| |
| |||||||
Log-Analyse und Auswertung: DHL Virus/Trojaner aus Email angeklicktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.05.2015, 14:52
| #1 |
| |  DHL Virus/Trojaner aus Email angeklickt Guten Tag, Ich habe dummerweise auf den Link in der DHL-Mail geklickt, und mir damit die ZIP-Datei runtergeladen. Und die darin enthaltene exe auch noch ausgeführt. Kaspersky hat sofort gemeckert, allerdings dann auch nichts mehr gefunden. Deshalb bin ich mir nicht sicher, ob ich noch etwas schädliches auf meinem PC habe. Auch der Norten Power Eraser hat nichts gefunden. Ich habe die Logfiles mit FRST erstellt, aber werde aus den Dingern nicht schlau. Ich habe außerdem noch OTL durchlaufen lassen. Weil der Post sonst zu lang wird, binde ich jetzt nur die FRST.txt Datei mit ein, und antworte auch nicht sofort selbst, in den Regeln steht schließlich, dass man das nicht soll. Natürlich kann ich die anderen Logfiles aber auch noch nachreichen. Ich hoffe mir kann jemand helfen, bzw zumindest versichern, dass mein PC sauber ist. FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2015 Ran by Anton (administrator) on ANTON-LAPTOP on 05-05-2015 15:29:44 Running from E:\Downloads Loaded Profiles: Anton (Available profiles: Anton) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Windows\System32\igfxext.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Akamai Technologies, Inc.) C:\Users\Anton\AppData\Local\Akamai\netsession_win.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (ROCCAT GmbH) D:\Programme\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (Akamai Technologies, Inc.) C:\Users\Anton\AppData\Local\Akamai\netsession_win.exe (SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Geek Software GmbH) D:\Programme\PDF24\pdf24.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\plugin-container.exe (OldTimer Tools) E:\Downloads\OTL.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] () HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-03-13] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.) HKLM-x32\...\Run: [RoccatKone+] => D:\Programme\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH) HKLM-x32\...\Run: [PDFPrint] => D:\Programme\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.) HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Anton\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\Policies\Explorer: [] HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\MountPoints2: {128c4d83-c88c-11e3-83e6-e811324c4054} - G:\LG_PC_Programs.exe HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\MountPoints2: {1966018c-f355-11e0-a4b6-e811324c4054} - "H:\WD SmartWare.exe" autoplay=true HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\MountPoints2: {69c355d1-2f48-11e2-a742-e811324c4054} - H:\Launcher\LAUNCHER.EXE HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\MountPoints2: {9600ef26-4037-11e1-9a92-e811324c4054} - H:\LaunchU3.exe -a HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\MountPoints2: {faaf19b5-fa4b-11e1-ab93-e811324c4054} - G:\LGAutoRun.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [S-1-5-21-292025854-1146036075-2059369275-1001] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-292025854-1146036075-2059369275-1001] => proxyweb.utc.fr:3128 HKU\S-1-5-21-292025854-1146036075-2059369275-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-292025854-1146036075-2059369275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-25] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-25] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-25] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-25] (Oracle Corporation) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-25] (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-25] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-28] (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: W2PBrowser Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-09-17] () BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-25] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-28] (Oracle Corporation) BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-25] (Kaspersky Lab ZAO) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963 FF Homepage: https://www.google.de/ FF NetworkProxy: "autoconfig_url", "hxxp://www.utc.fr/proxy-utc.pac" FF NetworkProxy: "backup.ftp", "proxyweb.utc.fr" FF NetworkProxy: "backup.ftp_port", 3128 FF NetworkProxy: "backup.socks", "proxyweb.utc.fr" FF NetworkProxy: "backup.socks_port", 3128 FF NetworkProxy: "backup.ssl", "proxyweb.utc.fr" FF NetworkProxy: "backup.ssl_port", 3128 FF NetworkProxy: "ftp", "proxyweb.utc.fr" FF NetworkProxy: "ftp_port", 3128 FF NetworkProxy: "http", "proxyweb.utc.fr" FF NetworkProxy: "http_port", 3128 FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, 192.168.0.1" FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "proxyweb.utc.fr" FF NetworkProxy: "socks_port", 3128 FF NetworkProxy: "ssl", "proxyweb.utc.fr" FF NetworkProxy: "ssl_port", 3128 FF NetworkProxy: "type", 1 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] () FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-25] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-28] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-25] () FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-25] () FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-25] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-01-13] (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> D:\Programme\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-292025854-1146036075-2059369275-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-292025854-1146036075-2059369275-1001: amazon.com/AmazonMP3DownloaderPlugin -> D:\Programme\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.) FF Plugin HKU\S-1-5-21-292025854-1146036075-2059369275-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-01-13] (Pando Networks) FF user.js: detected! => C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\user.js [2014-12-25] FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\searchplugins\leo-fra-deu.xml [2014-12-16] FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\searchplugins\webcamstravel.xml [2013-05-05] FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\searchplugins\windfindercom.xml [2013-05-05] FF Extension: Classic Theme Restorer (Customize UI) - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-02] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\Extensions\elemhidehelper@adblockplus.org.xpi [2014-02-06] FF Extension: Ghostery - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\Extensions\firefox@ghostery.com.xpi [2015-05-04] FF Extension: Reddit Enhancement Suite - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2014-10-17] FF Extension: Flagfox - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-10] FF Extension: ReloadEvery - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-05-24] FF Extension: Adblock Plus - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-17] FF Extension: OkayFreedom - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2015-02-26] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - D:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-25] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-25] FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-25] FF Extension: No Name - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\extensions\{249b4e45-4fb9-4f6b-9754-7c0c1e605d44}.xpi [Not Found] StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx [2010-07-23] Opera: ======= StartMenuInternet: (HKLM) Opera - D:\Programme\Opera x64\Opera.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-25] (CyberLink) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-13] (NVIDIA Corporation) S4 Hamachi2Svc; D:\Programme\LogMeIn Hamachi\hamachi-2.exe [2369960 2012-08-29] (LogMeIn Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-13] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-13] (NVIDIA Corporation) R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [326072 2015-02-18] (Steganos Software GmbH) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.) R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.) S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] () R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-15] (DT Soft Ltd) R2 EkaProt6; C:\Windows\System32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.) R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel Corporation) S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-12-25] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-11] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-12-25] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO) S2 lirsgt; C:\Windows\SysWOW64\DRIVERS\lirsgt.sys [18048 2013-02-16] () [File not signed] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.) S3 andnetadb; System32\Drivers\lgandnetadb.sys [X] S3 BT; system32\DRIVERS\btnetdrv.sys [X] S3 BTCOM; system32\DRIVERS\btcomport.sys [X] S3 BTCOMBUS; System32\Drivers\btcombus.sys [X] S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X] S2 IOCBIOS; \??\C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-05 15:29 - 2015-05-05 15:29 - 00000000 ____D () C:\FRST 2015-05-05 13:04 - 2015-05-05 13:06 - 00000000 ____D () C:\NPE 2015-05-05 13:01 - 2015-05-05 13:33 - 00000000 ____D () C:\Users\Anton\AppData\Local\NPE 2015-05-04 08:53 - 2015-05-04 12:06 - 00014336 _____ () C:\Users\Anton\Desktop\Vacances_Printemps.xls 2015-04-17 15:39 - 2015-04-17 15:39 - 00000000 ____D () C:\Users\Anton\AppData\Roaming\.mono 2015-04-17 15:39 - 2015-04-17 15:39 - 00000000 ____D () C:\Users\Anton\AppData\Local\Colossal Order 2015-04-17 15:39 - 2015-04-17 15:39 - 00000000 ____D () C:\ProgramData\.mono 2015-04-17 13:19 - 2015-05-05 13:41 - 00004536 _____ () C:\Windows\setupact.log 2015-04-17 13:19 - 2015-04-17 13:19 - 00000000 _____ () C:\Windows\setuperr.log 2015-04-16 16:35 - 2015-04-16 16:35 - 00000000 ____D () C:\Users\Anton\AppData\Local\openvr 2015-04-15 21:34 - 2015-04-15 21:34 - 00000000 ____D () C:\Users\Anton\AppData\Roaming\WebApp 2015-04-15 21:32 - 2015-04-15 21:32 - 00002172 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk 2015-04-15 21:32 - 2015-04-15 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10 2015-04-15 21:32 - 2015-04-15 21:32 - 00000000 ____D () C:\Users\Anton\AppData\Local\Packages 2015-04-15 21:26 - 2015-04-15 21:26 - 00000000 ____D () C:\ProgramData\install_clap 2015-04-15 21:22 - 2015-04-15 21:23 - 00000000 ____D () C:\Users\Anton\Neuer Ordner 2015-04-15 21:14 - 2015-04-15 21:14 - 00000732 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-04-15 21:14 - 2015-04-15 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-04-15 11:40 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-04-15 11:40 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-04-15 11:40 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 11:40 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 11:40 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 11:40 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 11:40 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 11:40 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 11:40 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 11:40 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 11:40 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 11:40 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 11:40 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 11:40 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-04-15 11:40 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-04-15 11:40 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-04-15 11:40 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-04-15 11:40 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-04-15 11:40 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-04-15 11:40 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-04-15 11:40 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-04-15 11:40 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-04-15 11:40 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-04-15 11:40 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-04-15 11:40 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-04-15 11:40 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-04-15 11:40 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-04-15 11:40 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-04-15 11:40 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-04-15 11:40 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-04-15 11:40 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-04-15 11:40 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-04-15 11:40 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-04-15 11:40 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-04-15 11:40 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-04-15 11:40 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-04-15 11:40 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-04-15 11:40 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-04-15 11:40 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-04-15 11:40 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-04-15 11:40 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-04-15 11:40 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-04-15 11:40 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-04-15 11:40 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-04-15 11:40 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-04-15 11:40 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-04-15 11:40 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-04-15 11:40 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-04-15 11:40 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-04-15 11:40 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-04-15 11:40 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-04-15 11:40 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-04-15 11:40 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-04-15 11:40 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-04-15 11:40 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-04-15 11:40 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-04-15 11:40 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-04-15 11:40 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-04-15 11:40 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-04-15 11:40 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-15 11:40 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-04-15 11:40 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-04-15 11:40 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-04-15 11:40 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-04-15 11:40 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-15 11:40 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-04-15 11:40 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-04-15 11:40 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-04-15 11:40 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-04-15 11:40 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-15 11:40 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-04-15 11:40 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-04-15 11:40 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-04-15 11:40 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-04-15 11:39 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-15 11:39 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-04-15 11:39 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-04-15 11:39 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-15 11:39 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-04-15 11:39 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-04-15 11:39 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-04-15 11:39 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-04-15 11:39 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-04-15 11:39 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-04-15 11:39 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-04-15 11:39 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-04-15 11:39 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-04-15 11:39 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-04-15 11:39 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-04-15 11:39 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-04-15 11:39 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-04-15 11:39 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-04-15 11:39 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-04-15 11:39 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-04-15 11:39 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-04-15 11:39 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-04-15 11:39 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-04-15 11:39 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-04-15 11:39 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-04-15 11:39 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-04-15 11:39 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-04-15 11:39 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-04-15 11:39 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-04-15 11:39 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-04-15 11:39 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 11:39 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-04-15 11:39 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-04-15 11:39 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-04-15 11:39 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 11:39 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-04-15 11:39 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 11:39 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 11:39 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2015-04-15 11:39 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-11 10:42 - 2015-04-11 10:42 - 00001759 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-04-11 10:42 - 2015-04-11 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-04-11 10:41 - 2015-04-11 10:42 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-04-11 10:41 - 2015-04-11 10:42 - 00000000 ____D () C:\Program Files\iTunes 2015-04-11 10:41 - 2015-04-11 10:41 - 00000000 ____D () C:\Program Files\iPod 2015-04-11 10:41 - 2015-04-11 10:41 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-04-10 22:19 - 2015-04-10 22:19 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2015-04-10 22:18 - 2015-04-10 22:18 - 00000000 ____D () C:\Windows\system32\SRSLabs 2015-04-10 22:10 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-10 22:10 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-10 22:10 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-10 22:10 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-10 22:10 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-10 22:10 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-10 22:10 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-10 22:10 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-10 13:46 - 2015-04-10 13:46 - 00000000 ____D () C:\Program Files (x86)\LG Electronics 2015-04-10 13:43 - 2015-04-10 13:43 - 00000851 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LG On-Screen Phone.lnk 2015-04-10 13:43 - 2015-04-10 13:43 - 00000000 ____D () C:\Users\Anton\Documents\LG OSP 2015-04-10 13:43 - 2015-04-10 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG On-Screen Phone 2015-04-08 22:33 - 2015-04-08 22:33 - 00001793 _____ () C:\Users\Public\Desktop\Autodesk ReCap.lnk 2015-04-08 22:33 - 2015-04-08 22:33 - 00000000 ____D () C:\ProgramData\FARO 2015-04-08 22:28 - 2015-04-08 22:28 - 00002009 _____ () C:\Users\Public\Desktop\Autodesk 360.lnk 2015-04-08 22:20 - 2015-04-08 22:20 - 00000000 ____D () C:\Users\Anton\Documents\Inventor Server SDK ACAD 2014 2015-04-08 22:11 - 2015-04-08 22:11 - 00001860 _____ () C:\Users\Public\Desktop\AutoCAD 2014 - Deutsch (German).lnk 2015-04-08 21:46 - 2015-04-08 21:46 - 00000000 ____D () C:\Program Files (x86)\Autodesk 2015-04-08 11:05 - 2015-04-21 14:02 - 00000000 ____D () C:\Users\Anton\AppData\Local\NVIDIA 2015-04-08 11:05 - 2015-04-10 22:48 - 00000000 ____D () C:\Windows\SysWOW64\NV 2015-04-08 11:05 - 2015-04-10 22:48 - 00000000 ____D () C:\Windows\system32\NV 2015-04-08 11:04 - 2015-03-13 21:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-04-08 11:04 - 2015-03-13 21:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-04-08 11:04 - 2015-03-13 21:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-04-08 11:03 - 2015-04-08 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-04-08 11:03 - 2015-03-13 21:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-04-08 11:02 - 2015-03-13 18:16 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-04-08 11:02 - 2015-03-13 18:16 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-04-08 11:02 - 2015-03-13 18:16 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-04-08 11:02 - 2015-03-13 18:16 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2015-04-08 11:02 - 2015-03-13 18:16 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-04-08 11:02 - 2015-03-13 18:16 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-04-08 11:02 - 2015-03-13 18:16 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2015-04-08 11:02 - 2015-03-13 18:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-04-08 11:02 - 2015-03-11 15:10 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin 2015-04-08 10:51 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-04-08 10:51 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-04-08 10:51 - 2015-03-13 21:41 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00032456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2015-04-08 10:51 - 2015-03-13 21:41 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-04-08 10:51 - 2015-03-13 21:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb 2015-04-06 17:45 - 2015-04-06 20:37 - 00013824 _____ () C:\Users\Anton\Desktop\Mappe1.xls ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-05 14:55 - 2012-03-30 13:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-05 14:33 - 2011-11-10 17:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-05 14:00 - 2011-09-17 11:57 - 00000000 ____D () C:\Users\Anton\AppData\Roaming\Skype 2015-05-05 13:55 - 2014-12-25 16:25 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-05-05 13:51 - 2009-07-14 06:45 - 00022976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-05 13:51 - 2009-07-14 06:45 - 00022976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-05 13:48 - 2011-03-25 21:47 - 01583195 _____ () C:\Windows\WindowsUpdate.log 2015-05-05 13:40 - 2011-11-10 17:49 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-05 13:40 - 2011-09-17 10:05 - 00000000 ____D () C:\Users\Anton 2015-05-05 13:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-05 13:39 - 2015-04-01 23:38 - 00000000 ____D () C:\Users\Anton\AppData\Local\Akamai 2015-05-05 13:39 - 2015-04-01 23:37 - 00000000 ____D () C:\Autodesk 2015-05-05 13:39 - 2013-06-02 21:24 - 00000000 ____D () C:\Users\Anton\AppData\Roaming\DiskSpaceFan 2015-05-05 13:39 - 2011-03-25 06:22 - 00000000 ____D () C:\ProgramData\WinClon 2015-05-05 13:39 - 2011-03-25 06:20 - 00000000 ____D () C:\ProgramData\Norton 2015-05-05 13:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-05-05 12:51 - 2015-02-20 19:10 - 00000000 ____D () C:\Users\Anton\AppData\Local\Deployment 2015-05-04 13:26 - 2014-09-17 12:31 - 00000099 _____ () C:\Users\Public\LMDebug.log 2015-04-24 21:10 - 2011-09-17 10:09 - 00000000 ____D () C:\ProgramData\Skype 2015-04-23 00:28 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-04-22 17:23 - 2011-09-17 13:17 - 00000000 ____D () C:\Users\Anton\AppData\Roaming\SoftGrid Client 2015-04-22 00:10 - 2015-03-17 14:48 - 00000937 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-04-22 00:10 - 2015-03-17 14:48 - 00000925 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-04-22 00:10 - 2013-04-30 14:19 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-04-21 17:13 - 2011-09-28 17:09 - 00000000 ____D () C:\Users\Anton\AppData\Local\CrashDumps 2015-04-17 11:00 - 2012-06-03 01:01 - 00000000 ____D () C:\Windows\Minidump 2015-04-16 09:00 - 2011-03-25 22:29 - 00700134 _____ () C:\Windows\system32\perfh007.dat 2015-04-16 09:00 - 2011-03-25 22:29 - 00149984 _____ () C:\Windows\system32\perfc007.dat 2015-04-16 09:00 - 2009-07-14 07:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-15 22:38 - 2011-09-17 13:29 - 00000000 ____D () C:\Temp 2015-04-15 22:15 - 2011-09-17 13:05 - 01218684 _____ () C:\Windows\PFRO.log 2015-04-15 21:32 - 2011-03-25 06:09 - 00000000 ____D () C:\ProgramData\CyberLink 2015-04-15 21:30 - 2011-03-25 06:09 - 00000000 ____D () C:\ProgramData\Temp 2015-04-15 21:29 - 2011-03-25 06:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2015-04-15 21:29 - 2011-03-25 06:16 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2015-04-15 21:29 - 2011-03-25 06:16 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2015-04-15 21:29 - 2011-03-25 06:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2015-04-15 21:29 - 2011-03-25 06:09 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-04-15 21:02 - 2012-07-19 19:17 - 00000000 ____D () C:\Users\Anton\AppData\Roaming\vlc 2015-04-15 17:17 - 2012-03-30 13:16 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-15 17:17 - 2012-03-30 13:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-04-15 17:17 - 2011-09-17 11:42 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-15 17:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-04-15 16:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-04-15 12:07 - 2011-09-17 13:15 - 01596580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-04-15 12:03 - 2013-08-08 12:15 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-15 11:50 - 2011-09-17 12:06 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-15 00:56 - 2015-02-04 23:53 - 00032768 _____ () C:\Windows\system32\persistent_q.db-shm 2015-04-14 15:52 - 2011-09-17 11:47 - 00120272 _____ () C:\Users\Anton\AppData\Local\GDIPFONTCACHEV1.DAT 2015-04-13 01:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2015-04-11 12:17 - 2015-04-01 22:19 - 00000000 ____D () C:\Users\Anton\AppData\Roaming\Autodesk 2015-04-11 12:17 - 2015-04-01 22:19 - 00000000 ____D () C:\ProgramData\Autodesk 2015-04-11 10:41 - 2011-09-17 13:52 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-04-10 22:44 - 2014-12-12 11:31 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-10 22:44 - 2014-04-29 12:32 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-10 22:17 - 2011-03-25 05:55 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2015-04-10 13:43 - 2014-04-20 19:22 - 00000000 ____D () C:\Users\Anton\AppData\Local\LG Electronics 2015-04-09 23:33 - 2015-04-01 22:36 - 00000000 ____D () C:\Users\Anton\AppData\Local\Autodesk 2015-04-09 07:14 - 2009-07-14 06:45 - 00437896 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-08 23:05 - 2015-04-01 23:36 - 00000221 _____ () C:\Users\Anton\Documents\plot.log 2015-04-08 23:00 - 2015-04-01 23:01 - 00000000 ____D () C:\Users\Anton\AppData\Local\cache 2015-04-08 22:33 - 2015-04-01 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-04-08 22:27 - 2015-04-01 22:36 - 00000000 ____D () C:\Program Files\Autodesk 2015-04-08 22:19 - 2015-04-01 22:36 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared 2015-04-08 22:08 - 2015-04-01 23:16 - 00000000 ____D () C:\Users\Public\Documents\Autodesk 2015-04-08 21:37 - 2011-03-25 07:52 - 00382402 _____ () C:\Windows\DirectX.log 2015-04-08 11:08 - 2013-11-20 17:34 - 00000000 ____D () C:\Users\Anton\AppData\Local\NVIDIA Corporation 2015-04-08 11:08 - 2013-09-23 22:45 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-04-08 11:05 - 2012-09-13 22:49 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-08 11:04 - 2011-03-25 05:53 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-04-08 11:03 - 2012-01-25 15:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-04-08 11:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help ==================== Files in the root of some directories ======= 2014-08-13 18:25 - 2015-02-24 22:57 - 0000600 _____ () C:\Users\Anton\AppData\Roaming\winscp.rnd 2014-07-09 15:41 - 2014-08-19 16:40 - 0000600 _____ () C:\Users\Anton\AppData\Local\PUTTY.RND 2011-12-05 18:22 - 2012-02-18 16:06 - 0007596 _____ () C:\Users\Anton\AppData\Local\Resmon.ResmonCfg 2012-01-16 22:56 - 2012-01-16 22:56 - 0017408 _____ () C:\Users\Anton\AppData\Local\WebpageIcons.db 2015-04-10 22:19 - 2015-04-10 22:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-04-01 22:41 - 2015-04-01 22:41 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2011-03-25 06:17 - 2011-03-25 06:18 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2011-03-25 06:13 - 2011-03-25 06:14 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2011-03-25 06:10 - 2011-03-25 06:13 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log 2011-03-25 06:14 - 2011-03-25 06:16 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2011-03-25 06:16 - 2011-03-25 06:17 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log Some content of TEMP: ==================== C:\Users\Anton\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-04 00:48 ==================== End Of Log ============================ |
|
05.05.2015, 14:58
| #2 |
| /// the machine /// TB-Ausbilder    | DHL Virus/Trojaner aus Email angeklickt Hi,
__________________dann jetzt bitte die andern Logfiles 
__________________ |
|
05.05.2015, 15:11
| #3 |
| | DHL Virus/Trojaner aus Email angeklickt Addition.txt
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-05-2015
Ran by Anton at 2015-05-05 15:30:29
Running from E:\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-292025854-1146036075-2059369275-500 - Administrator - Disabled)
Anton (S-1-5-21-292025854-1146036075-2059369275-1001 - Administrator - Enabled) => C:\Users\Anton
Gast (S-1-5-21-292025854-1146036075-2059369275-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-292025854-1146036075-2059369275-1016 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D Pinball from Plus! for Windows 95 (HKLM-x32\...\Pinball) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Age of Empires II - the Conquerors WideScreen Patcher (HKLM-x32\...\{BA2F3EBC-FE07-4AB5-B906-14DF2C74C523}) (Version: 1.0.40 - Boekabart)
Akamai NetSession Interface (HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AllDup 3.4.0 (HKLM-x32\...\AllDup_is1) (Version: 3.4.0 - Michael Thummerer Software Design)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
AutoCAD 2014 - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - Deutsch (German) (HKLM\...\AutoCAD 2014 - Deutsch (German)) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Braunschweig Hbf DEMO (HKLM-x32\...\Braunschweig Hbf DEMO) (Version: - SIGNALSOFT Rail Consultancy Ltd.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Brother HL-2030 (HKLM-x32\...\{12597DD0-002E-4776-A424-225ECED8C6C7}) (Version: 1.00 - Brother)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version: - Colossal Order Ltd.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Cobra 11 - Crash Time (remove only) (HKLM-x32\...\CrashTime) (Version: - )
Color Efex Pro 3.0 Standard (HKLM-x32\...\Color Efex Pro 3.0 Stand-Alone Standard) (Version: 3.1.0.9 - Nik Software, Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version: - 800 North and Digital Ranch)
DirComp (HKLM-x32\...\{B915FA4E-B670-43E9-8EA0-9F16BFFD8AE8}) (Version: 2.06.0000 - Wolfgang Wirth)
Disk Space Fan 2.2.7.820 (HKLM-x32\...\Disk Space Fan_is1) (Version: - Disk Space Fan Team)
Driver: Parallel Lines (HKLM-x32\...\{31CB0D80-1866-462A-9455-88614410971F}) (Version: 1.00.0000 - Ubisoft)
DWG TrueView 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{16880765-677F-440B-B16A-BFD9B9C00012}) (Version: 1.0.12 - Samsung)
EE-ZDE (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version: - )
Ekahau HeatMapper (HKLM\...\Heatmapper-1.1.4.39795) (Version: 1.1.4.39795 - Ekahau Inc.)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: - )
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.501.0 (HKLM-x32\...\{8F196892-666A-4A40-8587-6AE38F78A5C2}) (Version: 5.1.0.30630 - FARO Scanner Production)
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)
FileZilla Client 3.2.7.1 (HKLM-x32\...\FileZilla Client) (Version: 3.2.7.1 - )
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Giant Multiplayer Robot (HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\cdec0197bc9bac94) (Version: 1.0.0.143 - Giant Multiplayer Robot)
Google Earth (HKLM-x32\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version: - SimBin)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4101 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) SMBus (HKLM\...\SMBus) (Version: - )
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Kleinstadt (HKLM-x32\...\Kleinstadt) (Version: - SIGNALSOFT Rail Consultancy Ltd.)
K-Lite Codec Pack 7.7.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.7.0 - )
Knight Rider (HKLM-x32\...\Knight Rider) (Version: 1.0.0.56 - Davilex Software BV)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LG On-Screen Phone (HKLM-x32\...\LG On-Screen Phone) (Version: 4.2.001.140114 - LG Electronics)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.17.20140521 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
LibreOffice 3.5 (HKLM-x32\...\{0E8E4718-0702-4D33-B007-5E95849BAB3C}) (Version: 3.5.1.102 - The Document Foundation)
Logitech Touch Mouse Server 1.0 (HKLM-x32\...\Logitech Touch Mouse Server) (Version: 1.0 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.215 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.215 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2000 Standard (HKLM-x32\...\{00020407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Works 2003-Setup-Start (HKLM-x32\...\Works2003Setup) (Version: - )
Microsoft Works Suite-Add-Ins für Microsoft Word (HKLM-x32\...\{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}) (Version: 2.0.0.0000 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version: - )
Mini Metro (HKLM-x32\...\Steam App 287980) (Version: - Dinosaur Polo Club)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 14.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 de)) (Version: 14.0.1 - Mozilla)
Mozilla Firefox 37.0.2 (x86 de) (HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
Mozilla Thunderbird (6.0.2) (HKLM-x32\...\Mozilla Thunderbird (6.0.2)) (Version: 6.0.2 (de) - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.1 - )
Mumble 1.2.6 (HKLM-x32\...\{1C21B645-FED0-4E08-AA65-A7B388F10083}) (Version: 1.2.6 - Thorvald Natvig)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1353 - Electronic Arts)
NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
NetBeans IDE 8.0.1 (HKLM-x32\...\nbi-nb-base-8.0.1.0.201408251540) (Version: 8.0.1 - NetBeans.org)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.4.3 - Steganos Software GmbH)
OLYMPUS Master 2 (HKLM-x32\...\{13453DAA-8424-4B9C-844F-FC44C621F9E3}) (Version: 1.0.4 - OLYMPUS IMAGING CORP.)
OLYMPUS xD-Picture Card Pack (HKLM-x32\...\{5C0FB02C-CBC4-4D3A-9B3A-AD8DA6250D23}) (Version: 1.0.7 - OLYMPUS IMAGING CORP.)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PaperCut NG Client 10.7 (HKLM-x32\...\PaperCut NG Client_is1) (Version: - PaperCut Software International Pty Ltd)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)
Photomizer (HKLM-x32\...\{A00F8237-F496-44D2-0001-E3CCF8CD58AE}) (Version: 1.3.12.723 - Engelmann Media GmbH)
Pid (HKLM-x32\...\Steam App 218740) (Version: - Might and Delight)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version: - SimBin)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
RadioSure (HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\RadioSure) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Renaissance Heroes (HKLM-x32\...\Steam App 221790) (Version: - ChangYou.com (US), Inc. (GameFuse.com))
Ricochet (HKLM-x32\...\Steam App 60) (Version: - Valve)
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version: - Roccat GmbH)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\GOGPACKRTC_is1) (Version: 2.1.0.18 - GOG.com)
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 1.1.21.0 - Samsung Electronics Co., Ltd.)
Samsung AnyWeb Print (x32 Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.74.00(06.11.2012) - Samsung Electronics Co., Ltd.)
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung ML-2160 Series (HKLM-x32\...\Samsung ML-2160 Series) (Version: 1.10 (22.11.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.10 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.1.17 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.15.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SecureW2 EAP Suite 2.0.2 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version: - )
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity 3000 (HKLM-x32\...\SimCity 3000) (Version: - )
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SmartView 2.1 (HKLM-x32\...\{4109EEA6-0868-41B8-B79A-07DCFB2B1C93}) (Version: 2.1 - Ihr Firmenname)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version: - Zachtronics)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strategic Command 2 Blitzkrieg & Weapons and Warfare (HKLM-x32\...\Strategic Command 2 Blitzkrieg & Weapons and War~259533B8_is1) (Version: - Kalypso Media)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Sweet Home 3D version 3.7 (HKLM-x32\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
The Italian Job (HKLM-x32\...\{B58561BB-0425-458C-B9C4-44618814BA70}) (Version: - )
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
Unity Web Player (HKU\S-1-5-21-292025854-1146036075-2059369275-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
USA Raser (HKLM-x32\...\{F92C4EE6-BEA9-11D7-9E00-0004769EEFEB}) (Version: 1.00.0000 - ComputerBild Spiele)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Volvo - The Game (HKLM-x32\...\Volvo - The Game_is1) (Version: - SimBin)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.5.36 - WildTangent)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinSCP 5.5.4 (HKLM-x32\...\winscp3_is1) (Version: 5.5.4 - Martin Prikryl)
WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)
Works Suite-Betriebssystem-Pack (x32 Version: 3.0.0.0000 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Programme\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> D:\Programme\Autodesk\AutoCAD 2012 - Deutsch\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Programme\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> D:\Programme\Autodesk\AutoCAD 2012 - Deutsch\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Programme\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> D:\Programme\Autodesk\AutoCAD 2012 - Deutsch\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> D:\Programme\Autodesk\AutoCAD 2012 - Deutsch\acad.exe No File
CustomCLSID: HKU\S-1-5-21-292025854-1146036075-2059369275-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Programme\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)
==================== Restore Points =========================
05-05-2015 13:21:30 Norton_Power_Eraser_20150505132129028
05-05-2015 13:34:33 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-05-22 20:05 - 00000827 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0BE45105-F7FB-4A22-BB87-32B480F9A491} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {0C3C9E4A-3D9C-4FB9-B146-0D44D977632E} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-01-04] (Samsung Electronics Co., Ltd.)
Task: {0DDFFB57-10A0-44FE-8F19-A25D49761768} - System32\Tasks\{5EFAF06E-CFD6-41B0-80B1-A58B50A0451D} => D:\Programme\Ubisoft\Heroes of Might and Magic V\bina1\H5_Game.exe
Task: {11C79C07-61E6-4F9D-9F09-D13EB6506F77} - System32\Tasks\{CEF18E1D-2BA5-40E5-9834-9264199BFE71} => D:\Programme\Black Sheep Studio\Championsheep Rally Demo 1.1\CSR.EXE
Task: {1362ACD7-1FBD-4A93-9720-F3B9B2C791AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {19D98646-3B15-490B-AFF5-9706EC7DE71C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {29346102-AE73-413D-B24E-C0CD0D56AFD8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {2B1D3EB6-6CC4-4061-9DFF-A18949195DBB} - System32\Tasks\Symantec\Norton Error Analyzer 18.6.0.29 => C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\SymErr.exe
Task: {33CCF478-1CDF-431A-B245-E6C67F54C84B} - System32\Tasks\{47A7A19A-04B5-4C09-B206-1A2C76C58DBE} => pcalua.exe -a "C:\Program Files (x86)\Microsoft Works Suite 2003\Setup\Launcher.exe" -c F:\
Task: {344B66C1-8909-402B-90F9-74A8EE910181} - System32\Tasks\{E1C8C498-0A26-46C7-852F-31783706416E} => pcalua.exe -a I:\directx\dxsetup.exe -d I:\directx
Task: {35F4F78E-3E94-414B-BE7B-E22386D7B89A} - System32\Tasks\Symantec\Norton Error Processor 18.6.0.29 => C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\SymErr.exe
Task: {3BFAE177-786C-4C1E-AA49-30A594D42642} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {3D471DFE-8EE9-4933-A1CA-398D8D3C4E21} - System32\Tasks\{D6D2DF61-8F40-40A0-B06F-25E5B098E248} => pcalua.exe -a E:\Downloads\dxwebsetup0411.exe -d "D:\Programme\Mozilla Firefox"
Task: {4EDF591B-ED61-4058-A71F-6B293240F5CE} - System32\Tasks\{6DC69496-6962-46F9-9B91-8D2D84ACFB3E} => pcalua.exe -a E:\Downloads\EE_1000-1040_ENDE.exe -d E:\Downloads
Task: {52D42B10-337A-4FC8-81E4-3DAC2E936429} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics)
Task: {5A4B0DEC-5141-4572-9712-8299E8A0358A} - System32\Tasks\{6CB26500-EEB6-49BE-93C5-E307018EC6B2} => D:\Programme\Ubisoft\Heroes of Might and Magic V\bina1\H5_Game.exe
Task: {5DDB6FD9-C3A1-40CA-AE34-9183D432C5D4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {62EB8507-AF59-4BC9-9DB4-92A11DFECF66} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6AC3ADFE-BE1F-4F60-BA35-E87133C117B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {6E0D5533-4F08-487C-A93B-F98B08F7D755} - System32\Tasks\{666A18ED-D719-419B-BFDD-AC38C4808FDC} => pcalua.exe -a E:\Downloads\IPx64_1031_8.20.468.0.exe -d E:\Downloads
Task: {6FF4B0D8-42D3-448C-BBB3-D9213EC821D6} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {765F0567-4DFC-41FF-B34F-C5980B3C65CF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {83085B47-C8C5-4680-A18C-6D46F9D587B4} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {8C69936D-710C-4B02-B850-188FA7EB7465} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {9E7A3606-78F9-4FC9-9041-5625AD8A958E} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {A2066529-4012-4CC1-8AE2-3B1903533C80} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A7CC7B0F-E2EA-4D86-A32B-EF3C7216243F} - System32\Tasks\{CF5ABF66-2AFB-4E65-B455-706151C0A912} => pcalua.exe -a H:\directx\dxsetup.exe -d H:\directx
Task: {AE1CBD3F-43A6-43AB-89C8-383D50C59CF7} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {B5C3A8B8-D3AF-404B-AB61-E4D58063214B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C6898428-7548-4B8F-A259-C0175DE182CE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CF1ADDC0-F425-42E0-A6FA-33C2E8D6E564} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {D063F12B-D34D-4708-A30D-71338CB4B331} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {D5E4D7CD-3B15-4C4E-8AB0-05CD876D256C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {E8DA45BE-58D3-4ABD-A9D3-01030CC59377} - System32\Tasks\{FCC4E1DF-73E8-41E0-9523-C1B3237F46B7} => pcalua.exe -a E:\Downloads\Wireless-Network-Meter-Setup.exe -d "D:\Programme\Mozilla Firefox"
Task: {F3B0262D-6E6E-45FB-82CC-C3761BECCEB9} - System32\Tasks\{7FD1073E-2E61-442C-9FF2-B8834E90766F} => D:\Programme\Black Sheep Studio\Championsheep Rally Demo 1.1\CSR.EXE
Task: {F642336F-5F4C-44C2-BBB8-8680832A228C} - System32\Tasks\{CBAE9A5C-558C-4CA1-BE1F-35DE72F92D71} => D:\Programme\AOE II\Age of Empires II\age2_x1_1.0e_1366x768.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-04-08 10:51 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-04-08 11:02 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-08-23 19:24 - 2009-08-23 19:24 - 00098304 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2011-09-17 10:08 - 2008-06-05 01:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll
2014-08-04 09:33 - 2014-08-04 09:33 - 00034304 _____ () C:\Windows\System32\ssj1mlm.dll
2011-09-17 13:31 - 2008-01-11 06:19 - 00022016 _____ () C:\Windows\System32\ssp2ml6.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-25 06:13 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2011-03-25 20:34 - 2010-12-17 02:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-13 00:36 - 2013-12-13 00:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2015-04-08 10:51 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-03-25 06:21 - 2010-07-05 12:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2011-03-25 06:00 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2011-03-25 06:22 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-06-04 09:13 - 2010-06-22 13:50 - 00061440 _____ () D:\Programme\ROCCAT\Kone[+] Mouse\hiddriver.dll
2014-08-30 18:12 - 2014-12-25 16:30 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-08-30 18:12 - 2014-12-25 16:30 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-08-30 18:12 - 2014-12-25 16:30 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-292025854-1146036075-2059369275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Anton^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => D:\Programme\Samsung\Kies\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => D:\Programme\Samsung\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => D:\Programme\Samsung\Kies\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => D:\Programme\Samsung\Kies\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: PaperCut NG Client => "D:\Programme\PaperCut NG Client\pc-client.exe" /silent
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Anton\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Virtual WiFi Router => ""
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{BF7EBAE3-C3F9-4545-8D50-A9D17DA89BC2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{AABB2CFE-0DB2-45DD-86CA-D28E9B620735}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{05D603EE-2343-4AD8-BA4E-72AFA8780B48}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{4A21C71F-E2A1-4918-B0E5-FE415BE286B9}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{D37E70DA-9F91-4ED7-A429-1C9BBA90CC3F}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{26196087-8A61-4637-AE38-641B7BE22F6D}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{78BDD33E-A774-45FD-BCCD-1576243D6471}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{34230F90-7834-409C-B4D8-C515D2F2EBD3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{B4E68776-6D05-4735-9DEA-18DE6CFBCC49}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{9F74B97F-3FBD-4DE8-907C-5286CB5B0CC1}] => (Allow) D:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe
FirewallRules: [{22B619CD-B4C2-4D04-868F-800D354466AD}] => (Allow) D:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe
FirewallRules: [{4D68BDEA-01B5-485C-B95C-6687DC015D70}] => (Allow) D:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{341ED341-9DF5-4D98-B662-B82304BEBF0B}] => (Allow) D:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [TCP Query User{BDF9503E-BA8E-4D4B-AD27-6753F1B9C43D}D:\programme\videolan\vlc\vlc.exe] => (Block) D:\programme\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{DB4E58C8-F97C-47E7-BF3D-563AF6D249F7}D:\programme\videolan\vlc\vlc.exe] => (Block) D:\programme\videolan\vlc\vlc.exe
FirewallRules: [{096EE856-933B-48FD-A973-3B17397D214C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7A0531CE-DDFF-40BF-837C-7C381C1E824F}] => (Allow) D:\Programme\Tunngle\TnglCtrl.exe
FirewallRules: [{D96E7AA1-FEB3-468D-B865-5FE2F2A5E2CB}] => (Allow) D:\Programme\Tunngle\TnglCtrl.exe
FirewallRules: [{91956904-8612-4FD8-BDD4-A655D1A55059}] => (Allow) D:\Programme\Tunngle\Tunngle.exe
FirewallRules: [{FC70EB49-055E-42EF-A9DC-5B35E1CCB158}] => (Allow) D:\Programme\Tunngle\Tunngle.exe
FirewallRules: [{6F4418FF-050E-4652-93FA-46BAA7245307}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F47516F1-187D-499A-AFF1-21A29540C46A}] => (Allow) LPort=2869
FirewallRules: [{9DB8A132-1991-43FE-8141-F8CBA0D5892B}] => (Allow) LPort=1900
FirewallRules: [{D5BACE33-0F49-4CC6-A9F1-60BB922ECB71}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{691D40EA-B6FF-4661-A756-53B3BE3A1596}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4927CC16-A9EB-41D4-8749-1C3F43EA87D7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{71A42435-C281-4460-9521-691DB7ECA1D5}] => (Allow) D:\Programme\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{6096EA58-4CC6-40E5-A28F-3FEE4DB33A0F}] => (Allow) D:\Programme\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{6586D8C0-DC19-4B46-862B-9A6EF054F6AE}] => (Allow) D:\Programme\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{633AEBE6-0613-47FA-AA80-EA7DF238E8FD}] => (Allow) D:\Programme\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{40544938-3660-4810-BBCF-7CF8CF283E73}] => (Allow) D:\Programme\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{EC2DC097-10E7-4EA7-9E70-57641A2BBCD2}] => (Allow) D:\Programme\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{37CD261F-2A40-44F0-B588-4E575BE82F5B}] => (Allow) D:\Programme\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{55856D72-8DAA-4F48-A90C-A553359E9FB9}] => (Allow) D:\Programme\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{50D5B6F5-1EF9-49A7-B950-3520E9523BB5}] => (Allow) D:\Programme\Opera x64\opera.exe
FirewallRules: [{7B991558-B6A8-43CF-AA7A-D2489CB82E90}] => (Allow) D:\Programme\Opera x64\opera.exe
FirewallRules: [{8930298E-814C-4A67-A435-908133A4D592}] => (Allow) D:\Programme\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{1BB49C69-9C15-4BAA-ABA5-FFE8ABCB7AFF}] => (Allow) D:\Programme\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{23FA47AB-27A4-484B-8106-1FE71C99F686}] => (Allow) D:\Programme\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{16638D58-F22A-497F-963B-5314613AD275}] => (Allow) D:\Programme\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{3BEA44AB-55A0-4B17-8AB6-B970C9564D24}] => (Allow) D:\Programme\Opera x64\opera.exe
FirewallRules: [{03221B37-649B-48B8-88A0-61792133A163}] => (Allow) D:\Programme\Opera x64\opera.exe
FirewallRules: [TCP Query User{36878C87-D1E8-48D5-B5EF-120B12F22BC1}C:\users\anton\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anton\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6A9ED555-3F5E-48F2-AF76-EFADFBF66267}C:\users\anton\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anton\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D5A0C75F-02DE-4A48-AD3F-106CEBB12F4F}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{FB391D6B-65F0-49C4-B203-24ECB17AD9EF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{BB5F1341-BF74-4604-8EFD-1F9C37C48019}] => (Allow) D:\Programme\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{98E7D656-1FE1-450A-9C2E-AC912ABC392F}] => (Allow) D:\Programme\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{DCABC891-708B-4D20-8512-7D93E7FC0F07}D:\programme\warcraft iii\war3.exe] => (Allow) D:\programme\warcraft iii\war3.exe
FirewallRules: [UDP Query User{490CF94F-CEB6-43F8-9166-148595491C08}D:\programme\warcraft iii\war3.exe] => (Allow) D:\programme\warcraft iii\war3.exe
FirewallRules: [{9983413D-EB8C-428F-897B-77F62CB673C7}] => (Block) D:\programme\warcraft iii\war3.exe
FirewallRules: [{63B4E7DA-2842-488F-AA69-95B51B7C053A}] => (Block) D:\programme\warcraft iii\war3.exe
FirewallRules: [{2955F8EA-C4C9-4C9F-9F45-4B19E557C2B4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{0F0FE064-1762-4234-94D3-EB7D154150D7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{11413E7F-3060-408A-8DAE-3DB731807286}] => (Allow) D:\Programme\Steam\SteamApps\common\Renaissance Heroes\BrideaLauncher.exe
FirewallRules: [{00598337-9D13-4B3C-A563-2B3DCDE088F4}] => (Allow) D:\Programme\Steam\SteamApps\common\Renaissance Heroes\BrideaLauncher.exe
FirewallRules: [{7C3E1032-0839-47C0-ADC3-B5F7398F4AA2}] => (Allow) D:\Programme\Steam\SteamApps\common\Renaissance Heroes\Binaries\Win32\DVGame.exe
FirewallRules: [{9602C884-072F-4680-8349-160CAF504C78}] => (Allow) D:\Programme\Steam\SteamApps\common\Renaissance Heroes\Binaries\Win32\DVGame.exe
FirewallRules: [{650734EF-0CBB-4B53-BA1E-83070A5F98B1}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{09794335-7B34-434B-865B-10918A2CEF4D}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{EFF03344-A215-41CC-B018-08CBEE42A812}] => (Allow) D:\Programme\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{6C89ABA6-FF67-4923-AE99-FE548F8C36D7}] => (Allow) D:\Programme\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{C19373EB-B4CF-4D4E-B369-828774F0B568}] => (Allow) D:\Programme\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{0C807CBC-F2CD-41D7-B842-95871CD4ED43}] => (Allow) D:\Programme\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{8F4AC3D4-012F-45A3-A6E8-4242CF70BC92}] => (Allow) D:\Programme\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{83BD6182-E330-4B51-84DC-249304F5402A}] => (Allow) D:\Programme\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{12FAA9BB-531F-43F5-8A1A-2695BC597B6E}D:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe] => (Allow) D:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe
FirewallRules: [UDP Query User{BD463894-5FE9-46FF-A7DA-9180C9FF1AA7}D:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe] => (Allow) D:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe
FirewallRules: [TCP Query User{3C1528A9-4BCA-4500-9E60-E69F3DF9A977}D:\programme\steam\steamapps\common\portal 2\portal2.exe] => (Allow) D:\programme\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{0FA7A572-A0E0-4FFF-B1DA-867182461478}D:\programme\steam\steamapps\common\portal 2\portal2.exe] => (Allow) D:\programme\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{3A50E134-77E9-4AB1-9886-1F52D7FE1823}D:\programme\tmnationsforever\tmforever.exe] => (Allow) D:\programme\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{5CD82A5D-CDE7-40E5-91BC-E4B8D700C5CF}D:\programme\tmnationsforever\tmforever.exe] => (Allow) D:\programme\tmnationsforever\tmforever.exe
FirewallRules: [{54871E02-F047-4BAD-966E-1E1026B8364E}] => (Allow) D:\Programme\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{DAA001B2-3B18-4CF8-AC09-FBC344B2BEBD}] => (Allow) D:\Programme\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{E9AD905B-6FC1-4B20-99AC-7ADFA612909D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{45550BE4-54E7-467D-A017-CDB58B73FB67}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{0EB95DA8-B080-48C0-B3F6-E6E2C847167B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{FB83EF69-7CC1-49E2-BD68-03D8FBE0B250}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{B46B436E-F5E8-4FD5-84B0-B90C011DB3AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{78CDCB4C-CC4F-4C3A-8625-1FA28C698753}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4E52479A-F14C-4EBC-B9EC-EC36AFFF679C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{183C60F8-FE46-484D-AA89-A885ED21F40C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{021F29E6-238E-4E85-826C-46C205C72522}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{68C1115F-C458-4B93-80C8-C7F21A910112}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8FE3CA8A-9080-4E9A-83F2-C32B59E086AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0C3851A-4628-41BC-97F5-FFFFF204A634}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{38345DE9-F144-4F52-B0D5-25FCCED1C945}] => (Allow) D:\Programme\Steam\SteamApps\common\Renaissance Heroes\BrideaLauncher.exe
FirewallRules: [{9E773410-F8CB-4850-BE05-BC43FBB18406}] => (Allow) D:\Programme\Steam\SteamApps\common\Renaissance Heroes\BrideaLauncher.exe
FirewallRules: [{4E216534-0853-48E5-9DCA-086DBC7D72E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{10FCE82A-A6DD-4F24-8F2A-B55D3FD63322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7F36C87D-1F12-4A8F-BB67-676542DA1450}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EEBEA341-0238-4709-85FA-2670A00E2831}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BDE1ABC7-FB9D-4DBF-A41E-09ACDE62B30D}] => (Allow) D:\Programme\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{17337ED4-E87A-42C0-853E-713E7B779B57}] => (Allow) D:\Programme\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{3CA230F9-732A-44CB-BAD7-49B7DD822172}D:\programme\steam\steamapps\common\sid meier's civilization v\civilizationv.exe] => (Allow) D:\programme\steam\steamapps\common\sid meier's civilization v\civilizationv.exe
FirewallRules: [UDP Query User{200D2A8A-B626-4260-BC30-423BDDD59C98}D:\programme\steam\steamapps\common\sid meier's civilization v\civilizationv.exe] => (Allow) D:\programme\steam\steamapps\common\sid meier's civilization v\civilizationv.exe
FirewallRules: [{3D0AD13B-3B1C-4FED-9BD8-21E5739CF5BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F49AAF8E-DD29-489A-A3D0-1C5D65BEC325}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2BDCB8D0-9AEB-4D14-9A1B-7AB8A05B536B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B19C545-FEE4-4DA3-B0E7-4DEB8DEE0B87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BB321772-7F8E-406A-9B07-BA63EEF409C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{324E96DE-B7DA-4C56-B907-FECAC9EB350C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{360B893D-DD4A-4A72-AC8D-7402EA87EB57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{25C47356-F318-40BF-A4C8-86BF74A79577}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7DA43ED1-6222-462F-8D2D-BA2D488DDD3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E2789276-C000-4C65-91B7-FAEE7FD04739}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E593A865-FD05-4BD4-BEB6-672B64AEA507}] => (Allow) D:\Programme\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{B86E4921-26B7-485C-8F16-4E3AD1583AED}] => (Allow) D:\Programme\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{8D4AA437-074A-449C-BFB1-33BCC3462C02}] => (Allow) D:\Programme\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{715BDF8F-2804-4431-92A0-AAA1C783D0B9}] => (Allow) D:\Programme\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{57C040A9-BC6A-49AA-96E5-B22916D39860}D:\programme\java\jdk1.7.0_45\bin\javaw.exe] => (Allow) D:\programme\java\jdk1.7.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2202417F-9537-471D-9746-D4CB5DD1418F}D:\programme\java\jdk1.7.0_45\bin\javaw.exe] => (Allow) D:\programme\java\jdk1.7.0_45\bin\javaw.exe
FirewallRules: [{DA581701-1458-428C-B149-7897C19BD044}] => (Allow) D:\Programme\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4F315D9F-8D14-4F0D-BC62-C2FEBA417123}] => (Allow) D:\Programme\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{22AA0182-7013-4F38-8420-747EDDABC7C6}] => (Allow) D:\Programme\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{B2FEDA9F-E960-4379-ADC0-5623D40F72F3}] => (Allow) D:\Programme\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{117AFD73-9FE8-40D5-B6F3-C39087AF4A7D}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{D117A62F-7B91-4BCE-9D4C-34EEEB4F75C3}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{C2802430-E695-497C-9862-619E64798E04}] => (Allow) D:\Programme\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1BE8A961-D80E-4B05-B5E5-B928F9B5CD90}] => (Allow) D:\Programme\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{698F3125-F874-4AC8-9404-61C6497CE29B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6B2D0D5B-27AA-4185-9970-5598EA911A87}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5AD10227-D7A0-4503-824A-A104FDADFFB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9F2F4DCF-3F7E-440E-A1DC-1063EFE0CD79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8698A72A-908C-40EF-95A3-A9C8A83ECA30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF37A886-5028-4BEA-9A46-45625EAB7E55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{81A45572-4679-40FA-BBBA-0FE47867F01E}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{359EF6F8-0A50-4395-8F1A-C325BC973EF9}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5D05CB65-B10D-4EE7-B16E-ADEC206945E4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{907283F5-ACFA-4FCC-A399-3C5DC8473891}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5AC4588F-51C9-4BD8-BAD9-61826779DB0E}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B9FFA72D-F69E-45CB-8FD8-61396733F3D6}] => (Allow) D:\Programme\Steam\SteamApps\common\Pid\Pid.exe
FirewallRules: [{2AD55649-7B60-4078-85A3-044270520B9F}] => (Allow) D:\Programme\Steam\SteamApps\common\Pid\Pid.exe
FirewallRules: [TCP Query User{21F258AE-05A2-4DFC-B6AB-6BC9545A51E6}D:\programme\radiosure\radiosure.exe] => (Block) D:\programme\radiosure\radiosure.exe
FirewallRules: [UDP Query User{DEC51764-7B31-4036-8B57-A31ED542D9B2}D:\programme\radiosure\radiosure.exe] => (Block) D:\programme\radiosure\radiosure.exe
FirewallRules: [{192BED18-3972-4322-ADE6-2A237B6D25E2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{F0D6F496-C09B-4DC3-98A7-9201EE4F293F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{619964EF-A771-45B6-8E6D-C40506E13C71}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{FAE618EC-F556-467C-94F1-4B5B76A99580}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{66D7BD4F-2A51-417E-8BAF-27F2226FEA47}] => (Allow) D:\Programme\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{48FCE135-60CC-4FD6-8EA5-D994D9474360}] => (Allow) D:\Programme\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{59623AC8-078C-4344-8C6E-9624FE6E2091}D:\programme\mumble\murmur.exe] => (Allow) D:\programme\mumble\murmur.exe
FirewallRules: [UDP Query User{D3BB1B0A-9D01-4BA7-A78C-026B32B9C85F}D:\programme\mumble\murmur.exe] => (Allow) D:\programme\mumble\murmur.exe
FirewallRules: [{EA565010-205F-478F-B75F-2AC86F0353DB}] => (Allow) D:\Programme\Steam\SteamApps\common\Cities In Motion\Cities In Motion.exe
FirewallRules: [{D7D78186-840A-4963-9A24-BED83258774F}] => (Allow) D:\Programme\Steam\SteamApps\common\Cities In Motion\Cities In Motion.exe
FirewallRules: [{9C93DB9B-C724-4A8E-B259-53FE2AB13D61}] => (Allow) D:\Programme\Steam\SteamApps\common\SpaceChem\SpaceChem.exe
FirewallRules: [{82A42FCE-212F-402F-A602-28EDEFDEDBFE}] => (Allow) D:\Programme\Steam\SteamApps\common\SpaceChem\SpaceChem.exe
FirewallRules: [{D0855A1C-0490-456F-9379-D5D4B86E1D60}] => (Allow) D:\Programme\Steam\SteamApps\common\Dino D-Day\dinodday.exe
FirewallRules: [{65304D3E-6BC1-451E-BBE6-EC2B93A69672}] => (Allow) D:\Programme\Steam\SteamApps\common\Dino D-Day\dinodday.exe
FirewallRules: [{370C5600-D6CD-45FE-A14A-0108D46985B1}] => (Allow) D:\Programme\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{90BD3ADF-AF71-45D7-B1AC-9A19830B414C}] => (Allow) D:\Programme\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{3357CAA0-EE1F-40DF-A47D-5EF1EEDEBB55}] => (Allow) D:\Programme\Steam\SteamApps\common\race 07\SteamExpansionApp.exe
FirewallRules: [{1DEC14BE-9FEC-4FB8-ADAC-964D48B38D8A}] => (Allow) D:\Programme\Steam\SteamApps\common\race 07\SteamExpansionApp.exe
FirewallRules: [{BE8C0682-ADCB-424B-A43B-13A4C7C62694}] => (Allow) D:\Programme\Steam\SteamApps\common\race 07\SteamProxy.exe
FirewallRules: [{E63BAE87-ED96-4199-9809-1F6A795379FE}] => (Allow) D:\Programme\Steam\SteamApps\common\race 07\SteamProxy.exe
FirewallRules: [{35F8D63D-613A-470B-8D23-E50F9D3A14FF}] => (Allow) D:\Programme\Steam\SteamApps\common\race 07\Config.exe
FirewallRules: [{E619A62D-375C-4B6B-81C2-F76E0CF85491}] => (Allow) D:\Programme\Steam\SteamApps\common\race 07\Config.exe
FirewallRules: [{0ED0BE30-EFC7-4AF8-85B2-B44F1A477906}] => (Allow) D:\Programme\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0F4195D7-02E2-4FA3-AC6B-B69C6B035C17}] => (Allow) D:\Programme\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{657E52D3-0210-4A98-9E8C-3A62A17797DC}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{B7733A7D-C16B-4BF6-80C1-E1EC3DECCEF1}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{F293821F-EC3C-4B89-B7EB-683444789C9F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{2488EA11-18DB-422F-9424-66EFEF69A447}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{D7F1311A-5A63-4CFA-B9EF-EC0DCA2363F3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{CB00BD1C-A104-412B-877A-B28F0B587721}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{66CB527F-1690-4533-8B68-0978798E3C50}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{60E26F68-CBE9-4A20-A620-9AD4F353BD12}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D20493C1-66FC-4010-A4C5-2A773D5DD777}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{E1A44986-09F4-4294-B716-E79D88035612}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{CDDE41B2-D8A2-4654-9B7D-2D1738FFCCB4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{655033F7-E5B8-48EA-8969-D8EE4F7B1612}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [TCP Query User{2129813F-78A2-4C8D-9428-5890E2AE162F}D:\programme\java\jdk1.8.0_25\bin\jmc.exe] => (Block) D:\programme\java\jdk1.8.0_25\bin\jmc.exe
FirewallRules: [UDP Query User{453064C8-41B2-4580-8A57-9DA373D8FD1B}D:\programme\java\jdk1.8.0_25\bin\jmc.exe] => (Block) D:\programme\java\jdk1.8.0_25\bin\jmc.exe
FirewallRules: [{C20DE2CE-ABFA-49B8-9ED9-67CA8EC5CF0B}] => (Allow) D:\Programme\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{D04FB7BC-A62D-4A2A-A275-44614E832D9F}] => (Allow) D:\Programme\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{4D43899D-65A5-4EE7-8CE7-A80066D56BED}] => (Allow) D:\Programme\Steam\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{CC50FC43-8A80-4659-915F-96BE5CB9EF6F}] => (Allow) D:\Programme\Steam\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{12B9B250-3C4B-4E54-BE93-3FF29816941C}] => (Allow) C:\Programme\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{1D4B28BB-A693-4BB0-8FDC-C085D929A3DF}] => (Allow) C:\Programme\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{3A89E934-934F-4B0F-ADFE-E2B2D5AEA0C7}] => (Allow) D:\Programme\Steam\SteamApps\common\Deponia\deponia.exe
FirewallRules: [{5FFD0AFD-52E3-40EC-AB38-EABAF7650BF5}] => (Allow) D:\Programme\Steam\SteamApps\common\Deponia\deponia.exe
FirewallRules: [{68D52AF9-3CC2-4763-99A4-41D035D0071C}] => (Allow) D:\Programme\Steam\SteamApps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{6754D74E-425C-48E6-AE72-A7609DD75400}] => (Allow) D:\Programme\Steam\SteamApps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [TCP Query User{3284E0F0-2C11-4E44-995A-6A409D4300FC}C:\users\anton\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\anton\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2663D6DC-2F05-4E56-A501-D08FC5D40D73}C:\users\anton\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\anton\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1B44F4EE-03F5-457D-AEC7-08C0FA709630}] => (Allow) LPort=50248
FirewallRules: [{89329157-AD5B-4DD4-8B17-A7DD0BEB3F80}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{68738357-0653-4E08-B001-151D279D1059}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{58ECF258-9D9D-44C1-9D37-689F8996455B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{64E58C42-35A8-4E75-B5B5-BC2E28E93C57}] => (Allow) D:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{0D896DE9-D4BF-45B3-A91F-7EAF832B9C04}] => (Allow) D:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9B60FF90-890B-4CFD-9D56-9A9CD4268BAD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{444D9838-297B-431B-8919-9A71E35E1823}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7F16398B-CFDA-410A-8E69-4D0C3D90D736}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5C9EDE2F-67D8-4A76-97D2-540F6A5AB022}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Faulty Device Manager Devices =============
Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: IOCBIOS
Description: IOCBIOS
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IOCBIOS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/05/2015 02:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12a4
Startzeit: 01d0872cf06a13aa
Endzeit: 0
Anwendungspfad: E:\Downloads\OTL.exe
Berichts-ID: f7f84181-f320-11e4-80ca-e811324c4054
Error: (05/05/2015 01:53:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SoftwareUpdate.exe, Version 2.1.3.127 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 106c
Startzeit: 01d08729d4323a55
Endzeit: 8
Anwendungspfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Berichts-ID: 61998b7c-f31d-11e4-80ca-e811324c4054
Error: (05/05/2015 01:51:44 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (05/05/2015 01:49:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (05/05/2015 01:49:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (05/05/2015 01:49:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (05/05/2015 01:16:45 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (05/05/2015 00:37:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (05/05/2015 00:37:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (05/05/2015 00:37:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
System errors:
=============
Error: (05/05/2015 01:43:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (05/05/2015 01:40:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (05/05/2015 01:40:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lirsgt.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/05/2015 01:40:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IOCBIOS" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (05/05/2015 01:40:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (05/05/2015 01:40:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5.
Error: (05/05/2015 01:25:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (05/05/2015 01:25:46 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lirsgt.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/05/2015 01:25:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IOCBIOS" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (05/05/2015 01:25:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Microsoft Office Sessions:
=========================
Error: (05/05/2015 02:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OTL.exe3.2.69.012a401d0872cf06a13aa0E:\Downloads\OTL.exef7f84181-f320-11e4-80ca-e811324c4054
Error: (05/05/2015 01:53:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SoftwareUpdate.exe2.1.3.127106c01d08729d4323a558C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe61998b7c-f31d-11e4-80ca-e811324c4054
Error: (05/05/2015 01:51:44 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (05/05/2015 01:49:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Programme\LG Electronics\LG PC Suite\LGPCSuite.exe
Error: (05/05/2015 01:49:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Programme\LG Electronics\LG PC Suite\LGPCSuite.exe
Error: (05/05/2015 01:49:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Programme\LG Electronics\LG PC Suite\LGPCSuite.exe
Error: (05/05/2015 01:16:45 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (05/05/2015 00:37:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Programme\LG Electronics\LG PC Suite\LGPCSuite.exe
Error: (05/05/2015 00:37:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Programme\LG Electronics\LG PC Suite\LGPCSuite.exe
Error: (05/05/2015 00:37:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Programme\LG Electronics\LG PC Suite\LGPCSuite.exe
CodeIntegrity Errors:
===================================
Date: 2014-09-18 12:40:50.174
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-18 12:40:50.082
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-18 12:31:06.752
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-18 12:31:06.661
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-18 12:31:06.563
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-18 12:31:06.496
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 17:16:58.950
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 17:16:58.950
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 17:16:58.940
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 17:16:58.940
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 42%
Total physical RAM: 6058.67 MB
Available physical RAM: 3474.13 MB
Total Pagefile: 12115.54 MB
Available Pagefile: 9282.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:100 GB) (Free:5.56 GB) NTFS
Drive d: (Programme) (Fixed) (Total:200.32 GB) (Free:97.92 GB) NTFS
Drive e: (Daten) (Fixed) (Total:271.75 GB) (Free:114.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 15661A65)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=472.1 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=24 GB) - (Type=27)
==================== End Of Log ============================
|
|
05.05.2015, 15:12
| #4 |
| | DHL Virus/Trojaner aus Email angeklickt OTL.txt Code:
ATTFilter OTL logfile created on: 5/5/2015 2:22:05 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17728) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5.92 Gb Total Physical Memory | 2.96 Gb Available Physical Memory | 49.98% Memory free 11.83 Gb Paging File | 8.80 Gb Available in Paging File | 74.34% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100.00 Gb Total Space | 2.94 Gb Free Space | 2.94% Space Free | Partition Type: NTFS Drive D: | 200.32 Gb Total Space | 97.92 Gb Free Space | 48.88% Space Free | Partition Type: NTFS Drive E: | 271.75 Gb Total Space | 114.90 Gb Free Space | 42.28% Space Free | Partition Type: NTFS Computer Name: ANTON-LAPTOP | User Name: Anton | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - E:\Downloads\OTL.exe (OldTimer Tools) PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe (Steganos Software GmbH) PRC - D:\Programme\PDF24\pdf24.exe (Geek Software GmbH) PRC - C:\Users\Anton\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) PRC - D:\Programme\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH) PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) PRC - C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe (Samsung Electronics) PRC - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics) PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (SEC) PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) PRC - C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Windows\SysWOW64\WerFault.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll () MOD - C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll () MOD - D:\Programme\ROCCAT\Kone[+] Mouse\hiddriver.dll () MOD - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll () ========== Services (SafeList) ========== SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software LLC) SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (OkayFreedom VPN Starter Service) -- C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe (Steganos Software GmbH) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AVP15.0.1) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Kaspersky Lab ZAO) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.) SRV - (Hamachi2Svc) -- D:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation) DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab ZAO) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (Klwtp) -- C:\Windows\SysNative\drivers\klwtp.sys (Kaspersky Lab ZAO) DRV:64bit: - (klflt) -- C:\Windows\SysNative\drivers\klflt.sys (Kaspersky Lab ZAO) DRV:64bit: - (IntelHaxm) -- C:\Windows\SysNative\drivers\IntelHaxm.sys (Intel Corporation) DRV:64bit: - (klhk) -- C:\Windows\SysNative\drivers\klhk.sys (Kaspersky Lab ZAO) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab ZAO) DRV:64bit: - (kldisk) -- C:\Windows\SysNative\drivers\kldisk.sys (Kaspersky Lab ZAO) DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab ZAO) DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab ZAO) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64-6.sys (Cisco Systems, Inc.) DRV:64bit: - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab ZAO) DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys (LG Electronics Inc.) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys (LG Electronics Inc.) DRV:64bit: - (klpd) -- C:\Windows\SysNative\drivers\klpd.sys (Kaspersky Lab ZAO) DRV:64bit: - (cm_km_w) -- C:\Windows\SysNative\drivers\cm_km_w.sys (Kaspersky Lab UK Ltd) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (ssudserd) -- C:\Windows\SysNative\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (EkaProt6) -- C:\Windows\SysNative\drivers\ekaprot6.sys (Ekahau Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.sys (Samsung Electronics) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (ICCWDT) -- C:\Windows\SysNative\drivers\ICCWDT.sys (Intel Corporation) DRV:64bit: - (smbusp) -- C:\Windows\SysNative\drivers\intelsmb.sys (Intel Corporation) DRV:64bit: - (btnetBUs) -- C:\Windows\SysNative\drivers\btnetBus.sys () DRV:64bit: - (IvtBtBUs) -- C:\Windows\SysNative\drivers\IvtBtBus.sys (IVT Corporation.) DRV:64bit: - (BtHidBus) -- C:\Windows\SysNative\drivers\BtHidBus.sys (IVT Corporation.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (DgiVecp) -- C:\Windows\SysNative\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.) DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.) DRV:64bit: - (lvpepf64) -- C:\Windows\SysNative\drivers\lv302a64.sys (Logitech Inc.) DRV - (lirsgt) -- C:\Windows\SysWOW64\drivers\lirsgt.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-292025854-1146036075-2059369275-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com IE - HKU\S-1-5-21-292025854-1146036075-2059369275-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-292025854-1146036075-2059369275-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-292025854-1146036075-2059369275-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-292025854-1146036075-2059369275-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-292025854-1146036075-2059369275-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-292025854-1146036075-2059369275-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxyweb.utc.fr:3128 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "FR" FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.region: "FR" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:28.0.2 FF - prefs.js..extensions.enabledAddons: online_banking_69A4E213815F42BD863D889007201D82%40kaspersky.com:4.5.3.8 FF - prefs.js..extensions.enabledAddons: content_blocker_6418E0D362104DADA084DC312DFA8ABC%40kaspersky.com:4.5.3.8 FF - prefs.js..extensions.enabledAddons: virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB%40kaspersky.com:4.5.3.8 FF - prefs.js..extensions.enabledAddons: %7B249b4e45-4fb9-4f6b-9754-7c0c1e605d44%7D:36.0 FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.3.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.2 FF - prefs.js..network.proxy.autoconfig_url: "hxxp://www.utc.fr/proxy-utc.pac" FF - prefs.js..network.proxy.backup.ftp: "proxyweb.utc.fr" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.socks: "proxyweb.utc.fr" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "proxyweb.utc.fr" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "proxyweb.utc.fr" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.http: "proxyweb.utc.fr" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, 192.168.0.1" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "proxyweb.utc.fr" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "proxyweb.utc.fr" FF - prefs.js..network.proxy.ssl_port: 3128 FF - prefs.js..network.proxy.type: 1 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014/12/25 16:34:37 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014/12/25 16:34:37 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014/12/25 16:34:37 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: D:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Anton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: D:\Programme\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: D:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014/12/25 16:34:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014/12/25 16:34:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014/12/25 16:34:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2015/04/20 22:52:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2015/04/04 21:34:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Components: D:\Programme\Mozilla Firefox\components [2015/04/20 22:52:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.6.0\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2015/04/04 21:34:48 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.6.0\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins [2011/09/17 11:33:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\Extensions [2015/05/04 09:38:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\Firefox\Profiles\6hg1dnu5.default-1367378586963\extensions [2015/05/04 09:36:18 | 000,488,459 | ---- | M] () (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015/03/10 23:37:45 | 000,124,845 | ---- | M] () (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\extensions\elemhidehelper@adblockplus.org.xpi [2015/05/04 09:38:11 | 001,449,164 | ---- | M] () (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\extensions\firefox@ghostery.com.xpi [2015/01/04 15:37:28 | 000,560,004 | ---- | M] () (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015/04/13 18:47:31 | 000,741,723 | ---- | M] () (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014/04/05 12:54:27 | 000,033,235 | ---- | M] () (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015/04/01 11:37:28 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015/04/23 20:12:43 | 000,791,924 | ---- | M] () (No name found) -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2014/12/16 17:05:58 | 000,002,269 | ---- | M] () -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\searchplugins\leo-fra-deu.xml [2013/05/05 22:29:38 | 000,002,000 | ---- | M] () -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\searchplugins\webcamstravel.xml [2013/05/05 22:29:46 | 000,006,183 | ---- | M] () -- C:\Users\Anton\AppData\Roaming\mozilla\firefox\profiles\6hg1dnu5.default-1367378586963\searchplugins\windfindercom.xml [2014/12/25 16:34:37 | 000,000,000 | ---D | M] (Модуль блокування небезпечних веб-сайтів) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM [2014/12/25 16:34:37 | 000,000,000 | ---D | M] (Безпечні платежі) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\ONLINE_BANKING@KASPERSKY.COM [2014/12/25 16:34:37 | 000,000,000 | ---D | M] (Віртуальна клавіатура) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\VIRTUAL_KEYBOARD@KASPERSKY.COM File not found (No name found) -- C:\USERS\ANTON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6HG1DNU5.DEFAULT-1367378586963\EXTENSIONS\{249B4E45-4FB9-4F6B-9754-7C0C1E605D44}.XPI O1 HOSTS File: ([2014/05/22 20:05:34 | 000,000,827 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Safe Money Plugin) - {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) O2 - BHO: (W2PBrowser Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll () O2 - BHO: (Virtual Keyboard Plugin) - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe () O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [PDFPrint] D:\Programme\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RoccatKone+] D:\Programme\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH) O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-292025854-1146036075-2059369275-1001..\Run: [Akamai NetSession Interface] C:\Users\Anton\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-292025854-1146036075-2059369275-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O9:64bit: - Extra Button: Virtuelle Tastatur - {09A10376-994C-4BBF-9121-F50CF7BA237E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {09A10376-994C-4BBF-9121-F50CF7BA237E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C6AF923-5B38-4A3F-A632-30AB1504BF56}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6721A2D7-96F6-4594-BADB-D5BF62339F99}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2015/05/05 13:39:15 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O33 - MountPoints2\{128c4d83-c88c-11e3-83e6-e811324c4054}\Shell - "" = AutoRun O33 - MountPoints2\{128c4d83-c88c-11e3-83e6-e811324c4054}\Shell\AutoRun\command - "" = G:\LG_PC_Programs.exe O33 - MountPoints2\{1966018c-f355-11e0-a4b6-e811324c4054}\Shell - "" = AutoRun O33 - MountPoints2\{1966018c-f355-11e0-a4b6-e811324c4054}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{69c355d1-2f48-11e2-a742-e811324c4054}\Shell - "" = AutoRun O33 - MountPoints2\{69c355d1-2f48-11e2-a742-e811324c4054}\Shell\AutoRun\command - "" = H:\Launcher\LAUNCHER.EXE O33 - MountPoints2\{9600ef26-4037-11e1-9a92-e811324c4054}\Shell - "" = AutoRun O33 - MountPoints2\{9600ef26-4037-11e1-9a92-e811324c4054}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{faaf19b5-fa4b-11e1-ab93-e811324c4054}\Shell - "" = AutoRun O33 - MountPoints2\{faaf19b5-fa4b-11e1-ab93-e811324c4054}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2015/05/05 13:04:48 | 000,000,000 | ---D | C] -- C:\NPE [2015/05/05 13:01:39 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\NPE [2015/04/17 15:39:51 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\.mono [2015/04/17 15:39:51 | 000,000,000 | ---D | C] -- C:\ProgramData\.mono [2015/04/17 15:39:48 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Colossal Order [2015/04/16 16:35:04 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\openvr [2015/04/15 21:34:27 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\WebApp [2015/04/15 21:32:43 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Packages [2015/04/15 21:32:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10 [2015/04/15 21:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap [2015/04/15 21:22:55 | 000,000,000 | ---D | C] -- C:\Users\Anton\Neuer Ordner [2015/04/15 21:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2015/04/15 11:40:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2015/04/15 11:40:34 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2015/04/15 11:40:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2015/04/15 11:40:34 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2015/04/15 11:40:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2015/04/15 11:40:33 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2015/04/15 11:40:33 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2015/04/15 11:40:33 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2015/04/15 11:40:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2015/04/15 11:40:33 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2015/04/15 11:40:31 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2015/04/15 11:40:31 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2015/04/15 11:40:30 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2015/04/15 11:40:29 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2015/04/15 11:40:29 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2015/04/15 11:40:29 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2015/04/15 11:40:29 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2015/04/15 11:40:29 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2015/04/15 11:40:29 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2015/04/15 11:40:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2015/04/15 11:40:28 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2015/04/15 11:40:28 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2015/04/15 11:40:27 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2015/04/15 11:40:26 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2015/04/15 11:40:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2015/04/15 11:40:24 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2015/04/15 11:40:24 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2015/04/15 11:40:24 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2015/04/15 11:40:24 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2015/04/15 11:40:23 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2015/04/15 11:40:23 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2015/04/15 11:40:22 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2015/04/15 11:40:22 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2015/04/15 11:40:22 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2015/04/15 11:40:21 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2015/04/15 11:40:21 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2015/04/15 11:40:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2015/04/15 11:40:03 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2015/04/15 11:40:03 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2015/04/15 11:40:03 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2015/04/15 11:40:03 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2015/04/15 11:40:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2015/04/15 11:40:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2015/04/15 11:40:03 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2015/04/15 11:40:03 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2015/04/15 11:40:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll [2015/04/15 11:40:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2015/04/15 11:40:03 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2015/04/15 11:40:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2015/04/15 11:40:03 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2015/04/15 11:40:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2015/04/15 11:40:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll [2015/04/15 11:39:40 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2015/04/15 11:39:39 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2015/04/15 11:39:39 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2015/04/15 11:39:39 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2015/04/15 11:39:39 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2015/04/15 11:39:39 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2015/04/15 11:39:38 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2015/04/15 11:39:38 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2015/04/15 11:39:38 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2015/04/15 11:39:38 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2015/04/15 11:39:37 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2015/04/15 11:39:37 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2015/04/15 11:39:37 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2015/04/15 11:39:37 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2015/04/15 11:39:37 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2015/04/15 11:39:37 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2015/04/15 11:39:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe [2015/04/15 11:39:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll [2015/04/15 11:39:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe [2015/04/15 11:39:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2015/04/15 11:39:37 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2015/04/15 11:39:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2015/04/15 11:39:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2015/04/15 11:39:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2015/04/15 11:39:37 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2015/04/15 11:39:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2015/04/15 11:39:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2015/04/15 11:39:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2015/04/15 11:39:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2015/04/15 11:39:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2015/04/15 11:39:37 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2015/04/15 11:39:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2015/04/15 11:39:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2015/04/15 11:39:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2015/04/15 11:39:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2015/04/15 11:39:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2015/04/15 11:39:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2015/04/15 11:39:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2015/04/15 11:39:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2015/04/15 11:39:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll [2015/04/15 11:39:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2015/04/15 11:39:34 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll [2015/04/15 11:39:34 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll [2015/04/15 11:39:34 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll [2015/04/15 11:39:34 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll [2015/04/15 11:39:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll [2015/04/15 11:39:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll [2015/04/15 11:39:28 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll [2015/04/15 11:39:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll [2015/04/15 11:39:27 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2015/04/15 11:39:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2015/04/15 11:39:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2015/04/11 10:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2015/04/11 10:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2015/04/11 10:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2015/04/11 10:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2015/04/11 10:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 [2015/04/10 22:18:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs [2015/04/10 22:10:48 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll [2015/04/10 22:10:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll [2015/04/10 22:10:47 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2015/04/10 22:10:47 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll [2015/04/10 22:10:47 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll [2015/04/10 22:10:46 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll [2015/04/10 22:10:46 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2015/04/10 22:10:46 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll [2015/04/10 13:46:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics [2015/04/10 13:43:25 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\LG OSP [2015/04/10 13:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG On-Screen Phone [2015/04/08 22:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\FARO [2015/04/08 22:20:19 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Inventor Server SDK ACAD 2014 [2015/04/08 21:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk [2015/04/08 11:05:59 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\NVIDIA [2015/04/08 11:05:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV [2015/04/08 11:05:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV [2015/04/08 11:04:01 | 001,756,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll [2015/04/08 11:04:00 | 001,514,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll [2015/04/08 11:04:00 | 001,316,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll [2015/04/08 11:03:59 | 001,278,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll [2015/04/08 11:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2015/04/08 11:02:48 | 006,861,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2015/04/08 11:02:48 | 003,526,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2015/04/08 11:02:48 | 002,559,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2015/04/08 11:02:48 | 001,099,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll [2015/04/08 11:02:48 | 000,386,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2015/04/08 11:02:48 | 000,075,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll [2015/04/08 11:02:48 | 000,062,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2015/04/08 10:51:58 | 032,114,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2015/04/08 10:51:58 | 024,775,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2015/04/08 10:51:58 | 018,580,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2015/04/08 10:51:58 | 016,022,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2015/04/08 10:51:58 | 013,297,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2015/04/08 10:51:58 | 010,775,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2015/04/08 10:51:58 | 000,997,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2015/04/08 10:51:58 | 000,878,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2015/04/08 10:51:58 | 000,354,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2015/04/08 10:51:58 | 000,306,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2015/04/08 10:51:58 | 000,038,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys [2015/04/08 10:51:58 | 000,035,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll [2015/04/08 10:51:58 | 000,032,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys [2015/04/08 10:51:58 | 000,032,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll [2015/04/08 10:51:57 | 017,258,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2015/04/08 10:51:57 | 014,121,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2015/04/08 10:51:57 | 013,210,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2015/04/08 10:51:57 | 010,715,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2015/04/08 10:51:57 | 003,611,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2015/04/08 10:51:57 | 003,249,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2015/04/08 10:51:57 | 001,896,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434788.dll [2015/04/08 10:51:57 | 001,557,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434788.dll [2015/04/08 10:51:57 | 000,970,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2015/04/08 10:51:57 | 000,944,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2015/04/08 10:51:57 | 000,930,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2015/04/08 10:51:57 | 000,909,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2015/04/08 10:51:57 | 000,178,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2015/04/08 10:51:57 | 000,164,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2015/04/08 10:51:53 | 025,460,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2015/04/08 10:51:53 | 020,466,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2015/04/08 10:51:53 | 003,303,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2015/04/08 10:51:53 | 002,906,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [3 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [23 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2015/05/05 14:33:08 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015/05/05 13:55:31 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015/05/05 13:51:30 | 000,022,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2015/05/05 13:51:30 | 000,022,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2015/05/05 13:40:33 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015/05/05 13:40:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015/05/05 13:40:03 | 2058,010,623 | -HS- | M] () -- C:\hiberfil.sys [2015/04/29 23:46:16 | 000,039,036 | ---- | M] () -- C:\Users\Anton\Desktop\Unbenannt.png [2015/04/22 00:10:26 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 10.lnk [2015/04/16 09:00:17 | 000,700,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2015/04/16 09:00:17 | 000,654,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2015/04/16 09:00:17 | 000,149,984 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2015/04/16 09:00:17 | 000,122,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2015/04/16 09:00:16 | 001,622,300 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2015/04/15 21:32:27 | 000,002,172 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk [2015/04/15 21:29:20 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll [2015/04/15 21:14:52 | 000,000,732 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2015/04/15 17:17:45 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2015/04/15 17:17:45 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2015/04/15 12:07:12 | 001,596,580 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2015/04/15 00:56:47 | 000,032,768 | ---- | M] () -- C:\Windows\SysNative\persistent_q.db-shm [2015/04/11 10:42:40 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2015/04/10 22:19:09 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl [2015/04/09 07:14:24 | 000,437,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2015/04/08 22:33:18 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk ReCap.lnk [2015/04/08 22:28:15 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk 360.lnk [2015/04/08 22:11:42 | 000,001,860 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2014 - Deutsch (German).lnk [3 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [23 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2015/04/24 14:38:21 | 000,039,036 | ---- | C] () -- C:\Users\Anton\Desktop\Unbenannt.png [2015/04/15 21:32:27 | 000,002,172 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk [2015/04/15 21:14:52 | 000,000,732 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2015/04/15 11:40:34 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2015/04/15 11:40:33 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2015/04/11 10:42:40 | 000,001,759 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2015/04/10 22:19:09 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2015/04/08 22:33:18 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk ReCap.lnk [2015/04/08 22:28:15 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk 360.lnk [2015/04/08 22:11:42 | 000,001,860 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2014 - Deutsch (German).lnk [2015/04/08 11:02:48 | 004,246,327 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2015/04/08 10:51:57 | 000,027,441 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2015/04/01 22:41:54 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2015/01/30 22:34:12 | 000,078,848 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2014/09/17 12:29:14 | 001,554,336 | ---- | C] () -- C:\Windows\TotalUninstaller.exe [2014/08/13 18:25:46 | 000,000,600 | ---- | C] () -- C:\Users\Anton\AppData\Roaming\winscp.rnd [2014/07/09 15:41:38 | 000,000,600 | ---- | C] () -- C:\Users\Anton\AppData\Local\PUTTY.RND [2013/10/26 17:06:10 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013/10/26 17:05:44 | 000,009,030 | ---- | C] () -- C:\Windows\HL-2030.INI [2013/10/26 17:05:44 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\brlmw03a.ini [2013/10/26 17:05:44 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2013/10/26 17:04:57 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\bd2030.dat [2013/10/26 17:04:33 | 000,000,239 | ---- | C] () -- C:\Windows\Brownie.ini [2012/01/16 22:56:46 | 000,017,408 | ---- | C] () -- C:\Users\Anton\AppData\Local\WebpageIcons.db [2011/12/05 18:22:02 | 000,007,596 | ---- | C] () -- C:\Users\Anton\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2014/02/22 23:22:54 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\.minecraft [2015/04/17 15:39:51 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\.mono [2012/04/19 09:28:11 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\AllDup [2012/12/10 01:05:03 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Amazon [2015/04/11 12:17:33 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Autodesk [2012/11/15 20:19:25 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\DAEMON Tools Lite [2015/05/05 13:39:16 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\DiskSpaceFan [2012/12/17 13:20:07 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Engelmann Media [2013/06/08 00:35:58 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\FileZilla [2015/01/17 22:58:40 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\FiraxisLive [2011/11/18 18:03:01 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Fluke [2015/02/20 19:15:07 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\GMR [2014/12/25 15:02:40 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\JetBrains [2015/03/12 22:03:18 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\LG Electronics [2012/03/26 16:13:17 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\LibreOffice [2014/01/14 17:00:30 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\LolClient [2012/09/30 13:01:22 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\LOVE [2013/02/14 14:56:43 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Need for Speed World [2014/10/28 13:08:43 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\NetBeans [2011/11/24 19:42:02 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\NetMeter [2011/12/01 15:31:31 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Nik Software [2011/10/26 20:16:10 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\OpenOffice.org [2013/11/22 00:00:58 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\openvr [2013/03/21 13:51:18 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Opera [2013/06/30 22:41:39 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Origin [2013/08/04 21:01:17 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\PDF Architect [2014/07/13 18:05:29 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\PDF Architect 2 [2013/08/04 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\PDF Software [2015/03/11 19:39:54 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\pdfforge [2014/01/13 20:06:01 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Riot Games [2014/09/17 12:31:14 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Samsung [2015/04/22 17:23:08 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\SoftGrid Client [2015/04/01 22:56:42 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Spotify [2015/02/26 15:37:50 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Steganos [2014/12/24 18:15:35 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Steganos Updates [2015/02/26 15:40:06 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Steganos VPN [2014/04/16 21:58:42 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Subversion [2013/05/27 00:30:40 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\TeamViewer [2012/04/21 19:29:20 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Temp [2011/09/17 12:05:13 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Thunderbird [2011/10/12 15:25:01 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Tific [2011/09/17 13:18:19 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\TP [2012/07/11 17:47:15 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Tunngle [2015/04/15 21:34:27 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\WebApp [2013/04/05 14:53:36 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > |
|
05.05.2015, 15:13
| #5 |
| | DHL Virus/Trojaner aus Email angeklickt Extras.txt Code:
ATTFilter OTL Extras logfile created on: 5/5/2015 2:22:05 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5.92 Gb Total Physical Memory | 2.96 Gb Available Physical Memory | 49.98% Memory free
11.83 Gb Paging File | 8.80 Gb Available in Paging File | 74.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 2.94 Gb Free Space | 2.94% Space Free | Partition Type: NTFS
Drive D: | 200.32 Gb Total Space | 97.92 Gb Free Space | 48.88% Space Free | Partition Type: NTFS
Drive E: | 271.75 Gb Total Space | 114.90 Gb Free Space | 42.28% Space Free | Partition Type: NTFS
Computer Name: ANTON-LAPTOP | User Name: Anton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-292025854-1146036075-2059369275-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office 2000\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office 2000\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B8F334-9F0F-4BE9-88CA-E869CE84ECB4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{081DF647-63EF-4BEA-AD62-B68F4712F2D2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B381A5B-1EFC-4FC0-B9DF-0C9BC99D1939}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{10FCE82A-A6DD-4F24-8F2A-B55D3FD63322}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{16BB2000-4F74-4E00-A954-328812EFDF2F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{183C60F8-FE46-484D-AA89-A885ED21F40C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1B44F4EE-03F5-457D-AEC7-08C0FA709630}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{25C47356-F318-40BF-A4C8-86BF74A79577}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2BDCB8D0-9AEB-4D14-9A1B-7AB8A05B536B}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{320510D0-9217-4BFC-B994-6824B5B4682A}" = lport=138 | protocol=17 | dir=in | app=system |
"{324E96DE-B7DA-4C56-B907-FECAC9EB350C}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{360B893D-DD4A-4A72-AC8D-7402EA87EB57}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3731A650-ECB7-41D3-999F-F8278EE4F66E}" = rport=445 | protocol=6 | dir=out | app=system |
"{3B19C545-FEE4-4DA3-B0E7-4DEB8DEE0B87}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3D0AD13B-3B1C-4FED-9BD8-21E5739CF5BE}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{40A8D95D-5C00-470B-9909-DF4ED7D08F1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E216534-0853-48E5-9DCA-086DBC7D72E2}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4E52479A-F14C-4EBC-B9EC-EC36AFFF679C}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{59EA6101-1084-4EF6-B0BF-01AC34547667}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AD10227-D7A0-4503-824A-A104FDADFFB5}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{61F5688A-B4D2-461D-B60D-4DAC651E9CCD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{662DFC1A-A997-4FD5-A605-48282090CD6F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{698F3125-F874-4AC8-9404-61C6497CE29B}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{6B2D0D5B-27AA-4185-9970-5598EA911A87}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{711ED9EB-3D34-4276-8B78-0BB26B8A5BB1}" = lport=139 | protocol=6 | dir=in | app=system |
"{7629F9E8-69AC-4887-A396-A44C926226F8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7878ABFD-4214-4048-886C-0D1EF90E8F81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{78CDCB4C-CC4F-4C3A-8625-1FA28C698753}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7DA43ED1-6222-462F-8D2D-BA2D488DDD3E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7F36C87D-1F12-4A8F-BB67-676542DA1450}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{81EFAA7C-00D3-4329-99B8-29D0F52004F4}" = rport=138 | protocol=17 | dir=out | app=system |
"{8698A72A-908C-40EF-95A3-A9C8A83ECA30}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8C9C36D1-6FFD-43BD-90F4-AD1EE4F2560D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90E2C001-F0FD-4D5F-840A-E7AC4FC96C12}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9DB8A132-1991-43FE-8141-F8CBA0D5892B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9F2F4DCF-3F7E-440E-A1DC-1063EFE0CD79}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A137BEDD-66D2-45D3-8047-D1D9DEEA4D9B}" = rport=137 | protocol=17 | dir=out | app=system |
"{A172B018-2264-4DD7-A79A-C858F9EFCA03}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B46B436E-F5E8-4FD5-84B0-B90C011DB3AF}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B580D0A6-5354-46DF-B8E4-2821AD191D14}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BB321772-7F8E-406A-9B07-BA63EEF409C9}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{BE1FB7EC-EF9B-47DD-92AC-001DE477168D}" = rport=139 | protocol=6 | dir=out | app=system |
"{CF37A886-5028-4BEA-9A46-45625EAB7E55}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E2789276-C000-4C65-91B7-FAEE7FD04739}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{EEBEA341-0238-4709-85FA-2670A00E2831}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F238EDC6-4716-4E66-BA36-36C345CB83EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F47516F1-187D-499A-AFF1-21A29540C46A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F49AAF8E-DD29-489A-A3D0-1C5D65BEC325}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F93DEFB5-66D1-4C38-903F-A0415235F15A}" = lport=445 | protocol=6 | dir=in | app=system |
"{FEB251D9-92F6-43DA-94A7-A496883BE9C0}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00598337-9D13-4B3C-A563-2B3DCDE088F4}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\renaissance heroes\bridealauncher.exe |
"{021F29E6-238E-4E85-826C-46C205C72522}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{03221B37-649B-48B8-88A0-61792133A163}" = protocol=17 | dir=in | app=d:\programme\opera x64\opera.exe |
"{05D603EE-2343-4AD8-BA4E-72AFA8780B48}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{096EE856-933B-48FD-A973-3B17397D214C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{09794335-7B34-434B-865B-10918A2CEF4D}" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"{0BF8F6C1-6D73-4E6D-955E-52B46D2476E1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C807CBC-F2CD-41D7-B842-95871CD4ED43}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\age2hd\launcher.exe |
"{0D896DE9-D4BF-45B3-A91F-7EAF832B9C04}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\cities_skylines\cities.exe |
"{0EB95DA8-B080-48C0-B3F6-E6E2C847167B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{0ED0BE30-EFC7-4AF8-85B2-B44F1A477906}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\raceroom racing experience\game\rrre.exe |
"{0F0FE064-1762-4234-94D3-EB7D154150D7}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe |
"{0F4195D7-02E2-4FA3-AC6B-B69C6B035C17}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\raceroom racing experience\game\rrre.exe |
"{11413E7F-3060-408A-8DAE-3DB731807286}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\renaissance heroes\bridealauncher.exe |
"{117AFD73-9FE8-40D5-B6F3-C39087AF4A7D}" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"{12B9B250-3C4B-4E54-BE93-3FF29816941C}" = protocol=6 | dir=in | app=c:\programme\virtual wifi router\virtualwifirouterlibrary.dll |
"{1498B9B0-BF4E-4790-8FD9-93CC82572A77}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{16638D58-F22A-497F-963B-5314613AD275}" = protocol=17 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{17337ED4-E87A-42C0-853E-713E7B779B57}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{192BED18-3972-4322-ADE6-2A237B6D25E2}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1BB49C69-9C15-4BAA-ABA5-FFE8ABCB7AFF}" = protocol=17 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{1BE8A961-D80E-4B05-B5E5-B928F9B5CD90}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\team fortress 2\hl2.exe |
"{1D4B28BB-A693-4BB0-8FDC-C085D929A3DF}" = protocol=17 | dir=in | app=c:\programme\virtual wifi router\virtualwifirouterlibrary.dll |
"{1DEC14BE-9FEC-4FB8-ADAC-964D48B38D8A}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\race 07\steamexpansionapp.exe |
"{1E11DC3E-5BEF-4F34-B2F3-3306E24A8C33}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2123DF25-64E3-4CCB-88A1-7384D7F45E35}" = protocol=6 | dir=out | app=system |
"{22AA0182-7013-4F38-8420-747EDDABC7C6}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\age2hd\launcher.exe |
"{22B619CD-B4C2-4D04-868F-800D354466AD}" = protocol=17 | dir=in | app=d:\programme\logitech touch mouse server\itouch-server-win.exe |
"{23FA47AB-27A4-484B-8106-1FE71C99F686}" = protocol=6 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{2464E3A0-0E87-4616-95E4-F52141672513}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2488EA11-18DB-422F-9424-66EFEF69A447}" = protocol=17 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{26196087-8A61-4637-AE38-641B7BE22F6D}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe |
"{2955F8EA-C4C9-4C9F-9F45-4B19E557C2B4}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe |
"{2AD55649-7B60-4078-85A3-044270520B9F}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\pid\pid.exe |
"{3357CAA0-EE1F-40DF-A47D-5EF1EEDEBB55}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\race 07\steamexpansionapp.exe |
"{341ED341-9DF5-4D98-B662-B82304BEBF0B}" = protocol=17 | dir=in | app=d:\programme\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{34230F90-7834-409C-B4D8-C515D2F2EBD3}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe |
"{359EF6F8-0A50-4395-8F1A-C325BC973EF9}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{35F8D63D-613A-470B-8D23-E50F9D3A14FF}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\race 07\config.exe |
"{36F2A0C8-07B5-475B-91D7-E89319718C74}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{370C5600-D6CD-45FE-A14A-0108D46985B1}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{37CD261F-2A40-44F0-B588-4E575BE82F5B}" = protocol=6 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{38345DE9-F144-4F52-B0D5-25FCCED1C945}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\renaissance heroes\bridealauncher.exe |
"{3A89E934-934F-4B0F-ADFE-E2B2D5AEA0C7}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\deponia\deponia.exe |
"{3BEA44AB-55A0-4B17-8AB6-B970C9564D24}" = protocol=6 | dir=in | app=d:\programme\opera x64\opera.exe |
"{40544938-3660-4810-BBCF-7CF8CF283E73}" = protocol=6 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{405AEEF8-6AC4-43F7-BC75-7C30772D5C67}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{444D9838-297B-431B-8919-9A71E35E1823}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{45550BE4-54E7-467D-A017-CDB58B73FB67}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{48FCE135-60CC-4FD6-8EA5-D994D9474360}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\banished\application-steam-x64.exe |
"{4A21C71F-E2A1-4918-B0E5-FE415BE286B9}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc.exe |
"{4D43899D-65A5-4EE7-8CE7-A80066D56BED}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\minimetro\minimetro.exe |
"{4D68BDEA-01B5-485C-B95C-6687DC015D70}" = protocol=6 | dir=in | app=d:\programme\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{4F2B5D2C-46F7-4F04-92D1-F569BED45014}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F315D9F-8D14-4F0D-BC62-C2FEBA417123}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\team fortress 2\hl2.exe |
"{50D5B6F5-1EF9-49A7-B950-3520E9523BB5}" = protocol=6 | dir=in | app=d:\programme\opera x64\opera.exe |
"{52CCB60F-1C2A-43BD-89C7-4C04DF65B9F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54871E02-F047-4BAD-966E-1E1026B8364E}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\half-life\hl.exe |
"{55856D72-8DAA-4F48-A90C-A553359E9FB9}" = protocol=17 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{58ECF258-9D9D-44C1-9D37-689F8996455B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{5AC4588F-51C9-4BD8-BAD9-61826779DB0E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5C9EDE2F-67D8-4A76-97D2-540F6A5AB022}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{5D05CB65-B10D-4EE7-B16E-ADEC206945E4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5FFD0AFD-52E3-40EC-AB38-EABAF7650BF5}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\deponia\deponia.exe |
"{6096EA58-4CC6-40E5-A28F-3FEE4DB33A0F}" = protocol=17 | dir=in | app=d:\programme\teamviewer\version7\teamviewer.exe |
"{60E26F68-CBE9-4A20-A620-9AD4F353BD12}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{619964EF-A771-45B6-8E6D-C40506E13C71}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{633AEBE6-0613-47FA-AA80-EA7DF238E8FD}" = protocol=17 | dir=in | app=d:\programme\teamviewer\version7\teamviewer_service.exe |
"{639A5A53-D14F-4E27-B0BE-0A2F0859EAB9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63B4E7DA-2842-488F-AA69-95B51B7C053A}" = protocol=6 | dir=in | app=d:\programme\warcraft iii\war3.exe |
"{64E58C42-35A8-4E75-B5B5-BC2E28E93C57}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\cities_skylines\cities.exe |
"{650734EF-0CBB-4B53-BA1E-83070A5F98B1}" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"{65304D3E-6BC1-451E-BBE6-EC2B93A69672}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\dino d-day\dinodday.exe |
"{655033F7-E5B8-48EA-8969-D8EE4F7B1612}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{657E52D3-0210-4A98-9E8C-3A62A17797DC}" = protocol=6 | dir=in | app=d:\programme\steam\bin\steamwebhelper.exe |
"{6586D8C0-DC19-4B46-862B-9A6EF054F6AE}" = protocol=6 | dir=in | app=d:\programme\teamviewer\version7\teamviewer_service.exe |
"{66CB527F-1690-4533-8B68-0978798E3C50}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{66D7BD4F-2A51-417E-8BAF-27F2226FEA47}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\banished\application-steam-x64.exe |
"{6754D74E-425C-48E6-AE72-A7609DD75400}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\deponia\visionaireconfigurationtool.exe |
"{68738357-0653-4E08-B001-151D279D1059}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{68C1115F-C458-4B93-80C8-C7F21A910112}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{68D52AF9-3CC2-4763-99A4-41D035D0071C}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\deponia\visionaireconfigurationtool.exe |
"{6C89ABA6-FF67-4923-AE99-FE548F8C36D7}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\portal\hl2.exe |
"{6F4418FF-050E-4652-93FA-46BAA7245307}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{715BDF8F-2804-4431-92A0-AAA1C783D0B9}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\team fortress 2\hl2.exe |
"{71A42435-C281-4460-9521-691DB7ECA1D5}" = protocol=6 | dir=in | app=d:\programme\teamviewer\version7\teamviewer.exe |
"{750DB093-350D-4E35-A800-179C987F5C05}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7778CB35-887F-4E92-8D78-41C62B825088}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{78BDD33E-A774-45FD-BCCD-1576243D6471}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe |
"{7A0531CE-DDFF-40BF-837C-7C381C1E824F}" = protocol=6 | dir=in | app=d:\programme\tunngle\tnglctrl.exe |
"{7B991558-B6A8-43CF-AA7A-D2489CB82E90}" = protocol=17 | dir=in | app=d:\programme\opera x64\opera.exe |
"{7C3E1032-0839-47C0-ADC3-B5F7398F4AA2}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe |
"{7F16398B-CFDA-410A-8E69-4D0C3D90D736}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{81A45572-4679-40FA-BBBA-0FE47867F01E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{82A42FCE-212F-402F-A602-28EDEFDEDBFE}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\spacechem\spacechem.exe |
"{83BD6182-E330-4B51-84DC-249304F5402A}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\portal 2\portal2.exe |
"{8930298E-814C-4A67-A435-908133A4D592}" = protocol=6 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{89329157-AD5B-4DD4-8B17-A7DD0BEB3F80}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8D4AA437-074A-449C-BFB1-33BCC3462C02}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\team fortress 2\hl2.exe |
"{8F4AC3D4-012F-45A3-A6E8-4242CF70BC92}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\portal 2\portal2.exe |
"{8FE3CA8A-9080-4E9A-83F2-C32B59E086AC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{907283F5-ACFA-4FCC-A399-3C5DC8473891}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{90BD3ADF-AF71-45D7-B1AC-9A19830B414C}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{91956904-8612-4FD8-BDD4-A655D1A55059}" = protocol=6 | dir=in | app=d:\programme\tunngle\tunngle.exe |
"{94CE88B3-5550-437D-8029-8C07E8746704}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9602C884-072F-4680-8349-160CAF504C78}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe |
"{96E653C9-7919-4F5B-9F32-005B38C208DF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{98E7D656-1FE1-450A-9C2E-AC912ABC392F}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\half-life\hl.exe |
"{9983413D-EB8C-428F-897B-77F62CB673C7}" = protocol=17 | dir=in | app=d:\programme\warcraft iii\war3.exe |
"{9B60FF90-890B-4CFD-9D56-9A9CD4268BAD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{9C93DB9B-C724-4A8E-B259-53FE2AB13D61}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\spacechem\spacechem.exe |
"{9E773410-F8CB-4850-BE05-BC43FBB18406}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\renaissance heroes\bridealauncher.exe |
"{9F74B97F-3FBD-4DE8-907C-5286CB5B0CC1}" = protocol=6 | dir=in | app=d:\programme\logitech touch mouse server\itouch-server-win.exe |
"{A889DE23-8032-4C3B-AD53-CC51A78010BF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B0C3851A-4628-41BC-97F5-FFFFF204A634}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B2FEDA9F-E960-4379-ADC0-5623D40F72F3}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\age2hd\launcher.exe |
"{B4E68776-6D05-4735-9DEA-18DE6CFBCC49}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe |
"{B7733A7D-C16B-4BF6-80C1-E1EC3DECCEF1}" = protocol=17 | dir=in | app=d:\programme\steam\bin\steamwebhelper.exe |
"{B86E4921-26B7-485C-8F16-4E3AD1583AED}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\age2hd\launcher.exe |
"{B9FFA72D-F69E-45CB-8FD8-61396733F3D6}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\pid\pid.exe |
"{BB5F1341-BF74-4604-8EFD-1F9C37C48019}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\half-life\hl.exe |
"{BDE1ABC7-FB9D-4DBF-A41E-09ACDE62B30D}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{BE8C0682-ADCB-424B-A43B-13A4C7C62694}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\race 07\steamproxy.exe |
"{C19373EB-B4CF-4D4E-B369-828774F0B568}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\age2hd\launcher.exe |
"{C20DE2CE-ABFA-49B8-9ED9-67CA8EC5CF0B}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\portal\hl2.exe |
"{C2802430-E695-497C-9862-619E64798E04}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\team fortress 2\hl2.exe |
"{C3A2F2E6-CB59-4793-BC02-86A4BB31056B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CB00BD1C-A104-412B-877A-B28F0B587721}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{CC50FC43-8A80-4659-915F-96BE5CB9EF6F}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\minimetro\minimetro.exe |
"{CDDE41B2-D8A2-4654-9B7D-2D1738FFCCB4}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{D04FB7BC-A62D-4A2A-A275-44614E832D9F}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\portal\hl2.exe |
"{D0855A1C-0490-456F-9379-D5D4B86E1D60}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\dino d-day\dinodday.exe |
"{D117A62F-7B91-4BCE-9D4C-34EEEB4F75C3}" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"{D20493C1-66FC-4010-A4C5-2A773D5DD777}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{D37E70DA-9F91-4ED7-A429-1C9BBA90CC3F}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc.exe |
"{D4DEEA74-B15B-4AFB-9A32-125FB19A5918}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5BACE33-0F49-4CC6-A9F1-60BB922ECB71}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D7D78186-840A-4963-9A24-BED83258774F}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\cities in motion\cities in motion.exe |
"{D7F1311A-5A63-4CFA-B9EF-EC0DCA2363F3}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{D96E7AA1-FEB3-468D-B865-5FE2F2A5E2CB}" = protocol=17 | dir=in | app=d:\programme\tunngle\tnglctrl.exe |
"{DA581701-1458-428C-B149-7897C19BD044}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\team fortress 2\hl2.exe |
"{DAA001B2-3B18-4CF8-AC09-FBC344B2BEBD}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\half-life\hl.exe |
"{E1A44986-09F4-4294-B716-E79D88035612}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{E593A865-FD05-4BD4-BEB6-672B64AEA507}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\age2hd\launcher.exe |
"{E619A62D-375C-4B6B-81C2-F76E0CF85491}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\race 07\config.exe |
"{E63BAE87-ED96-4199-9809-1F6A795379FE}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\race 07\steamproxy.exe |
"{E75D9B20-2CD8-4CDE-B9E3-B6E5723201FD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9AD905B-6FC1-4B20-99AC-7ADFA612909D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{EA565010-205F-478F-B75F-2AC86F0353DB}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\cities in motion\cities in motion.exe |
"{EC2DC097-10E7-4EA7-9E70-57641A2BBCD2}" = protocol=17 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{EFF03344-A215-41CC-B018-08CBEE42A812}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\portal\hl2.exe |
"{F0D6F496-C09B-4DC3-98A7-9201EE4F293F}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{F293821F-EC3C-4B89-B7EB-683444789C9F}" = protocol=6 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{F68F59AF-A7C0-4967-BD0E-FA30A43926FE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FAE618EC-F556-467C-94F1-4B5B76A99580}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{FB83EF69-7CC1-49E2-BD68-03D8FBE0B250}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{FC70EB49-055E-42EF-A9DC-5B35E1CCB158}" = protocol=17 | dir=in | app=d:\programme\tunngle\tunngle.exe |
"TCP Query User{12FAA9BB-531F-43F5-8A1A-2695BC597B6E}D:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe |
"TCP Query User{2129813F-78A2-4C8D-9428-5890E2AE162F}D:\programme\java\jdk1.8.0_25\bin\jmc.exe" = protocol=6 | dir=in | app=d:\programme\java\jdk1.8.0_25\bin\jmc.exe |
"TCP Query User{21F258AE-05A2-4DFC-B6AB-6BC9545A51E6}D:\programme\radiosure\radiosure.exe" = protocol=6 | dir=in | app=d:\programme\radiosure\radiosure.exe |
"TCP Query User{3284E0F0-2C11-4E44-995A-6A409D4300FC}C:\users\anton\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\anton\appdata\local\akamai\netsession_win.exe |
"TCP Query User{36878C87-D1E8-48D5-B5EF-120B12F22BC1}C:\users\anton\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\anton\appdata\roaming\spotify\spotify.exe |
"TCP Query User{3A50E134-77E9-4AB1-9886-1F52D7FE1823}D:\programme\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\programme\tmnationsforever\tmforever.exe |
"TCP Query User{3C1528A9-4BCA-4500-9E60-E69F3DF9A977}D:\programme\steam\steamapps\common\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\portal 2\portal2.exe |
"TCP Query User{3CA230F9-732A-44CB-BAD7-49B7DD822172}D:\programme\steam\steamapps\common\sid meier's civilization v\civilizationv.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\sid meier's civilization v\civilizationv.exe |
"TCP Query User{57C040A9-BC6A-49AA-96E5-B22916D39860}D:\programme\java\jdk1.7.0_45\bin\javaw.exe" = protocol=6 | dir=in | app=d:\programme\java\jdk1.7.0_45\bin\javaw.exe |
"TCP Query User{59623AC8-078C-4344-8C6E-9624FE6E2091}D:\programme\mumble\murmur.exe" = protocol=6 | dir=in | app=d:\programme\mumble\murmur.exe |
"TCP Query User{BDF9503E-BA8E-4D4B-AD27-6753F1B9C43D}D:\programme\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=d:\programme\videolan\vlc\vlc.exe |
"TCP Query User{D5A0C75F-02DE-4A48-AD3F-106CEBB12F4F}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{DCABC891-708B-4D20-8512-7D93E7FC0F07}D:\programme\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\programme\warcraft iii\war3.exe |
"UDP Query User{0FA7A572-A0E0-4FFF-B1DA-867182461478}D:\programme\steam\steamapps\common\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\portal 2\portal2.exe |
"UDP Query User{200D2A8A-B626-4260-BC30-423BDDD59C98}D:\programme\steam\steamapps\common\sid meier's civilization v\civilizationv.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\sid meier's civilization v\civilizationv.exe |
"UDP Query User{2202417F-9537-471D-9746-D4CB5DD1418F}D:\programme\java\jdk1.7.0_45\bin\javaw.exe" = protocol=17 | dir=in | app=d:\programme\java\jdk1.7.0_45\bin\javaw.exe |
"UDP Query User{2663D6DC-2F05-4E56-A501-D08FC5D40D73}C:\users\anton\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\anton\appdata\local\akamai\netsession_win.exe |
"UDP Query User{453064C8-41B2-4580-8A57-9DA373D8FD1B}D:\programme\java\jdk1.8.0_25\bin\jmc.exe" = protocol=17 | dir=in | app=d:\programme\java\jdk1.8.0_25\bin\jmc.exe |
"UDP Query User{490CF94F-CEB6-43F8-9166-148595491C08}D:\programme\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\programme\warcraft iii\war3.exe |
"UDP Query User{5CD82A5D-CDE7-40E5-91BC-E4B8D700C5CF}D:\programme\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\programme\tmnationsforever\tmforever.exe |
"UDP Query User{6A9ED555-3F5E-48F2-AF76-EFADFBF66267}C:\users\anton\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\anton\appdata\roaming\spotify\spotify.exe |
"UDP Query User{BD463894-5FE9-46FF-A7DA-9180C9FF1AA7}D:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\renaissance heroes\binaries\win32\dvgame.exe |
"UDP Query User{D3BB1B0A-9D01-4BA7-A78C-026B32B9C85F}D:\programme\mumble\murmur.exe" = protocol=17 | dir=in | app=d:\programme\mumble\murmur.exe |
"UDP Query User{DB4E58C8-F97C-47E7-BF3D-563AF6D249F7}D:\programme\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=d:\programme\videolan\vlc\vlc.exe |
"UDP Query User{DEC51764-7B31-4036-8B57-A31ED542D9B2}D:\programme\radiosure\radiosure.exe" = protocol=17 | dir=in | app=d:\programme\radiosure\radiosure.exe |
"UDP Query User{FB391D6B-65F0-49C4-B203-24ECB17AD9EF}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Microsoft-Maus- und Tastatur-Center
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F06417071FF}" = Java 7 Update 71 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86418025F0}" = Java 8 Update 25 (64-bit)
"{309768A4-A2BB-4930-A5A2-8169678C9B4C}" = iCloud
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 - Deutsch (German)
"{5783F2D7-D001-0407-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack - Deutsch (German)
"{5783F2D7-D001-0407-2102-0060B0CE6BBA}" = AutoCAD 2014 - Deutsch (German)
"{5783F2D7-F028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2016 - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170710}" = Java SE Development Kit 7 Update 71 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0180250}" = Java SE Development Kit 8 Update 25 (64-bit)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{93F2A022-6C37-48B8-B241-FFABD9F60C30}" = iTunes
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 347.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 347.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.2.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 17.12.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 17.12.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 17.12.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C4123106-B685-48E6-B9BD-E4F911841EB4}" = Apple Mobile Device Support
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D7B824DE-DA32-4772-9E5E-39C5158136A7}" = Apple Application Support (64-Bit)
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{ECCB31F5-435D-4F37-A98D-5854D3C62718}" = Intel® Hardware Accelerated Execution Manager
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
"Android Studio" = Android Studio
"AutoCAD 2014 - Deutsch (German)" = Autodesk AutoCAD 2014 - Deutsch (German)
"Autodesk ReCap" = Autodesk ReCap
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.69.2
"DWG TrueView 2016 - English" = Autodesk DWG TrueView 2016 - English
"Elantech" = ETDWare PS/2-X64 10.7.14.12_WHQL
"Heatmapper-1.1.4.39795" = Ekahau HeatMapper
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"Opera 12.17.1863" = Opera 12.17
"SMBus" = Intel(R) SMBus
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00020407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Standard
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}" = System Requirements Lab for Intel
"{0E8E4718-0702-4D33-B007-5E95849BAB3C}" = LibreOffice 3.5
"{12597DD0-002E-4776-A424-225ECED8C6C7}" = Brother HL-2030
"{13453DAA-8424-4B9C-844F-FC44C621F9E3}" = OLYMPUS Master 2
"{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}" = WordCaptureX Pro
"{142D8CA7-2C6F-45A7-83E3-099AAFD99133}" = Samsung Update Plus
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{16880765-677F-440B-B16A-BFD9B9C00012}" = EasyFileShare
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{179324FF-7B16-4BA8-9836-055CAAEE4F08}" = SDFormatter
"{1C21B645-FED0-4E08-AA65-A7B388F10083}" = Mumble 1.2.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1" = RaceRoom Racing Experience Launcher
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.3
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{318DBE01-1E6B-4243-84B0-210391FE789A}" = Samsung AnyWeb Print
"{31CB0D80-1866-462A-9455-88614410971F}" = Driver: Parallel Lines
"{331ECF61-69AF-4F57-AC35-AFED610231C3}" = Multimedia POP
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F3FB10C-7175-4D38-9335-3488B89C12AF}" = OkayFreedom
"{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}" = PhoneShare
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4109EEA6-0868-41B8-B79A-07DCFB2B1C93}" = SmartView 2.1
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A331D24-A9E8-484F-835E-1BA7B139689C}" = EasyBatteryManager
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{517CC397-B22F-4593-8DCB-DE72CC541E9A}" = League of Legends
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{55031CEF-CE75-4A5C-8DEA-60577820529B}" = LG United Mobile Drivers
"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
"{5C0FB02C-CBC4-4D3A-9B3A-AD8DA6250D23}" = OLYMPUS xD-Picture Card Pack
"{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}" = Pflanzen gegen Zombies™
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C016AC4-0282-4C82-B12F-3D5910DA7319}" = Samsung AnyWeb Print
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}" = Fast Start
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}" = Movie Color Enhancer
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 6.9.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8732818E-CA78-4ACB-B077-22311BF4C0E4}" = Easy Network Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}" = Kaspersky Internet Security
"{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A00F8237-F496-44D2-0001-E3CCF8CD58AE}" = Photomizer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAAB700A-DDB7-4298-AB4B-B6E9F785059C}" = Cisco AnyConnect Secure Mobility Client
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Apple Application Support (32-Bit)
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{B49C924C-A651-4378-94F6-5D9BF44A959F}" = EE-ZDE
"{B58561BB-0425-458C-B9C4-44618814BA70}" = The Italian Job
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{B915FA4E-B670-43E9-8EA0-9F16BFFD8AE8}" = DirComp
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{BA2F3EBC-FE07-4AB5-B906-14DF2C74C523}" = Age of Empires II - the Conquerors WideScreen Patcher
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1" = Win32DiskImager version 0.9.5
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center 1.0
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F92C4EE6-BEA9-11D7-9E00-0004769EEFEB}" = USA Raser
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD0E594-823B-4E2B-B680-720B3C852588}" = BatteryLifeExtender
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AllDup_is1" = AllDup 3.4.0
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Autodesk Content Service" = Autodesk Content Service
"Braunschweig Hbf DEMO" = Braunschweig Hbf DEMO
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"Color Efex Pro 3.0 Stand-Alone Standard" = Color Efex Pro 3.0 Standard
"CrashTime" = Cobra 11 - Crash Time (remove only)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"Disk Space Fan_is1" = Disk Space Fan 2.2.7.820
"FileZilla Client" = FileZilla Client 3.2.7.1
"FormatFactory" = FormatFactory 2.70
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FreeCommander_is1" = FreeCommander 2009.02b
"GOGPACKRTC_is1" = RollerCoaster Tycoon Deluxe
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}" = Kaspersky Internet Security
"Kleinstadt" = Kleinstadt
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.7.0 (Full)
"Knight Rider" = Knight Rider
"League of Legends 3.0.1" = League of Legends
"LG On-Screen Phone" = LG On-Screen Phone
"LG PC Suite" = LG PC Suite
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"LogMeIn Hamachi" = LogMeIn Hamachi
"MinecraftAlpha" = MinecraftAlpha
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird (6.0.2)" = Mozilla Thunderbird (6.0.2)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nbi-nb-base-7.4.0.0.201310111528" = NetBeans IDE 7.4
"nbi-nb-base-8.0.1.0.201408251540" = NetBeans IDE 8.0.1
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Origin" = Origin
"PaperCut NG Client_is1" = PaperCut NG Client 10.7
"Pinball" = 3D Pinball from Plus! for Windows 95
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"Samsung ML-2160 Series" = Samsung ML-2160 Series
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"SecureW2 EAP Suite" = SecureW2 EAP Suite 2.0.2 for Windows
"SimCity 3000" = SimCity 3000
"Steam App 12900" = Audiosurf
"Steam App 214340" = Deponia
"Steam App 218740" = Pid
"Steam App 221790" = Renaissance Heroes
"Steam App 242920" = Banished
"Steam App 255710" = Cities: Skylines
"Steam App 287980" = Mini Metro
"Steam App 400" = Portal
"Steam App 440" = Team Fortress 2
"Steam App 60" = Ricochet
"Steam App 620" = Portal 2
"Steam App 70000" = Dino D-Day
"Steam App 73010" = Cities in Motion
"Steam App 80" = Counter-Strike: Condition Zero
"Steam App 8600" = RACE 07
"Steam App 8660" = GTR Evolution
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 92800" = SpaceChem
"Strategic Command 2 Blitzkrieg & Weapons and War~259533B8_is1" = Strategic Command 2 Blitzkrieg & Weapons and Warfare
"Sweet Home 3D_is1" = Sweet Home 3D version 3.7
"TeamViewer" = TeamViewer 10
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player
"Volvo - The Game_is1" = Volvo - The Game
"Warcraft III" = Warcraft III
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 5.5.4
"Works2003Setup" = Microsoft Works 2003-Setup-StartntVersion\Uninstall\winscp3_is1
"WT085559" = Diner Dash 2 Restaurant Rescue
"WT085567" = Chuzzle Deluxe
"WT085580" = John Deere Drive Green
"WT085581" = Penguins!
"WT085583" = Polar Golfer
"WT085587" = Agatha Christie - Death on the Nile
"WT085597" = Build-a-lot
"WT085618" = Farm Frenzy
"WT085622" = Insaniquarium Deluxe
"WT085663" = Peggle
"WT085669" = Plants vs. Zombies
"WT089285" = Zuma Deluxe
"WT089286" = Bejeweled 2 Deluxe
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-292025854-1146036075-2059369275-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"cdec0197bc9bac94" = Giant Multiplayer Robot
"Mozilla Firefox 37.0.2 (x86 de)" = Mozilla Firefox 37.0.2 (x86 de)
"Mozilla Thunderbird 31.6.0 (x86 de)" = Mozilla Thunderbird 31.6.0 (x86 de)
"RadioSure" = RadioSure
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/5/2015 6:37:49 AM | Computer Name = Anton-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Programme\LG
Electronics\LG PC Suite\LGPCSuite.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 5/5/2015 6:37:50 AM | Computer Name = Anton-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Programme\LG
Electronics\LG PC Suite\LGPCSuite.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 5/5/2015 6:37:50 AM | Computer Name = Anton-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Programme\LG
Electronics\LG PC Suite\LGPCSuite.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 5/5/2015 7:16:45 AM | Computer Name = Anton-Laptop | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 5/5/2015 7:49:20 AM | Computer Name = Anton-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Programme\LG
Electronics\LG PC Suite\LGPCSuite.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 5/5/2015 7:49:20 AM | Computer Name = Anton-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Programme\LG
Electronics\LG PC Suite\LGPCSuite.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 5/5/2015 7:49:20 AM | Computer Name = Anton-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Programme\LG
Electronics\LG PC Suite\LGPCSuite.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 5/5/2015 7:51:44 AM | Computer Name = Anton-Laptop | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 5/5/2015 7:53:59 AM | Computer Name = Anton-Laptop | Source = Application Hang | ID = 1002
Description = Programm SoftwareUpdate.exe, Version 2.1.3.127 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 106c Startzeit: 01d08729d4323a55 Endzeit: 8 Anwendungspfad:
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe Berichts-ID: 61998b7c-f31d-11e4-80ca-e811324c4054
Error - 5/5/2015 8:25:41 AM | Computer Name = Anton-Laptop | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12a4 Startzeit:
01d0872cf06a13aa Endzeit: 0 Anwendungspfad: E:\Downloads\OTL.exe Berichts-ID: f7f84181-f320-11e4-80ca-e811324c4054
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 5/5/2015 7:41:32 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp
Line:
1749 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31588340
(0xFE1E000C) Description: SOCKETTRANSPORT_ERROR_CONNECT
Error - 5/5/2015 7:41:34 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::postConnectProcessing File: .\IPC\SocketTransport.cpp
Line:
1867 Invoked Function: ::WSAConnect Return Code: 10061 (0x0000274D) Description: Es
konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung
verweigerte.
Error - 5/5/2015 7:41:34 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CHttpSessionAsync::OnTransportInitiateComplete File: .\IP\HttpSessionAsync.cpp
Line:
1355 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
-31588340 (0xFE1E000C) Description: SOCKETTRANSPORT_ERROR_CONNECT
Error - 5/5/2015 7:41:34 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
303 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588340
(0xFE1E000C) Description: SOCKETTRANSPORT_ERROR_CONNECT
Error - 5/5/2015 7:41:34 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp
Line:
1749 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31588340
(0xFE1E000C) Description: SOCKETTRANSPORT_ERROR_CONNECT
Error - 5/5/2015 7:41:34 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1385 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target
Error - 5/5/2015 7:41:34 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
777 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 5/5/2015 7:45:29 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 5/5/2015 7:45:29 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 5/5/2015 7:45:29 AM | Computer Name = Anton-Laptop | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL
[ System Events ]
Error - 5/5/2015 7:25:41 AM | Computer Name = Anton-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error - 5/5/2015 7:25:44 AM | Computer Name = Anton-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IOCBIOS" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error - 5/5/2015 7:25:46 AM | Computer Name = Anton-Laptop | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lirsgt.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 5/5/2015 7:25:46 AM | Computer Name = Anton-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 5/5/2015 7:40:29 AM | Computer Name = Anton-Laptop | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem
Fehler beendet: %%5.
Error - 5/5/2015 7:40:36 AM | Computer Name = Anton-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error - 5/5/2015 7:40:40 AM | Computer Name = Anton-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IOCBIOS" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error - 5/5/2015 7:40:41 AM | Computer Name = Anton-Laptop | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lirsgt.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 5/5/2015 7:40:41 AM | Computer Name = Anton-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 5/5/2015 7:43:09 AM | Computer Name = Anton-Laptop | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.
< End of report >
Sorry, aber die Logfiles sind so lang, dass ich für jede Datei eine eigene Antwort brauche. |
|
06.05.2015, 07:40
| #6 |
| /// the machine /// TB-Ausbilder | DHL Virus/Trojaner aus Email angeklickt hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> DHL Virus/Trojaner aus Email angeklickt |
|
06.05.2015, 09:49
| #7 |
| | DHL Virus/Trojaner aus Email angeklickt Hallo, Erstmal vielen Dank für die rasche Antwort. mbar-log Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.06.01
rootkit: v2015.04.21.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
Anton :: ANTON-LAPTOP [administrator]
06.05.2015 10:17:39
mbar-log-2015-05-06 (10-17-39).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 416232
Time elapsed: 24 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 10:43:56.0936 0x0470 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:44:01.0292 0x0470 ============================================================
10:44:01.0292 0x0470 Current date / time: 2015/05/06 10:44:01.0292
10:44:01.0292 0x0470 SystemInfo:
10:44:01.0292 0x0470
10:44:01.0292 0x0470 OS Version: 6.1.7601 ServicePack: 1.0
10:44:01.0292 0x0470 Product type: Workstation
10:44:01.0292 0x0470 ComputerName: ANTON-LAPTOP
10:44:01.0292 0x0470 UserName: Anton
10:44:01.0293 0x0470 Windows directory: C:\Windows
10:44:01.0293 0x0470 System windows directory: C:\Windows
10:44:01.0293 0x0470 Running under WOW64
10:44:01.0293 0x0470 Processor architecture: Intel x64
10:44:01.0293 0x0470 Number of processors: 4
10:44:01.0293 0x0470 Page size: 0x1000
10:44:01.0293 0x0470 Boot type: Normal boot
10:44:01.0293 0x0470 ============================================================
10:44:01.0608 0x0470 KLMD registered as C:\Windows\system32\drivers\88159052.sys
10:44:02.0267 0x0470 System UUID: {41248232-D85C-FC4E-FBB4-D35900BB2700}
10:44:03.0005 0x0470 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:44:03.0011 0x0470 ============================================================
10:44:03.0011 0x0470 \Device\Harddisk0\DR0:
10:44:03.0011 0x0470 MBR partitions:
10:44:03.0011 0x0470 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:44:03.0011 0x0470 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC800000
10:44:03.0028 0x0470 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC833000, BlocksNum 0x190A4000
10:44:03.0057 0x0470 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x258D7800, BlocksNum 0x21F7D800
10:44:03.0058 0x0470 ============================================================
10:44:03.0157 0x0470 C: <-> \Device\Harddisk0\DR0\Partition2
10:44:03.0326 0x0470 D: <-> \Device\Harddisk0\DR0\Partition3
10:44:03.0460 0x0470 E: <-> \Device\Harddisk0\DR0\Partition4
10:44:03.0461 0x0470 ============================================================
10:44:03.0461 0x0470 Initialize success
10:44:03.0461 0x0470 ============================================================
10:44:43.0479 0x1ac0 ============================================================
10:44:43.0479 0x1ac0 Scan started
10:44:43.0479 0x1ac0 Mode: Manual; SigCheck; TDLFS;
10:44:43.0479 0x1ac0 ============================================================
10:44:43.0479 0x1ac0 KSN ping started
10:44:47.0232 0x1ac0 KSN ping finished: true
10:44:49.0590 0x1ac0 ================ Scan system memory ========================
10:44:49.0590 0x1ac0 System memory - ok
10:44:49.0590 0x1ac0 ================ Scan services =============================
10:44:50.0272 0x1ac0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:44:50.0440 0x1ac0 1394ohci - ok
10:44:50.0487 0x1ac0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:44:50.0505 0x1ac0 ACPI - ok
10:44:50.0568 0x1ac0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:44:50.0621 0x1ac0 AcpiPmi - ok
10:44:50.0692 0x1ac0 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
10:44:50.0712 0x1ac0 acsock - ok
10:44:51.0098 0x1ac0 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:44:51.0118 0x1ac0 AdobeARMservice - ok
10:44:51.0298 0x1ac0 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:44:51.0312 0x1ac0 AdobeFlashPlayerUpdateSvc - ok
10:44:51.0367 0x1ac0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:44:51.0388 0x1ac0 adp94xx - ok
10:44:51.0434 0x1ac0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:44:51.0453 0x1ac0 adpahci - ok
10:44:51.0488 0x1ac0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:44:51.0503 0x1ac0 adpu320 - ok
10:44:51.0531 0x1ac0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:44:51.0669 0x1ac0 AeLookupSvc - ok
10:44:51.0727 0x1ac0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:44:51.0773 0x1ac0 AFD - ok
10:44:51.0829 0x1ac0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:44:51.0840 0x1ac0 agp440 - ok
10:44:51.0871 0x1ac0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:44:51.0921 0x1ac0 ALG - ok
10:44:51.0967 0x1ac0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:44:51.0977 0x1ac0 aliide - ok
10:44:52.0019 0x1ac0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:44:52.0028 0x1ac0 amdide - ok
10:44:52.0065 0x1ac0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:44:52.0093 0x1ac0 AmdK8 - ok
10:44:52.0107 0x1ac0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:44:52.0126 0x1ac0 AmdPPM - ok
10:44:52.0175 0x1ac0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:44:52.0203 0x1ac0 amdsata - ok
10:44:52.0234 0x1ac0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:44:52.0249 0x1ac0 amdsbs - ok
10:44:52.0266 0x1ac0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:44:52.0275 0x1ac0 amdxata - ok
10:44:52.0290 0x1ac0 andnetadb - ok
10:44:52.0350 0x1ac0 [ B46840E5BDAEE0C749A3E5778F65EBE4, 121C68A65E3D3A9423363C5028568799A81B569801BE0F876AFE6EC86F9D2E92 ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
10:44:52.0396 0x1ac0 AndNetDiag - ok
10:44:52.0422 0x1ac0 [ 130701C53E4DF44B54FED8C3892150F5, C9EB4D1793BA3D20FB1846AD508C6310D038E8BEFBE13B5A0A30A1F39D1586AB ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
10:44:52.0477 0x1ac0 ANDNetModem - ok
10:44:52.0565 0x1ac0 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
10:44:52.0616 0x1ac0 AppID - ok
10:44:52.0650 0x1ac0 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:44:52.0661 0x1ac0 AppIDSvc - ok
10:44:52.0707 0x1ac0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:44:52.0756 0x1ac0 Appinfo - ok
10:44:52.0979 0x1ac0 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:44:52.0987 0x1ac0 Apple Mobile Device Service - ok
10:44:53.0055 0x1ac0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:44:53.0077 0x1ac0 arc - ok
10:44:53.0129 0x1ac0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:44:53.0140 0x1ac0 arcsas - ok
10:44:53.0430 0x1ac0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:44:53.0481 0x1ac0 aspnet_state - ok
10:44:53.0547 0x1ac0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:44:53.0603 0x1ac0 AsyncMac - ok
10:44:53.0654 0x1ac0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:44:53.0664 0x1ac0 atapi - ok
10:44:53.0899 0x1ac0 [ 3D68A1EEF77307142636AF5127990BCB, 30926B2E1371287FF39C69C363BE4FAC67C558867D903C555A12316D303A43E8 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:44:54.0039 0x1ac0 athr - ok
10:44:54.0154 0x1ac0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:44:54.0185 0x1ac0 AudioEndpointBuilder - ok
10:44:54.0205 0x1ac0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:44:54.0228 0x1ac0 AudioSrv - ok
10:44:54.0354 0x1ac0 [ 3817558D8D5BBC8B0F190CF0D7C4720F, 7CD250DD22BE0E6CF6BEA639EA8220E46158CA7DF33FF803967CEAEA7FBD14E5 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
10:44:54.0387 0x1ac0 Autodesk Content Service - detected UnsignedFile.Multi.Generic ( 1 )
10:44:54.0560 0x1ac0 Detect skipped due to KSN trusted
10:44:54.0560 0x1ac0 Autodesk Content Service - ok
10:44:54.0693 0x1ac0 [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
10:44:54.0707 0x1ac0 AVP15.0.1 - ok
10:44:54.0776 0x1ac0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:44:54.0838 0x1ac0 AxInstSV - ok
10:44:54.0893 0x1ac0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:44:54.0942 0x1ac0 b06bdrv - ok
10:44:54.0985 0x1ac0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:44:55.0020 0x1ac0 b57nd60a - ok
10:44:55.0084 0x1ac0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:44:55.0142 0x1ac0 BDESVC - ok
10:44:55.0187 0x1ac0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:44:55.0214 0x1ac0 Beep - ok
10:44:55.0309 0x1ac0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:44:55.0393 0x1ac0 BFE - ok
10:44:55.0519 0x1ac0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:44:55.0583 0x1ac0 BITS - ok
10:44:55.0625 0x1ac0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:44:55.0636 0x1ac0 blbdrive - ok
10:44:55.0708 0x1ac0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:44:55.0725 0x1ac0 Bonjour Service - ok
10:44:55.0790 0x1ac0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:44:55.0829 0x1ac0 bowser - ok
10:44:55.0843 0x1ac0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:44:55.0885 0x1ac0 BrFiltLo - ok
10:44:55.0913 0x1ac0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:44:55.0946 0x1ac0 BrFiltUp - ok
10:44:55.0977 0x1ac0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:44:56.0035 0x1ac0 Browser - ok
10:44:56.0055 0x1ac0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:44:56.0124 0x1ac0 Brserid - ok
10:44:56.0140 0x1ac0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:44:56.0172 0x1ac0 BrSerWdm - ok
10:44:56.0188 0x1ac0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:44:56.0227 0x1ac0 BrUsbMdm - ok
10:44:56.0240 0x1ac0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:44:56.0250 0x1ac0 BrUsbSer - ok
10:44:56.0268 0x1ac0 BT - ok
10:44:56.0278 0x1ac0 BTCOM - ok
10:44:56.0286 0x1ac0 BTCOMBUS - ok
10:44:56.0342 0x1ac0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:44:56.0383 0x1ac0 BthEnum - ok
10:44:56.0456 0x1ac0 [ 30B59C7B65092EA44C8668AFEB47AAAD, 8F8FE9D06A65C3E1A6F973F8202C6EFA5BF7F99F11F23E2D9A720054041D23B3 ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys
10:44:56.0478 0x1ac0 BtHidBus - ok
10:44:56.0494 0x1ac0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:44:56.0524 0x1ac0 BTHMODEM - ok
10:44:56.0555 0x1ac0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:44:56.0580 0x1ac0 BthPan - ok
10:44:56.0624 0x1ac0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:44:56.0667 0x1ac0 BTHPORT - ok
10:44:56.0714 0x1ac0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:44:56.0754 0x1ac0 bthserv - ok
10:44:56.0784 0x1ac0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:44:56.0814 0x1ac0 BTHUSB - ok
10:44:56.0864 0x1ac0 [ C0D50877BB7EC88A953A2A56CEF170FA, 3312E4EEA35D1B61CF67424E2050575A73608E49999513343EC5B0BF3CB3B60F ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
10:44:56.0874 0x1ac0 btnetBUs - ok
10:44:56.0924 0x1ac0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:44:56.0974 0x1ac0 cdfs - ok
10:44:57.0014 0x1ac0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:44:57.0024 0x1ac0 cdrom - ok
10:44:57.0074 0x1ac0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:44:57.0124 0x1ac0 CertPropSvc - ok
10:44:57.0184 0x1ac0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:44:57.0234 0x1ac0 circlass - ok
10:44:57.0274 0x1ac0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:44:57.0314 0x1ac0 CLFS - ok
10:44:57.0524 0x1ac0 [ 0505BFD7D30036DCB39EAFC5ADF07437, 1FB8D9CCA42C1E0757FC744623A668BDA5EA8A1C74201A8BB1A3B056EB1D3DFC ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
10:44:57.0544 0x1ac0 CLKMSVC10_38F51D56 - ok
10:44:57.0614 0x1ac0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:44:57.0634 0x1ac0 clr_optimization_v2.0.50727_32 - ok
10:44:57.0684 0x1ac0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:44:57.0704 0x1ac0 clr_optimization_v2.0.50727_64 - ok
10:44:57.0814 0x1ac0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:44:57.0844 0x1ac0 clr_optimization_v4.0.30319_32 - ok
10:44:57.0864 0x1ac0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:44:57.0944 0x1ac0 clr_optimization_v4.0.30319_64 - ok
10:44:58.0004 0x1ac0 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
10:44:58.0014 0x1ac0 clwvd - ok
10:44:58.0034 0x1ac0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:44:58.0074 0x1ac0 CmBatt - ok
10:44:58.0114 0x1ac0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:44:58.0124 0x1ac0 cmdide - ok
10:44:58.0174 0x1ac0 [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
10:44:58.0194 0x1ac0 cm_km_w - ok
10:44:58.0364 0x1ac0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
10:44:58.0444 0x1ac0 CNG - ok
10:44:58.0504 0x1ac0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:44:58.0514 0x1ac0 Compbatt - ok
10:44:58.0554 0x1ac0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:44:58.0564 0x1ac0 CompositeBus - ok
10:44:58.0574 0x1ac0 COMSysApp - ok
10:44:58.0734 0x1ac0 [ 620D32545DACFEE5C3FE9D9F10CC80F7, 170C9E1743E84F9CD2219F6142B9AB1EE4B23B2505DA8E7FADC712A9789DE4F5 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:44:58.0854 0x1ac0 cphs - ok
10:44:58.0884 0x1ac0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:44:58.0914 0x1ac0 crcdisk - ok
10:44:59.0034 0x1ac0 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:44:59.0084 0x1ac0 CryptSvc - ok
10:44:59.0214 0x1ac0 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:44:59.0244 0x1ac0 cvhsvc - ok
10:44:59.0294 0x1ac0 [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
10:44:59.0304 0x1ac0 dc3d - ok
10:44:59.0374 0x1ac0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:44:59.0424 0x1ac0 DcomLaunch - ok
10:44:59.0494 0x1ac0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:44:59.0524 0x1ac0 defragsvc - ok
10:44:59.0564 0x1ac0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:44:59.0594 0x1ac0 DfsC - ok
10:44:59.0634 0x1ac0 [ 2D589A2C024B2FB238535DB9F7B3597D, 1EB47F73BC890D67A50C72E30BFE139AA1747C88E2FA8029A7382B203C37B512 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
10:44:59.0654 0x1ac0 DgiVecp - ok
10:44:59.0714 0x1ac0 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
10:44:59.0734 0x1ac0 dg_ssudbus - ok
10:44:59.0864 0x1ac0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:44:59.0924 0x1ac0 Dhcp - ok
10:44:59.0954 0x1ac0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:45:00.0024 0x1ac0 discache - ok
10:45:00.0054 0x1ac0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:45:00.0064 0x1ac0 Disk - ok
10:45:00.0124 0x1ac0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:45:00.0175 0x1ac0 Dnscache - ok
10:45:00.0245 0x1ac0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:45:00.0295 0x1ac0 dot3svc - ok
10:45:00.0355 0x1ac0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:45:00.0395 0x1ac0 DPS - ok
10:45:00.0405 0x1ac0 DRHARD - ok
10:45:00.0465 0x1ac0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:45:00.0515 0x1ac0 drmkaud - ok
10:45:00.0585 0x1ac0 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:45:00.0615 0x1ac0 dtsoftbus01 - ok
10:45:00.0805 0x1ac0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:45:00.0845 0x1ac0 DXGKrnl - ok
10:45:00.0935 0x1ac0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:45:00.0985 0x1ac0 EapHost - ok
10:45:01.0225 0x1ac0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:45:01.0345 0x1ac0 ebdrv - ok
10:45:01.0405 0x1ac0 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
10:45:01.0445 0x1ac0 EFS - ok
10:45:01.0615 0x1ac0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:45:01.0655 0x1ac0 ehRecvr - ok
10:45:01.0695 0x1ac0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:45:01.0725 0x1ac0 ehSched - ok
10:45:01.0775 0x1ac0 [ 44CE3346DBB530FB4A529854CC68DBFC, D9422E07E3FB8A9895C120F720D6EB7D6484C813E6FF75DDC17B8CB95672F3A9 ] EkaProt6 C:\Windows\system32\DRIVERS\ekaprot6.sys
10:45:01.0785 0x1ac0 EkaProt6 - ok
10:45:01.0905 0x1ac0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:45:01.0965 0x1ac0 elxstor - ok
10:45:02.0065 0x1ac0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:45:02.0085 0x1ac0 ErrDev - ok
10:45:02.0175 0x1ac0 [ 0C8324462B9791A1ECE2A329A7378A55, 715A81FE6DEC6D2DBE132DD5098808B931DF2480BD1F14275924D01BAE337307 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
10:45:02.0185 0x1ac0 ETD - ok
10:45:02.0235 0x1ac0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:45:02.0275 0x1ac0 EventSystem - ok
10:45:02.0295 0x1ac0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:45:02.0325 0x1ac0 exfat - ok
10:45:02.0425 0x1ac0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:45:02.0495 0x1ac0 fastfat - ok
10:45:02.0665 0x1ac0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:45:02.0715 0x1ac0 Fax - ok
10:45:02.0735 0x1ac0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:45:02.0755 0x1ac0 fdc - ok
10:45:02.0785 0x1ac0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:45:02.0815 0x1ac0 fdPHost - ok
10:45:02.0825 0x1ac0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:45:02.0865 0x1ac0 FDResPub - ok
10:45:02.0905 0x1ac0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:45:02.0925 0x1ac0 FileInfo - ok
10:45:02.0945 0x1ac0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:45:02.0985 0x1ac0 Filetrace - ok
10:45:03.0385 0x1ac0 [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
10:45:03.0425 0x1ac0 FLEXnet Licensing Service 64 - ok
10:45:03.0435 0x1ac0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:45:03.0475 0x1ac0 flpydisk - ok
10:45:03.0525 0x1ac0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:45:03.0545 0x1ac0 FltMgr - ok
10:45:03.0605 0x1ac0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:45:03.0685 0x1ac0 FontCache - ok
10:45:03.0775 0x1ac0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:45:03.0785 0x1ac0 FontCache3.0.0.0 - ok
10:45:03.0815 0x1ac0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:45:03.0835 0x1ac0 FsDepends - ok
10:45:03.0915 0x1ac0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:45:03.0945 0x1ac0 Fs_Rec - ok
10:45:03.0975 0x1ac0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:45:03.0995 0x1ac0 fvevol - ok
10:45:04.0025 0x1ac0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:45:04.0035 0x1ac0 gagp30kx - ok
10:45:04.0145 0x1ac0 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:45:04.0175 0x1ac0 GamesAppService - ok
10:45:04.0215 0x1ac0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:45:04.0235 0x1ac0 GEARAspiWDM - ok
10:45:04.0735 0x1ac0 [ 28D0B60C58D1F734449E735E2C4FCE94, 8DF2706EB0F6383BA44961440FDAA93B3756E48994FBF4AB2B13CDA66A6F3C3F ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
10:45:04.0765 0x1ac0 GfExperienceService - ok
10:45:04.0865 0x1ac0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:45:04.0975 0x1ac0 gpsvc - ok
10:45:05.0315 0x1ac0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:45:05.0325 0x1ac0 gupdate - ok
10:45:05.0365 0x1ac0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:45:05.0375 0x1ac0 gupdatem - ok
10:45:05.0455 0x1ac0 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
10:45:05.0475 0x1ac0 hamachi - ok
10:45:05.0935 0x1ac0 [ F10C3F2E002100BF8B797DCF283FEA7D, 393FC1B709E4BEA5FBA519EE3244028CF67A31D0412D26875221D277296ED632 ] Hamachi2Svc D:\Programme\LogMeIn Hamachi\hamachi-2.exe
10:45:06.0045 0x1ac0 Hamachi2Svc - ok
10:45:06.0085 0x1ac0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:45:06.0165 0x1ac0 hcw85cir - ok
10:45:06.0215 0x1ac0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:45:06.0265 0x1ac0 HdAudAddService - ok
10:45:06.0285 0x1ac0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:45:06.0345 0x1ac0 HDAudBus - ok
10:45:06.0375 0x1ac0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:45:06.0405 0x1ac0 HidBatt - ok
10:45:06.0425 0x1ac0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:45:06.0445 0x1ac0 HidBth - ok
10:45:06.0485 0x1ac0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:45:06.0495 0x1ac0 HidIr - ok
10:45:06.0515 0x1ac0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:45:06.0545 0x1ac0 hidserv - ok
10:45:06.0585 0x1ac0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:45:06.0635 0x1ac0 HidUsb - ok
10:45:06.0695 0x1ac0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:45:06.0755 0x1ac0 hkmsvc - ok
10:45:06.0855 0x1ac0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:45:06.0925 0x1ac0 HomeGroupListener - ok
10:45:06.0965 0x1ac0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:45:06.0995 0x1ac0 HomeGroupProvider - ok
10:45:07.0065 0x1ac0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:45:07.0075 0x1ac0 HpSAMD - ok
10:45:07.0145 0x1ac0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:45:07.0235 0x1ac0 HTTP - ok
10:45:07.0295 0x1ac0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:45:07.0325 0x1ac0 hwpolicy - ok
10:45:07.0375 0x1ac0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:45:07.0385 0x1ac0 i8042prt - ok
10:45:07.0455 0x1ac0 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:45:07.0475 0x1ac0 iaStor - ok
10:45:07.0525 0x1ac0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:45:07.0555 0x1ac0 iaStorV - ok
10:45:07.0675 0x1ac0 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
10:45:07.0685 0x1ac0 ICCS - ok
10:45:07.0755 0x1ac0 [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
10:45:07.0765 0x1ac0 ICCWDT - ok
10:45:08.0045 0x1ac0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:45:08.0085 0x1ac0 idsvc - ok
10:45:08.0135 0x1ac0 IEEtwCollectorService - ok
10:45:08.0626 0x1ac0 [ 79DB4631AA247E791C7F0F085822B6C3, F4F6B7221987E9CC6F1FDA7FF47BD95916866334963CE5DE836493A3A5717451 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:45:08.0856 0x1ac0 igfx - ok
10:45:08.0966 0x1ac0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:45:08.0976 0x1ac0 iirsp - ok
10:45:09.0347 0x1ac0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:45:09.0427 0x1ac0 IKEEXT - ok
10:45:09.0627 0x1ac0 [ CC279B89A16615B8DD13422544F6B478, DFC6AF05670CA79D8CC2C89FB5FBD8EECC4FB159CD8EFE422F06BE2A272608B6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:45:09.0767 0x1ac0 IntcAzAudAddService - ok
10:45:09.0827 0x1ac0 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:45:09.0857 0x1ac0 IntcDAud - ok
10:45:09.0937 0x1ac0 [ 915538D33A7BEDBF64DB0533CA3B17D2, 456DFD7E71B7FD4F2C234A3CFF05A8D26CD06DE8DEBBBA9E83B96AF040A19B26 ] IntelHaxm C:\Windows\system32\DRIVERS\IntelHaxm.sys
10:45:10.0007 0x1ac0 IntelHaxm - ok
10:45:10.0047 0x1ac0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:45:10.0057 0x1ac0 intelide - ok
10:45:10.0097 0x1ac0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:45:10.0127 0x1ac0 intelppm - ok
10:45:10.0257 0x1ac0 IOCBIOS - ok
10:45:10.0307 0x1ac0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:45:10.0367 0x1ac0 IPBusEnum - ok
10:45:10.0397 0x1ac0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:45:10.0437 0x1ac0 IpFilterDriver - ok
10:45:10.0507 0x1ac0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:45:10.0547 0x1ac0 iphlpsvc - ok
10:45:10.0577 0x1ac0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:45:10.0607 0x1ac0 IPMIDRV - ok
10:45:10.0647 0x1ac0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:45:10.0707 0x1ac0 IPNAT - ok
10:45:10.0927 0x1ac0 [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:45:10.0947 0x1ac0 iPod Service - ok
10:45:11.0007 0x1ac0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:45:11.0037 0x1ac0 IRENUM - ok
10:45:11.0057 0x1ac0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:45:11.0067 0x1ac0 isapnp - ok
10:45:11.0107 0x1ac0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:45:11.0117 0x1ac0 iScsiPrt - ok
10:45:11.0167 0x1ac0 [ C7B6BE6BF2B5766648E232077E86B6A0, A93308E112FC948710B2A6A51458E5F66105C544829AB8CD9FFD57695765EE0B ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys
10:45:11.0187 0x1ac0 IvtBtBUs - ok
10:45:11.0207 0x1ac0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:45:11.0217 0x1ac0 kbdclass - ok
10:45:11.0257 0x1ac0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:45:11.0287 0x1ac0 kbdhid - ok
10:45:11.0307 0x1ac0 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
10:45:11.0317 0x1ac0 KeyIso - ok
10:45:11.0407 0x1ac0 [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
10:45:11.0427 0x1ac0 kl1 - ok
10:45:11.0477 0x1ac0 [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
10:45:11.0487 0x1ac0 kldisk - ok
10:45:11.0587 0x1ac0 [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
10:45:11.0607 0x1ac0 klflt - ok
10:45:11.0697 0x1ac0 [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk C:\Windows\system32\DRIVERS\klhk.sys
10:45:11.0727 0x1ac0 klhk - ok
10:45:11.0907 0x1ac0 [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
10:45:11.0937 0x1ac0 KLIF - ok
10:45:11.0977 0x1ac0 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
10:45:11.0997 0x1ac0 KLIM6 - ok
10:45:12.0037 0x1ac0 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
10:45:12.0037 0x1ac0 klkbdflt - ok
10:45:12.0087 0x1ac0 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
10:45:12.0127 0x1ac0 klmouflt - ok
10:45:12.0177 0x1ac0 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
10:45:12.0207 0x1ac0 klpd - ok
10:45:12.0297 0x1ac0 [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
10:45:12.0307 0x1ac0 kltdi - ok
10:45:12.0377 0x1ac0 [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
10:45:12.0397 0x1ac0 Klwtp - ok
10:45:12.0467 0x1ac0 [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
10:45:12.0477 0x1ac0 kneps - ok
10:45:12.0517 0x1ac0 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:45:12.0547 0x1ac0 KSecDD - ok
10:45:12.0567 0x1ac0 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:45:12.0587 0x1ac0 KSecPkg - ok
10:45:12.0627 0x1ac0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:45:12.0657 0x1ac0 ksthunk - ok
10:45:12.0767 0x1ac0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:45:12.0867 0x1ac0 KtmRm - ok
10:45:12.0957 0x1ac0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:45:12.0997 0x1ac0 LanmanServer - ok
10:45:13.0027 0x1ac0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:45:13.0067 0x1ac0 LanmanWorkstation - ok
10:45:13.0117 0x1ac0 lirsgt - ok
10:45:13.0147 0x1ac0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:45:13.0197 0x1ac0 lltdio - ok
10:45:13.0237 0x1ac0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:45:13.0297 0x1ac0 lltdsvc - ok
10:45:13.0317 0x1ac0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:45:13.0357 0x1ac0 lmhosts - ok
10:45:13.0467 0x1ac0 [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:45:13.0477 0x1ac0 LMS - ok
10:45:13.0517 0x1ac0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:45:13.0537 0x1ac0 LSI_FC - ok
10:45:13.0557 0x1ac0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:45:13.0577 0x1ac0 LSI_SAS - ok
10:45:13.0587 0x1ac0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:45:13.0597 0x1ac0 LSI_SAS2 - ok
10:45:13.0617 0x1ac0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:45:13.0627 0x1ac0 LSI_SCSI - ok
10:45:13.0657 0x1ac0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:45:13.0687 0x1ac0 luafv - ok
10:45:13.0737 0x1ac0 [ 07389F6925E490D2DB7882110E99921C, AD316EE8A47B6EDD1AB1E1E7DDE2BC69DC0E342144F5B74C96E9494F847B1B7E ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
10:45:13.0747 0x1ac0 lvpepf64 - ok
10:45:13.0777 0x1ac0 [ 7F0BA3A6E8996F15693C6B7D81DA049E, 96925ABA3A9C5FD2CF9ECBDC4ED8E94033EB1C53DD03F28102E83EEF327777E6 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
10:45:13.0807 0x1ac0 LVRS64 - ok
10:45:13.0847 0x1ac0 [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
10:45:13.0857 0x1ac0 LVUSBS64 - ok
10:45:13.0897 0x1ac0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:45:13.0917 0x1ac0 Mcx2Svc - ok
10:45:13.0937 0x1ac0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:45:13.0947 0x1ac0 megasas - ok
10:45:13.0987 0x1ac0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:45:14.0007 0x1ac0 MegaSR - ok
10:45:14.0047 0x1ac0 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:45:14.0067 0x1ac0 MEIx64 - ok
10:45:14.0117 0x1ac0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:45:14.0147 0x1ac0 MMCSS - ok
10:45:14.0168 0x1ac0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:45:14.0208 0x1ac0 Modem - ok
10:45:14.0228 0x1ac0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:45:14.0258 0x1ac0 monitor - ok
10:45:14.0308 0x1ac0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:45:14.0318 0x1ac0 mouclass - ok
10:45:14.0348 0x1ac0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:45:14.0358 0x1ac0 mouhid - ok
10:45:14.0408 0x1ac0 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:45:14.0428 0x1ac0 mountmgr - ok
10:45:14.0518 0x1ac0 [ 46297FA8E30A6007F14118FC2B942FBC, 40785B7121DBFA411EA922ECF6008BA4A94BC742662E271BFD6B31288ECC1BA4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:45:14.0528 0x1ac0 MozillaMaintenance - ok
10:45:14.0598 0x1ac0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:45:14.0638 0x1ac0 mpio - ok
10:45:14.0678 0x1ac0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:45:14.0708 0x1ac0 mpsdrv - ok
10:45:14.0888 0x1ac0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:45:14.0958 0x1ac0 MpsSvc - ok
10:45:15.0008 0x1ac0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:45:15.0068 0x1ac0 MRxDAV - ok
10:45:15.0128 0x1ac0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:45:15.0178 0x1ac0 mrxsmb - ok
10:45:15.0208 0x1ac0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:45:15.0268 0x1ac0 mrxsmb10 - ok
10:45:15.0288 0x1ac0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:45:15.0308 0x1ac0 mrxsmb20 - ok
10:45:15.0348 0x1ac0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:45:15.0358 0x1ac0 msahci - ok
10:45:15.0368 0x1ac0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:45:15.0378 0x1ac0 msdsm - ok
10:45:15.0398 0x1ac0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:45:15.0428 0x1ac0 MSDTC - ok
10:45:15.0468 0x1ac0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:45:15.0508 0x1ac0 Msfs - ok
10:45:15.0538 0x1ac0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:45:15.0588 0x1ac0 mshidkmdf - ok
10:45:15.0648 0x1ac0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:45:15.0668 0x1ac0 msisadrv - ok
10:45:15.0778 0x1ac0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:45:15.0838 0x1ac0 MSiSCSI - ok
10:45:15.0838 0x1ac0 msiserver - ok
10:45:15.0868 0x1ac0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:45:15.0898 0x1ac0 MSKSSRV - ok
10:45:15.0918 0x1ac0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:45:15.0968 0x1ac0 MSPCLOCK - ok
10:45:15.0988 0x1ac0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:45:16.0028 0x1ac0 MSPQM - ok
10:45:16.0188 0x1ac0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:45:16.0228 0x1ac0 MsRPC - ok
10:45:16.0278 0x1ac0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:45:16.0288 0x1ac0 mssmbios - ok
10:45:16.0318 0x1ac0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:45:16.0348 0x1ac0 MSTEE - ok
10:45:16.0368 0x1ac0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:45:16.0398 0x1ac0 MTConfig - ok
10:45:16.0418 0x1ac0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:45:16.0428 0x1ac0 Mup - ok
10:45:16.0498 0x1ac0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:45:16.0558 0x1ac0 napagent - ok
10:45:16.0738 0x1ac0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:45:16.0788 0x1ac0 NativeWifiP - ok
10:45:16.0858 0x1ac0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:45:16.0898 0x1ac0 NDIS - ok
10:45:16.0918 0x1ac0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:45:16.0958 0x1ac0 NdisCap - ok
10:45:16.0998 0x1ac0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:45:17.0038 0x1ac0 NdisTapi - ok
10:45:17.0078 0x1ac0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:45:17.0138 0x1ac0 Ndisuio - ok
10:45:17.0198 0x1ac0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:45:17.0248 0x1ac0 NdisWan - ok
10:45:17.0308 0x1ac0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:45:17.0368 0x1ac0 NDProxy - ok
10:45:17.0398 0x1ac0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:45:17.0438 0x1ac0 NetBIOS - ok
10:45:17.0518 0x1ac0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:45:17.0578 0x1ac0 NetBT - ok
10:45:17.0598 0x1ac0 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
10:45:17.0608 0x1ac0 Netlogon - ok
10:45:17.0688 0x1ac0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:45:17.0788 0x1ac0 Netman - ok
10:45:17.0888 0x1ac0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:45:17.0938 0x1ac0 NetMsmqActivator - ok
10:45:17.0968 0x1ac0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:45:17.0978 0x1ac0 NetPipeActivator - ok
10:45:18.0158 0x1ac0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:45:18.0218 0x1ac0 netprofm - ok
10:45:18.0248 0x1ac0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:45:18.0258 0x1ac0 NetTcpActivator - ok
10:45:18.0258 0x1ac0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:45:18.0268 0x1ac0 NetTcpPortSharing - ok
10:45:18.0348 0x1ac0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:45:18.0358 0x1ac0 nfrd960 - ok
10:45:18.0498 0x1ac0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:45:18.0578 0x1ac0 NlaSvc - ok
10:45:18.0598 0x1ac0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:45:18.0628 0x1ac0 Npfs - ok
10:45:18.0698 0x1ac0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:45:18.0758 0x1ac0 nsi - ok
10:45:18.0768 0x1ac0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:45:18.0798 0x1ac0 nsiproxy - ok
10:45:18.0968 0x1ac0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:45:19.0028 0x1ac0 Ntfs - ok
10:45:19.0068 0x1ac0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:45:19.0108 0x1ac0 Null - ok
10:45:19.0869 0x1ac0 [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:45:20.0239 0x1ac0 nvlddmkm - ok
10:45:20.0419 0x1ac0 [ 93C82F365F9C0A2058A211E305A5CCFA, 1B3FA9122377CF8C982EEE8719E2E295E3D118AC15646ACAB3A5BF78E1EE7E70 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:45:20.0459 0x1ac0 NvNetworkService - ok
10:45:20.0509 0x1ac0 [ F54C556FB7BE00CA0CC2E5C11194D2C5, 9956F5B3F37C545A20C005282F774D264CDBA3546AFFB942E69BDB24EDA1F6CD ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
10:45:20.0529 0x1ac0 nvpciflt - ok
10:45:20.0619 0x1ac0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:45:20.0639 0x1ac0 nvraid - ok
10:45:20.0709 0x1ac0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:45:20.0729 0x1ac0 nvstor - ok
10:45:20.0849 0x1ac0 [ 977C9F7656D07D36887814A7D570FE1A, 843032A0EB1A4B81E506F80C59E613F700A353DE2C3514566092E336FE608DAB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
10:45:20.0869 0x1ac0 NvStreamKms - ok
10:45:20.0909 0x1ac0 NvStreamSvc - ok
10:45:20.0979 0x1ac0 [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:45:20.0999 0x1ac0 nvsvc - ok
10:45:21.0079 0x1ac0 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
10:45:21.0089 0x1ac0 nvvad_WaveExtensible - ok
10:45:21.0129 0x1ac0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:45:21.0139 0x1ac0 nv_agp - ok
10:45:21.0159 0x1ac0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:45:21.0169 0x1ac0 ohci1394 - ok
10:45:21.0369 0x1ac0 [ 62B39B2B2DF993FB10E1DD05281AA65F, 92AA0DF346C8B1A474162F24EA27D8021FFC68A9A8B7954703CAD92D15A0C414 ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
10:45:21.0389 0x1ac0 OkayFreedom VPN Starter Service - ok
10:45:21.0519 0x1ac0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:45:21.0529 0x1ac0 ose - ok
10:45:22.0539 0x1ac0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:45:22.0729 0x1ac0 osppsvc - ok
10:45:22.0839 0x1ac0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:45:22.0869 0x1ac0 p2pimsvc - ok
10:45:22.0979 0x1ac0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:45:23.0059 0x1ac0 p2psvc - ok
10:45:23.0099 0x1ac0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:45:23.0119 0x1ac0 Parport - ok
10:45:23.0149 0x1ac0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:45:23.0159 0x1ac0 partmgr - ok
10:45:23.0199 0x1ac0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:45:23.0229 0x1ac0 PcaSvc - ok
10:45:23.0259 0x1ac0 pccsmcfd - ok
10:45:23.0279 0x1ac0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:45:23.0289 0x1ac0 pci - ok
10:45:23.0319 0x1ac0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:45:23.0329 0x1ac0 pciide - ok
10:45:23.0379 0x1ac0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:45:23.0419 0x1ac0 pcmcia - ok
10:45:23.0449 0x1ac0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:45:23.0459 0x1ac0 pcw - ok
10:45:23.0679 0x1ac0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:45:23.0709 0x1ac0 PEAUTH - ok
10:45:24.0159 0x1ac0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:45:24.0219 0x1ac0 PerfHost - ok
10:45:24.0529 0x1ac0 [ 087A343DFC337F37723DD7912DE6B6CD, AE11C28A01D4FC2CCB36C5956D9414AEBA8AFC4A868047CC691F32CF31E44AAC ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
10:45:24.0639 0x1ac0 PID_PEPI - ok
10:45:24.0809 0x1ac0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:45:24.0889 0x1ac0 pla - ok
10:45:25.0049 0x1ac0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:45:25.0099 0x1ac0 PlugPlay - ok
10:45:25.0119 0x1ac0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:45:25.0159 0x1ac0 PNRPAutoReg - ok
10:45:25.0179 0x1ac0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:45:25.0199 0x1ac0 PNRPsvc - ok
10:45:25.0249 0x1ac0 [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:45:25.0289 0x1ac0 Point64 - ok
10:45:25.0449 0x1ac0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:45:25.0489 0x1ac0 PolicyAgent - ok
10:45:25.0529 0x1ac0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:45:25.0569 0x1ac0 Power - ok
10:45:25.0609 0x1ac0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:45:25.0639 0x1ac0 PptpMiniport - ok
10:45:25.0709 0x1ac0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:45:25.0759 0x1ac0 Processor - ok
10:45:25.0819 0x1ac0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:45:25.0849 0x1ac0 ProfSvc - ok
10:45:25.0859 0x1ac0 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:45:25.0869 0x1ac0 ProtectedStorage - ok
10:45:25.0989 0x1ac0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:45:26.0019 0x1ac0 Psched - ok
10:45:26.0219 0x1ac0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:45:26.0279 0x1ac0 ql2300 - ok
10:45:26.0319 0x1ac0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:45:26.0339 0x1ac0 ql40xx - ok
10:45:26.0359 0x1ac0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:45:26.0379 0x1ac0 QWAVE - ok
10:45:26.0399 0x1ac0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:45:26.0429 0x1ac0 QWAVEdrv - ok
10:45:26.0459 0x1ac0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:45:26.0489 0x1ac0 RasAcd - ok
10:45:26.0519 0x1ac0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:45:26.0549 0x1ac0 RasAgileVpn - ok
10:45:26.0569 0x1ac0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:45:26.0629 0x1ac0 RasAuto - ok
10:45:26.0659 0x1ac0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:45:26.0689 0x1ac0 Rasl2tp - ok
10:45:26.0789 0x1ac0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:45:26.0869 0x1ac0 RasMan - ok
10:45:26.0909 0x1ac0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:45:26.0979 0x1ac0 RasPppoe - ok
10:45:27.0019 0x1ac0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:45:27.0079 0x1ac0 RasSstp - ok
10:45:27.0179 0x1ac0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:45:27.0210 0x1ac0 rdbss - ok
10:45:27.0240 0x1ac0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:45:27.0270 0x1ac0 rdpbus - ok
10:45:27.0280 0x1ac0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:45:27.0330 0x1ac0 RDPCDD - ok
10:45:27.0360 0x1ac0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:45:27.0400 0x1ac0 RDPENCDD - ok
10:45:27.0420 0x1ac0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:45:27.0450 0x1ac0 RDPREFMP - ok
10:45:27.0560 0x1ac0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:45:27.0630 0x1ac0 RdpVideoMiniport - ok
10:45:27.0700 0x1ac0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:45:27.0760 0x1ac0 RDPWD - ok
10:45:27.0800 0x1ac0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:45:27.0820 0x1ac0 rdyboost - ok
10:45:27.0850 0x1ac0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:45:27.0880 0x1ac0 RemoteAccess - ok
10:45:27.0950 0x1ac0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:45:27.0990 0x1ac0 RemoteRegistry - ok
10:45:28.0040 0x1ac0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:45:28.0070 0x1ac0 RFCOMM - ok
10:45:28.0180 0x1ac0 [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:45:28.0220 0x1ac0 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
10:45:28.0410 0x1ac0 Detect skipped due to KSN trusted
10:45:28.0410 0x1ac0 RichVideo - ok
10:45:28.0460 0x1ac0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:45:28.0490 0x1ac0 RpcEptMapper - ok
10:45:28.0550 0x1ac0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:45:28.0630 0x1ac0 RpcLocator - ok
10:45:28.0680 0x1ac0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:45:28.0720 0x1ac0 RpcSs - ok
10:45:28.0770 0x1ac0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:45:28.0800 0x1ac0 rspndr - ok
10:45:28.0850 0x1ac0 [ 712944C0A377E9B8743F95BD83E882D4, B437396B8D80EC8F121C93F18DE6F83D2DF7FC87D15D3DF8639D47EC28E0D1D4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:45:28.0870 0x1ac0 RTL8167 - ok
10:45:28.0900 0x1ac0 [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI C:\Windows\system32\Drivers\SABI.sys
10:45:28.0940 0x1ac0 SABI - ok
10:45:28.0950 0x1ac0 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
10:45:28.0960 0x1ac0 SamSs - ok
10:45:29.0000 0x1ac0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:45:29.0020 0x1ac0 sbp2port - ok
10:45:29.0070 0x1ac0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:45:29.0140 0x1ac0 SCardSvr - ok
10:45:29.0180 0x1ac0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:45:29.0261 0x1ac0 scfilter - ok
10:45:29.0581 0x1ac0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:45:29.0651 0x1ac0 Schedule - ok
10:45:29.0721 0x1ac0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:45:29.0751 0x1ac0 SCPolicySvc - ok
10:45:29.0841 0x1ac0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:45:29.0911 0x1ac0 SDRSVC - ok
10:45:29.0951 0x1ac0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:45:29.0991 0x1ac0 secdrv - ok
10:45:30.0011 0x1ac0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:45:30.0071 0x1ac0 seclogon - ok
10:45:30.0121 0x1ac0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:45:30.0221 0x1ac0 SENS - ok
10:45:30.0261 0x1ac0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:45:30.0311 0x1ac0 SensrSvc - ok
10:45:30.0351 0x1ac0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:45:30.0371 0x1ac0 Serenum - ok
10:45:30.0411 0x1ac0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:45:30.0431 0x1ac0 Serial - ok
10:45:30.0461 0x1ac0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:45:30.0471 0x1ac0 sermouse - ok
10:45:30.0511 0x1ac0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:45:30.0591 0x1ac0 SessionEnv - ok
10:45:30.0631 0x1ac0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:45:30.0671 0x1ac0 sffdisk - ok
10:45:30.0691 0x1ac0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:45:30.0701 0x1ac0 sffp_mmc - ok
10:45:30.0711 0x1ac0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:45:30.0741 0x1ac0 sffp_sd - ok
10:45:30.0781 0x1ac0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:45:30.0811 0x1ac0 sfloppy - ok
10:45:31.0031 0x1ac0 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:45:31.0071 0x1ac0 Sftfs - ok
10:45:31.0221 0x1ac0 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:45:31.0241 0x1ac0 sftlist - ok
10:45:31.0451 0x1ac0 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:45:31.0471 0x1ac0 Sftplay - ok
10:45:31.0531 0x1ac0 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:45:31.0541 0x1ac0 Sftredir - ok
10:45:31.0551 0x1ac0 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:45:31.0561 0x1ac0 Sftvol - ok
10:45:31.0581 0x1ac0 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:45:31.0591 0x1ac0 sftvsa - ok
10:45:31.0651 0x1ac0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:45:31.0701 0x1ac0 SharedAccess - ok
10:45:31.0811 0x1ac0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:45:31.0861 0x1ac0 ShellHWDetection - ok
10:45:31.0921 0x1ac0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:45:31.0931 0x1ac0 SiSRaid2 - ok
10:45:31.0951 0x1ac0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:45:31.0961 0x1ac0 SiSRaid4 - ok
10:45:32.0101 0x1ac0 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:45:32.0141 0x1ac0 SkypeUpdate - ok
10:45:32.0171 0x1ac0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:45:32.0211 0x1ac0 Smb - ok
10:45:32.0271 0x1ac0 [ 3DA591BBAB178A3152B8685DC43B20CD, 080F47C69A9E2768078D1E5B4FB70E38B6B2F3B36E06C9968B49C1B096D7A56F ] smbusp C:\Windows\system32\DRIVERS\intelsmb.sys
10:45:32.0311 0x1ac0 smbusp - ok
10:45:32.0351 0x1ac0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:45:32.0381 0x1ac0 SNMPTRAP - ok
10:45:32.0421 0x1ac0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:45:32.0431 0x1ac0 spldr - ok
10:45:32.0661 0x1ac0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:45:32.0731 0x1ac0 Spooler - ok
10:45:33.0791 0x1ac0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:45:33.0971 0x1ac0 sppsvc - ok
10:45:34.0031 0x1ac0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:45:34.0091 0x1ac0 sppuinotify - ok
10:45:34.0161 0x1ac0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:45:34.0211 0x1ac0 srv - ok
10:45:34.0231 0x1ac0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:45:34.0271 0x1ac0 srv2 - ok
10:45:34.0291 0x1ac0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:45:34.0301 0x1ac0 srvnet - ok
10:45:34.0321 0x1ac0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:45:34.0371 0x1ac0 SSDPSRV - ok
10:45:34.0441 0x1ac0 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
10:45:34.0461 0x1ac0 SSPORT - ok
10:45:34.0531 0x1ac0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:45:34.0581 0x1ac0 SstpSvc - ok
10:45:34.0631 0x1ac0 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
10:45:34.0641 0x1ac0 ssudmdm - ok
10:45:34.0691 0x1ac0 [ 58C89A89D4AF0288DCF432EC0B358438, 10DF9E01AEACBDE687B966B142D454B91F8B18ABDF400DC406024AADB6842747 ] ssudserd C:\Windows\system32\DRIVERS\ssudserd.sys
10:45:34.0701 0x1ac0 ssudserd - ok
10:45:34.0781 0x1ac0 [ EBAA82F7C9B97C0E450449178E007340, D470927CC216C4E3EA23236E6C6464187CD3A49C3A4A456F488FEC8E713EA31B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:45:34.0811 0x1ac0 Steam Client Service - ok
10:45:34.0831 0x1ac0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:45:34.0861 0x1ac0 stexstor - ok
10:45:34.0891 0x1ac0 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:45:34.0921 0x1ac0 StillCam - ok
10:45:34.0961 0x1ac0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:45:34.0991 0x1ac0 stisvc - ok
10:45:35.0051 0x1ac0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:45:35.0071 0x1ac0 swenum - ok
10:45:35.0312 0x1ac0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:45:35.0372 0x1ac0 swprv - ok
10:45:35.0452 0x1ac0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:45:35.0512 0x1ac0 SysMain - ok
10:45:35.0552 0x1ac0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:45:35.0582 0x1ac0 TabletInputService - ok
10:45:35.0602 0x1ac0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:45:35.0652 0x1ac0 TapiSrv - ok
10:45:35.0722 0x1ac0 [ 4430E9B4C60AAB672D16E801BAD0555E, 9D9208FD66CF23BE03484C3C335E927D6914A405FED6A8D5B2878BA4F59203DE ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
10:45:35.0742 0x1ac0 tbhsd - ok
10:45:35.0762 0x1ac0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:45:35.0812 0x1ac0 TBS - ok
10:45:35.0912 0x1ac0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:45:36.0002 0x1ac0 Tcpip - ok
10:45:36.0162 0x1ac0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:45:36.0212 0x1ac0 TCPIP6 - ok
10:45:36.0312 0x1ac0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:45:36.0372 0x1ac0 tcpipreg - ok
10:45:36.0412 0x1ac0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:45:36.0452 0x1ac0 TDPIPE - ok
10:45:36.0522 0x1ac0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:45:36.0562 0x1ac0 TDTCP - ok
10:45:36.0612 0x1ac0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:45:36.0652 0x1ac0 tdx - ok
10:45:38.0342 0x1ac0 [ 6CA83C69643E7BF144A428B7BDC7D630, DB015BA4428509E1D5BE74FEFB446A29D316564617EB15A379424B3FCE3B74A9 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
10:45:38.0462 0x1ac0 TeamViewer - ok
10:45:38.0552 0x1ac0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:45:38.0562 0x1ac0 TermDD - ok
10:45:38.0632 0x1ac0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:45:38.0692 0x1ac0 TermService - ok
10:45:38.0712 0x1ac0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:45:38.0732 0x1ac0 Themes - ok
10:45:38.0782 0x1ac0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:45:38.0822 0x1ac0 THREADORDER - ok
10:45:38.0872 0x1ac0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:45:38.0902 0x1ac0 TrkWks - ok
10:45:39.0012 0x1ac0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:45:39.0052 0x1ac0 TrustedInstaller - ok
10:45:39.0102 0x1ac0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:45:39.0132 0x1ac0 tssecsrv - ok
10:45:39.0162 0x1ac0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:45:39.0202 0x1ac0 TsUsbFlt - ok
10:45:39.0262 0x1ac0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:45:39.0302 0x1ac0 tunnel - ok
10:45:39.0322 0x1ac0 [ 48743B69EA47C020A792D8649F753F44, 58BFF60271F62F5CB02A1181F44E94C230DF4A6EC5C072A476B2BED13239A70C ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
10:45:39.0342 0x1ac0 TurboB - ok
10:45:39.0502 0x1ac0 [ 759F59E3EA3802FF23F93DCDB6FE9171, DB5A6C1EDA10380C14A8C318D6C65ED691C36F726A6A20DB3038D8F55F1B76D8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:45:39.0522 0x1ac0 TurboBoost - ok
10:45:39.0552 0x1ac0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:45:39.0582 0x1ac0 uagp35 - ok
10:45:39.0652 0x1ac0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:45:39.0702 0x1ac0 udfs - ok
10:45:39.0722 0x1ac0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:45:39.0732 0x1ac0 UI0Detect - ok
10:45:39.0762 0x1ac0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:45:39.0772 0x1ac0 uliagpkx - ok
10:45:39.0822 0x1ac0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
10:45:39.0832 0x1ac0 umbus - ok
10:45:39.0842 0x1ac0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:45:39.0852 0x1ac0 UmPass - ok
10:45:40.0212 0x1ac0 [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:45:40.0272 0x1ac0 UNS - ok
10:45:40.0502 0x1ac0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:45:40.0542 0x1ac0 upnphost - ok
10:45:40.0602 0x1ac0 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:45:40.0672 0x1ac0 USBAAPL64 - ok
10:45:40.0722 0x1ac0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:45:40.0752 0x1ac0 usbaudio - ok
10:45:40.0792 0x1ac0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:45:40.0812 0x1ac0 usbccgp - ok
10:45:40.0852 0x1ac0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:45:40.0892 0x1ac0 usbcir - ok
10:45:40.0922 0x1ac0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:45:40.0932 0x1ac0 usbehci - ok
10:45:40.0952 0x1ac0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:45:40.0972 0x1ac0 usbhub - ok
10:45:41.0022 0x1ac0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:45:41.0062 0x1ac0 usbohci - ok
10:45:41.0092 0x1ac0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:45:41.0122 0x1ac0 usbprint - ok
10:45:41.0142 0x1ac0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:45:41.0182 0x1ac0 USBSTOR - ok
10:45:41.0242 0x1ac0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:45:41.0262 0x1ac0 usbuhci - ok
10:45:41.0342 0x1ac0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:45:41.0402 0x1ac0 usbvideo - ok
10:45:41.0432 0x1ac0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:45:41.0482 0x1ac0 UxSms - ok
10:45:41.0512 0x1ac0 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
10:45:41.0522 0x1ac0 VaultSvc - ok
10:45:41.0552 0x1ac0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:45:41.0562 0x1ac0 vdrvroot - ok
10:45:41.0702 0x1ac0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:45:41.0742 0x1ac0 vds - ok
10:45:41.0782 0x1ac0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:45:41.0812 0x1ac0 vga - ok
10:45:41.0822 0x1ac0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:45:41.0892 0x1ac0 VgaSave - ok
10:45:41.0962 0x1ac0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:45:41.0982 0x1ac0 vhdmp - ok
10:45:42.0012 0x1ac0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:45:42.0022 0x1ac0 viaide - ok
10:45:42.0042 0x1ac0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:45:42.0052 0x1ac0 volmgr - ok
10:45:42.0162 0x1ac0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:45:42.0172 0x1ac0 volmgrx - ok
10:45:42.0262 0x1ac0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:45:42.0292 0x1ac0 volsnap - ok
10:45:42.0362 0x1ac0 [ 0B0772247B85FC844A06498386E32F59, 47FBF825649C78E52A13EBD06336209C15414293A414757CF424E4B4490319BA ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
10:45:42.0382 0x1ac0 vpnagent - ok
10:45:42.0432 0x1ac0 [ 5932B2999AEF21C4599A792599F28D89, 78B2842BA71F9DAB5BB64BA4AB97BD19DEEFB075F83D735244906D046E78B2DC ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
10:45:42.0442 0x1ac0 vpnva - ok
10:45:42.0512 0x1ac0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:45:42.0522 0x1ac0 vsmraid - ok
10:45:42.0962 0x1ac0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:45:43.0122 0x1ac0 VSS - ok
10:45:43.0212 0x1ac0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:45:43.0262 0x1ac0 vwifibus - ok
10:45:43.0312 0x1ac0 [ 13A0DECD1794DE60A8427862C8669D27, 4024AF9F2F052BC80C85F5B9A671499C20AF38838206CC649E6EFE37C380D3BF ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:45:43.0322 0x1ac0 vwififlt - ok
10:45:43.0352 0x1ac0 [ 49003B357D101CDC474937437ECF5ABC, D3EC570D616DC39FE6BF02DA1CD6C30CD07C27CC5B4B6FD6DACB5D8A4F1596A6 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:45:43.0382 0x1ac0 vwifimp - ok
10:45:43.0422 0x1ac0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:45:43.0472 0x1ac0 W32Time - ok
10:45:43.0512 0x1ac0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:45:43.0552 0x1ac0 WacomPen - ok
10:45:43.0632 0x1ac0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:45:43.0682 0x1ac0 WANARP - ok
10:45:43.0692 0x1ac0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:45:43.0722 0x1ac0 Wanarpv6 - ok
10:45:44.0112 0x1ac0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:45:44.0182 0x1ac0 WatAdminSvc - ok
10:45:44.0382 0x1ac0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:45:44.0472 0x1ac0 wbengine - ok
10:45:44.0532 0x1ac0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:45:44.0572 0x1ac0 WbioSrvc - ok
10:45:44.0662 0x1ac0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:45:44.0682 0x1ac0 wcncsvc - ok
10:45:44.0772 0x1ac0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:45:44.0802 0x1ac0 WcsPlugInService - ok
10:45:44.0832 0x1ac0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:45:44.0842 0x1ac0 Wd - ok
10:45:44.0902 0x1ac0 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
10:45:45.0012 0x1ac0 WDC_SAM - ok
10:45:45.0072 0x1ac0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:45:45.0102 0x1ac0 Wdf01000 - ok
10:45:45.0142 0x1ac0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:45:45.0202 0x1ac0 WdiServiceHost - ok
10:45:45.0212 0x1ac0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:45:45.0222 0x1ac0 WdiSystemHost - ok
10:45:45.0292 0x1ac0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:45:45.0362 0x1ac0 WebClient - ok
10:45:45.0392 0x1ac0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:45:45.0432 0x1ac0 Wecsvc - ok
10:45:45.0462 0x1ac0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:45:45.0512 0x1ac0 wercplsupport - ok
10:45:45.0552 0x1ac0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:45:45.0582 0x1ac0 WerSvc - ok
10:45:45.0622 0x1ac0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:45:45.0642 0x1ac0 WfpLwf - ok
10:45:45.0662 0x1ac0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:45:45.0682 0x1ac0 WIMMount - ok
10:45:45.0732 0x1ac0 WinDefend - ok
10:45:45.0772 0x1ac0 WinHttpAutoProxySvc - ok
10:45:45.0892 0x1ac0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:45:45.0982 0x1ac0 Winmgmt - ok
10:45:46.0092 0x1ac0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:45:46.0202 0x1ac0 WinRM - ok
10:45:46.0263 0x1ac0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:45:46.0273 0x1ac0 WinUsb - ok
10:45:46.0603 0x1ac0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:45:46.0673 0x1ac0 Wlansvc - ok
10:45:47.0343 0x1ac0 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:45:47.0403 0x1ac0 wlidsvc - ok
10:45:47.0643 0x1ac0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:45:47.0663 0x1ac0 WmiAcpi - ok
10:45:47.0803 0x1ac0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:45:47.0873 0x1ac0 wmiApSrv - ok
10:45:47.0923 0x1ac0 WMPNetworkSvc - ok
10:45:47.0943 0x1ac0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:45:47.0983 0x1ac0 WPCSvc - ok
10:45:48.0013 0x1ac0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:45:48.0043 0x1ac0 WPDBusEnum - ok
10:45:48.0073 0x1ac0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:45:48.0123 0x1ac0 ws2ifsl - ok
10:45:48.0173 0x1ac0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:45:48.0203 0x1ac0 wscsvc - ok
10:45:48.0213 0x1ac0 WSearch - ok
10:45:48.0314 0x1ac0 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
10:45:48.0444 0x1ac0 wuauserv - ok
10:45:48.0484 0x1ac0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:45:48.0534 0x1ac0 WudfPf - ok
10:45:48.0564 0x1ac0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:45:48.0574 0x1ac0 WUDFRd - ok
10:45:48.0614 0x1ac0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:45:48.0654 0x1ac0 wudfsvc - ok
10:45:48.0714 0x1ac0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:45:48.0744 0x1ac0 WwanSvc - ok
10:45:48.0894 0x1ac0 X6va012 - ok
10:45:48.0944 0x1ac0 ================ Scan global ===============================
10:45:48.0984 0x1ac0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:45:49.0034 0x1ac0 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
10:45:49.0044 0x1ac0 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
10:45:49.0074 0x1ac0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:45:49.0104 0x1ac0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:45:49.0114 0x1ac0 [ Global ] - ok
10:45:49.0114 0x1ac0 ================ Scan MBR ==================================
10:45:49.0124 0x1ac0 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
10:45:51.0255 0x1ac0 \Device\Harddisk0\DR0 - ok
10:45:51.0255 0x1ac0 ================ Scan VBR ==================================
10:45:51.0505 0x1ac0 [ 4F8EBB1BE77EA649990F0B84E98F5A40 ] \Device\Harddisk0\DR0\Partition1
10:45:51.0555 0x1ac0 \Device\Harddisk0\DR0\Partition1 - ok
10:45:51.0595 0x1ac0 [ 9EC9222C40B6031EACE51AB0F8DF2AE8 ] \Device\Harddisk0\DR0\Partition2
10:45:51.0595 0x1ac0 \Device\Harddisk0\DR0\Partition2 - ok
10:45:51.0625 0x1ac0 [ 55F21124B8A19FBB081B26BAC3935688 ] \Device\Harddisk0\DR0\Partition3
10:45:51.0625 0x1ac0 \Device\Harddisk0\DR0\Partition3 - ok
10:45:51.0645 0x1ac0 [ CF2A370D007EE6CEAD8AA8E0769BF102 ] \Device\Harddisk0\DR0\Partition4
10:45:51.0645 0x1ac0 \Device\Harddisk0\DR0\Partition4 - ok
10:45:51.0645 0x1ac0 ================ Scan generic autorun ======================
10:45:52.0475 0x1ac0 [ C6EBBCA79931B19F7C2D4A1B494D4B98, 2E146B8761000E12E29D0BC819BFC9DC7F3589080613773BBB1BA37984EB5C67 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:45:52.0775 0x1ac0 RtHDVCpl - ok
10:45:52.0785 0x1ac0 ETDCtrl - ok
10:45:53.0085 0x1ac0 [ 564765F1F68BBFA26CAC8F89662F106B, AA7A3CD8C3515E824DE10390852538BAAF998421ABA4F1E4CA967CC451DE493D ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
10:45:53.0115 0x1ac0 CDAServer - detected UnsignedFile.Multi.Generic ( 1 )
10:45:53.0285 0x1ac0 Detect skipped due to KSN trusted
10:45:53.0285 0x1ac0 CDAServer - ok
10:45:54.0281 0x1ac0 [ 059E588FDF6B7E83227D45D026D21874, 211B5E85D84562E11F3A676686E7C716BB59912F7764A49D9164277EB3991AC3 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:45:54.0341 0x1ac0 NvBackend - ok
10:45:54.0381 0x1ac0 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
10:45:54.0441 0x1ac0 ShadowPlay - ok
10:45:54.0511 0x1ac0 [ C320FD6AAC812A0E2F1B297F0155A7C1, 5F1F2AB1082DEC7AC2367B2B86B1CD7C470CB2757EFC0AAB334866BB5C7518C4 ] C:\Windows\system32\igfxtray.exe
10:45:54.0521 0x1ac0 IgfxTray - ok
10:45:54.0591 0x1ac0 [ 186B11DB117759DC7541E88AFCD3633A, DD6B4D1E3894E2AD4C47BA339007425A7DD1F111DADAA222E50A718291DBB602 ] C:\Windows\system32\hkcmd.exe
10:45:54.0601 0x1ac0 HotKeysCmds - ok
10:45:54.0701 0x1ac0 [ F8470C4F1061D34EAF7ADC0CF56D25A0, 0B97C71033A638F6EC234B0BAAB9F1F7287B4D8E83DADC9BD2DF2E55D2CD9965 ] C:\Windows\system32\igfxpers.exe
10:45:54.0721 0x1ac0 Persistence - ok
10:45:54.0881 0x1ac0 [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
10:45:54.0891 0x1ac0 iTunesHelper - ok
10:45:55.0391 0x1ac0 [ 0B7876608B87AA316A47C40A1E920B7F, 7559ACC88178F48917B416FD1EB930B2CF3522374D66A34A03602111BDA321F0 ] D:\Programme\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE
10:45:55.0451 0x1ac0 RoccatKone+ - detected UnsignedFile.Multi.Generic ( 1 )
10:45:55.0701 0x1ac0 RoccatKone+ ( UnsignedFile.Multi.Generic ) - warning
10:45:55.0701 0x1ac0 Force sending object to P2P due to detect: D:\Programme\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE
10:45:58.0492 0x1ac0 Object send P2P result: true
10:46:01.0352 0x1ac0 [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] D:\Programme\PDF24\pdf24.exe
10:46:01.0372 0x1ac0 PDFPrint - ok
10:46:01.0532 0x1ac0 [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
10:46:01.0532 0x1ac0 RemoteControl10 - ok
10:46:01.0662 0x1ac0 [ 7D2A9D5B29A486B55E54AD89B6BFBF23, B5483058BB3255139CBFCB67CA7735197FA6C72BC42F004E51F13C139962E71E ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
10:46:01.0672 0x1ac0 BDRegion - ok
10:46:01.0952 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:02.0032 0x1ac0 Sidebar - ok
10:46:02.0072 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:02.0092 0x1ac0 mctadmin - ok
10:46:02.0192 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:02.0222 0x1ac0 Sidebar - ok
10:46:02.0232 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:02.0242 0x1ac0 mctadmin - ok
10:46:02.0272 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:02.0312 0x1ac0 Sidebar - ok
10:46:02.0352 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:02.0362 0x1ac0 mctadmin - ok
10:46:02.0492 0x1ac0 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:46:02.0542 0x1ac0 Sidebar - ok
10:46:02.0682 0x1ac0 Skype - ok
10:46:03.0142 0x1ac0 [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Anton\AppData\Local\Akamai\netsession_win.exe
10:46:03.0242 0x1ac0 Akamai NetSession Interface - ok
10:46:03.0293 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:03.0333 0x1ac0 Sidebar - ok
10:46:03.0383 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:03.0393 0x1ac0 mctadmin - ok
10:46:03.0483 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:03.0513 0x1ac0 Sidebar - ok
10:46:03.0523 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:03.0543 0x1ac0 mctadmin - ok
10:46:03.0653 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:03.0693 0x1ac0 Sidebar - ok
10:46:03.0713 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:03.0733 0x1ac0 mctadmin - ok
10:46:03.0883 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:03.0923 0x1ac0 Sidebar - ok
10:46:03.0923 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:03.0943 0x1ac0 mctadmin - ok
10:46:03.0973 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:04.0003 0x1ac0 Sidebar - ok
10:46:04.0013 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:04.0033 0x1ac0 mctadmin - ok
10:46:04.0073 0x1ac0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:46:04.0103 0x1ac0 Sidebar - ok
10:46:04.0133 0x1ac0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:46:04.0153 0x1ac0 mctadmin - ok
10:46:04.0153 0x1ac0 Waiting for KSN requests completion. In queue: 23
10:46:05.0183 0x1ac0 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
10:46:05.0193 0x1ac0 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
10:46:05.0313 0x1ac0 ============================================================
10:46:05.0313 0x1ac0 Scan finished
10:46:05.0313 0x1ac0 ============================================================
10:46:05.0313 0x0b44 Detected object count: 1
10:46:05.0313 0x0b44 Actual detected object count: 1
10:46:17.0395 0x0b44 RoccatKone+ ( UnsignedFile.Multi.Generic ) - skipped by user
10:46:17.0395 0x0b44 RoccatKone+ ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
06.05.2015, 12:51
| #8 |
| /// the machine /// TB-Ausbilder | DHL Virus/Trojaner aus Email angeklickt Ja, der wurde nur generisch angemeckert Sieht eigentlich gut aus. Der Proxy im Internet Explorer ist mit Absicht drin?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.05.2015, 16:01
| #9 |
| | DHL Virus/Trojaner aus Email angeklickt Das freut mich, dann funktioniert ja Kaspersky so wie es soll! Ich könnte mich ohrfeigen auf diesen Link geklickt zu haben... Ja der Proxy ist Absicht. Im Wohnheim funktioniert das Uni-Netzwerk darüber. Und da ich mir einen Router dazwischen geklemmt habe, musste ich die Proxyeinstellungen manuell vornehmen. Gruß und vielen Dank! |
|
07.05.2015, 07:18
| #10 |
| /// the machine /// TB-Ausbilder | DHL Virus/Trojaner aus Email angeklickt Ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu DHL Virus/Trojaner aus Email angeklickt |
| .dll, akamai, bonjour, browser, defender, desktop, dhl-mail, email, exe, explorer, firefox, flash player, home, homepage, kaspersky, mozilla, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, system, windows, zip datei |
Linear-Darstellung
