| |
| |||||||
Alles rund um Windows: Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematischWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
28.03.2015, 01:59
| #1 |
 |  Problem: Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch Hallo Community ich habe mehrere Fragen für euch. Es ist das erste Mal das ich hier poste und ich hoffe, dass ich Eure gewünschte Form einhalten kann. Falls irgendwelche Logs oder Ähnliches dann reiche ich dies gerne nach. Hauptproblem: Mein erstes Problem ist mit meinem Internet/Netzwerk/Wlankarte. Kann das nicht genau einordnen. Hatte das Problem auch bei einem Kollegen also Router ausgeschlossen. Ich kann zu Diensten wie Steam, Mozila Thunderbird Emails abfragen, Arma 2 Online Server nicht connecten/zugreifen. Zweites Problem: Ich besitze eine SSD mit 73,4 GB Speicher für meine Betriebssystem. Dieser Speicher wird immer kleiner und ist auf nur noch auf weniger als 1 gb geschrumpft. Eigentlich dürften sich nur rund 25 gb auf C befinden einschließlich 2 Gb an Downloads im Download Ordner. Kann mich erinnern 10 gb oder mehr durch Ausschalten eines Dienstes oder Ähnlichem, der es einem ermöglicht das System fortzusetzen aber auch viel Speicher verbraucht. Trotzdem muss da irgendwas falsch laufen, da ich eigentlich alles auf meiner großen HDD D gespeichert habe. Lasse einen Virencheck über Kasperskye laufen. -> Dieses Problem hat sich erst einmal gelöscht, bin wieder auf 15 gb frei. Tipps und Tricks, um Speicherfresser dort zu finden wäre schön Ich nutze Windows 7 mit Kaspersky und dies ist eine frische Installation. Ich wüsste eigentlich nicht was dabei schief gelaufen sein soll. |
|
28.03.2015, 02:27
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch Anleitung / Hilfe Hi und
__________________ Was hast denn auf das frisch installierte Windows denn schon alles installiert nach C...ich komm mit deutlich unter 50 GB auf C aus. Hab aber auch keine riesigen Games und große Musik und Video Files würden bei mir auch nicht auf der SSD/Systempartition landen sondern immer auf ner separaten Partition, die nicht auf einer SSD liegt. Um Speicherfresser aufzuspüren eignet sich am besten Treesize => TreeSize Free - Download - Filepony Und die Logs bitte nicht als Anhang posten  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
28.03.2015, 11:18
| #3 |
| | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch Details In dem Report.txt stehen die durch Everest ermittelten Werte für meine Hardware. Datenträgerverwaltung.jpg beinhaltet meine Datenträgerverwaltung.
__________________Das TreeSize Tool war sehr hilfreich. Durch abschalten des Hibernate Mode 10 gb Speicher gewonnen. Größter Platzfresser war bei mir Winsx und der ist ja notwendig und soll nicht angefasst werden. Verbrauche jetzt insgesamt nur noch 50 GB auf meiner SSD und das reicht locker zum Arbeiten da ich alles auf D laden. Somit würde ich sagen, dass mein Problem mit der SSD eigentlich erledigt ist. SO ich versuche nochmal mein Problem mit dem WLan zu erklären. Ich bin mit dem Internet verbunden und kann auch meine Probleme auf diesem Forum posten. Ich kann Videos gucken, Livestreams gucken und ganz normal downloaden. Einige meiner Probleme treten auf, wenn ich Steam starten will, dann zeigt er mir Fehlercode 104 und 105 an, dass ich nicht mit dem Internet verbunden sei. Dies wollte ich lösen, indem ich Alles außer Steam.exe und Steamapps lösche, damit er alles andere neu runterlädt. Jetzt kriege ich aber nur noch den Fehler siehe jpg. Dann kann ich mit Mozilla Thunderbird nicht mehr zum imap von Googlemail connecten und Emails empfangen. Kann mich aber bei GOoglemail einloggen und sie direkt einsehen. Weiteres Problem: Bei Spielen mit Onlineservern wird mir auch keine angezeigt. Ich nutze die Wlankarte Intel(R) Centrino(R) Wireless-N 2230 und habe auch schon mal die Treiber von der Karte neu installiert. Bei einem Freund hatte ich die gleichen Fehler also Router ist ausgenommen und Internet Provider. Meine einzige Theorie ist im Moment, dass es ein Problem mit den Ports geben muss. In der Windows Firewall werden die genannten Programme nicht geblockt und in meinem Kasperksy Internet Security 2014 werden die Anwendungen nicht blockiert. Der Webbrowser läuft ja über Port 80 und der ist anscheinend nicht blockiert aber andere Anwendungen leider schon. Was mir auch noch passiert ist und was komisch ist. Hatte durch irgendein Freeware Produkt, die werden da immer gerissenener auch ein anderes Antivirenprogramm bekommen. Das lies sich nicht richtig deinstallieren also habe ich mit unlocker ad-aware Web companion den prozess unlocked und dann den gesamten Ordner davon gelöscht. Ich weiß jetzt nicht ob das Programm die anderen Programme blockier. |
|
28.03.2015, 11:20
| #4 |
| | Lösung: Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch DxDiag: Code:
ATTFilter ------------------
System Information
------------------
Time of this report: 3/28/2015, 01:09:12
Machine name: ANONYMOUS-PC
Operating System: Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.150202-1526)
Language: German (Regional Setting: German)
System Manufacturer: MEDION
System Model: X781X
BIOS: MSI X781X E1762IM7 Ver:1.07 MEDIONPC MEDIONNB
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz (8 CPUs), ~2.3GHz
Memory: 16384MB RAM
Available OS Memory: 16280MB RAM
Page File: 4426MB used, 28133MB available
Windows Dir: C:\Windows
DirectX Version: DirectX 11
DX Setup Parameters: Not found
User DPI Setting: Using System DPI
System DPI Setting: 120 DPI (125 percent)
DWM DPI Scaling: Disabled
DxDiag Version: 6.01.7601.17514 64bit Unicode
------------
DxDiag Notes
------------
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Sound Tab 2: No problems found.
Input Tab: No problems found.
--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (retail)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)
---------------
Display Devices
---------------
Card name: Intel(R) HD Graphics 4000
Manufacturer: Intel Corporation
Chip type: Intel(R) HD Graphics Family
DAC type: Internal
Device Key: Enum\PCI\VEN_8086&DEV_0166&SUBSYS_10CB1462&REV_09
Display Memory: 1696 MB
Dedicated Memory: 64 MB
Shared Memory: 1632 MB
Current Mode: 1920 x 1080 (32 bit) (60Hz)
Monitor Name: Generic PnP Monitor
Monitor Model: unknown
Monitor Id: AUO159D
Native Mode: 1920 x 1080(p) (60.064Hz)
Output Type: Internal
Driver Name: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igdumdim32,igd10iumd32,igd10iumd32
Driver File Version: 10.18.0010.3958 (English)
Driver Version: 10.18.10.3958
DDI Version: 11
Driver Model: WDDM 1.1
Driver Attributes: Final Retail
Driver Date/Size: 10/1/2014 19:54:22, 10956576 bytes
WHQL Logo'd: Yes
WHQL Date Stamp:
Device Identifier: {D7B78E66-4226-11CF-A478-C130B4C2C735}
Vendor ID: 0x8086
Device ID: 0x0166
SubSys ID: 0x10CB1462
Revision ID: 0x0009
Driver Strong Name: oem34.inf:IntelGfx.NTamd64.6.1:iIVBM_w7:10.18.10.3958:pci\ven_8086&dev_0166
Rank Of Driver: 00E62001
Video Accel: ModeMPEG2_A ModeMPEG2_C ModeWMV9_C ModeVC1_C
Deinterlace Caps: {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
D3D9 Overlay: Supported
DXVA-HD: Supported
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled
-------------
Sound Devices
-------------
Description: Lautsprecher (USB Multi-Channel Audio Device)
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: USB\VID_145F&PID_0199&REV_0010&MI_00
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: CM10664.sys
Driver Version: 7.12.0008.2150 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 8/12/2010 18:24:30, 1310720 bytes
Other Files:
Driver Provider: C-Media Inc.
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
Description: Speakers (Realtek High Definition Audio)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_146210CE&REV_1003
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.6531 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 12/20/2011 18:16:00, 4720616 bytes
Other Files:
Driver Provider: Realtek Semiconductor Corp.
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
---------------------
Sound Capture Devices
---------------------
Description: Mikrofon (USB Multi-Channel Audio Device)
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: CM10664.sys
Driver Version: 7.12.0008.2150 (English)
Driver Attributes: Final Retail
Date and Size: 8/12/2010 18:24:30, 1310720 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF
Description: Microphone (Realtek High Definition Audio)
Default Sound Capture: No
Default Voice Capture: No
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.6531 (English)
Driver Attributes: Final Retail
Date and Size: 12/20/2011 18:16:00, 4720616 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF
-------------------
DirectInput Devices
-------------------
Device Name: Maus
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a
Device Name: Tastatur
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a
Device Name: USB Sound Device
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x145F, 0x0199
FF Driver: n/a
Device Name: MSI EPF USB
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x1770, 0xFF00
FF Driver: n/a
Poll w/ Interrupt: No
-----------
USB Devices
-----------
+ USB-Root-Hub
| Vendor/Product ID: 0x8086, 0x1E26
| Matching Device ID: usb\root_hub20
| Service: usbhub
| Driver: usbhub.sys, 11/27/2013 02:41:37, 343040 bytes
| Driver: usbd.sys, 11/27/2013 02:41:03, 7808 bytes
|
+-+ Generic USB Hub
| | Vendor/Product ID: 0x8087, 0x0024
| | Location: Port_#0001.Hub_#0002
| | Matching Device ID: usb\class_09
| | Service: usbhub
| | Driver: usbhub.sys, 11/27/2013 02:41:37, 343040 bytes
----------------
Gameport Devices
----------------
------------
PS/2 Devices
------------
+ Standardtastatur (PS/2)
| Matching Device ID: *pnp0303
| Service: i8042prt
|
+ Terminalserver-Tastaturtreiber
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
|
+ ELAN PS/2 Port Smart-Pad
| Matching Device ID: *etd0001
| Upper Filters: ETD
| Service: i8042prt
|
+ Terminalserver-Maustreiber
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD
------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 0.2 GB
Total Space: 75.2 GB
File System: NTFS
Model: INTEL SSDSA2CW080G3
Drive: D:
Free Space: 214.0 GB
Total Space: 663.6 GB
File System: NTFS
Model: ST9750420AS
Drive: E:
Free Space: 28.1 GB
Total Space: 51.8 GB
File System: NTFS
Model: ST9750420AS
Drive: G:
Model: UNWNCRC WPE30DE SCSI CdRom Device
Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (German), 11/21/2010 04:23:47, 147456 bytes
Drive: F:
Model: TSSTcorp CDDVDW SN-208BB
Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (German), 11/21/2010 04:23:47, 147456 bytes
--------------
System Devices
--------------
Name: A395IC66 IDE Controller
Device ID: PCI\VEN_1725&DEV_7174&SUBSYS_8FB95D64&REV_01\4&5D18F2DF&0
Driver: n/a
Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 3 - 1E14
Device ID: PCI\VEN_8086&DEV_1E14&SUBSYS_10CE1462&REV_C4\3&11583659&7&E2
Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7601.17514 (German), 11/21/2010 04:23:47, 184704 bytes
Name: Intel(R) Management Engine Interface
Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_10CE1462&REV_04\3&11583659&7&B0
Driver: n/a
Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
Device ID: PCI\VEN_8086&DEV_1E10&SUBSYS_10CE1462&REV_C4\3&11583659&7&E0
Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7601.17514 (German), 11/21/2010 04:23:47, 184704 bytes
Name: SDA-Standard konformer SD-Hostcontroller
Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_10CE1462&REV_01\4&261264F3&0&01E4
Driver: n/a
Name: Intel(R) USB 3.0 eXtensible-Hostcontroller
Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_10CE1462&REV_04\3&11583659&7&A0
Driver: n/a
Name: Intel(R) 7 Series Chipset Family SATA AHCI Controller
Device ID: PCI\VEN_8086&DEV_1E03&SUBSYS_10CE1462&REV_04\3&11583659&7&FA
Driver: C:\Windows\system32\DRIVERS\iaStor.sys, 11.01.0000.1006 (English), 2/2/2012 00:16:40, 568600 bytes
Name: Realtek PCIE CardReader
Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_10CE1462&REV_01\4&261264F3&0&00E4
Driver: C:\Windows\system32\DRIVERS\RtsPStor.sys, 6.01.7601.0092 (English), 1/3/2012 11:21:44, 340072 bytes
Driver: C:\Windows\SysWOW64\RtsPStorIcon.dll, 1.00.0008.0000 (English), 1/3/2012 11:21:44, 9888872 bytes
Name: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Device ID: PCI\VEN_8086&DEV_1E2D&SUBSYS_10CE1462&REV_04\3&11583659&7&D0
Driver: C:\Windows\system32\drivers\usbehci.sys, 6.01.7601.18328 (English), 11/27/2013 02:41:11, 53248 bytes
Driver: C:\Windows\system32\drivers\usbport.sys, 6.01.7601.18328 (German), 11/27/2013 02:41:11, 325120 bytes
Driver: C:\Windows\system32\drivers\usbhub.sys, 6.01.7601.18328 (German), 11/27/2013 02:41:37, 343040 bytes
Name: Intel(R) Centrino(R) Wireless-N 2230
Device ID: PCI\VEN_8086&DEV_0887&SUBSYS_40628086&REV_C4\4&7EE7C38&0&00E2
Driver: C:\Windows\system32\DRIVERS\Netwsw00.sys, 15.01.0000.0018 (English), 2/20/2012 20:36:58, 11471872 bytes
Driver: C:\Windows\system32\Netwcw00.dll, 15.01.0000.0011 (English), 2/20/2012 20:36:58, 885520 bytes
Driver: C:\Windows\system32\Netwrw00.dll, 15.01.0000.0011 (English), 2/20/2012 20:36:58, 3381008 bytes
Driver: C:\Windows\system32\drivers\vwifibus.sys, 6.01.7600.16385 (German), 7/14/2009 01:07:21, 24576 bytes
Name: Display
Device ID: PCI\VEN_10DE&DEV_1213&SUBSYS_10CB1462&REV_A1\4&98655A7&0&0008
Driver: n/a
Name: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Device ID: PCI\VEN_8086&DEV_1E26&SUBSYS_10CE1462&REV_04\3&11583659&7&E8
Driver: C:\Windows\system32\drivers\usbehci.sys, 6.01.7601.18328 (English), 11/27/2013 02:41:11, 53248 bytes
Driver: C:\Windows\system32\drivers\usbport.sys, 6.01.7601.18328 (German), 11/27/2013 02:41:11, 325120 bytes
Driver: C:\Windows\system32\drivers\usbhub.sys, 6.01.7601.18328 (German), 11/27/2013 02:41:37, 343040 bytes
Name: Intel(R) HD Graphics 4000
Device ID: PCI\VEN_8086&DEV_0166&SUBSYS_10CB1462&REV_09\3&11583659&7&10
Driver: n/a
Name: Intel(R) 7 Series/C216 Chipset Family SMBus Host Controller - 1E22
Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_10CE1462&REV_04\3&11583659&7&FB
Driver: n/a
Name: 3rd Gen Core processor DRAM Controller - 0154
Device ID: PCI\VEN_8086&DEV_0154&SUBSYS_10CE1462&REV_09\3&11583659&7&00
Driver: n/a
Name: High Definition Audio-Controller
Device ID: PCI\VEN_8086&DEV_1E20&SUBSYS_10CE1462&REV_04\3&11583659&7&D8
Driver: n/a
Name: Xeon(R) processor E3-1200 v2/3rd Gen Core processor PCI Express Root Port - 0151
Device ID: PCI\VEN_8086&DEV_0151&SUBSYS_10CE1462&REV_09\3&11583659&7&08
Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7601.17514 (German), 11/21/2010 04:23:47, 184704 bytes
Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 5 - 1E18
Device ID: PCI\VEN_8086&DEV_1E18&SUBSYS_10CE1462&REV_C4\3&11583659&7&E4
Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7601.17514 (German), 11/21/2010 04:23:47, 184704 bytes
Name: Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Device ID: PCI\VEN_1969&DEV_E091&SUBSYS_10CE1462&REV_13\4&17404488&0&00E0
Driver: C:\Windows\system32\DRIVERS\e22W7x64.sys, 8.00.0002.0030 (English), 2/22/2012 23:08:30, 159848 bytes
Name: Intel(R) HM77 Express Chipset LPC Controller - 1E57
Device ID: PCI\VEN_8086&DEV_1E57&SUBSYS_10CE1462&REV_04\3&11583659&7&F8
Driver: C:\Windows\system32\DRIVERS\msisadrv.sys, 6.01.7600.16385 (English), 7/14/2009 02:48:27, 15424 bytes
------------------
DirectShow Filters
------------------
DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7601.17514
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7601.17514
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7601.17514
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7601.17514
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7601.18221
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
MS ATC Screen Decoder 1,0x00600800,1,1,scdec.dll,15.00.4420.1017
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
ffdshow Video Decoder,0xff800001,2,1,ffdshow.ax,1.03.4533.0000
ffdshow raw video filter,0x00200000,2,1,ffdshow.ax,1.03.4533.0000
ffdshow Audio Decoder,0xff800001,1,1,ffdshow.ax,1.03.4533.0000
DV Muxer,0x00400000,0,0,qdv.dll,6.06.7601.17514
Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7601.18741
LAV Splitter,0x00400001,1,1,LAVSplitter.ax,0.64.0000.0000
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7601.17514
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7601.17514
AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7601.18741
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7601.18741
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7601.17528
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,12.00.9200.16426
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7601.17528
Microsoft TV Captions Decoder,0x00200001,1,0,MSTVCapn.dll,6.01.7601.17715
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.18741
CBVA DMO wrapper filter,0x00200000,1,1,cbva.dll,6.01.7601.17514
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7601.18741
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7601.18741
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7601.17528
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7601.17514
SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7601.17528
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7601.18741
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7601.18741
PlayReady DMO Wrapper,0x00600002,1,1,PRDMOW~1.DLL,1.03.2297.0000
DV Splitter,0x00600000,1,2,qdv.dll,6.06.7601.17514
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7601.18741
MS PR Source Filter,0x00200000,0,2,PRSource.dll,1.03.2297.0000
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7601.17514
ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7601.18741
Video Renderer,0x00800001,1,0,quartz.dll,6.06.7601.18741
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7601.17528
Line 21 Decoder,0x00600000,1,1,,
Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7601.18741
Video Renderer,0x00400000,1,0,quartz.dll,6.06.7601.18741
Haali Video Renderer,0x00200000,1,0,dxr.x64.dll,
VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7601.17514
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7601.17514
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7601.17514
File writer,0x00200000,1,0,qcap.dll,6.06.7601.17514
iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7601.17514
iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7601.17514
VSFilter,0x00200000,2,1,vsfilter64.dll,1.07.0008.0061
VSFilter (auto-loading version),0x00800002,2,1,vsfilter64.dll,1.07.0008.0061
DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7601.18741
Microsoft TV Subtitles Decoder,0x00200001,1,0,MSTVCapn.dll,6.01.7601.17715
Overlay Mixer2,0x00200000,1,1,,
RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514
WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7601.17514
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528
DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7601.17514
ffdshow Audio Processor,0x00200000,1,1,ffdshow.ax,1.03.4533.0000
LAV Splitter Source,0x00400001,0,1,LAVSplitter.ax,0.64.0000.0000
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7601.18501
Null Renderer,0x00200000,1,0,qedit.dll,6.06.7601.18501
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7601.17514
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7601.17514
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7601.17528
Smart Tee,0x00200000,1,2,qcap.dll,6.06.7601.17514
Overlay Mixer,0x00200000,0,0,,
AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.18741
NetBridge,0x00200000,2,0,netbridge.dll,6.01.7601.17514
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7601.18741
Wave Parser,0x00400000,1,1,quartz.dll,6.06.7601.18741
MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7601.18741
Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7601.18741
File stream renderer,0x00400000,1,1,quartz.dll,6.06.7601.18741
ffdshow subtitles filter,0x00200000,2,1,ffdshow.ax,1.03.4533.0000
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7601.17528
AVI Mux,0x00200000,1,0,qcap.dll,6.06.7601.17514
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7601.18741
File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7601.18741
File Source (URL),0x00400000,0,1,quartz.dll,6.06.7601.18741
Media Center Extender Encryption Filter,0x00200000,2,2,Mcx2Filter.dll,6.01.7601.17514
AudioRecorder WAV Dest,0x00200000,0,0,WavDest.dll,
AudioRecorder Wave Form,0x00200000,0,0,WavDest.dll,
SoundRecorder Null Renderer,0x00200000,0,0,WavDest.dll,
LAV Audio Decoder,0x00800003,1,1,LAVAudio.ax,0.64.0000.0000
LAV Video Decoder,0xff800000,1,1,LAVVideo.ax,0.64.0000.0000
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7601.17514
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7601.18741
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7601.17669
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7601.18741
WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7601.17514
ffdshow video encoder,0x00100000,1,1,ffdshow.ax,1.03.4533.0000
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7601.18741
Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.18741
PCM,0x00200000,1,1,quartz.dll,6.06.7601.18741
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.18741
GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7601.18741
CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7601.18741
CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7601.18741
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7601.18741
Audio Capture Sources:
Mikrofon (USB Multi-Channel Aud,0x00200000,0,0,qcap.dll,6.06.7601.17514
Microphone (Realtek High Defini,0x00200000,0,0,qcap.dll,6.06.7601.17514
PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7601.17528
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528
Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7601.18741
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7601.18741
WDM Streaming Capture Devices:
Realtek HD Audio Line input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HD Audio Mic input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HD Audio Stereo input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
USB Multi-Channel Audio Device,0x00200000,2,2,ksproxy.ax,6.01.7601.17514
BisonCam_NB_Pro,0x00200000,1,2,ksproxy.ax,6.01.7601.17514
WDM Streaming Rendering Devices:
Realtek HD Audio output,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HDA SPDIF Out,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
USB Multi-Channel Audio Device,0x00200000,2,2,ksproxy.ax,6.01.7601.17514
BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7601.17514
Video Capture Sources:
BisonCam_NB_Pro,0x00200000,1,2,ksproxy.ax,6.01.7601.17514
Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514
BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7601.17669
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7601.17514
BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7601.17708
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7601.17708
PTFilter,0x00200000,0,0,EncDec.dll,6.06.7601.17708
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7601.17708
WDM Streaming Communication Transforms:
Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Audio Renderers:
Lautsprecher (USB Multi-Channel,0x00200000,1,0,quartz.dll,6.06.7601.18741
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7601.18741
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7601.18741
DirectSound: Lautsprecher (USB Multi-Channel Audio Device),0x00200000,1,0,quartz.dll,6.06.7601.18741
DirectSound: Speakers (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7601.18741
Speakers (Realtek High Definiti,0x00200000,1,0,quartz.dll,6.06.7601.18741
---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
Quality Flags: 2576
Enabled:
Force throttling
Allow half deinterlace
Allow scaling
Decode Power Usage: 100
Balanced Flags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 50
PowerFlags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 0
Code:
ATTFilter --------[ EVEREST Home Edition (c) 2003-2005 Lavalys, Inc. ]------------------------------------------------------------
Version EVEREST v2.20.405/de
Homepage hxxp://www.lavalys.com/
Berichtsart Kurzbericht
Computer ANONYMOUS-PC
Ersteller Anonymous
Betriebssystem Windows 7 Home Premium Home Edition 6.1.7601
Datum 2015-03-28
Zeit 10:49
--------[ Windows Video ]-----------------------------------------------------------------------------------------------
[ GeForce GTX 670M ]
Video Adapter Eigenschaften:
Gerätebeschreibung GeForce GTX 670M
Adapterserie GeForce GTX 670M
BIOS Version Version 70.24.43.0.ea
Chiptyp GeForce GTX 670M
DAC Typ Integrated RAMDAC
Installierter Treiber nvd3dumx,nvwgf2umx,nvwgf2umx, nvd3dum,nvwgf2um,nvwgf2um
Video Adapter Hersteller:
Firmenname NVIDIA Corporation
Produktinformation hxxp://www.nvidia.com/view.asp?PAGE=products
Treiberdownload hxxp://www.nvidia.com/content/drivers/drivers.asp
[ Intel(R) HD Graphics 4000 ]
Video Adapter Eigenschaften:
Gerätebeschreibung Intel(R) HD Graphics 4000
Adapterserie Intel(R) HD Graphics 4000
BIOS Version Intel Video BIOS
Chiptyp Intel(R) HD Graphics Family
DAC Typ Intern
Installierter Treiber igdumdim64 (10.18.10.3958), igd10iumd64 (10.18.10.3958), igd10iumd64 (10.18.10.3958), igdumdim32 (10.18.10.3958), igd10iumd32 (10.18.10.3958), igd10iumd32 (10.18.10.3958)
Speichergröße 2112 MB
Video Adapter Hersteller:
Firmenname Intel Corporation
Produktinformation hxxp://www.intel.com/products/browse/chipsets.htm
Treiberdownload hxxp://support.intel.com/support/graphics
[ Intel(R) HD Graphics 4000 ]
Video Adapter Eigenschaften:
Gerätebeschreibung Intel(R) HD Graphics 4000
Adapterserie Intel(R) HD Graphics 4000
BIOS Version Intel Video BIOS
Chiptyp Intel(R) HD Graphics Family
DAC Typ Intern
Installierter Treiber igdumdim64 (10.18.10.3958), igd10iumd64 (10.18.10.3958), igd10iumd64 (10.18.10.3958), igdumdim32 (10.18.10.3958), igd10iumd32 (10.18.10.3958), igd10iumd32 (10.18.10.3958)
Speichergröße 2112 MB
Video Adapter Hersteller:
Firmenname Intel Corporation
Produktinformation hxxp://www.intel.com/products/browse/chipsets.htm
Treiberdownload hxxp://support.intel.com/support/graphics
[ Intel(R) HD Graphics 4000 ]
Video Adapter Eigenschaften:
Gerätebeschreibung Intel(R) HD Graphics 4000
Adapterserie Intel(R) HD Graphics 4000
BIOS Version Intel Video BIOS
Chiptyp Intel(R) HD Graphics Family
DAC Typ Intern
Installierter Treiber igdumdim64 (10.18.10.3958), igd10iumd64 (10.18.10.3958), igd10iumd64 (10.18.10.3958), igdumdim32 (10.18.10.3958), igd10iumd32 (10.18.10.3958), igd10iumd32 (10.18.10.3958)
Speichergröße 2112 MB
Video Adapter Hersteller:
Firmenname Intel Corporation
Produktinformation hxxp://www.intel.com/products/browse/chipsets.htm
Treiberdownload hxxp://support.intel.com/support/graphics
--------[ Monitor ]-----------------------------------------------------------------------------------------------------
[ PnP-Monitor (Standard) [NoDB] ]
Monitor Eigenschaften:
Monitor Name PnP-Monitor (Standard) [NoDB]
Monitor ID AUO159D
Hersteller B173HW01 V5
Herstellungsdatum 2010
Seriennummer Keine
Maximale sichtbare Bildschirmgröße 38 cm x 21 cm (17.1")
Gamma 2.20
DPMS Mode Unterstützung Keine
--------[ Desktop ]-----------------------------------------------------------------------------------------------------
Desktop Eigenschaften:
Gerätetechnologie Rasteranzeige
Auflösung 1920 x 1080
Farbtiefe 32 Bit
Farbebenen 1
Schriftartenauflösung 120 dpi
Pixel Breite / Höhe 36 / 36
Pixel Diagonale 51
Vertikale Wiederholrate 60 Hz
Desktophintergrundbild C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
Desktop Effekte:
Combo-Box Animation Aktiviert
Schattierungseffekt Aktiviert
Flat Menu Effekt Aktiviert
Schriftart Kantenglättung Aktiviert
Full Window Dragging Aktiviert
Gradient Window Title Bars Aktiviert
Verberge Menu Access Keys Aktiviert
Hot Tracking Effect Aktiviert
Umbruch der Iconbeschreibung Aktiviert
List-Box Smooth Scrolling Aktiviert
Menüanimation Aktiviert
Menü Ein/Ausblendeffekt Aktiviert
Minimieren/Wiederherstellen Animation Aktiviert
Schatten Mauszeiger Aktiviert
Auswahl Ausblendeffekt Aktiviert
ShowSounds Zugangsbesonderheit Deaktiviert
Tooltip Animation Aktiviert
Tooltip Ausblendeffekt Aktiviert
Windows Plus! Erweiterung Deaktiviert
Probleme und Hinweise:
Problem Das Benutzen von großen Schriftarten verursacht in einigen Programmen, die nicht dafür ausgelegt sind, Darstellungsprobleme.
Problem Mindestens 85 Hz vertikale Bildwiederholfrequenz sind für normale (CRT) Bildschirme empfohlen.
--------[ Multi-Monitor ]-----------------------------------------------------------------------------------------------
\\.\DISPLAY1 Ja (0,0) (1920,1080)
--------[ Debug - PCI ]-------------------------------------------------------------------------------------------------
B20 D10000 F01: ?
Offset 00: 86 80 2D 1E 00 00 00 00 04 00 03 0C 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 26 1E 00 00 00 00 04 00 03 0C 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 31 1E 00 00 00 00 04 00 03 0C 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 66 01 00 00 00 00 09 00 00 03 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CB 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: DE 10 13 12 00 00 00 00 A1 00 00 03 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CB 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 03 1E 00 00 00 00 04 00 01 01 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: EC 10 09 52 00 00 00 00 01 00 00 00 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 69 19 91 E0 00 00 00 00 13 00 00 02 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 87 08 00 00 00 00 C4 00 00 02 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 62 40
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 10 1E 00 00 00 00 C4 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 14 1E 00 00 00 00 C4 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 57 1E 00 00 00 00 04 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 18 1E 00 00 00 00 C4 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 51 01 00 00 00 00 09 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 20 1E 00 00 00 00 04 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 54 01 00 00 00 00 09 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 3A 1E 00 00 00 00 04 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: 86 80 22 1E 00 00 00 00 04 00 00 08 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B20 D10000 F01: ?
Offset 00: EC 10 09 52 00 00 00 00 01 00 00 00 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 CE 10
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------[ Debug - Video BIOS ]------------------------------------------------------------------------------------------
C000:0000 ................................................................
C000:0040 ................................................................
C000:0080 ................................................................
C000:00C0 ................................................................
C000:0100 ................................................................
C000:0140 ................................................................
C000:0180 ................................................................
C000:01C0 ................................................................
C000:0200 ................................................................
C000:0240 ................................................................
C000:0280 ................................................................
C000:02C0 ................................................................
C000:0300 ................................................................
C000:0340 ................................................................
C000:0380 ................................................................
C000:03C0 ................................................................
--------[ Debug - Unknown ]---------------------------------------------------------------------------------------------
BIOS Unknown
HDD INTEL SSDSA2CW080G3
HDD ST9750420AS
Monitor AUO159D: PnP-Monitor (Standard) [NoDB]
Motherboard Unknown
PCI/AGP 10DE-1213: NVIDIA GeForce GTX 670M [NoDB]
PCI/AGP 10EC-5209: Realtek PCIE CardReader [NoDB]
PCI/AGP 1969-E091: Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20) [NoDB]
PCI/AGP 8086-0151: Xeon(R) processor E3-1200 v2/3rd Gen Core processor PCI Express Root Port - 0151 [NoDB]
PCI/AGP 8086-0154: 3rd Gen Core processor DRAM Controller - 0154 [NoDB]
PCI/AGP 8086-0166: Intel(R) HD Graphics 4000 [NoDB]
PCI/AGP 8086-0887: Intel(R) Centrino(R) Wireless-N 2230 [NoDB]
PCI/AGP 8086-1E03: Intel(R) 7 Series Chipset Family SATA AHCI Controller [NoDB]
PCI/AGP 8086-1E10: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10 [NoDB]
PCI/AGP 8086-1E14: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 3 - 1E14 [NoDB]
PCI/AGP 8086-1E18: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 5 - 1E18 [NoDB]
PCI/AGP 8086-1E20: High Definition Audio-Controller [NoDB]
PCI/AGP 8086-1E22: Intel(R) 7 Series/C216 Chipset Family SMBus Host Controller - 1E22 [NoDB]
PCI/AGP 8086-1E26: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26 [NoDB]
PCI/AGP 8086-1E2D: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D [NoDB]
PCI/AGP 8086-1E31: Intel(R) USB 3.0 eXtensible-Hostcontroller [NoDB]
PCI/AGP 8086-1E3A: Intel(R) Management Engine Interface [NoDB]
PCI/AGP 8086-1E57: Intel(R) HM77 Express Chipset LPC Controller - 1E57 [NoDB]
PnP ETD0001: ELAN PS/2 Port Smart-Pad [NoDB]
PnP INT340E: Hauptplatinenressourcen [NoDB]
PnP INT3F0D: Hauptplatinenressourcen [NoDB]
------------------------------------------------------------------------------------------------------------------------
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
|
|
28.03.2015, 11:24
| #5 |
| | Wie Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Anonymous (administrator) on ANONYMOUS-PC on 28-03-2015 01:36:15
Running from C:\Users\Anonymous\Downloads
Loaded Profiles: Anonymous (Available profiles: Anonymous & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Mozilla Corporation) D:\Program Files (x86)\Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Dropbox, Inc.) C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) D:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\NVIDIA\DisplayDriver\347.88\Win8_WinVista_Win7_64\International\setup.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-03-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-02] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-981038422-516162429-3542213033-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-981038422-516162429-3542213033-1001\...\Run: [Steam] => D:\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-981038422-516162429-3542213033-1001\...\Run: [uTorrent] => C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe [1438032 2015-03-27] (BitTorrent Inc.)
HKU\S-1-5-21-981038422-516162429-3542213033-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Startup: C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-981038422-516162429-3542213033-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-981038422-516162429-3542213033-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-981038422-516162429-3542213033-1001 -> DefaultScope {EF4EC3D8-5C28-4646-B166-FB285FAE0B25} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-981038422-516162429-3542213033-1001 -> {EF4EC3D8-5C28-4646-B166-FB285FAE0B25} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-03-27] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-03-27] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2015-03-27] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-12-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2015-03-27] (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-03-27] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-03-27] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2015-03-27] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-12-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2015-03-27] (Kaspersky Lab ZAO)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288] (Lavasoft Limited)
Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 07 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 08 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 19 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 21 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [373864] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [373864] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [373864] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [373864] (Lavasoft Limited)
Winsock: Catalog9-x64 05 C:\Windows\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 06 C:\Windows\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 07 C:\Windows\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 08 C:\Windows\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 19 C:\Windows\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 21 C:\Windows\system32\LavasoftTcpService64.dll [373864] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Profiles\wwrnzadr.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-27] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> D:\Program Files (x86)\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: Bing Search Engine - C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Profiles\wwrnzadr.default\Extensions\bingsearch.full@microsoft.com [2015-03-26]
FF Extension: Adblock Plus - C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Profiles\wwrnzadr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-26]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2015-03-27]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-03-27]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2015-03-27]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2015-03-27]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2015-03-27]
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Firefox\firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF"
CHR Profile: C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Angry Birds) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-03-26]
CHR Extension: (Google Docs) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-26]
CHR Extension: (YouTube) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (GeoGebra) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2015-03-26]
CHR Extension: (Adblock Plus) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-26]
CHR Extension: (Google Search) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-26]
CHR Extension: (Gmail Offline) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-03-26]
CHR Extension: (Google Sheets) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2015-03-26]
CHR Extension: (Cut the Rope) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2015-03-26]
CHR Extension: (Wolfram
Alpha (Official)) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2015-03-26]
CHR Extension: (Dropbox) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-03-26]
CHR Extension: (Google Play) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
CHR Extension: (Plants vs Zombies) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-03-26]
CHR Extension: (Google Wallet) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-26]
CHR Extension: (Gmail) - C:\Users\Anonymous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-26]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [967040 2015-03-27] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Spiele\Origins\Origin\OriginClientService.exe [1930608 2015-03-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-03-27] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [492032 2012-02-22] () [File not signed]
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5447952 2015-03-25] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [X]
S2 SearchProtectionService; "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-22] (Bigfoot Networks, Inc.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-26] (Disc Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2015-03-27] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2015-03-27] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2015-03-27] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2015-03-27] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2015-03-27] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\e22w7x64.sys [159848 2012-02-22] (Qualcomm Atheros, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-03-26] (Duplex Secure Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1310720 2010-08-12] (C-Media Electronics Inc)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 01:36 - 2015-03-28 01:36 - 00035042 _____ () C:\Users\Anonymous\Downloads\FRST.txt
2015-03-28 01:36 - 2015-03-28 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-28 01:36 - 2015-03-28 01:36 - 00000000 ____D () C:\FRST
2015-03-28 01:36 - 2015-03-13 20:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 01:36 - 2015-03-13 20:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-28 01:36 - 2015-03-13 20:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 01:36 - 2015-03-13 20:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 01:35 - 2015-03-28 01:35 - 02095616 _____ (Farbar) C:\Users\Anonymous\Downloads\FRST64.exe
2015-03-28 01:35 - 2015-03-28 01:35 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-03-28 01:35 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-28 01:35 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-28 01:35 - 2015-03-13 20:41 - 00032456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-03-28 01:33 - 2015-03-28 01:35 - 00000000 ____D () C:\Windows\LastGood
2015-03-28 01:33 - 2015-03-28 01:33 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-03-28 01:33 - 2015-03-28 01:33 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2015-03-28 01:33 - 2015-03-27 00:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2015-03-28 01:33 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-28 01:33 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-28 01:32 - 2015-03-28 01:32 - 00000660 _____ () C:\Users\Anonymous\Downloads\defogger_disable.log
2015-03-28 01:32 - 2015-03-28 01:32 - 00000188 _____ () C:\Users\Anonymous\defogger_reenable
2015-03-28 01:22 - 2015-03-28 01:22 - 00050477 _____ () C:\Users\Anonymous\Downloads\Defogger.exe
2015-03-28 01:19 - 2015-03-28 01:19 - 00016334 _____ () C:\Users\Anonymous\Desktop\hijackthis.log
2015-03-28 01:18 - 2015-03-28 01:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\Anonymous\Downloads\HijackThis.exe
2015-03-28 01:18 - 2015-03-28 01:18 - 00016334 _____ () C:\Users\Anonymous\Downloads\hijackthis.log
2015-03-28 01:09 - 2015-03-28 01:09 - 00029130 _____ () C:\Users\Anonymous\Desktop\DxDiag.txt
2015-03-28 00:51 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-03-28 00:51 - 2015-03-13 20:41 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-03-28 00:51 - 2015-03-13 20:41 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-03-28 00:50 - 2015-03-28 00:50 - 00000000 ____D () C:\NVIDIA
2015-03-28 00:41 - 2015-03-28 00:42 - 28598072 _____ (TuneUp Software) C:\Users\Anonymous\Downloads\TuneUpUtilities2014_34de-DE.exe
2015-03-28 00:35 - 2015-03-28 01:34 - 00005116 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Anonymous-PC-Anonymous Anonymous-PC
2015-03-27 23:10 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-27 23:10 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-27 23:04 - 2015-03-27 23:05 - 00000000 ____D () C:\Program Files\Unlocker
2015-03-27 23:04 - 2015-03-27 23:04 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-03-27 23:04 - 2015-03-27 23:04 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Babylon
2015-03-27 23:04 - 2015-03-27 23:04 - 00000000 ____D () C:\ProgramData\Babylon
2015-03-27 23:03 - 2015-03-27 23:03 - 01078591 _____ () C:\Users\Anonymous\Downloads\Unlocker1.9.2.exe
2015-03-27 22:58 - 2015-03-27 22:58 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-03-27 22:52 - 2015-03-27 22:54 - 309143408 _____ (NVIDIA Corporation) C:\Users\Anonymous\Downloads\347.88-notebook-win8-win7-64bit-international-whql.exe
2015-03-27 22:42 - 2015-03-27 22:42 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-03-27 22:04 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-27 22:04 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-27 21:55 - 2012-10-26 16:27 - 00000000 ____D () C:\Users\Anonymous\Downloads\Microsoft.Office.Professional.Plus.2013.x64.MSDN.Final.German
2015-03-27 21:48 - 2015-03-27 21:48 - 00001362 _____ () C:\Users\Anonymous\Desktop\Powerpoint.lnk
2015-03-27 21:48 - 2015-03-27 21:48 - 00001331 _____ () C:\Users\Anonymous\Desktop\Excel.lnk
2015-03-27 21:47 - 2015-03-27 21:47 - 00001351 _____ () C:\Users\Anonymous\Desktop\Word.lnk
2015-03-27 21:46 - 2015-03-27 21:54 - 751864660 _____ () C:\Users\Anonymous\Downloads\mo1364.rar
2015-03-27 21:41 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-27 21:41 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-27 21:38 - 2015-03-27 21:38 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-03-27 21:38 - 2015-03-27 21:38 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\PunkBuster
2015-03-27 21:37 - 2015-03-27 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-27 21:37 - 2015-03-27 21:37 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-03-27 21:37 - 2015-03-27 21:37 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-03-27 21:37 - 2015-03-27 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-27 21:37 - 2015-03-27 21:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-03-27 21:36 - 2015-03-27 21:36 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2015-03-27 21:36 - 2015-03-27 21:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-03-27 21:35 - 2015-03-27 21:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-27 21:35 - 2015-03-27 21:35 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Microsoft Help
2015-03-27 21:35 - 2015-03-27 21:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-03-27 21:33 - 2014-03-02 12:44 - 00000000 ____D () C:\Users\Anonymous\Downloads\M.O.P.P.2013.VL.x64.Januar.2013.GERMAN-MCU
2015-03-27 21:31 - 2015-03-27 21:32 - 64396899 _____ () C:\Users\Anonymous\Downloads\M.O.P.P.2013.VL.x64.Januar.2013.GERMAN-MCU.part6.rar
2015-03-27 21:26 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-03-27 21:22 - 2015-03-27 21:24 - 209715200 _____ () C:\Users\Anonymous\Downloads\M.O.P.P.2013.VL.x64.Januar.2013.GERMAN-MCU.part5.rar
2015-03-27 21:20 - 2015-03-27 21:22 - 209715200 _____ () C:\Users\Anonymous\Downloads\M.O.P.P.2013.VL.x64.Januar.2013.GERMAN-MCU.part4.rar
2015-03-27 21:15 - 2015-03-27 21:18 - 209715200 _____ () C:\Users\Anonymous\Downloads\M.O.P.P.2013.VL.x64.Januar.2013.GERMAN-MCU.part3.rar
2015-03-27 21:08 - 2015-03-27 21:14 - 209715200 _____ () C:\Users\Anonymous\Downloads\M.O.P.P.2013.VL.x64.Januar.2013.GERMAN-MCU.part2.rar
2015-03-27 21:05 - 2015-03-27 21:11 - 209715200 _____ () C:\Users\Anonymous\Downloads\M.O.P.P.2013.VL.x64.Januar.2013.GERMAN-MCU.part1.rar
2015-03-27 20:51 - 2015-03-27 20:51 - 00000802 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-03-27 20:51 - 2015-03-27 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-27 20:50 - 2015-03-28 01:11 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\TSVNCache
2015-03-27 20:48 - 2015-03-27 20:48 - 00003702 _____ () C:\Windows\System32\Tasks\klcp_update
2015-03-27 20:48 - 2015-03-27 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-03-27 20:48 - 2015-03-27 20:48 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-03-27 20:46 - 2015-03-27 20:46 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Subversion
2015-03-27 20:42 - 2015-03-27 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
2015-03-27 20:42 - 2015-03-27 20:42 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2015-03-27 20:38 - 2015-03-27 20:38 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Lavasoft
2015-03-27 20:38 - 2015-03-12 11:59 - 00373864 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-27 20:38 - 2015-03-12 11:58 - 00326288 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-03-27 20:37 - 2015-03-27 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-27 20:36 - 2015-03-27 20:36 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-27 20:36 - 2015-03-27 20:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-27 20:36 - 2015-03-27 20:36 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-27 20:36 - 2015-03-27 20:36 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-27 20:36 - 2015-03-27 20:36 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-03-27 20:36 - 2015-03-27 20:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-03-27 20:36 - 2015-03-27 20:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-27 20:36 - 2015-03-27 20:36 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-27 20:36 - 2015-03-27 20:36 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-03-27 20:36 - 2015-03-27 20:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-03-27 20:36 - 2015-03-27 20:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-03-27 20:36 - 2015-03-27 20:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-27 20:36 - 2015-03-27 20:36 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Lavasoft
2015-03-27 20:36 - 2015-03-27 20:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-03-27 20:35 - 2015-03-27 20:35 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-03-27 20:35 - 2015-03-27 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-03-27 20:35 - 2015-03-27 20:35 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2015-03-27 20:33 - 2015-03-27 20:33 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-27 20:33 - 2015-03-27 20:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-27 20:32 - 2015-03-27 20:32 - 00001088 _____ () C:\Users\Anonymous\Desktop\Die Installation von DAEMON Tools Lite fortsetzen.lnk
2015-03-27 20:31 - 2015-03-27 21:27 - 00029034 _____ () C:\Windows\IE11_main.log
2015-03-27 20:11 - 2015-03-27 20:11 - 00000834 _____ () C:\Users\Public\Desktop\UltraISO.lnk
2015-03-27 20:11 - 2015-03-27 20:11 - 00000000 ____D () C:\Users\Anonymous\Documents\My ISO Files
2015-03-27 20:11 - 2015-03-27 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2015-03-27 20:09 - 2015-03-27 20:09 - 00000764 _____ () C:\Users\Anonymous\Desktop\Notepad++.lnk
2015-03-27 20:09 - 2015-03-27 20:09 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Notepad++
2015-03-27 20:09 - 2015-03-27 20:09 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-27 20:09 - 2015-03-27 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-27 19:26 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-03-27 19:26 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-03-27 19:26 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-03-27 19:26 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-03-27 19:26 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-03-27 19:26 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-03-27 19:26 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-03-27 19:26 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-03-27 19:07 - 2015-03-27 19:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-27 19:00 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-03-27 19:00 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-03-27 19:00 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-03-27 17:55 - 2015-03-27 22:00 - 00002334 _____ () C:\Users\Anonymous\Desktop\Sicherer Zahlungsverkehr.lnk
2015-03-27 17:55 - 2015-03-27 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-03-27 17:55 - 2015-03-27 17:54 - 00001128 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-03-27 17:54 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-03-27 17:53 - 2015-03-28 01:33 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-27 17:53 - 2015-03-27 18:18 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-03-27 17:53 - 2015-03-27 18:18 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-03-27 17:53 - 2015-03-27 17:53 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-03-27 17:53 - 2015-03-27 17:53 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-27 17:40 - 2015-03-27 17:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-03-27 17:38 - 2015-03-27 17:38 - 00002052 _____ () C:\Windows\epplauncher.mif
2015-03-27 17:35 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-03-27 17:35 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-03-27 17:35 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-27 17:35 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-27 17:35 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-03-27 17:35 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-03-27 17:35 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-03-27 17:35 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-03-27 17:06 - 2015-03-27 17:07 - 00000000 ____D () C:\Users\Anonymous\Desktop\Spiele
2015-03-27 17:00 - 2015-03-27 17:00 - 00000000 ____D () C:\ProgramData\EA Core
2015-03-27 16:47 - 2015-03-27 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-03-27 16:46 - 2015-03-27 21:38 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-27 16:46 - 2015-03-27 21:38 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-27 16:46 - 2015-03-27 16:46 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-27 16:06 - 2015-03-27 16:07 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\ArmA 2 OA
2015-03-27 16:06 - 2015-03-27 16:06 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2015-03-27 16:05 - 2015-03-27 16:05 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-03-27 15:26 - 2015-03-27 16:07 - 00000000 ____D () C:\Users\Anonymous\Documents\ArmA 2
2015-03-27 15:26 - 2015-03-27 15:28 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\ArmA 2
2015-03-27 14:35 - 2015-03-27 14:35 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\PAYDAY
2015-03-27 14:18 - 2015-03-27 14:18 - 00000000 ____D () C:\Users\Anonymous\Documents\telltale games
2015-03-27 14:14 - 2015-03-27 14:15 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Tropico 3
2015-03-27 12:53 - 2015-03-27 13:19 - 00000000 ____D () C:\Users\Anonymous\Documents\CAPCOM
2015-03-27 12:10 - 2015-03-27 12:10 - 00000000 ____D () C:\Users\Anonymous\Documents\Mount&Blade With Fire and Sword
2015-03-27 12:10 - 2015-03-27 12:10 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Mount&Blade With Fire and Sword
2015-03-27 12:06 - 2015-03-27 12:06 - 00000000 ____D () C:\Users\Anonymous\Documents\Mount&Blade Warband
2015-03-27 12:06 - 2015-03-27 12:06 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Mount&Blade Warband
2015-03-27 12:04 - 2015-03-27 13:40 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\NVIDIA
2015-03-27 12:04 - 2015-03-27 12:04 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\2K Games
2015-03-27 11:58 - 2015-03-27 11:58 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\FalloutNV
2015-03-27 11:48 - 2015-03-27 11:48 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-27 11:48 - 2015-03-27 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-27 11:43 - 2015-03-27 11:43 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Skyrim
2015-03-27 11:37 - 2015-03-27 13:27 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-27 11:35 - 2015-03-27 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-03-27 11:35 - 2015-03-27 11:35 - 00001342 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2015-03-27 11:35 - 2015-03-27 11:35 - 00000000 ____D () C:\Users\Anonymous\Documents\NBGI
2015-03-27 11:35 - 2015-03-27 11:35 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\NBGI
2015-03-27 10:50 - 2015-03-27 10:50 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\dxhr
2015-03-27 10:49 - 2015-03-27 10:49 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\28050
2015-03-27 05:32 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-27 05:32 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-27 05:32 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-27 05:32 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-27 05:12 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-27 05:12 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-27 05:12 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-27 05:11 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-27 05:11 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-27 05:11 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-27 05:11 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-27 05:11 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-27 05:11 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-27 05:11 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-27 05:11 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-27 05:11 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-27 05:11 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-27 05:11 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-27 05:11 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-27 05:11 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-27 05:11 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-27 05:11 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-27 05:11 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-27 05:11 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-27 05:11 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-27 05:11 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-27 05:11 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-27 05:11 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-27 05:11 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-27 05:11 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-27 05:11 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-27 05:11 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-27 05:11 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-27 05:11 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-27 05:11 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-27 05:11 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-27 05:11 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-27 05:11 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-27 05:11 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-27 05:11 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-27 05:11 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-27 05:11 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-27 05:11 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-27 05:11 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-27 05:11 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-27 05:11 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-27 05:11 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-27 05:11 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-27 05:11 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-27 05:11 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-27 05:11 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-27 05:11 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-03-27 05:11 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-03-27 05:11 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-03-27 05:11 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-03-27 05:11 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-27 05:11 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-27 05:11 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-03-27 05:11 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-03-27 05:11 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-03-27 05:11 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-03-27 05:11 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-03-27 05:11 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-03-27 05:11 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-03-27 05:11 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-03-27 05:11 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-03-27 05:11 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-03-27 05:11 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-03-27 05:11 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-03-27 05:11 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-03-27 05:11 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-03-27 05:11 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-03-27 05:11 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-03-27 05:11 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-03-27 05:07 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-27 05:07 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-03-27 05:07 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-03-27 05:07 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-03-27 05:07 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-03-27 05:07 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-03-27 05:07 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-03-27 05:07 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-27 05:07 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-27 05:07 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-03-27 05:07 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-03-27 05:07 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-03-27 05:07 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-03-27 05:07 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-03-27 05:06 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-27 05:06 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-27 05:06 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-27 05:06 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-27 05:06 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-03-27 05:06 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-03-27 05:06 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-03-27 05:06 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-03-27 05:06 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-03-27 05:06 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-03-27 05:06 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-03-27 05:06 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-03-27 05:06 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-03-27 05:06 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-03-27 05:06 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-03-27 05:06 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-03-27 05:06 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-03-27 05:06 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-03-27 05:06 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-03-27 05:06 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-03-27 05:05 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-27 05:05 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-27 05:05 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-03-27 05:05 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-27 05:05 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-03-27 05:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-03-27 05:05 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-03-27 05:05 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-03-27 05:05 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-03-27 05:05 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-03-27 05:05 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-03-27 05:05 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-03-27 05:05 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-03-27 05:05 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-03-27 05:05 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-03-27 05:05 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-03-27 05:05 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-03-27 05:05 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-03-27 05:05 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-03-27 05:05 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-03-27 05:05 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-03-27 05:05 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-03-27 05:05 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-03-27 05:05 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-03-27 05:05 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-03-27 05:05 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-03-27 05:05 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-03-27 05:05 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-03-27 05:05 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-03-27 05:05 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-03-27 05:05 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-03-27 05:05 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-03-27 05:05 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-03-27 05:05 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-03-27 05:05 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-03-27 05:05 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-03-27 05:05 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-03-27 05:05 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-03-27 05:05 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-03-27 05:05 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-03-27 05:05 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-03-27 05:05 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-03-27 05:05 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-03-27 05:05 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-03-27 05:05 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-03-27 05:05 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-03-27 05:05 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-03-27 05:05 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-03-27 05:05 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-03-27 05:05 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-03-27 05:05 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-03-27 05:05 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-03-27 05:05 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-03-27 05:05 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-03-27 05:05 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-03-27 05:05 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-03-27 05:05 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-03-27 05:05 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-03-27 05:05 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-03-27 05:05 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-03-27 05:05 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-03-27 05:05 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-03-27 05:05 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-03-27 05:05 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-03-27 05:05 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-03-27 05:05 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-03-27 05:05 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-03-27 05:05 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-03-27 05:05 - 2012-11-28 23:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-03-27 05:05 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-03-27 05:05 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-03-27 05:05 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-03-27 05:05 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-03-27 05:05 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-03-27 05:05 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-03-27 05:05 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-03-27 05:05 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-03-27 05:05 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-03-27 05:05 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-03-27 05:05 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-27 05:05 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-03-27 05:04 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-27 05:04 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-27 05:04 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-27 05:04 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-27 05:04 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-27 05:04 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-27 05:04 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-27 05:04 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-27 05:04 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-27 05:04 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-27 05:04 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-27 05:04 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-27 05:04 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-27 05:04 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-27 05:04 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-27 05:04 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-27 05:04 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-27 05:04 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-27 05:04 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-27 05:04 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-27 05:04 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-27 05:04 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-27 05:04 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-27 05:04 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-03-27 05:04 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-03-27 05:04 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-03-27 05:04 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-03-27 05:04 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-03-27 05:04 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-03-27 05:03 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-03-27 05:03 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-03-27 05:03 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-03-27 05:03 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-03-27 05:03 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-03-27 05:03 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-03-27 05:03 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-03-27 05:03 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-03-27 05:03 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-03-27 05:03 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-03-27 05:03 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-03-27 05:03 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-03-27 05:03 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-03-27 05:03 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-03-27 05:03 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-03-27 05:03 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-03-27 05:03 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-03-27 05:03 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-03-27 05:03 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-03-27 05:03 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-03-27 05:03 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-03-27 05:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-27 05:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-27 05:02 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-27 05:02 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-03-27 05:02 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-03-27 05:02 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-27 05:02 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-03-27 05:02 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-03-27 05:02 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-03-27 04:59 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-27 04:59 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-27 04:59 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-03-27 04:59 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-03-27 04:59 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-03-27 04:59 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-03-27 04:59 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-27 04:59 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-03-27 04:59 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-27 04:59 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-27 04:59 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-03-27 04:59 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-03-27 04:59 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-03-27 04:59 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-03-27 04:59 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-03-27 04:59 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-03-27 04:59 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-03-27 04:59 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-03-27 04:59 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-03-27 04:59 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-03-27 04:59 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-03-27 04:59 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-03-27 04:59 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-03-27 04:59 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-03-27 04:59 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-03-27 04:59 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-03-27 04:59 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-03-27 04:59 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-03-27 04:59 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-03-27 04:59 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-03-27 04:59 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-03-27 04:59 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-03-27 04:59 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-03-27 04:59 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-03-27 04:59 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-03-27 04:59 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-03-27 04:59 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-03-27 04:59 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-03-27 04:59 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-27 04:59 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-27 04:59 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-03-27 04:59 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-03-27 04:59 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-27 04:59 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-03-27 04:59 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-03-27 04:59 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-03-27 04:59 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-03-27 04:59 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-03-27 04:59 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-03-27 04:59 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-03-27 04:59 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-03-27 04:59 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-03-27 04:59 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-03-27 04:59 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-03-27 04:59 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-03-27 04:59 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-03-27 04:59 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-03-27 04:58 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-27 04:58 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-27 04:58 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-27 04:58 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-27 04:58 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-27 04:58 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-03-27 04:58 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-03-27 04:58 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-27 04:58 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-03-27 04:58 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-03-27 04:58 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-27 04:58 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-03-27 04:58 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-03-27 04:58 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
|
|
28.03.2015, 11:29
| #6 |
| | Wo Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch Lösung! FRTS Teil 2: Code:
ATTFilter 2015-03-27 04:58 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-03-27 04:58 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-03-27 04:58 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-03-27 04:58 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-03-27 04:58 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-03-27 04:58 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-03-27 04:58 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-03-27 04:58 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-03-27 04:58 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-03-27 04:58 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-03-27 04:58 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-03-27 04:58 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-03-27 04:58 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-03-27 04:58 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-03-27 04:58 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-03-27 04:58 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-03-27 04:58 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-03-27 04:58 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-03-27 04:58 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-03-27 04:58 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-27 04:58 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-03-27 04:58 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-03-27 04:58 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-03-27 04:58 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-03-27 04:58 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-03-27 04:58 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-03-27 04:58 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-03-27 04:58 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-03-27 04:58 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-03-27 04:57 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-03-27 00:33 - 2015-03-27 00:33 - 00000200 _____ () C:\Users\Anonymous\Desktop\Garry's Mod.url
2015-03-27 00:32 - 2015-03-27 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-27 00:30 - 2015-03-28 01:35 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 00:30 - 2015-03-28 01:33 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 00:30 - 2015-03-27 00:30 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-27 00:30 - 2015-03-27 00:30 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-27 00:29 - 2015-03-27 00:29 - 00000849 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2015-03-27 00:29 - 2015-03-27 00:29 - 00000849 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-03-27 00:28 - 2015-03-27 00:28 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Fallout3
2015-03-27 00:27 - 2015-03-27 12:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-03-27 00:27 - 2015-03-27 00:27 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2015-03-27 00:21 - 2015-03-27 00:21 - 00000887 _____ () C:\Users\Public\Desktop\BurnAware Free.lnk
2015-03-27 00:21 - 2015-03-27 00:21 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Macromedia
2015-03-27 00:21 - 2015-03-27 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2015-03-27 00:18 - 2015-03-27 00:18 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-27 00:18 - 2015-03-27 00:18 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-27 00:13 - 2015-03-27 21:32 - 09050032 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-27 00:12 - 2015-03-28 00:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 00:12 - 2015-03-27 00:12 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-27 00:12 - 2015-03-27 00:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-27 00:12 - 2015-03-27 00:12 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-27 00:08 - 2015-03-27 00:18 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-27 00:08 - 2015-03-27 00:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-03-27 00:08 - 2015-03-27 00:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-03-27 00:07 - 2015-03-27 00:07 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\DarknessII
2015-03-27 00:03 - 2015-03-27 20:35 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\OpenCandy
2015-03-27 00:03 - 2015-03-27 00:03 - 00000821 _____ () C:\Users\Anonymous\Desktop\µTorrent.lnk
2015-03-27 00:03 - 2015-03-27 00:03 - 00000801 _____ () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-03-27 00:00 - 2015-03-28 01:33 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\uTorrent
2015-03-26 23:51 - 2015-03-27 20:04 - 00000000 ____D () C:\Users\Anonymous\Desktop\Neuer Ordner
2015-03-26 23:45 - 2015-03-27 16:14 - 00000000 ____D () C:\Users\Anonymous\Documents\My Games
2015-03-26 23:34 - 2015-03-26 23:34 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Canon
2015-03-26 23:33 - 2015-03-26 23:33 - 00000000 ____D () C:\Windows\system32\STRING
2015-03-26 23:33 - 2015-03-26 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6400 series Benutzerregistrierung
2015-03-26 23:33 - 2015-03-26 23:33 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool
2015-03-26 23:33 - 2013-02-04 15:10 - 00321536 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BTL.dll
2015-03-26 23:33 - 2013-01-24 08:24 - 00359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2015-03-26 23:33 - 2013-01-24 08:24 - 00039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2015-03-26 23:33 - 2013-01-24 08:23 - 00366592 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2015-03-26 23:33 - 2012-11-26 12:29 - 00095744 _____ () C:\Windows\SysWOW64\CNC1770D.TBL
2015-03-26 23:33 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-03-26 23:31 - 2015-03-26 23:31 - 00002025 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2015-03-26 23:31 - 2015-03-26 23:31 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2015-03-26 23:28 - 2015-03-26 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-03-26 23:28 - 2015-03-26 23:33 - 00000000 ____D () C:\Program Files\Canon
2015-03-26 23:27 - 2015-03-26 23:27 - 00002360 _____ () C:\Users\Public\Desktop\Canon MG6400 series On-Screen-Handbuch.lnk
2015-03-26 23:27 - 2015-03-26 23:27 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-03-26 23:27 - 2015-03-26 23:27 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-03-26 23:27 - 2015-03-26 23:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6400 series Manual
2015-03-26 23:27 - 2013-04-04 05:00 - 00391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBT.DLL
2015-03-26 23:23 - 2015-03-26 23:23 - 00000000 ___HD () C:\ProgramData\CanonIJETV
2015-03-26 23:22 - 2015-03-26 23:34 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-03-26 23:21 - 2015-03-26 23:21 - 00000392 _____ () C:\Windows\Cm106.ini.cfl
2015-03-26 23:21 - 2015-03-26 23:21 - 00000133 _____ () C:\Windows\system\Dlap.pfx
2015-03-26 23:21 - 2011-01-21 12:44 - 00808176 ____N () C:\Windows\system32\Cmeau106.exe
2015-03-26 23:21 - 2010-12-24 10:08 - 00011776 ____N () C:\Windows\Thumbs.db
2015-03-26 23:21 - 2010-10-08 11:28 - 08757248 ____N (C-Media Corporation) C:\Windows\SysWOW64\CM106.dll
2015-03-26 23:21 - 2009-04-02 16:59 - 00143360 ____N () C:\Windows\Vmix106.dll
2015-03-26 23:21 - 2009-01-16 18:12 - 00221184 ____N () C:\Windows\system\cm106eye.exe
2015-03-26 23:21 - 2008-07-23 19:00 - 00389120 ____N () C:\Windows\system32\CM106.cpl
2015-03-26 23:21 - 2006-09-13 13:08 - 00491520 ____N () C:\Windows\system\cmau106.dll
2015-03-26 23:21 - 2006-09-13 10:21 - 00200704 ____N (C-Media) C:\Windows\SysWOW64\cmpa106.dll
2015-03-26 23:17 - 2010-08-12 18:24 - 01310720 _____ (C-Media Electronics Inc) C:\Windows\system32\Drivers\CM10664.sys
2015-03-26 23:17 - 2004-04-14 11:28 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\system\fltr106.dll
2015-03-26 23:16 - 2015-03-26 23:21 - 00001171 _____ () C:\Windows\Cm106.ini.imi
2015-03-26 23:16 - 2010-12-24 13:19 - 00002853 ____N () C:\Windows\Cm106.ini.cfg
2015-03-26 23:16 - 2009-08-19 16:00 - 00359424 ____N () C:\Windows\system32\CmiInstallResAll64.dll
2015-03-26 23:16 - 2006-10-06 05:45 - 00524768 ____R (Microsoft Corporation) C:\Windows\difxapi.dll
2015-03-26 22:04 - 2015-03-26 22:04 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Steam
2015-03-26 22:03 - 2015-03-26 22:03 - 00000000 ____D () C:\Users\Anonymous\Documents\VPProjects
2015-03-26 22:02 - 2015-03-26 22:02 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\VisualParadigm
2015-03-26 22:02 - 2015-03-26 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Paradigm
2015-03-26 21:26 - 2015-03-26 21:26 - 00000516 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-03-26 21:26 - 2015-03-26 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-26 21:20 - 2015-03-27 17:00 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Origin
2015-03-26 21:20 - 2015-03-26 21:22 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Origin
2015-03-26 21:08 - 2015-03-27 17:00 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-03-26 21:08 - 2015-03-26 21:23 - 00000000 ____D () C:\ProgramData\Origin
2015-03-26 21:08 - 2015-03-26 21:10 - 00000735 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-03-26 21:08 - 2015-03-26 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-03-26 20:54 - 2015-03-26 20:54 - 00000000 ____D () C:\Users\Anonymous\Documents\Assassin's Creed IV Black Flag
2015-03-26 20:52 - 2015-03-26 20:52 - 00000000 ____D () C:\Users\Anonymous\Documents\Assassin's Creed Revelations
2015-03-26 20:48 - 2015-03-26 20:48 - 00000000 ____D () C:\Users\Anonymous\Documents\Assassin's Creed III
2015-03-26 20:40 - 2015-03-26 20:52 - 00000000 ____D () C:\ProgramData\Ubisoft
2015-03-26 20:40 - 2015-03-26 20:40 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Ubisoft
2015-03-26 20:35 - 2015-03-26 20:47 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Ubisoft Game Launcher
2015-03-26 20:35 - 2015-03-26 20:35 - 00000795 _____ () C:\Users\Anonymous\Desktop\Uplay.lnk
2015-03-26 20:35 - 2015-03-26 20:35 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-03-26 20:31 - 2015-03-26 20:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-03-26 20:02 - 2012-03-31 01:53 - 00000000 ____N () C:\Windows\SysWOW64\Drivers\MEDION_120404_20051760.mrk
2015-03-26 17:19 - 2015-03-26 17:19 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\LolClient
2015-03-26 15:49 - 2015-03-26 15:49 - 00000000 ____D () C:\ProgramData\Riot Games
2015-03-26 15:42 - 2015-03-26 15:42 - 00000857 _____ () C:\Users\Anonymous\Desktop\League of Legends.lnk
2015-03-26 15:35 - 2015-03-26 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-03-26 15:35 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-03-26 15:35 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-03-26 15:35 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-03-26 15:33 - 2015-03-26 15:35 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Riot Games
2015-03-26 14:47 - 2015-03-26 14:50 - 00000602 _____ () C:\Users\Public\Desktop\Guild Wars 2.lnk
2015-03-26 14:47 - 2015-03-26 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2015-03-26 14:44 - 2015-03-26 14:47 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Guild Wars 2
2015-03-26 14:41 - 2015-03-26 14:41 - 00001100 _____ () C:\Users\Anonymous\Desktop\JDownloader 2.lnk
2015-03-26 14:41 - 2015-03-26 14:41 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-03-26 14:36 - 2015-03-26 14:36 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Eclipse
2015-03-26 14:35 - 2015-03-26 14:34 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-26 14:34 - 2015-03-26 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-03-26 14:34 - 2015-03-26 14:34 - 00000000 ____D () C:\Program Files\Java
2015-03-26 14:31 - 2015-03-26 14:35 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-26 14:31 - 2015-03-26 14:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-26 14:31 - 2015-03-26 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-26 14:31 - 2015-03-26 14:31 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-26 14:24 - 2015-03-26 14:24 - 00000798 _____ () C:\Users\Anonymous\Desktop\eclipse - Verknüpfung.lnk
2015-03-26 14:05 - 2015-03-26 14:05 - 00000948 _____ () C:\Users\Public\Desktop\Kindle Comic Converter.lnk
2015-03-26 14:05 - 2015-03-26 14:05 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\WinRAR
2015-03-26 14:05 - 2015-03-26 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kindle Comic Converter
2015-03-26 14:00 - 2015-03-28 01:34 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Skype
2015-03-26 14:00 - 2015-03-26 14:00 - 00000000 ____D () C:\Users\Anonymous\Tracing
2015-03-26 14:00 - 2015-03-26 14:00 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Skype
2015-03-26 13:59 - 2015-03-27 18:30 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-26 13:59 - 2015-03-27 18:30 - 00000000 ____D () C:\ProgramData\Skype
2015-03-26 13:59 - 2015-03-27 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-26 13:59 - 2015-03-26 13:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-26 13:55 - 2015-03-26 13:55 - 00381608 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2015-03-26 13:55 - 2015-03-26 13:55 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-03-26 13:54 - 2015-03-27 20:11 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\DAEMON Tools Lite
2015-03-26 13:54 - 2015-03-26 13:54 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-03-26 13:52 - 2015-03-26 13:52 - 00000732 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-03-26 13:52 - 2015-03-26 13:52 - 00000732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-03-26 13:47 - 2015-03-26 13:47 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\OpenOffice
2015-03-26 13:46 - 2015-03-26 13:46 - 00000726 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2015-03-26 13:46 - 2015-03-26 13:46 - 00000726 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-03-26 13:46 - 2015-03-26 13:46 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-26 13:46 - 2015-03-26 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-26 13:29 - 2015-03-26 13:29 - 00000664 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-26 13:29 - 2015-03-26 13:29 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\vlc
2015-03-26 13:29 - 2015-03-26 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-26 13:14 - 2015-03-27 00:32 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Google
2015-03-26 13:14 - 2015-03-27 00:32 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-26 13:10 - 2015-03-26 13:10 - 00000951 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-03-26 13:10 - 2015-03-26 13:10 - 00000951 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-03-26 13:10 - 2015-03-26 13:10 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Thunderbird
2015-03-26 13:10 - 2015-03-26 13:10 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Thunderbird
2015-03-26 13:05 - 2015-03-26 13:05 - 00001103 _____ () C:\Users\Anonymous\Desktop\Dropbox.lnk
2015-03-26 13:03 - 2015-03-26 13:03 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-26 13:01 - 2015-03-28 01:33 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Dropbox
2015-03-26 12:59 - 2015-03-27 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-26 12:59 - 2015-03-26 12:59 - 00000668 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-26 12:59 - 2015-03-26 12:59 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Mozilla
2015-03-26 12:59 - 2015-03-26 12:59 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Mozilla
2015-03-26 12:59 - 2015-03-26 12:59 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-26 12:58 - 2015-03-26 12:58 - 00001119 _____ () C:\Users\Anonymous\Desktop\Firefox.lnk
2015-03-26 12:56 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-26 12:56 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-03-26 12:56 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-03-26 12:56 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-26 12:56 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-26 12:56 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-03-26 12:56 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-03-26 12:56 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-26 12:56 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-03-26 12:56 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-03-26 12:56 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-03-26 12:56 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-03-26 12:56 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-03-26 12:56 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-03-26 12:44 - 2015-03-26 12:44 - 00000000 _____ () C:\Users\Anonymous\Desktop\Microsoft Office installieren.txt
2015-03-26 12:40 - 2013-07-29 12:12 - 00001169 _____ () C:\Users\Anonymous\Desktop\YouCam - Verknüpfung.lnk
2015-03-26 12:39 - 2015-03-26 12:39 - 00000000 ____D () C:\Users\Anonymous\Documents\Avatar
2015-03-26 12:39 - 2015-03-26 12:39 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\CyberLink
2015-03-26 12:25 - 2015-03-26 12:25 - 00000000 _____ () C:\Users\Anonymous\Desktop\CyberLink Youcam 5.txt
2015-03-26 12:22 - 2015-03-26 12:22 - 00000032 _____ () C:\PS.log
2015-03-26 12:09 - 2015-03-27 00:19 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Adobe
2015-03-26 12:09 - 2015-03-27 00:08 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Adobe
2015-03-26 12:08 - 2015-03-26 12:39 - 00000000 ____D () C:\Users\Anonymous\Documents\Youcam
2015-03-26 12:08 - 2015-03-26 12:08 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Intel Corporation
2015-03-26 12:08 - 2015-03-26 12:08 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\CyberLink
2015-03-26 12:07 - 2015-03-27 22:00 - 00111520 _____ () C:\Users\Anonymous\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-26 12:07 - 2015-03-26 12:07 - 00000000 ___HD () C:\ProgramData\Medion Reminder
2015-03-26 12:07 - 2015-03-26 12:07 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\Power2Go
2015-03-26 12:06 - 2015-03-28 01:32 - 00000000 ____D () C:\Users\Anonymous
2015-03-26 12:06 - 2015-03-27 22:00 - 00001425 _____ () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-26 12:06 - 2015-03-27 16:24 - 00000000 ____D () C:\Users\Anonymous\AppData\Local\VirtualStore
2015-03-26 12:06 - 2015-03-26 12:06 - 00000020 ___SH () C:\Users\Anonymous\ntuser.ini
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Vorlagen
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Startmenü
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Netzwerkumgebung
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Lokale Einstellungen
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Eigene Dateien
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Druckumgebung
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Documents\Eigene Musik
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Documents\Eigene Bilder
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\AppData\Local\Verlauf
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\AppData\Local\Anwendungsdaten
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 _SHDL () C:\Users\Anonymous\Anwendungsdaten
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Intel
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10
2015-03-26 12:06 - 2015-03-26 12:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek
2015-03-26 12:06 - 2012-03-14 22:50 - 00000000 ____D () C:\Users\Anonymous\AppData\Roaming\Macromedia
2015-03-26 12:06 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-26 12:06 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-26 12:05 - 2015-03-26 12:53 - 00000000 ____D () C:\ProgramData\Partner
2015-03-26 12:05 - 2015-03-26 12:26 - 00000000 ____D () C:\ProgramData\TvdPersonal
2015-03-26 12:05 - 2015-03-26 12:19 - 00000000 ____D () C:\ProgramData\Google
2015-03-26 12:05 - 2015-03-26 12:05 - 00000000 ____D () C:\Program Files\PlayReady
2015-03-26 12:04 - 2015-03-28 01:36 - 01911206 _____ () C:\Windows\WindowsUpdate.log
2015-03-26 12:04 - 2015-03-26 12:04 - 00000000 __SHD () C:\Recovery
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 01:36 - 2012-03-31 01:03 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-03-28 01:36 - 2012-03-31 01:03 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-28 01:36 - 2012-03-31 01:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-28 01:36 - 2009-07-14 05:51 - 00109625 _____ () C:\Windows\setupact.log
2015-03-28 01:33 - 2012-03-31 01:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-28 01:33 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-28 00:54 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-28 00:54 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-28 00:52 - 2011-05-16 16:16 - 00646782 _____ () C:\Windows\system32\perfh01F.dat
2015-03-28 00:52 - 2011-05-16 16:16 - 00138992 _____ () C:\Windows\system32\perfc01F.dat
2015-03-28 00:52 - 2011-05-16 16:03 - 00719020 _____ () C:\Windows\system32\prfh0816.dat
2015-03-28 00:52 - 2011-05-16 16:03 - 00152002 _____ () C:\Windows\system32\prfc0816.dat
2015-03-28 00:52 - 2011-05-16 15:55 - 00730022 _____ () C:\Windows\system32\perfh015.dat
2015-03-28 00:52 - 2011-05-16 15:55 - 00154714 _____ () C:\Windows\system32\perfc015.dat
2015-03-28 00:52 - 2011-05-16 15:47 - 00733198 _____ () C:\Windows\system32\perfh013.dat
2015-03-28 00:52 - 2011-05-16 15:47 - 00152030 _____ () C:\Windows\system32\perfc013.dat
2015-03-28 00:52 - 2011-05-16 15:39 - 00730020 _____ () C:\Windows\system32\perfh010.dat
2015-03-28 00:52 - 2011-05-16 15:39 - 00145902 _____ () C:\Windows\system32\perfc010.dat
2015-03-28 00:52 - 2011-05-16 15:31 - 00673506 _____ () C:\Windows\system32\perfh00E.dat
2015-03-28 00:52 - 2011-05-16 15:31 - 00170098 _____ () C:\Windows\system32\perfc00E.dat
2015-03-28 00:52 - 2011-05-16 15:25 - 00735484 _____ () C:\Windows\system32\perfh00C.dat
2015-03-28 00:52 - 2011-05-16 15:25 - 00148406 _____ () C:\Windows\system32\perfc00C.dat
2015-03-28 00:52 - 2011-05-16 15:17 - 00735328 _____ () C:\Windows\system32\perfh00A.dat
2015-03-28 00:52 - 2011-05-16 15:17 - 00157438 _____ () C:\Windows\system32\perfc00A.dat
2015-03-28 00:52 - 2011-05-16 15:11 - 00596704 _____ () C:\Windows\system32\perfh008.dat
2015-03-28 00:52 - 2011-05-16 15:11 - 00110106 _____ () C:\Windows\system32\perfc008.dat
2015-03-28 00:52 - 2011-05-16 15:04 - 00697098 _____ () C:\Windows\system32\perfh007.dat
2015-03-28 00:52 - 2011-05-16 15:04 - 00148362 _____ () C:\Windows\system32\perfc007.dat
2015-03-28 00:52 - 2009-07-14 06:13 - 09235948 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-28 00:45 - 2012-03-31 01:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-03-28 00:45 - 2012-03-31 00:58 - 00027292 _____ () C:\Windows\DPINST.LOG
2015-03-28 00:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-27 23:07 - 2010-11-21 04:47 - 00026756 _____ () C:\Windows\PFRO.log
2015-03-27 22:41 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-27 22:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-03-27 22:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2015-03-27 22:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-03-27 22:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-03-27 22:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-27 22:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-03-27 22:04 - 2012-03-31 00:42 - 00000000 ____D () C:\Program Files\Intel
2015-03-27 21:58 - 2009-07-14 05:45 - 00434352 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-27 21:56 - 2011-05-16 16:15 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2015-03-27 21:56 - 2011-04-12 09:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-27 21:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-27 21:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-27 21:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-27 21:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-03-27 21:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-27 21:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-03-27 21:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-27 21:37 - 2011-07-18 21:49 - 00522961 _____ () C:\Windows\DirectX.log
2015-03-27 21:37 - 2011-04-12 09:28 - 00000000 ____D () C:\Windows\ShellNew
2015-03-27 21:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-27 21:36 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-27 21:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-27 21:36 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-27 21:25 - 2011-07-18 22:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-27 18:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-27 18:18 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-03-27 18:18 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-03-27 18:18 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-03-27 17:40 - 2011-07-18 22:06 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-26 23:33 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-03-26 23:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-03-26 23:16 - 2011-01-19 12:05 - 00001120 _____ () C:\Windows\system\Cm106.ini
2015-03-26 20:01 - 2012-03-31 00:59 - 00000000 ____D () C:\Program Files\Elantech
2015-03-26 20:01 - 2011-07-18 21:09 - 00022028 _____ () C:\Windows\TSSysprep.log
2015-03-26 20:01 - 2009-07-14 05:46 - 00015476 _____ () C:\Windows\DtcInstall.log
2015-03-26 18:21 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\WCN
2015-03-26 18:20 - 2011-05-16 14:57 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-03-26 18:20 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-03-26 18:20 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-03-26 18:20 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-03-26 18:20 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-03-26 18:20 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\winrm
2015-03-26 18:20 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\slmgr
2015-03-26 18:20 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-03-26 18:20 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-26 18:20 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-26 18:20 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-03-26 18:20 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2015-03-26 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2015-03-26 12:22 - 2012-03-31 01:47 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2015-03-26 12:22 - 2012-03-31 01:39 - 00000000 ____D () C:\ProgramData\install_clap
2015-03-26 12:22 - 2011-07-18 22:23 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-03-26 12:10 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2015-03-26 12:04 - 2011-07-18 21:54 - 00000000 ____D () C:\Windows\Panther
2015-03-26 12:01 - 2009-07-14 06:38 - 00029696 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-03-26 12:01 - 2009-07-14 06:32 - 00032768 _____ () C:\Windows\system32\config\BCD-Template
2015-03-13 20:41 - 2012-03-31 01:03 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\SET41C5.tmp
2015-03-13 20:41 - 2012-03-31 01:03 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-13 20:41 - 2012-03-31 01:03 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SET56B7.tmp
2015-03-13 20:41 - 2012-03-31 01:03 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-13 20:41 - 2012-03-31 01:03 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 17:16 - 2012-03-31 01:03 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 17:16 - 2012-03-31 01:03 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 17:16 - 2012-03-31 01:03 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 17:16 - 2012-03-31 01:03 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-03-13 17:16 - 2012-03-31 01:03 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 17:16 - 2012-03-31 01:03 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 17:16 - 2012-03-31 01:03 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-03-13 17:16 - 2012-03-31 01:03 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-11 14:10 - 2012-03-31 01:03 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-26 21:14 - 2011-07-18 21:31 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Anonymous\AppData\Local\Temp\13071850678426032898.exe
C:\Users\Anonymous\AppData\Local\Temp\bitool.dll
C:\Users\Anonymous\AppData\Local\Temp\comver.dll
C:\Users\Anonymous\AppData\Local\Temp\DeltaTB.exe
C:\Users\Anonymous\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixcqee.dll
C:\Users\Anonymous\AppData\Local\Temp\gtapi.dll
C:\Users\Anonymous\AppData\Local\Temp\Gw2.exe
C:\Users\Anonymous\AppData\Local\Temp\ICReinstall_daemon-tools.exe
C:\Users\Anonymous\AppData\Local\Temp\JDSetup130718506777289929.exe
C:\Users\Anonymous\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Anonymous\AppData\Local\Temp\proxy_vole7888009824857254338.dll
C:\Users\Anonymous\AppData\Local\Temp\SpOrder.dll
C:\Users\Anonymous\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Anonymous\AppData\Local\Temp\uninstall.exe
C:\Users\Anonymous\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-26 18:13
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Anonymous at 2015-03-28 01:36:57
Running from C:\Users\Anonymous\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-981038422-516162429-3542213033-1001\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.)
Ad-Aware Web Companion (x32 Version: 1.1.922.1860 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
BurnAware Free 7.9 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6400 series Benutzerregistrierung (HKLM-x32\...\Canon MG6400 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM-x32\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dragon's Lair (HKLM-x32\...\Steam App 227380) (Version: - Digital Leisure Inc.)
Dropbox (HKU\S-1-5-21-981038422-516162429-3542213033-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
ETDWare PS/2-X64 8.0.5.7_WHQL (HKLM\...\Elantech) (Version: 8.0.5.7 - ELAN Microelectronic Corp.)
Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
Fallout 2 (HKLM-x32\...\Steam App 38410) (Version: - Black Isle Studios)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fallout Tactics (HKLM-x32\...\Steam App 38420) (Version: - 14° East)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.57 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kindle Comic Converter (HKLM\...\{7D279A59-C65E-4DA7-B165-56DD06596216}_is1) (Version: 4.5 - Ciro Mattia Gonano, Paweł Jastrzębski)
K-Lite Codec Pack 11.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (Partnernet) (HKLM-x32\...\{57672BEC-E777-4D4B-944A-719414E84D3F}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM-x32\...\Steam App 48720) (Version: - TaleWorlds Entertainment)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version: - CyberConnect 2)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.10.780 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.310 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.310 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Resident Evil 5 / Biohazard 5 (HKLM-x32\...\Steam App 21690) (Version: - Capcom)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sid Meier's Civilization III: Complete (HKLM-x32\...\Steam App 3910) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - Yager)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40642 - TeamViewer)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version: - 2K Marin)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version: - Digital Extremes)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
TortoiseSVN 1.8.10.26129 (64 bit) (HKLM\...\{A9E679EC-8FD4-49D8-A5A5-ACE462515A9E}) (Version: 1.8.26129 - TortoiseSVN)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version: - Haemimont Games)
Trust 5.1 Gaming Headset (HKLM\...\C-Media CM106 Like Sound Driver) (Version: 2.0.01.13 - Trust)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 5.1 - Ubisoft)
Visual Paradigm 11.2 (HKLM-x32\...\1106-5897-7327-6550) (Version: 11.2 - Visual Paradigm International Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Web Companion (HKLM-x32\...\{902C3D36-9254-437D-98AC-913B78E60864}_WebCompanion) (Version: 1.1.922.1860 - Lavasoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-981038422-516162429-3542213033-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {16738362-FAA8-4568-85F1-DC4BE2F9D64C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-27] (Google Inc.)
Task: {3C95EDCE-775B-439E-B015-DB8611DE70EC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-27] (Adobe Systems Incorporated)
Task: {6353013A-0E56-4512-987F-49739E556D05} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {72606486-274F-4AFF-9517-AE333856F174} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Program Files (x86)\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7AFF9356-95F4-4486-AC46-0A6AF7ACEF48} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7BC2394B-A754-4DA6-BB6B-F5777BF8ADA8} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {84C8EE88-68DB-489E-8631-B02CC63CB173} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Program Files (x86)\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {93A00B26-DF9D-46EC-9FE1-8C7EB6047472} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-27] (Google Inc.)
Task: {B8B67ACE-822F-40E4-9800-DCF13E3B2D72} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Anonymous-PC-Anonymous Anonymous-PC => D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {D5C895B0-192A-42B4-8DEF-F81C222DC07F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FDE8C132-4955-4FB4-9DEB-75D9436F16C8} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\SYSTEM32\OOBE\SETUPSQM.EXE [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-27 16:46 - 2015-03-27 21:38 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-02-22 23:07 - 2012-02-22 23:07 - 00492032 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-10 03:46 - 2011-05-10 03:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 03:56 - 2011-05-10 03:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 03:47 - 2011-05-10 03:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2012-02-22 23:07 - 2012-02-22 23:07 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 19:32 - 2011-05-10 19:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2011-05-10 03:48 - 2011-05-10 03:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2014-12-17 21:31 - 2014-12-17 21:31 - 00076032 _____ () D:\Program Files (x86)\TortoiseSVN\bin\TortoiseStub.dll
2014-12-17 21:30 - 2014-12-17 21:30 - 00088832 _____ () D:\Program Files (x86)\TortoiseSVN\bin\libsasl.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-12-17 20:53 - 2014-12-17 20:53 - 00065792 _____ () D:\Program Files (x86)\TortoiseSVN\bin\TortoiseStub32.dll
2014-12-17 20:53 - 2014-12-17 20:53 - 00071936 _____ () D:\Program Files (x86)\TortoiseSVN\bin\libsasl32.dll
2015-03-26 13:03 - 2015-03-04 23:08 - 00750080 _____ () C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-28 01:33 - 2015-03-28 01:33 - 00043008 _____ () c:\Users\Anonymous\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixcqee.dll
2015-03-26 13:03 - 2015-03-04 23:08 - 00047616 _____ () C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-26 13:03 - 2015-03-04 23:08 - 00865280 _____ () C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-26 13:03 - 2015-03-04 23:07 - 00200704 _____ () C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-28 01:33 - 2015-03-28 01:33 - 00098816 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32api.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00110080 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\pywintypes27.dll
2015-03-28 01:33 - 2015-03-28 01:33 - 00364544 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\pythoncom27.dll
2015-03-28 01:33 - 2015-03-28 01:33 - 00045568 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\_socket.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 01161216 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\_ssl.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00320512 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32com.shell.shell.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00713216 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\_hashlib.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 01175040 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\wx._core_.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00805888 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\wx._gdi_.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00811008 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\wx._windows_.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 01062400 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\wx._controls_.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00735232 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\wx._misc_.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00682496 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\pysqlite2._sqlite.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00128512 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\_elementtree.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00127488 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\pyexpat.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00087552 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\_ctypes.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00119808 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32file.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00108544 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32security.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00007168 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\hashobjs_ext.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00167936 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32gui.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00018432 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32event.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00038912 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32inet.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00011264 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32crypt.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00070656 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\wx._html2.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00027136 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\_multiprocessing.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00020480 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\_yappi.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00035840 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32process.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00686080 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\unicodedata.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00122368 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\wx._wizard.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00024064 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32pipe.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00010240 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\select.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00025600 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32pdh.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00525640 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\windows._lib_cacheinvalidation.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00017408 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32profile.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00022528 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\win32ts.pyd
2015-03-28 01:33 - 2015-03-28 01:33 - 00078336 _____ () C:\Users\Anonymous\AppData\Local\Temp\_MEI56842\wx._animate.pyd
2015-03-27 23:27 - 2015-03-27 23:27 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-03-31 00:52 - 2012-02-02 00:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-03-31 00:42 - 2012-03-06 15:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-981038422-516162429-3542213033-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-981038422-516162429-3542213033-500 - Administrator - Disabled)
Anonymous (S-1-5-21-981038422-516162429-3542213033-1001 - Administrator - Enabled) => C:\Users\Anonymous
Gast (S-1-5-21-981038422-516162429-3542213033-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-981038422-516162429-3542213033-1002 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: NVIDIA GeForce GTX 670M
Description: NVIDIA GeForce GTX 670M
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/28/2015 01:37:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x20a4
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:37:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x26bc
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:37:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x2554
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:37:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x235c
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:37:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x21f0
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:37:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x2588
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:36:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x2194
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:36:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x2750
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:36:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x2578
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Error: (03/28/2015 01:36:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.0.1000.0, Zeitstempel: 0x54b5dc94
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000003e81fa
ID des fehlerhaften Prozesses: 0x249c
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
System errors:
=============
Error: (03/28/2015 01:33:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LavasoftTcpService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/28/2015 00:47:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LavasoftTcpService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/28/2015 00:36:11 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (03/28/2015 00:32:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LavasoftTcpService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/27/2015 11:07:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LavasoftTcpService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/27/2015 11:06:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/27/2015 11:00:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3035132)
Error: (03/27/2015 11:00:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2834140)
Error: (03/27/2015 10:58:17 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (03/27/2015 10:56:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
discache
KLIF
klpd
kneps
spldr
sptd
Wanarpv6
Microsoft Office Sessions:
=========================
Error: (03/28/2015 01:37:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa20a401d068ef57a94e7fC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe95663cf5-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:37:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa26bc01d068ef5781a1aaC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe95434b22-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:37:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa255401d068ef576147f1C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe951c137f-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:37:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa235c01d068ef54611c12C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe92199da7-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:37:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa21f001d068ef5160c922C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe8f19bfe9-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:37:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa258801d068ef4e607632C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe8c18f7c7-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:36:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa219401d068ef4b60bf84C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe8918a4d7-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:36:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa275001d068ef486093a4C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe86193c4b-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:36:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa257801d068ef455ff293C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe831cb9f9-d4e2-11e4-b890-8c89a502ca11
Error: (03/28/2015 01:36:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.0.1000.054b5dc94nvstreamsvc.exe4.0.1000.054b5dc944000001500000000003e81fa249c01d068ef425e8e2fC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe80184849-d4e2-11e4-b890-8c89a502ca11
CodeIntegrity Errors:
===================================
Date: 2015-03-27 23:17:00.679
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 23:17:00.579
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 21:49:27.402
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 21:49:27.086
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 21:43:17.450
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 21:43:17.185
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 20:05:52.777
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 20:05:52.556
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 16:24:44.736
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-27 16:24:44.501
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 26%
Total physical RAM: 16280.75 MB
Available physical RAM: 12001.43 MB
Total Pagefile: 32559.7 MB
Available Pagefile: 28130.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:73.43 GB) (Free:15.67 GB) NTFS
Drive d: (Data) (Fixed) (Total:648 GB) (Free:193.05 GB) NTFS
Drive e: (Recover) (Fixed) (Total:50.63 GB) (Free:27.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 4056F908)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1 GB) - (Type=12)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 4056F932)
Partition 1: (Not Active) - (Size=648 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=50.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 01:18:59, on 28.03.2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) FIREFOX: 36.0.4 (x86 de) Boot mode: Normal Running processes: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe D:\Program Files (x86)\Firefox\firefox.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Users\Anonymous\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [uTorrent] "C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - Startup: Dropbox.lnk = C:\Users\Anonymous\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: Zu Anti-Banner hinzufügen - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (file missing) O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (file missing) O9 - Extra button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Link-Untersuchung - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LavasoftTcpService - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - D:\Spiele\Origins\Origin\OriginClientService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Qualcomm Atheros Killer Service - Unknown owner - C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 16332 bytes |
|
28.03.2015, 11:33
| #7 |
| | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch Gmer Teil 1: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-03-28 01:47:33
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 INTEL_SS rev.4PC1 74,53GB
Running: Gmer-19357.exe; Driver: C:\Users\ANONYM~1\AppData\Local\Temp\kxrcyuob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1556] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe[2024] C:\Windows\SysWOW64\ntdll.dll!NtQueryValueKey 0000000077d6faa8 5 bytes JMP 00000001725018dd
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe[2024] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077d70038 5 bytes JMP 0000000172501ed6
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe[2024] C:\Windows\syswow64\USER32.dll!UserClientDllInitialize + 779 0000000075a7b9f8 4 bytes [0B, 26, 50, 72]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ac1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ac1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ac1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ac144a 2 bytes CALL 76c148ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ac14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ac14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ac150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ac1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ac153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ac1555 2 bytes JMP 76c368ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ac156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ac1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ac159d 2 bytes JMP 76cb865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ac15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ac15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ac16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ac16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 0000000073cc17fa 2 bytes CALL 76c111a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 0000000073cc1860 2 bytes CALL 76c111a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 0000000073cc1942 2 bytes JMP 759c7089 C:\Windows\syswow64\WS2_32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 0000000073cc194d 2 bytes JMP 759ccba6 C:\Windows\syswow64\WS2_32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ac1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ac1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ac1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ac144a 2 bytes CALL 76c148ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ac14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ac14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ac150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ac1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ac153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ac1555 2 bytes JMP 76c368ef C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ac156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ac1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ac159d 2 bytes JMP 76cb865c C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ac15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ac15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ac16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\kernel32.dll
.text D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ac16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\Dwm.exe[5116] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Windows\system32\Dwm.exe[5116] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Windows\system32\Dwm.exe[5116] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Windows\system32\Dwm.exe[5116] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Windows\system32\Dwm.exe[5116] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Windows\system32\Dwm.exe[5116] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Windows\system32\Dwm.exe[5116] C:\Windows\system32\dxgi.dll!CreateDXGIFactory 000007fef4d6dc88 5 bytes JMP 000007fff4b600d8
.text C:\Windows\system32\Dwm.exe[5116] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1 000007fef4d6de10 5 bytes JMP 000007fff4b60110
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Program Files\Elantech\ETDCtrl.exe[3368] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4748] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4836] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ac1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ac1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ac1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ac144a 2 bytes CALL 76c148ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ac14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ac14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ac150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ac1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ac153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ac1555 2 bytes JMP 76c368ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ac156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ac1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ac159d 2 bytes JMP 76cb865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ac15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ac15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ac16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5140] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ac16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[5388] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\USER32.dll!UserClientDllInitialize + 779 0000000075a7b9f8 4 bytes [0B, 26, 50, 72]
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe[5528] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\kernel32.dll!SetFileCompletionNotificationModes 0000000076c8b2fe 5 bytes JMP 00000001030a8f50
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ac1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ac1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ac1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ac144a 2 bytes CALL 76c148ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ac14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ac14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ac150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ac1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ac153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ac1555 2 bytes JMP 76c368ef C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ac156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ac1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ac159d 2 bytes JMP 76cb865c C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ac15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ac15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ac16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Anonymous\AppData\Roaming\uTorrent\uTorrent.exe[5860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ac16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[5880] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNEL32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNEL32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNEL32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe[5396] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5008] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5156] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNEL32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNEL32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[1460] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\kernel32.dll!SetFileCompletionNotificationModes 0000000076c8b2fe 5 bytes JMP 0000000101f88f50
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe[5672] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\kernel32.dll!SetFileCompletionNotificationModes 0000000076c8b2fe 5 bytes JMP 0000000107708f50
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ac1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ac1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ac1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ac144a 2 bytes CALL 76c148ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ac14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ac14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ac150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ac1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ac153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ac1555 2 bytes JMP 76c368ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ac156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ac1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ac159d 2 bytes JMP 76cb865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ac15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ac15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ac16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[6240] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ac16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Windows\splwow64.exe[7072] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Windows\system32\igfxEM.exe[6288] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Windows\system32\igfxHK.exe[6312] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNEL32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNEL32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx
|
|
28.03.2015, 11:35
| #8 |
| | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch Gmer Teil 2: Code:
ATTFilter .text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE[7212] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNEL32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNEL32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ac1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ac1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ac1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ac144a 2 bytes CALL 76c148ad C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ac14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ac14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ac150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ac1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ac153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ac1555 2 bytes JMP 76c368ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ac156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ac1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ac159d 2 bytes JMP 76cb865c C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ac15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ac15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ac16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[7256] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ac16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077b71398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 0000000077b7143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077b71594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 0000000077b7191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077b71bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077b71d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077b71edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077b71fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 0000000077b727b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 0000000077b727d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 0000000077b7282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077b72898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077b72d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077b72d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 0000000077b7323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 0000000077b733c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077b73a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077b73ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077b73b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077b74190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077b74241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 0000000077b742b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 0000000077b743f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077b74434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 0000000077b745d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 0000000077b746d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077b74a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077b74b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077b74c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077b74d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077b74ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077b74ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077b750f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077b752f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077b753f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077b755e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 0000000077b764d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 0000000077b7668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 0000000077b7687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 0000000077b768bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 0000000077b768d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 0000000077b7692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077b77166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077b77dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077b77e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077bc1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077bc1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077bc1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077bc1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077bc1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077bc1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077bc1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 0000000077bc27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000726113cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 000000007261146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000726116d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000726119db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000726119fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072611a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[8400] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\ole32.dll!OleLoadFromStream 000007fefe0e75f0 5 bytes JMP 000007ffbe0e0178
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\OLEAUT32.dll!VariantClear 000007feffa01180 5 bytes JMP 000007ffbe0e02f8
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\OLEAUT32.dll!SysFreeString 000007feffa01320 7 bytes JMP 000007ffbe0e0238
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\OLEAUT32.dll!SysAllocStringByteLen 000007feffa04470 6 bytes JMP 000007ffbe0e01d8
.text D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe[6140] C:\Windows\system32\OLEAUT32.dll!VariantChangeType 000007feffa06720 10 bytes JMP 000007ffbe0e0298
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077b71398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 0000000077b7143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077b71594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 0000000077b7191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077b71bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077b71d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077b71edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077b71fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 0000000077b727b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 0000000077b727d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 0000000077b7282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077b72898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077b72d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077b72d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 0000000077b7323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 0000000077b733c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077b73a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077b73ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077b73b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077b74190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077b74241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 0000000077b742b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 0000000077b743f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077b74434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 0000000077b745d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 0000000077b746d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077b74a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077b74b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077b74c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077b74d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077b74ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077b74ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077b750f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077b752f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077b753f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077b755e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 0000000077b764d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 0000000077b7668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 0000000077b7687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 0000000077b768bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 0000000077b768d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 0000000077b7692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077b77166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077b77dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077b77e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077bc1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077bc1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077bc1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077bc1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077bc1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077bc1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077bc1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 0000000077bc27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000726113cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 000000007261146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000726116d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000726119db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000726119fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072611a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNEL32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNEL32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000077375ea5 5 bytes JMP 000000016d492c10
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[7896] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000773a9d0b 5 bytes JMP 000000016d492ba0
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdfb7490 11 bytes JMP 000007fffdb70228
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdfcbf00 7 bytes JMP 000007fffdb70260
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\d3d9.dll!Direct3DCreate9Ex 000007fef80e2460 5 bytes JMP 000007fefdb702d0
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[6864] C:\Windows\system32\d3d9.dll!Direct3DCreate9 000007fef81196b0 6 bytes JMP 000007fefdb70298
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077b71398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 0000000077b7143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077b71594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 0000000077b7191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077b71bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077b71d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077b71edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077b71fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 0000000077b727b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 0000000077b727d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 0000000077b7282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077b72898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077b72d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077b72d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 0000000077b7323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 0000000077b733c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077b73a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077b73ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077b73b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077b74190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077b74241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 0000000077b742b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 0000000077b743f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077b74434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 0000000077b745d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 0000000077b746d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077b74a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077b74b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077b74c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077b74d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077b74ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077b74ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077b750f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077b752f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077b753f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077b755e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 0000000077b764d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 0000000077b7668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 0000000077b7687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 0000000077b768bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 0000000077b768d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 0000000077b7692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077b77166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077b77dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077b77e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077bc1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077bc1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077bc1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077bc1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077bc1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077bc1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077bc1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 0000000077bc27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000726113cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 000000007261146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000726116d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000726119db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000726119fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[1420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072611a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077b71398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 0000000077b7143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077b71594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 0000000077b7191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077b71bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077b71d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077b71edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077b71fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 0000000077b727b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 0000000077b727d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 0000000077b7282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077b72898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077b72d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077b72d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 0000000077b7323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 0000000077b733c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077b73a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077b73ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077b73b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077b74190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077b74241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 0000000077b742b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 0000000077b743f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077b74434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 0000000077b745d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 0000000077b746d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077b74a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077b74b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077b74c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077b74d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077b74ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077b74ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077b750f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077b752f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077b753f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077b755e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 0000000077b764d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 0000000077b7668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 0000000077b7687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 0000000077b768bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 0000000077b768d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 0000000077b7692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077b77166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077b77dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077b77e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077bc1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077bc1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077bc1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077bc1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077bc1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077bc1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077bc1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 0000000077bc27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
|
|
28.03.2015, 11:36
| #9 |
| | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch Gmer Teil 3: Code:
ATTFilter .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000726113cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 000000007261146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000726116d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000726119db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000726119fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[480] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072611a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077b71398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 0000000077b7143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077b71594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 0000000077b7191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077b71bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077b71d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077b71edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077b71fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 0000000077b727b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 0000000077b727d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 0000000077b7282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077b72898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077b72d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077b72d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 0000000077b7323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 0000000077b733c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077b73a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077b73ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077b73b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077b74190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077b74241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 0000000077b742b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 0000000077b743f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077b74434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 0000000077b745d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 0000000077b746d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077b74a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077b74b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077b74c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077b74d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077b74ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077b74ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077b750f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077b752f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077b753f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077b755e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 0000000077b764d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 0000000077b7668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 0000000077b7687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 0000000077b768bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 0000000077b768d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 0000000077b7692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077b77166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077b77dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077b77e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077bc1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077bc1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077bc1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077bc1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077bc1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077bc1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077bc1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 0000000077bc27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000726113cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 000000007261146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000726116d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000726119db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000726119fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072611a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\kernel32.dll!SetFileCompletionNotificationModes 0000000076c8b2fe 5 bytes JMP 0000000100a78f50
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ac1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ac1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ac1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ac144a 2 bytes CALL 76c148ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ac14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ac14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ac150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ac1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ac153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ac1555 2 bytes JMP 76c368ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ac156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ac1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ac159d 2 bytes JMP 76cb865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ac15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ac15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ac16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4020] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ac16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077b71398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 0000000077b7143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077b71594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 0000000077b7191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077b71bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077b71d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077b71edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077b71fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 0000000077b727b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 0000000077b727d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 0000000077b7282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077b72898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077b72d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077b72d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 0000000077b7323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 0000000077b733c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077b73a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077b73ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077b73b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077b74190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077b74241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 0000000077b742b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 0000000077b743f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077b74434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 0000000077b745d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 0000000077b746d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077b74a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077b74b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077b74c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077b74d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077b74ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077b74ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077b750f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077b752f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077b753f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077b755e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 0000000077b764d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 0000000077b7668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 0000000077b7687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 0000000077b768bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 0000000077b768d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 0000000077b7692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077b77166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077b77dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077b77e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077bc1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077bc1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077bc1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077bc1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077bc1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077bc1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077bc1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 0000000077bc27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000726113cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 000000007261146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000726116d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000726119db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000726119fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5948] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072611a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\kernel32.dll!RegSetValueExW 0000000077a5a400 7 bytes JMP 000000016fff0228
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077a63f20 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077a7ffb0 5 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 0000000077a8f2e0 3 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW + 4 0000000077a8f2e4 1 byte [F8]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077ab9a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 0000000077ac94c0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\kernel32.dll!RegSetValueExA 0000000077ae87e0 7 bytes JMP 000000016fff01f0
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb82db0 5 bytes JMP 000007fffdb70180
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb837d0 7 bytes JMP 000007fffdb700d8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb88ef0 6 bytes JMP 000007fffdb70148
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdb9af60 5 bytes JMP 000007fffdb70110
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefdd989f0 8 bytes JMP 000007fffdb701f0
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5944] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefdd9be50 8 bytes JMP 000007fffdb701b8
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077b71398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 0000000077b7143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077b71594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 0000000077b7191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077b71bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077b71d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077b71edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077b71fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 0000000077b727b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 0000000077b727d2 8 bytes {JMP 0x10}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 0000000077b7282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077b72898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077b72d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077b72d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 0000000077b7323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 0000000077b733c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077b73a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077b73ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077b73b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077b74190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077b74241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 0000000077b742b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 0000000077b743f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077b74434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 0000000077b745d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 0000000077b746d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077b74a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077b74b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077b74c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077b74d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077b74ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077b74ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077b750f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077b752f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077b753f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077b755e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 0000000077b764d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 0000000077b7668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 0000000077b7687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 0000000077b768bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 0000000077b768d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 0000000077b7692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077b77166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077b77dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077b77e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077bc1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077bc1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077bc1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077bc1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077bc1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077bc1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077bc1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 0000000077bc27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000726113cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 000000007261146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000726116d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000726119db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000726119fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072611a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 0000000076c11f0e 7 bytes JMP 000000016d493d10
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 0000000076c15bad 7 bytes JMP 000000016d4946b0
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 0000000076c21409 7 bytes JMP 000000016d494050
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 0000000076c2ea45 7 bytes JMP 000000016d493d00
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076cb8e24 7 bytes JMP 000000016d4937c0
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076cb8ea9 5 bytes JMP 000000016d493870
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076cb91ff 5 bytes JMP 000000016d4937d0
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075c41d29 5 bytes JMP 000000016d493780
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075c41dd7 5 bytes JMP 000000016d493740
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075c42ab1 5 bytes JMP 000000016d493880
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075c42d17 5 bytes JMP 000000016d493560
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076b0e96b 5 bytes JMP 000000016d492d70
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076b0eba5 5 bytes JMP 000000016d492d80
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075a78a29 5 bytes JMP 000000016d492c50
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000075a84572 5 bytes JMP 000000016d4934e0
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000075a9e567 5 bytes JMP 000000016d493550
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000075ac07d7 5 bytes JMP 000000016d492a60
.text C:\Users\Anonymous\Downloads\Gmer-19357.exe[8576] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000075ad7a5c 5 bytes JMP 000000016d4934d0
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\services.exe [884:4120] 0000000001b40100
Thread C:\Windows\system32\services.exe [884:4124] 0000000001b40100
Thread C:\Windows\system32\services.exe [884:4128] 0000000001b40100
Thread C:\Windows\system32\services.exe [884:4132] 0000000001b40100
Thread C:\Windows\system32\services.exe [884:4136] 0000000001b40100
Thread C:\Windows\system32\services.exe [884:4140] 0000000001b40100
Thread C:\Windows\system32\services.exe [884:4144] 0000000001b40100
Thread C:\Windows\system32\services.exe [884:4148] 0000000001b40100
Thread C:\Windows\system32\svchost.exe [684:692] 00000000004d0100
Thread C:\Windows\system32\svchost.exe [684:688] 00000000004d0100
Thread C:\Windows\system32\svchost.exe [684:716] 00000000004d0100
Thread C:\Windows\system32\svchost.exe [684:708] 00000000004d0100
Thread C:\Windows\system32\svchost.exe [684:704] 00000000004d0100
Thread C:\Windows\system32\svchost.exe [684:700] 00000000004d0100
Thread C:\Windows\system32\svchost.exe [684:696] 00000000004d0100
Thread C:\Windows\system32\svchost.exe [684:720] 00000000004d0100
Thread C:\Windows\system32\svchost.exe [1148:1696] 0000000001610100
Thread C:\Windows\system32\svchost.exe [1148:1700] 0000000001610100
Thread C:\Windows\system32\svchost.exe [1148:1704] 0000000001610100
Thread C:\Windows\system32\svchost.exe [1148:1708] 0000000001610100
Thread C:\Windows\system32\svchost.exe [1148:1712] 0000000001610100
Thread C:\Windows\system32\svchost.exe [1148:1716] 0000000001610100
Thread C:\Windows\system32\svchost.exe [1148:1720] 0000000001610100
Thread C:\Windows\system32\svchost.exe [1148:1724] 0000000001610100
Thread C:\Windows\System32\spoolsv.exe [1848:3652] 0000000001d90100
Thread C:\Windows\System32\spoolsv.exe [1848:3656] 0000000001d90100
Thread C:\Windows\System32\spoolsv.exe [1848:3660] 0000000001d90100
Thread C:\Windows\System32\spoolsv.exe [1848:3664] 0000000001d90100
Thread C:\Windows\System32\spoolsv.exe [1848:3668] 0000000001d90100
Thread C:\Windows\System32\spoolsv.exe [1848:3672] 0000000001d90100
Thread C:\Windows\System32\spoolsv.exe [1848:3676] 0000000001d90100
Thread C:\Windows\System32\spoolsv.exe [1848:3680] 0000000001d90100
Thread C:\Windows\system32\svchost.exe [1880:4936] 0000000002670100
Thread C:\Windows\system32\svchost.exe [1880:4940] 0000000002670100
Thread C:\Windows\system32\svchost.exe [1880:4944] 0000000002670100
Thread C:\Windows\system32\svchost.exe [1880:4948] 0000000002670100
Thread C:\Windows\system32\svchost.exe [1880:4952] 0000000002670100
Thread C:\Windows\system32\svchost.exe [1880:4956] 0000000002670100
Thread C:\Windows\system32\svchost.exe [1880:4960] 0000000002670100
Thread C:\Windows\system32\svchost.exe [1880:4964] 0000000002670100
Thread C:\Windows\system32\svchost.exe [8340:8416] 0000000000f60100
Thread C:\Windows\system32\svchost.exe [8340:8420] 0000000000f60100
Thread C:\Windows\system32\svchost.exe [8340:8424] 0000000000f60100
Thread C:\Windows\system32\svchost.exe [8340:8428] 0000000000f60100
Thread C:\Windows\system32\svchost.exe [8340:8432] 0000000000f60100
Thread C:\Windows\system32\svchost.exe [8340:8444] 0000000000f60100
Thread C:\Windows\system32\svchost.exe [8340:8448] 0000000000f60100
Thread C:\Windows\system32\svchost.exe [8340:8284] 0000000000f60100
Thread D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [6140:8752] 000007fee7dbba30
Thread D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [6140:7872] 000007fee7dbba30
Thread D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [6140:3216] 000007fee7dbba30
---- Processes - GMER 2.1 ----
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\python27.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240] (Python Core/Python Software Foundation)(2015-03-28 00:39:26) 000000001e000000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32api.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001e8c0000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\pywintypes27.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001e7a0000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\pythoncom27.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000000340000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\_socket.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000000250000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\_ssl.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000010000000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32com.shell.shell.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001e800000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\_hashlib.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000002c80000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wx._core_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000002d40000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wxbase294u_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240] (wxWidgets for MSW/wxWidgets development team)(2015-03-28 00:39:26) 0000000002e70000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wxbase294u_net_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240] (wxWidgets for MSW/wxWidgets development team)(2015-03-28 00:39:26) 00000000003b0000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wxmsw294u_core_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240] (wxWidgets for MSW/wxWidgets development team)(2015-03-28 00:39:26) 0000000003060000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wxmsw294u_adv_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240] (wxWidgets for MSW/wxWidgets development team)(2015-03-28 00:39:26) 0000000003500000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wx._gdi_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000003640000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wx._windows_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000003f60000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wxmsw294u_html_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240] (wxWidgets for MSW/wxWidgets development team)(2015-03-28 00:39:26) 0000000002070000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wx._controls_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000004250000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wx._misc_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000004360000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\pysqlite2._sqlite.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000004420000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\_elementtree.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001d100000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\pyexpat.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000001f10000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\_ctypes.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001d1a0000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32file.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001ea10000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32security.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001ec80000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\hashobjs_ext.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000001f50000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32gui.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001ea40000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32event.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001e9b0000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32inet.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001eaa0000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32crypt.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001e980000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wx._html2.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000003710000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wxmsw294u_webview_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240] (wxWidgets for MSW/wxWidgets development team)(2015-03-28 00:39:26) 0000000003730000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\_multiprocessing.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000002110000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\_yappi.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000004030000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32process.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001ebf0000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\unicodedata.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000005750000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wx._wizard.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000004090000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32pipe.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001eb90000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\select.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 00000000054a0000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32pdh.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001eb60000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32profile.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001ec20000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\win32ts.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 000000001ed40000
Library C:\Users\ANONYM~1\AppData\Local\Temp\_MEI58802\wx._animate.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [6240](2015-03-28 00:39:26) 0000000005550000
Process \\?\C:\Windows\system32\wbem\WMIADAP.EXE (*** suspicious ***) @ \\?\C:\Windows\system32\wbem\WMIADAP.EXE [9472] (WMI Reverse Performance Adapter Maintenance Utility/Microsoft Corporation)(2009-07-13 23:47:22) 00000000ff860000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001500a33f67
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\685d43143ea7
Reg HKLM\SYSTEM\CurrentControlSet\services\KLIF\Parameters@LastProcessedRevision 11010123
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6B 0x96 0x37 0x5B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xED 0x05 0xAE 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBA 0x8A 0x70 0xF5 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 D:\Program Files (x86)\Daemon Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001500a33f67 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6B 0x96 0x37 0x5B ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xED 0x05 0xAE 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBA 0x8A 0x70 0xF5 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 D:\Program Files (x86)\Daemon Tools Lite\
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
28.03.2015, 11:53
| #10 |
| | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch [gelöst] Ich habe dies noch nie angeschaut(siehe Bild) aber ist das normal, dass ich nicht per IPv6 Inet habe? |
|
28.03.2015, 14:47
| #11 |
| | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch [gelöst] Hab noch ein bisschen mehr zu meinem Problem im Internet geguckt und gefunden, dass sas oft ein Problem mit Proxyeinstellungen gibt. Habe da in der Richtung aber nichts verändert. habe über Interneoptionen wie im Internet beschrieben überall den Haken rausgenommen und darauf geachtet, dass ich keinen Proxy verwende. Habe sogar einmal Kaspersky gelöscht und das Problem war immer noch da. Also kein Problem mit Kaspersky. |
|
28.03.2015, 19:57
| #12 | |
| /// Helfer-Team   | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch [gelöst]Zitat:
__________________ LG Der Felix Keine Hilfe per PN und E-Mail |
|
28.03.2015, 23:22
| #13 |
| | Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch [gelöst] AdwCleaner: Code:
ATTFilter # AdwCleaner v4.113 - Bericht erstellt 28/03/2015 um 20:25:09
# Aktualisiert 22/03/2015 von Xplode
# Datenbank : 2015-03-22.2 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Anonymous - ANONYMOUS-PC
# Gestarted von : C:\Users\Anonymous\Downloads\adwcleaner_4.113.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Anonymous\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Anonymous\AppData\Roaming\OpenCandy
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v36.0.4 (x86 de)
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [2857 Bytes] - [28/03/2015 20:23:10]
AdwCleaner[S0].txt - [2743 Bytes] - [28/03/2015 20:25:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2802 Bytes] ##########
Ich glaube ich habe die beiden bekommen durch Ad-Aware Companion. Vlt. erst schließen wenn mir jemand was über die beiden Sachen erzählen kann. Kleiner Tipp, dass Euch das nicht auch noch passiert. Wenn ihr Daemon Tools Lite 5 nicht nutzen wollt da ihr keine virutellen Laufwerke mehr habt wenn ihr nicht 2,90 zahlt, müsst ihr bei der Installtion einer 4. irgendwas Version aufpassen, da am Ende nach eigentlicher Fertigstellung zwei Offer aufploppen die man abbrechen muss und man darf nicht auf weiter klicken. Ich dachte abbrechen ist nicht gut und habe so zwei mal sehr schädliche Adware bekommen. |
|
| Themen zu Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch |
| befinden, check, dienste, downloads, emails, falsch, frage, fragen, gelaufen, gelöscht, gespeichert, interne, internet, kleiner, laufwerk c, online, problem, router, server, software, softwarefehler, speicher, steam, thunderbird, tipps, virus, windows, windows 7, Ähnlichem |
Windows 7: SSD Speicherproblem, möglicher Virusbefall, Steam und ähnliche Software problematisch
Linear-Darstellung
