27 21:41 - 2009-03-01 14:20 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-27 21:11 - 2011-09-19 15:13 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-27 19:10 - 2011-03-20 18:28 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\Auslogics
2016-12-27 18:32 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\tracing
2016-12-27 13:39 - 2009-02-04 13:54 - 00001064 _____ C:\Windows\Tasks\Google Software Updater.job
2016-12-27 13:24 - 2013-10-29 21:41 - 00000000 ____D C:\Windows\ERUNT
2016-12-27 13:15 - 2008-09-13 06:16 - 00696342 _____ C:\Windows\system32\perfh007.dat
2016-12-27 13:15 - 2008-09-13 06:16 - 00156498 _____ C:\Windows\system32\perfc007.dat
2016-12-27 13:15 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\inf
2016-12-27 13:15 - 2006-11-02 13:46 - 01632730 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-27 12:48 - 2009-07-06 19:46 - 01608186 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-27 01:32 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2016-12-27 01:07 - 2009-02-02 17:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-27 00:37 - 2006-11-02 16:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-12-27 00:37 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-12-27 00:37 - 2006-11-02 14:33 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-27 00:36 - 2013-10-31 16:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-12-27 00:36 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-12-26 23:29 - 2013-07-15 18:55 - 00000000 ____D C:\Windows\system32\MRT
2016-12-26 23:23 - 2006-11-02 13:35 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-12-26 22:24 - 2010-06-05 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-26 18:26 - 2006-11-02 16:21 - 00463984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-25 15:26 - 2013-06-10 15:07 - 00000000 ____D C:\Program Files (x86)\DevPro
2016-12-25 15:12 - 2010-08-06 15:08 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-12-25 15:08 - 2008-09-12 20:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-25 15:03 - 2011-05-08 15:32 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Unity
2016-12-25 15:02 - 2009-02-15 14:57 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Macromedia
2016-12-25 15:02 - 2009-02-02 16:04 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Adobe
2016-12-25 15:02 - 2009-02-02 16:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-12-25 15:02 - 2008-09-12 20:56 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-24 20:29 - 2011-03-02 13:42 - 00000000 ____D C:\ProgramData\IObit
2016-12-24 20:29 - 2011-03-02 13:41 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-24 20:02 - 2011-04-22 15:49 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\TuneUp Software
2016-12-24 19:50 - 2009-05-23 09:33 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Downloaded Installations
2016-12-24 18:58 - 2013-02-08 16:54 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-24 18:58 - 2013-02-08 16:54 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-24 18:52 - 2013-02-28 15:51 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148260198865912
2016-12-24 18:52 - 2013-02-08 16:55 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148260198784910
2016-12-24 18:51 - 2013-02-08 16:55 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148260198497907
2016-12-24 18:40 - 2012-04-25 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-24 17:59 - 2011-10-08 14:11 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-24 17:46 - 2009-02-02 16:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-24 17:40 - 2010-05-26 13:15 - 00002059 _____ C:\Users\Suiolirim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-24 17:33 - 2009-02-02 15:46 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Adobe
2016-12-24 17:24 - 2013-01-06 19:32 - 00000903 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-24 17:24 - 2013-01-06 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-12-24 17:24 - 2009-05-20 15:05 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\Malwarebytes
2016-12-24 17:24 - 2009-05-20 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-24 17:19 - 2011-06-15 13:27 - 00002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-12-24 17:18 - 2009-06-30 14:25 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-24 17:18 - 2009-06-30 14:25 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-03-08 16:33 - 2013-03-08 16:33 - 0000191 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFX5SA.log
2011-03-13 12:04 - 2011-03-13 12:22 - 0000041 _____ () C:\Users\Suiolirim\AppData\Roaming\TheHunterSettings_live.cfg
2011-02-21 12:25 - 2015-04-06 15:39 - 0000254 _____ () C:\Users\Suiolirim\AppData\Roaming\wklnhst.dat
2009-03-08 16:26 - 2010-02-27 16:31 - 0001100 _____ () C:\Users\Suiolirim\AppData\Local\d3d8caps.dat
2009-05-09 19:07 - 2013-05-16 12:56 - 0001356 _____ () C:\Users\Suiolirim\AppData\Local\d3d9caps.dat
2009-02-22 20:10 - 2010-04-14 12:51 - 0001460 _____ () C:\Users\Suiolirim\AppData\Local\d3d9caps64.dat
2009-02-02 19:46 - 2009-12-20 19:22 - 0007168 _____ () C:\Users\Suiolirim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-27 22:02 - 2015-04-09 13:40 - 0348394 _____ () C:\Users\Suiolirim\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2010-03-27 22:02 - 2010-03-27 22:02 - 0000002 _____ () C:\Users\Suiolirim\AppData\Local\dd_dotnetfx35error.txt
2010-03-27 22:02 - 2015-04-09 13:40 - 0240504 _____ () C:\Users\Suiolirim\AppData\Local\dd_dotnetfx35install.txt
2009-06-09 13:57 - 2009-06-09 13:57 - 0402640 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI0710.txt
2013-02-08 16:54 - 2013-02-08 16:54 - 0364352 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI08CA.txt
2009-06-09 14:00 - 2009-06-09 14:00 - 0415660 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI08CC.txt
2010-04-02 18:56 - 2010-04-02 18:58 - 0418332 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI110D.txt
2010-04-02 18:58 - 2010-04-02 18:58 - 0407074 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI1295.txt
2010-03-30 13:17 - 2010-03-30 13:17 - 0442364 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI2358.txt
2011-09-16 15:05 - 2011-09-16 15:05 - 0512626 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI24ED.txt
2011-05-18 11:52 - 2011-05-18 11:52 - 0361952 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI3D99.txt
2010-08-06 15:09 - 2010-08-06 15:09 - 0427316 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI57C6.txt
2011-05-06 16:16 - 2011-05-06 16:16 - 0366200 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI5DE5.txt
2009-10-12 06:43 - 2009-10-12 06:43 - 0366808 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI60F5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0353238 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI62B5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0400340 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI62BC.txt
2011-05-04 11:26 - 2011-05-04 11:26 - 0360800 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI639F.txt
2009-04-04 11:15 - 2009-04-04 11:15 - 0417434 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI6604.txt
2011-05-12 20:38 - 2011-05-12 20:38 - 0427518 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI7AB9.txt
2011-04-19 15:13 - 2011-04-19 15:13 - 0364108 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI7CE1.txt
2009-06-09 13:57 - 2009-06-09 13:57 - 0012046 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI0710.txt
2013-02-08 16:54 - 2013-02-08 16:54 - 0014102 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI08CA.txt
2009-06-09 14:00 - 2009-06-09 14:00 - 0012158 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI08CC.txt
2010-04-02 18:56 - 2010-04-02 18:58 - 0016562 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI110D.txt
2010-04-02 18:58 - 2010-04-02 18:58 - 0016042 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI1295.txt
2010-03-30 13:17 - 2010-03-30 13:17 - 0013882 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI2358.txt
2011-09-16 14:31 - 2011-09-16 15:06 - 0016292 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI24ED.txt
2011-05-18 11:52 - 2011-05-18 11:52 - 0013346 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI3D99.txt
2010-08-06 15:09 - 2010-08-06 15:09 - 0013538 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI57C6.txt
2011-05-06 16:16 - 2011-05-06 16:16 - 0015098 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI5DE5.txt
2009-10-12 06:43 - 2009-10-12 06:43 - 0011170 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI60F5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0014622 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI62B5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0014390 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI62BC.txt
2011-05-04 11:26 - 2011-05-04 11:26 - 0013298 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI639F.txt
2009-04-04 11:15 - 2009-04-04 11:15 - 0011410 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI6604.txt
2011-05-12 20:38 - 2011-05-12 20:38 - 0014288 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI7AB9.txt
2011-04-19 15:13 - 2011-04-19 15:13 - 0014346 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI7CE1.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 0541952 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuMSI7623.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 0013972 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuUI7623.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 1303922 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64MSI7583.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 0014024 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64UI7583.txt
2011-04-03 19:15 - 2011-04-03 19:15 - 0000096 _____ () C:\Users\Suiolirim\AppData\Local\fusioncache.dat
2010-03-27 22:02 - 2015-04-09 13:40 - 0006904 _____ () C:\Users\Suiolirim\AppData\Local\uxeventlog.txt
2011-10-15 14:44 - 2011-10-15 14:45 - 0001850 _____ () C:\ProgramData\1318686248.2288.bin
2011-04-19 16:50 - 2011-04-27 12:01 - 1555999 _____ () C:\ProgramData\bdinstall.bin
2008-09-12 21:06 - 2008-09-12 21:06 - 0000349 _____ () C:\ProgramData\hpzinstall.log
2009-12-18 20:20 - 2009-12-18 20:20 - 0000000 _____ () C:\ProgramData\leverage.drm.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Suiolirim\hash.dat
Einige Dateien in TEMP:
====================
C:\Users\Suiolirim\AppData\Local\temp\libeay32.dll
C:\Users\Suiolirim\AppData\Local\temp\msvcr120.dll
C:\Users\Suiolirim\AppData\Local\temp\sqlite3.dll
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\runouce.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-27 22:02
==================== Ende von FRST.txt ============================
|
|
27.12.2016, 23:40
| #8 |
| | Windows Vista: AVG findet einen RootkitCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Suiolirim (27-12-2016 22:58:06)
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-02-02 13:39:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1653470619-1168622029-2061882709-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1653470619-1168622029-2061882709-1004 - Limited - Enabled)
Gast (S-1-5-21-1653470619-1168622029-2061882709-501 - Limited - Disabled)
Suiolirim (S-1-5-21-1653470619-1168622029-2061882709-1000 - Administrator - Enabled) => C:\Users\Suiolirim
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
A.V.A (HKLM-x32\...\{42AF51C0-4028-46CF-B616-FB1F75286457}) (Version: 24.18.03866 - A.V.A)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Reader X (10.1.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AVG (Version: 16.141.7996 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4749 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.141.7996 - AVG Technologies)
Bloodline Champions (HKLM-x32\...\{6C90C4C4-559D-4FE8-A4BF-37550E74D1FC}) (Version: 1.0.0 - Stunlock Studios)
Cards_Calendar_OrderGift_DoMorePlugout (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: .1707 - CyberLink Corp.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version: - )
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Free Audio CD Burner version 1.2 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.2 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Limited.)
Google Chrome (HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version: - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version: - )
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.0.26 - S2 Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Advisor (HKLM-x32\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Demo (HKLM-x32\...\{97ABD26A-3249-46CB-B2E2-F66E64B2E480}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM-x32\...\{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}) (Version: 5.7.0.2693 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 1.36.003 - Portrait Displays, Inc.)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Update (HKLM-x32\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
igLoader (HKLM\...\igLoader) (Version: 3.0.0.0 - Indiepath Ltd)
ijji REACTOR (HKLM-x32\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
JDownloader 0.9 (HKLM-x32\...\1489-3350-5074-6281) (Version: 0.9 - AppWork GmbH)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2913 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.50.1040 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}) (Version: 12.00.1280 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
Mafia II - Demo (HKLM-x32\...\Steam App 50280) (Version: - 2K Czech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - THQ)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM-x32\...\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}) (Version: 6.10.050 - muvee Technologies)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version: - NCsoft)
Neffy 1,3,29,0 (HKLM-x32\...\Neffy) (Version: 1,3,29,0 - CDNetworks)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{C50EF365-2898-489A-B6C7-30DAA466E9A2}) (Version: 7.1.23.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.40.6 - Nokia)
Nokia PC Suite (x32 Version: 7.1.40.6 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version: - Hewlett-Packard)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.2 - Pando Networks Inc.)
PC Connectivity Solution (HKLM-x32\...\{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}) (Version: 9.44.0.3 - Nokia)
Pivot Software (x32 Version: 8.21.013 - Portrait Displays, Inc.) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.4109 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.)
PowerDirector (x32 Version: 6.5.2926 - CyberLink Corp.) Hidden
Pro Evolution Soccer 2013 DEMO2 (HKLM-x32\...\{E244E649-B7FB-4644-B387-CA882AEC7577}) (Version: 1.00.0000 - KONAMI)
PSSWCORE (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
Python 2.5.2 (HKLM-x32\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
SDK (x32 Version: 1.40.002 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1405.0 - Hi-Rez Studios)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
sp41119 (HKLM\...\sp41119) (Version: - Hewlett-Packard)
sp44626 (HKLM-x32\...\sp44626) (Version: - Hewlett-Packard)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spider-Man(TM) - Web of Shadows (x32 Version: 1.0 - Activision) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (x32 Version: - ) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Spider-Man(TM) - Web of Shadows-Spiel (HKLM-x32\...\InstallShield_{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}) (Version: 1.1 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Suffering (remove only) (HKLM-x32\...\The Suffering) (Version: 1.7.0.11.2.4.3 - Midway Home Entertainment Inc.)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6.0 - Texas Instruments Incorporated)
Tiggit (HKLM-x32\...\{B2F036FE-A916-4EBB-8621-5403444940D3}_is1) (Version: - )
TmNationsForever Update 2010-03-15 (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.980.1 - Hi-Rez Studios)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (x32 Version: 110.0.171.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4) (HKLM\...\8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA) (Version: 06/01/2009 7.01.0.4 - Nokia)
Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2) (HKLM\...\05B59228C7E1C21DFBE89260F879BD95880548D8) (Version: 10/05/2009 4.2 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\ChromeHTML: -> C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03324EB8-3058-4313-B9EE-950B21C99340} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster\AutoUpdate.exe
Task: {0876C721-124D-482C-99CC-C227984A5313} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000Core => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {1999CD70-9319-4CFE-A0BA-D9C090D34E00} - System32\Tasks\{BEE4217B-8ABE-4656-AF30-A1E53573390E} => pcalua.exe -a C:\Users\Suiolirim\Downloads\codec_sniper.exe -d C:\Users\Suiolirim\Downloads
Task: {371EDA46-91D3-487E-8BFB-AD3438044152} - System32\Tasks\{C47CCFEC-B5BF-4BDC-B6AC-ECF2C3FFBE23} => pcalua.exe -a C:\Users\Suiolirim\Downloads\sp39950.exe -d C:\Users\Suiolirim\Downloads
Task: {37241EC8-CE22-470A-8D14-C4635CA28E96} - System32\Tasks\Google Updater and Installer => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {3C04BABF-0B0E-41B2-9840-775B8BE83B34} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {468EF5B9-5FB1-4743-B57F-2607EADD3A6C} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {69DE6AF7-90C9-49F6-AD87-448F63F65C7B} - System32\Tasks\{8882EA47-8D98-4195-8E81-8829D8EE1259} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {6A5DF87F-2DF4-4BF8-91F7-4588C866CABB} - System32\Tasks\Driver Booster SkipUAC (Suiolirim) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {797F9A29-E4B1-4A89-95EC-E0C6390E174A} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {909EF21F-8367-4215-B19B-D2D63CD93DE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {A70CC805-CD67-4C58-8BA3-C23E1D557A95} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {AAF676D5-7928-48FE-847C-178D6882F5E0} - System32\Tasks\{07BB79A0-80F9-418A-AABC-0A8C1849E8E6} => pcalua.exe -a C:\Users\Suiolirim\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\Suiolirim\Downloads
Task: {B9494889-CE9C-4519-B409-3E15B8F62C99} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-14] (Google) <==== ACHTUNG
Task: {CC5DB0D3-211A-4178-AAC6-8C2DD660C736} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE551541-E9D7-4613-AC11-CAD718A79641} - System32\Tasks\{427676C2-46CD-43AE-B1E5-74F84C5F9AEB} => pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {D078570E-9D97-4A49-A19A-5B2BDC527CD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {E396FCA1-66F1-4B58-A20C-846BE4DB237A} - System32\Tasks\{473F0C77-2CCD-4EDB-BA86-019EA51AA096} => pcalua.exe -a "C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe" -d "C:\Program Files (x86)\ICQ6Toolbar"
Task: {EEAE5D3F-FDF6-4E0B-901C-F530C5162126} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {F0C531CD-5438-4DB3-8688-84F50D9FD370} - System32\Tasks\{CE75FCDC-B7D3-434D-8B4F-3FDBAF6014C1} => pcalua.exe -a C:\Users\Suiolirim\Downloads\UDKInstall-UncleFred.exe -d C:\Users\Suiolirim\Downloads
Task: {FF994E75-520F-481A-9643-222BEA60F6CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000UA => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A5EDC403-DA13-4BD5-8F96-610C0E80242D}.job => C:\Windows\system32\msfeedssync.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Suiolirim\Desktop\Desktop\Spiele\A.V.A.lnk -> C:\Program Files (x86)\ijji\ijji REACTOR\REACTOR.exe (NHN Corporation) -> redirect:hxxp://reactor.ijji.com/index.nhn?gameid=u_ava
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-06-03 11:35 - 2013-04-30 03:46 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2009-02-05 16:19 - 2008-07-14 13:43 - 00069632 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
2016-12-24 19:52 - 2016-12-24 19:51 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [286]
AlternateDataStreams: C:\ProgramData\TEMP:364682BC [234]
AlternateDataStreams: C:\ProgramData\TEMP:BD36345D [200]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7582 mehr Seiten.
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7478 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 13:34 - 2013-10-30 16:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Suiolirim\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^Users^Suiolirim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Suiolirim\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Suiolirim\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => %SystemRoot%\system32\dfsr.exe
FirewallRules: [{142CF540-DB64-465E-A8C1-9F78FA381836}] => c:\Program Files (x86)\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{B71241FB-92BA-49E3-A31E-3A7F3F0DFD3A}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{A17A4EDB-D87B-4B68-A02B-747FAC300F23}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{0BDA7AAB-DCA1-435C-A48F-6E216D97E904}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{666B2C21-AD76-4154-880B-30198A16A391}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{9916A79E-A0E1-448C-9440-99A722F4A146}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{940E7A3E-C940-423C-AD06-29A4B695EADE}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{1BB2C654-2F8B-4A45-A6A5-E0D583FCCFF0}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{1920CFB5-3D03-45C7-9232-7316A42DA08F}C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe] => C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{801523C9-9625-4A22-B5DA-012AB9CDBBE6}C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe] => C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{296C58F4-423F-4733-A6C8-0266D853859F}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{BB74B909-F12D-4DC5-AA76-EC51D725D96A}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{FF0D0FF4-F437-4C3E-8D79-4B926E9D2389}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [TCP Query User{6E4270A5-4F0B-497B-BD9E-9806BC81A6BA}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C5820BA9-E570-4520-B7AC-772C07A81D24}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{15D6A789-2649-4B96-80F0-F825DF2AD011}] => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{BEE99D8C-1502-4FF9-B3E3-1923215121C4}] => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [TCP Query User{9AF4BE5F-C323-4E8D-AB2C-92559E9024F6}C:\ijji\english\ava\binaries\ava.exe] => C:\ijji\english\ava\binaries\ava.exe
FirewallRules: [UDP Query User{1C7EA198-6846-4BA1-B6B9-BC20A756C3EE}C:\ijji\english\ava\binaries\ava.exe] => C:\ijji\english\ava\binaries\ava.exe
FirewallRules: [{E3240DF4-D51C-4D38-9EAB-623834D37138}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{820FCAF3-31E0-4205-B709-F34BFBB6CA59}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{C290CB18-BDDD-4357-8C8A-B9B268D7AA7A}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{14D48E4D-66F0-4E59-9D3C-F365B36C3768}] => LPort=8394
FirewallRules: [{D2764897-B2FE-4D38-83AC-3A21A01D18D7}] => LPort=8394
FirewallRules: [{C5A80CCF-0D8F-45A8-9397-820E756CBD92}] => LPort=6983
FirewallRules: [{2779EC5B-8F17-44FB-8EAA-4402A80FC8C2}] => LPort=6983
FirewallRules: [{A96A26A7-A94C-4032-97BB-8400AB0A5626}] => LPort=6895
FirewallRules: [{2FD91BFF-97D6-4913-9AD5-A222762A64D6}] => LPort=6895
FirewallRules: [{8DF2CC18-8566-4E98-A4B6-BFA8FF2D5F89}] => LPort=8394
FirewallRules: [{C6A02ED0-E470-444A-B0CF-8752F9177DF1}] => LPort=8394
FirewallRules: [{E1ED97B3-7BD3-4BCE-9F93-B6934D645BD8}] => LPort=6971
FirewallRules: [{3ECC23F2-B8A7-4727-91CA-32BA5732E411}] => LPort=6971
FirewallRules: [{A9804527-902B-430E-8E68-627A9C721CFD}] => LPort=6992
FirewallRules: [{F9EDCFA4-89A5-4DB2-B0DB-343725E338D6}] => LPort=6992
FirewallRules: [{A04224C7-1161-4930-A4A1-71B503C62F2A}] => LPort=8395
FirewallRules: [{AAEE3DC0-D134-4141-9029-735A288FB41B}] => LPort=8395
FirewallRules: [{A7A12F77-9901-4FBD-B010-1B8D18D431B5}] => LPort=6989
FirewallRules: [{A10E189B-D236-4463-9DD8-3F7812C74C96}] => LPort=6989
FirewallRules: [{6D96D44D-BDD6-44C7-BFBE-3031B0AD141D}] => LPort=8396
FirewallRules: [{AD3D861F-41C7-45FC-989B-F567BB336D85}] => LPort=8396
FirewallRules: [{9A3E605E-B6AE-4B4D-9F78-7211B2D7ABD0}] => LPort=6987
FirewallRules: [{CD230630-6598-460B-A8DF-9E8CB966BF04}] => LPort=6987
FirewallRules: [TCP Query User{E1FF3428-E405-42AA-8F4E-F62BBC6563C2}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{7B2F750A-F25D-4AC8-94EE-784E2D6E7B7D}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{A5014B5F-EB16-458A-9B18-0E192C5479C0}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{97D7FCFA-8F3D-45E9-9B9E-F41E726566A2}] => svchost.exe
FirewallRules: [{ED8D12EA-84FA-43BD-B4D5-84BB31EFF679}] => LPort=6969
FirewallRules: [{759E874B-F517-4DE1-9011-1548BAF9F2CB}] => LPort=6969
FirewallRules: [{12F593EB-C1D8-45C3-A234-FFB3507F4AA6}] => LPort=6887
FirewallRules: [{CE01052E-243A-4D1B-BACE-CBEEC2FA5B8D}] => LPort=6887
FirewallRules: [{161FFAA0-791D-42AB-A8F8-771AC048803C}] => LPort=6993
FirewallRules: [{E5446C2A-E718-4EB7-B98B-2E1DF101D142}] => LPort=6993
FirewallRules: [{93955E75-5EC8-45D8-8FC1-139404C5C7A3}] => LPort=6928
FirewallRules: [{5EFFC13D-8A46-4DCB-AC86-0F3C65BE1489}] => LPort=6928
FirewallRules: [{8776558C-D184-4828-8C7A-C5A089F5760A}] => LPort=6932
FirewallRules: [{A978E1E9-B712-476A-8D3D-0DEE1A19FA75}] => LPort=6932
FirewallRules: [{C0952C5D-9782-432C-9726-5B09B1F0D48E}] => LPort=6966
FirewallRules: [{99087EDA-484F-48C3-B6B0-1532CFF72BA0}] => LPort=6966
FirewallRules: [{BA80CDAD-145A-4D29-AE7F-0E1359A82B89}] => LPort=6951
FirewallRules: [{C863FF2E-1B91-4E0B-B75C-D1781ECD7FEA}] => LPort=6951
FirewallRules: [{61E53A93-0F1A-4FA4-9FD1-2DDCDBE0E9DC}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{91B6BA44-B87D-45E4-858F-743C7FD808A5}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{2116F8AC-598A-4C93-8182-BB9D504AED82}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{77CD8069-8BC3-45B6-A309-55A4A8F08FE4}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{50134214-C0A4-4EEC-95E0-75BCD64C2F2B}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{60570471-4616-4BC9-8FEA-1F2583535B30}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{CCFC29F3-1D6A-4CCF-ADA8-C96ADD82C573}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{3B453461-7FBC-40E2-83E7-AA2E0341CB95}] => LPort=80
FirewallRules: [{052CC513-CDE1-49FE-B133-1D21BBDBDABE}] => LPort=80
FirewallRules: [{B5E2656E-15C0-41B7-9769-A920CDEC2102}] => LPort=80
FirewallRules: [{4E0BA1D0-8A0D-41D0-A50A-135BF5479A13}] => LPort=6886
FirewallRules: [{162EFF4E-559C-42A4-AD5D-06A191ED3AEE}] => LPort=6886
FirewallRules: [{3E545E1E-550A-4926-A29E-B2BF6DE5C90F}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{B3979143-560D-4E60-9A26-988424B5CF5F}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{5AFEF734-8FF3-4146-87E4-AA5D6B810544}] => LPort=6942
FirewallRules: [{C710B987-8D89-4FF5-B0B3-842C96383D80}] => LPort=6942
FirewallRules: [TCP Query User{93AD976D-2DD9-46E3-81BB-807D48059F3D}C:\riot games\league of legends\lol.launcher.exe] => C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [UDP Query User{85D588FD-75AE-4335-9F6A-10DEA033EC54}C:\riot games\league of legends\lol.launcher.exe] => C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [TCP Query User{E7338126-609A-4EAC-B423-4F5526DC0D11}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{D6129EA7-10E2-4E43-9597-4B0D2D4DFC8C}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{A5D4D5B6-CDE6-4F47-BFBE-54245A900907}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0F000594-AA61-45E8-B4E2-0DA479D33ED5}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{170F4ADD-F2FA-4DDF-8B82-122EAFFA6D72}] => C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{37C7F240-4AD1-4FA7-8FF0-4C93A865B756}] => C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{61829264-178A-4C46-941D-14035D91AE3F}] => C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{30E6ACDF-B210-4870-9D13-EC3F5187EF55}] => C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D9E8AC58-D0C3-4243-B21C-0EF4BE946695}] => C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{C7988D9A-6F21-4EDF-8FAF-F2DC42FB1150}] => C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F9220BDC-0B89-48B9-97C8-EEEA3D6547E6}] => C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{B43DB5D8-CF3B-413A-B2AC-AEEF5E428EE1}C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{DDEE711F-EA90-4CF9-B8AB-4A76BEE6C872}C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [TCP Query User{328D7D41-E260-4F31-9192-E0ACDF98B84C}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [UDP Query User{DF5BFEA2-C531-46AD-B058-644F3AD49A9E}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [TCP Query User{8C871AAA-97CE-4F37-B428-32981CCBF79E}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{0519083D-2865-45D7-B2E5-DB4347C1DE67}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{490F30FC-5C8B-4F68-82CB-0161A6091219}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{AC54CEF7-EF4E-4681-AE4C-E3FA25413122}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{221CD564-6E30-46D6-9E20-1A768EE03FB9}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{2D72EBD4-D438-4A2D-8AA7-05CABE373ABD}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{A68F557A-9F61-474E-8175-F75A35B25C4E}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{55524AEE-DFDB-4B01-A374-DD3BCD83C159}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [{D21EAE32-A14F-49E1-9386-CD6ABD8F71CB}] => C:\Program Files (x86)\Steam\SteamApps\kedmaron\source sdk base 2007\hl2.exe
FirewallRules: [{32C7BBFE-2E99-4246-B40B-5584AA3EC12F}] => C:\Program Files (x86)\Steam\SteamApps\kedmaron\source sdk base 2007\hl2.exe
FirewallRules: [{06A4FD4D-085A-417A-AFDA-FD4A9F157F76}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{997517F3-F8E0-484A-A7E4-78B9A0E280C3}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{AF2831CF-3C76-4487-9E4F-B95FE3FD86C8}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{787C5A52-0D0A-4002-96E5-9688C88B0C93}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [TCP Query User{F36D63AD-DB72-4F02-803D-FC83F41E19F5}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{442F9794-F04B-47A3-865C-27B923C49C6A}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{2AD5586E-7429-4E08-B9B9-F54C8F59DC33}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{9E3FAE17-C13A-4527-9254-6B9BB3EFBFC8}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [{CEB4543E-C57B-43FD-A6F4-AA7B227D2031}] => C:\Users\Suiolirim\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{9BE6A3EE-5667-4017-B5D9-C83797F59CF4}] => C:\Users\Suiolirim\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{DF792DD1-43ED-41D2-9F57-849F45725C7F}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{EDE7D6F0-5871-4845-B1A5-D7E22B23FEE7}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{83C90927-DA80-406F-B96A-43CBA6B95C83}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{9CF67B40-23CD-4756-BDB7-8BEF5012481B}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{5782FB5B-74E0-47CF-8B86-66DF517A6204}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E68A430B-2682-4D72-90C9-15B9B6847694}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3FCDC4A2-7E0E-41D4-8A86-CAAC7770CE23}C:\program files (x86)\orbitdownloader\orbitnet.exe] => C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{4F1E5257-F211-4208-B9B4-038E24F101AE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{123CBE76-2CF1-4915-A0F9-FD5CB8948EEE}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{A5042C3D-F620-42A4-A380-8F90788CFD4B}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{B2407D88-C8FB-47EF-86BD-6EF9D0F5F96F}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{CD37A3F8-B1F9-414D-98C5-13ED42373B90}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{01CF36B3-53D7-48B4-9B03-3251C957E619}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{0D6B3718-AF62-4995-A42C-634B511D87E3}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{368B8E69-5C8A-4808-8689-91DD33666A80}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{C8CF3C1D-C545-4CE2-8B24-3180A6C42E23}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{96F4B891-987E-452A-8688-2A1AE5AB2450}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{39A261AC-57D7-4222-9865-41279AA2CEEF}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{4A0BEB63-24CD-42F3-82EF-2AC6D1272F5A}C:\program files (x86)\lf2_v2.0a\lf2.exe] => C:\program files (x86)\lf2_v2.0a\lf2.exe
FirewallRules: [UDP Query User{B7159DF2-A378-4D19-885B-060C67C4736B}C:\program files (x86)\lf2_v2.0a\lf2.exe] => C:\program files (x86)\lf2_v2.0a\lf2.exe
FirewallRules: [{F053A9A1-EC50-494B-A6ED-30DED1174676}] => C:\Program Files (x86)\Electronic Arts\BattleForge\Bootstrapper.exe
FirewallRules: [{ECEF42B0-05D7-4A8B-B2D5-529BF3272D35}] => C:\Program Files (x86)\Electronic Arts\BattleForge\Bootstrapper.exe
FirewallRules: [{C254FA8F-C296-4875-88D9-F06A68F4FE1E}] => C:\Program Files (x86)\Electronic Arts\BattleForge\BattleForge.exe
FirewallRules: [{E4361063-FE81-404F-BD9A-C59F57562962}] => C:\Program Files (x86)\Electronic Arts\BattleForge\BattleForge.exe
FirewallRules: [TCP Query User{112D5F12-DE4E-4004-8692-A1ECBC54AE19}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{6DBB1113-CA30-44DB-AA16-CC35918FCDCC}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{1BE5DCA5-2A5E-40BF-921F-2839CF6F2E11}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{B0B987FB-8864-4489-9068-8E6AB1310D4B}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{F749247B-CA0E-4BD7-96B0-6A58B58D4D5A}C:\program files (x86)\runes of magic\client.exe] => C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{3FA3A994-70B0-4072-8782-FAC5B7DFA64F}C:\program files (x86)\runes of magic\client.exe] => C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{D4CA132A-27A4-4CE8-BF4E-62AFAD46B7E5}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{638F4C0A-FFDE-4F03-ACC5-5BCAC95116B4}] => C:\WINDOWS\Temp\~os2F79.tmp\ossproxy.exe
FirewallRules: [{B75C269B-90FA-44DE-9C34-18B2932F28EE}] => C:\WINDOWS\Temp\~osFF46.tmp\ossproxy.exe
FirewallRules: [{75F3DB81-1D2E-4B89-AF6A-CFF76E7E550F}] => C:\WINDOWS\Temp\~os9D29.tmp\ossproxy.exe
FirewallRules: [TCP Query User{EABC7109-3C89-4250-9A38-66678391F70E}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [UDP Query User{C23095AC-B05A-4868-8487-F461563ADD37}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [TCP Query User{C7D693FF-A488-4E11-BCEB-309D1EFD3E32}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [UDP Query User{61E89F01-72B1-4A94-91BA-E0AC0F6026C8}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [TCP Query User{E3A69D0F-B2B8-4EB6-A704-D25F25197AB9}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [UDP Query User{47FE9A67-8C3A-42C1-A50E-B79A49945843}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [TCP Query User{C78CB71C-CC8F-4B76-ABF5-3D595AAB70F1}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [UDP Query User{2FAB23CD-A439-4EF8-AE65-5D7F7A462F36}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [{0FDC3F9C-04FE-492A-A79A-B02FAFE579F7}] => C:\Users\Suiolirim\AppData\Local\Temp\7zSE4C4.tmp\SymNRT.exe
FirewallRules: [{06C28427-8487-4CB0-9142-EDC4AFC7F72F}] => C:\Users\Suiolirim\AppData\Local\Temp\7zSE4C4.tmp\SymNRT.exe
FirewallRules: [{97CDE443-BC5A-421B-8A8A-3BB20F7DB2AE}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
FirewallRules: [{F0BD004A-576A-4377-9316-4ADD7FF18DC5}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
FirewallRules: [{FEC2E465-A314-4324-B91A-81E6BC2BCFA3}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{1D41AFF8-7624-4CC3-AF42-9062E776303E}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{EE479594-F653-4E16-B152-F8F14AFC937E}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{838348B6-1652-4D24-A732-DC46BC18CF50}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{E0289FFB-3EEF-4184-922D-0C8B46E30345}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{D8BD6308-CA1E-4029-B10D-B57683C3B311}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{AD13FE61-E214-4308-821B-52C3707F9AB6}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{8F00C1CB-3CA1-4895-9442-ABE57F581F08}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{4BE23B6B-C2FF-4CFF-880C-95309DB9787A}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{E3B6BD91-6567-47E3-ADAE-735B8943CEA1}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B92DEA49-6D76-4240-A313-E31E422B5115}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B62C89A7-6336-4307-A8B7-0E39807DFA7A}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B659E396-83DD-4484-A277-C39F12E853BD}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS681B.tmp\SymNRT.exe
FirewallRules: [{F576D727-7DEA-4496-A354-9BEDE7ADD1B2}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS681B.tmp\SymNRT.exe
FirewallRules: [{945CB294-6051-49AF-923F-43C432A68E10}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS5F26.tmp\SymNRT.exe
FirewallRules: [{4C6E9204-A037-420E-80BA-417E429CC713}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS5F26.tmp\SymNRT.exe
FirewallRules: [{0B2B42F7-1871-4B4E-BB35-828F2F9F8B1B}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{CBC7A2CD-E43E-4F6E-B6DA-9B28A5F44391}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{2AF45CE1-7A03-44D4-BBD6-7DCB490D5436}] => C:\Program Files (x86)\BitTorrent\bittorrent.exe
FirewallRules: [{070BA28A-1491-44DC-84B4-B20EBEDF6629}] => C:\Program Files (x86)\BitTorrent\bittorrent.exe
FirewallRules: [TCP Query User{DF740346-0168-4F28-80D6-69CD84AB20AA}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{4FD0DC72-B64A-4A45-8132-F59C028EEFFB}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [{E2D0B330-83EF-4332-8FA5-D2CE9A8643CE}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{A5D3560A-694E-415D-9081-53F7DFA5A692}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{53FD7FE9-28FC-4296-8B83-78B173776DEC}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{FDCA922A-E158-4E38-8E22-086CDA408762}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{7BE0E932-197D-4407-A713-9C998D0E4E91}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{E4E5FE6A-3176-4185-B524-A97D09D3AEB7}] => C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{CD3846B0-EF6A-45D0-A183-CE5B3C61CADD}] => C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{3577C9B0-D9C5-45F3-9D0A-FA1F6F058BF0}] => C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C441440-1B93-4701-913F-41774EA23F6B}] => C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{30B7C787-CBAF-4048-9796-DE3133FF112C}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe] => C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{8912F681-8E06-4AF3-B489-746C21EAB615}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe] => C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe
FirewallRules: [TCP Query User{96A221CB-F866-41A0-BE68-B18361907904}C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe] => C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe
FirewallRules: [UDP Query User{8B96A856-917C-4C6E-AD79-7AC5E155C364}C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe] => C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe
FirewallRules: [{D32E0499-661A-4779-8E26-5B587243BE7B}] => C:\Cs 1.6\Steam.exe
FirewallRules: [{FB6F4FD6-12BF-4D44-B281-8F4875B3124B}] => C:\Cs 1.6\Steam.exe
FirewallRules: [{D9EBE7F8-0324-4189-A9D6-EBB773C17F86}] => C:\Users\Suiolirim\AppData\Local\Temp\ijjiOptimizer.exe
FirewallRules: [{5BC5D678-A2FF-4647-B859-57F6E347DDCC}] => C:\Users\Suiolirim\AppData\Local\Temp\ijjiOptimizer.exe
FirewallRules: [TCP Query User{6385691A-9447-42C9-9B2E-B18E5D7DC435}C:\soldat2\soldat.exe] => C:\soldat2\soldat.exe
FirewallRules: [UDP Query User{3863E502-4198-464C-92B6-1F301BDCA9A8}C:\soldat2\soldat.exe] => C:\soldat2\soldat.exe
FirewallRules: [TCP Query User{698BE46D-87A0-430F-8586-23D12B1973AB}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [UDP Query User{DE05E973-9F2B-4456-ACF8-74AEF60577B7}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [TCP Query User{F2A7F3FC-EC6F-4171-94E6-924BC4F2FCEF}C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{7389077C-02F9-4FEA-AA26-BCFBBF712AE2}C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{DB6D63B3-092B-4426-ACC1-9DB22C3D4562}C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{2C0D4C1D-4428-41A9-ACD8-5AA5618786A5}C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{907CFEAA-1FF5-429F-821E-48D9A9F84A19}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{4A6C56D9-EDD1-4D26-B9DE-8C743448EB0A}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{C56193DC-E430-49A5-A8D4-4A4763E60F63}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{B1CA55F8-2A25-4619-87C9-EF2E0E1C993B}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{A4EB908A-D57C-44C7-89A2-77DADF45D973}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{6295282A-53FC-4AE1-A484-36D5BB4B92E6}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{CE6702D4-9DD4-49BC-B0A8-AF958F71E4AF}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{E29F5297-E873-42A0-A8D1-CE09E5A500C4}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [TCP Query User{1CFE621F-1CEB-4D76-AF71-0E4BDBA192AB}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [UDP Query User{97B0F469-9067-448C-A18C-2A09B05D25C7}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [{F10C861E-DC16-4269-9F30-AB88FE56A749}] => C:\Games\air\LolClient.exe
FirewallRules: [{04B84668-252C-4FDD-92ED-23C2734E1628}] => C:\Games\air\LolClient.exe
FirewallRules: [{8FDA3253-ED10-42EC-BB6C-EA6C9BD53C16}] => C:\Games\game\League of Legends.exe
FirewallRules: [{B07DED30-29DB-4594-B74D-FC2534A04BBE}] => C:\Games\game\League of Legends.exe
FirewallRules: [TCP Query User{BEBBC708-6C78-4F37-8031-EB723B05801E}C:\program files (x86)\heroes of newerth\hon.exe] => C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [UDP Query User{788B43DE-D4B1-4EA7-B4AD-8F282F438BCE}C:\program files (x86)\heroes of newerth\hon.exe] => C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [{6520B0AA-EC1D-4B8C-BB1C-111610C5CA53}] => C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{8D9EFAD6-AF8D-4146-A93F-D027958A96E3}] => C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{F7FEE872-64ED-4AF5-A018-D30D370C75E4}] => C:\Program Files (x86)\theHunter\game\theHunter.exe
FirewallRules: [{2B9C99B5-0242-4B3E-B995-965A00372346}] => C:\Program Files (x86)\theHunter\game\theHunter.exe
FirewallRules: [TCP Query User{EF27C3D8-398E-40A4-ADDC-D8BC95C3F684}C:\program files (x86)\devpro\devpro_lan.exe] => C:\program files (x86)\devpro\devpro_lan.exe
FirewallRules: [UDP Query User{33CAA96D-1711-4FFD-BD56-4F46464F9924}C:\program files (x86)\devpro\devpro_lan.exe] => C:\program files (x86)\devpro\devpro_lan.exe
FirewallRules: [TCP Query User{A9ED4002-7A57-48E7-B795-30595ACA2EA2}C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe
FirewallRules: [UDP Query User{06EB48A4-5422-4CAC-9EB9-9C7FAD04D9F8}C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe
FirewallRules: [TCP Query User{3EC0E2CF-DEA9-4C51-9947-CEC76A765BD2}C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe] => C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe
FirewallRules: [UDP Query User{61612DA4-F1E5-4BD4-B209-1133759DD96E}C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe] => C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe
FirewallRules: [{FF9E5FDA-BF4C-4041-AD35-BF85E2AEC875}] => C:\Program Files (x86)\Activision\Spider-Man - Web of Shadows\image\pc\Spider-Man Web of Shadows.exe
FirewallRules: [{125FF535-789C-4856-AF6F-B0A8D4168A4A}] => C:\Program Files (x86)\Activision\Spider-Man - Web of Shadows\image\pc\Spider-Man Web of Shadows.exe
FirewallRules: [TCP Query User{C3C08D20-40B9-4675-BDA3-93BD1A4BD83D}C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe] => C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe
FirewallRules: [UDP Query User{E3419AF2-CB6B-4F5F-937C-26446748B66B}C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe] => C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe
FirewallRules: [{86D92C95-CDD9-43F2-A13A-2A5002859A92}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{043BEABF-FD86-4D68-955F-EC4F131C1CD4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A0698A7-E529-4834-BBA6-49D2CA1AEEFB}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3A5EB6FB-71DD-441E-9A9C-CEE72EC3D1DC}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5A813D49-D9EE-4303-9EDB-10C53A4EEF09}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6160C656-30EA-49C3-8AF7-72C4EDAEEA49}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BDCD0FCC-DB7C-4E5F-BA4E-6BB3D428B3D4}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C80D91EE-8854-4F93-A790-C0D2F5E91F86}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{AA8A4988-CF3B-4B39-B274-13612F249C17}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{1CB2C1FC-38D6-4D67-839F-F21388A3121E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{17C163B0-538E-48B5-A435-00E01A3D1C3D}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{616442F7-6FDF-4877-81BC-71C628B02919}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{A649B2CB-C0AE-4CC7-89D7-41274F5192B7}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{90D4E229-023D-4A84-8DD2-22A361919B0D}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
==================== Wiederherstellungspunkte =========================
02-05-2015 12:03:54 Geplanter Prüfpunkt
03-05-2015 14:04:40 Geplanter Prüfpunkt
13-05-2015 11:46:28 Geplanter Prüfpunkt
16-05-2015 15:49:34 Geplanter Prüfpunkt
19-05-2015 11:08:58 Geplanter Prüfpunkt
21-05-2015 13:42:18 Geplanter Prüfpunkt
22-05-2015 15:45:03 Geplanter Prüfpunkt
28-05-2015 14:37:11 Geplanter Prüfpunkt
02-06-2015 09:44:10 Geplanter Prüfpunkt
11-06-2015 11:44:39 Geplanter Prüfpunkt
12-06-2015 15:46:40 Geplanter Prüfpunkt
14-06-2015 11:16:03 Geplanter Prüfpunkt
25-06-2015 12:18:23 Geplanter Prüfpunkt
26-06-2015 11:56:24 Geplanter Prüfpunkt
30-06-2015 17:03:07 Geplanter Prüfpunkt
05-07-2015 12:37:53 Geplanter Prüfpunkt
29-07-2015 16:26:34 Geplanter Prüfpunkt
30-07-2015 12:50:27 Geplanter Prüfpunkt
31-07-2015 12:33:14 Geplanter Prüfpunkt
21-03-2016 21:29:25 Geplanter Prüfpunkt
24-04-2016 17:08:43 Removed QuickTime
07-07-2016 12:36:22 Geplanter Prüfpunkt
25-08-2016 16:28:07 Geplanter Prüfpunkt
23-10-2016 13:29:11 Geplanter Prüfpunkt
25-10-2016 21:44:18 Geplanter Prüfpunkt
24-12-2016 17:40:21 Removed Java 7 Update 45
24-12-2016 17:43:16 Removed QuickTime
24-12-2016 18:59:16 Removed Apple Application Support
24-12-2016 19:04:32 Removed Apple Software Update
24-12-2016 19:57:24 Installed AVG 2016
24-12-2016 19:58:19 Installed AVG
25-12-2016 14:56:40 Geplanter Prüfpunkt
25-12-2016 15:05:04 Removed System Requirements Lab CYRI
25-12-2016 15:06:28 ??????? Counter-Strike 1.6
25-12-2016 15:07:01 chip 1-click download service wurde entfernt.
25-12-2016 17:08:42 Windows-Modulinstallation
26-12-2016 17:45:49 Windows Update
26-12-2016 18:21:53 Windows Update
26-12-2016 21:46:53 Windows Update
27-12-2016 12:24:55 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #5
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #6
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #7
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #8
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-6zu4-Adapter #9
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/27/2016 09:49:15 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Suiolirim\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BYSL5O0L.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (12/27/2016 08:03:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm winamp.exe, Version 5.6.3.3235 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1144
Anfangszeit: 01d260718ab6cea4
Zeitpunkt der Beendigung: 0
Error: (12/27/2016 01:33:50 AM) (Source: profsvc) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
Error: (12/27/2016 01:15:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung sidebar.exe, Version 6.0.6002.18005, Zeitstempel 0x49e035b8, fehlerhaftes Modul avghooka.dll, Version 16.141.0.7996, Zeitstempel 0x58526173, Ausnahmecode 0xc0000005, Fehleroffset 0x0000000000003d3b,
Prozess-ID 0x1234, Anwendungsstartzeit 01d25fd64aa69aff.
Error: (12/27/2016 01:11:22 AM) (Source: profsvc) (EventID: 1502) (User: SUIOLIRIM)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigter lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (12/27/2016 01:11:22 AM) (Source: profsvc) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. for C:\Users\Suiolirim\ntuser.dat
Error: (12/26/2016 11:57:27 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (12/26/2016 11:57:26 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Error: (12/26/2016 11:29:17 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Das Zusammenstellen der Leistungsindikatorendaten vom Dienst "PolicyAgent" wurde deaktiviert, da mindestens ein Fehler von der Leistungsindikatorenbibliothek für diesen Dienst verursacht wurde. Die Fehler, die diese Aktion erzwungen haben, wurden in das Ereignisprotokoll der Anwendung geschrieben. Die Fehler müssen behoben werden, bevor die Leistungsindikatoren für diesen Dienst aktiviert werden.
Error: (12/26/2016 11:29:17 PM) (Source: Perflib) (EventID: 1005) (User: )
Description: Die Open-Prozedur "OpenIPSecPerformanceData" in der DLL "C:\Windows\System32\ipsecsvc.dll" für den "PolicyAgent"-Dienst wurde nicht gefunden. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Systemfehler:
=============
Error: (12/27/2016 09:52:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "UPnP-Gerätehost" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
Error: (12/27/2016 09:52:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (12/27/2016 09:52:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 09:52:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Beep
Lbd
Error: (12/27/2016 09:52:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (12/27/2016 09:52:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/27/2016 09:52:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/27/2016 09:52:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 09:49:20 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/27/2016 09:48:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-12-27 22:57:53.703
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:52.985
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:52.049
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:51.269
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:50.286
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:49.382
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:48.274
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:47.416
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:06.263
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-27 22:57:05.530
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) 9650 Quad-Core Processor
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 4093.58 MB
Verfügbarer physikalischer RAM: 2234.95 MB
Summe virtueller Speicher: 10141.08 MB
Verfügbarer virtueller Speicher: 8094.52 MB
==================== Laufwerke ================================
Drive c: (HP) (Fixed) (Total:582.63 GB) (Free:319.62 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.54 GB) (Free:1.83 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=582.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
29.12.2016, 01:24
| #9 |
| /// Malwareteam | Windows Vista: AVG findet einen Rootkit ist deine Meldung noch einmal aufgetaucht? Lasse bitte sonst einen neuen AVG Scan laufen. Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro-32 Bit Version HitmanPro-64 Bit Version
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
29.12.2016, 11:56
| #10 |
| | Windows Vista: AVG findet einen Rootkit AVG Scan läuft, Ergebnis wird nachgereicht. Hier der Logfile von HitmanPro: Code:
ATTFilter
HitmanPro 3.7.15.281
www.hitmanpro.com
Computer name . . . . : SUIOLIRIM
Windows . . . . . . . : 6.0.2.6002.X64/4
User name . . . . . . : SUIOLIRIM\Suiolirim
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2016-12-29 11:36:42
Scan mode . . . . . . : Normal
Scan duration . . . . : 11m 59s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 23
Objects scanned . . . : 6.860.754
Files scanned . . . . : 39.529
Remnants scanned . . : 463.294 files / 6.357.931 keys
Suspicious files ____________________________________________________________
C:\Users\Suiolirim\AppData\Local\PunkBuster\AAV3\pb\pbcl.dll
Size . . . . . . . : 879.827 bytes
Age . . . . . . . : 2567.6 days (2009-12-18 20:44:01)
Entropy . . . . . : 7.6
SHA-256 . . . . . : C65526BA8CF9F40E03DF11C7625A991D48D7854BF74C9D016EB9C66AB757929D
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Suiolirim\AppData\Local\PunkBuster\AAV3\pb\pbcls.dll
Size . . . . . . . : 879.827 bytes
Age . . . . . . . : 2567.6 days (2009-12-18 20:44:01)
Entropy . . . . . : 7.6
SHA-256 . . . . . : C65526BA8CF9F40E03DF11C7625A991D48D7854BF74C9D016EB9C66AB757929D
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Suiolirim\Desktop\Desktop\FRST64.exe
Size . . . . . . . : 2.420.736 bytes
Age . . . . . . . : 1.9 days (2016-12-27 14:18:34)
Entropy . . . . . : 7.6
SHA-256 . . . . . : E58ADE7FA354A1F256B4608AFD698C379E33FF23D5F62C95BDFC33995C230745
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
References
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Suiolirim\Desktop\Desktop\FRST64.exe
C:\Windows\SysWOW64\GameMon.des
Size . . . . . . . : 3.404.560 bytes
Age . . . . . . . : 2657.0 days (2009-09-20 11:44:11)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 0D7335A08063431492EC18667C7CDD1CAA27F3568DE9C398B43A44EA831046CD
Product . . . . . : nProtect Game Monitor
Publisher . . . . : INCA Internet Co., Ltd.
Description . . . : nProtect Game Monitor Rev 1447
Version . . . . . : 2009.12.16.1
Service . . . . . : npggsvc
LanguageID . . . . : 1042
Fuzzy . . . . . . : 34.0
The file name extension of this program is not common.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Starts automatically as a service during system bootup.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
Startup
HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\
Potential Unwanted Programs _________________________________________________
C:\ProgramData\ICQ\ICQNewTab\ (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\icqtabs.css (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\icqtabs.js (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\img\ (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\img\bgLarge.gif (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\img\bgSmall.gif (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\img\buttonBlue.gif (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\img\buttonGreen.gif (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\img\searchLogo.gif (ICQToolbar)
C:\ProgramData\ICQ\ICQNewTab\newTab.html (ICQToolbar)
HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}\ (Funmoods)
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find)
Geändert von Suiolirim (29.12.2016 um 12:42 Uhr) |
|
29.12.2016, 15:13
| #11 |
| /// Malwareteam | Windows Vista: AVG findet einen Rootkit okay ich warte
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
29.12.2016, 15:59
| #12 |
| | Windows Vista: AVG findet einen Rootkit Bei dem Scan wurde dieselbe Bedrohung erkannt. Muss ich mir Sorgen machen oder geht das eher in Richtung False Positive? |
|
29.12.2016, 16:09
| #13 |
| /// Malwareteam | Windows Vista: AVG findet einen Rootkit zeig mal einen genauen Screenshot bzw Log davon.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
29.12.2016, 16:51
| #14 |
| | Windows Vista: AVG findet einen Rootkit Bitteschön. |
|
29.12.2016, 17:13
| #15 |
| /// Malwareteam | Windows Vista: AVG findet einen Rootkit Was steht unter weitere Informationen?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu Windows Vista: AVG findet einen Rootkit |
| adobe, antivirus, avast, avg, combofix, defender, desktop, driver booster, entfernen, error, google, home, installation, kaspersky, mozilla, prozesse, realtek, registry, rootkit, scan, software, systemüberprüfung, teamspeak, vista, warnung, windows |
und 
und speichere die Logdatei auf Deinem Desktop.
