| |
| |||||||
Log-Analyse und Auswertung: Link in DHL EMail geöffnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.06.2015, 20:10
| #1 |
 |  Link in DHL EMail geöffnet Ich weiß nicht warum, aber ich habe einen großen Blödsinn gemacht. Ich habe eine EMail unter dem Absender DHL geöffnet und auf einen Link darin geklickt. Es öffnete sich dann eine Fehler-Seite. Sofort war mir klar, dass ich damit einen großen Blödsinn gemacht habe. Der Absender der Email hatte tatsächlich eine polnische Adresse. Als erstes machte ich mit meinem Virenprogramm Kaspersky eine Untersuchung auf Viren. Es wurden 7 Bedrohungen gefunden und behoben: Code:
ATTFilter Gefundenes Objekt (Datei) wurde gelöscht C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe//data0000.res//Smartbar.cab//LinkuryExeName C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe//data0000.res//Smartbar.cab//LinkuryExeName not-a-virus:AdWare.MSIL.Agent.af Adware 05.06.2015, 13:57
Gefundenes Objekt (Datei) wurde gelöscht C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//Installer.exe//#//Smartbar.cab C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//Installer.exe//#//Smartbar.cab not-a-virus:AdWare.MSIL.Agent.af Adware 05.06.2015, 15:44
Gefundenes Objekt (Datei) wurde gelöscht C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe//#//Smartbar.cab C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe//#//Smartbar.cab not-a-virus:AdWare.MSIL.Agent.af Adware 05.06.2015, 15:42
Gefundenes Objekt (Datei) wurde gelöscht C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//#//data0000.res//Smartbar.cab C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//#//data0000.res//Smartbar.cab not-a-virus:AdWare.MSIL.Agent.af Adware 05.06.2015, 15:44
Gefundenes Objekt (Datei) wurde gelöscht C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//Installer.exe//data0000.res//Smartbar.cab//LinkuryExeName C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//Installer.exe//data0000.res//Smartbar.cab//LinkuryExeName not-a-virus:AdWare.MSIL.Agent.af Adware 05.06.2015, 13:57
Gefundenes Objekt (Datei) wurde gelöscht C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe Unbekannte Bedrohung 05.06.2015, 15:44
Gefundenes Objekt (Datei) wurde gelöscht C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe Unbekannte Bedrohung 05.06.2015, 15:42
Ist mein Laptop noch bedroht. Ich hoffe es kann mir jemand helfen. Vielen Dank!!! |
|
11.06.2015, 21:01
| #2 | |
| /// TB-Ausbilder   | Link in DHL EMail geöffnet Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
12.06.2015, 13:57
| #3 |
| | Link in DHL EMail geöffnet Vielen Dank!
__________________Hier die Logfile von TDSSKiller: Code:
ATTFilter 14:48:08.0177 0x121c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:48:15.0509 0x121c ============================================================
14:48:15.0509 0x121c Current date / time: 2015/06/12 14:48:15.0509
14:48:15.0509 0x121c SystemInfo:
14:48:15.0509 0x121c
14:48:15.0509 0x121c OS Version: 6.1.7601 ServicePack: 1.0
14:48:15.0509 0x121c Product type: Workstation
14:48:15.0509 0x121c ComputerName: PC-PC
14:48:15.0509 0x121c UserName: PC
14:48:15.0509 0x121c Windows directory: C:\Windows
14:48:15.0509 0x121c System windows directory: C:\Windows
14:48:15.0509 0x121c Running under WOW64
14:48:15.0509 0x121c Processor architecture: Intel x64
14:48:15.0509 0x121c Number of processors: 2
14:48:15.0509 0x121c Page size: 0x1000
14:48:15.0509 0x121c Boot type: Normal boot
14:48:15.0509 0x121c ============================================================
14:48:20.0922 0x121c KLMD registered as C:\Windows\system32\drivers\90166869.sys
14:48:22.0607 0x121c System UUID: {57F330E0-03EC-1263-0A2F-D4D9FA769BD9}
14:48:24.0978 0x121c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:48:24.0978 0x121c ============================================================
14:48:24.0978 0x121c \Device\Harddisk0\DR0:
14:48:24.0978 0x121c MBR partitions:
14:48:24.0978 0x121c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
14:48:24.0978 0x121c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x38B53000
14:48:24.0978 0x121c ============================================================
14:48:25.0134 0x121c C: <-> \Device\Harddisk0\DR0\Partition2
14:48:25.0134 0x121c ============================================================
14:48:25.0134 0x121c Initialize success
14:48:25.0134 0x121c ============================================================
14:48:35.0757 0x13b8 ============================================================
14:48:35.0757 0x13b8 Scan started
14:48:35.0757 0x13b8 Mode: Manual;
14:48:35.0757 0x13b8 ============================================================
14:48:35.0757 0x13b8 KSN ping started
14:48:38.0207 0x13b8 KSN ping finished: true
14:48:42.0762 0x13b8 ================ Scan system memory ========================
14:48:42.0762 0x13b8 System memory - ok
14:48:42.0762 0x13b8 ================ Scan services =============================
14:48:43.0557 0x13b8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:48:43.0573 0x13b8 1394ohci - ok
14:48:43.0854 0x13b8 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
14:48:43.0869 0x13b8 acedrv11 - ok
14:48:43.0947 0x13b8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:48:43.0963 0x13b8 ACPI - ok
14:48:44.0041 0x13b8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:48:44.0041 0x13b8 AcpiPmi - ok
14:48:44.0384 0x13b8 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:48:44.0384 0x13b8 AdobeARMservice - ok
14:48:45.0008 0x13b8 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:48:45.0086 0x13b8 AdobeFlashPlayerUpdateSvc - ok
14:48:45.0227 0x13b8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:48:45.0242 0x13b8 adp94xx - ok
14:48:45.0539 0x13b8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:48:45.0585 0x13b8 adpahci - ok
14:48:45.0663 0x13b8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:48:45.0663 0x13b8 adpu320 - ok
14:48:45.0773 0x13b8 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:48:45.0788 0x13b8 AeLookupSvc - ok
14:48:45.0929 0x13b8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:48:45.0944 0x13b8 AFD - ok
14:48:46.0069 0x13b8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:48:46.0085 0x13b8 agp440 - ok
14:48:46.0116 0x13b8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:48:46.0131 0x13b8 ALG - ok
14:48:46.0209 0x13b8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:48:46.0225 0x13b8 aliide - ok
14:48:46.0287 0x13b8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:48:46.0287 0x13b8 amdide - ok
14:48:46.0381 0x13b8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:48:46.0397 0x13b8 AmdK8 - ok
14:48:46.0412 0x13b8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:48:46.0428 0x13b8 AmdPPM - ok
14:48:46.0506 0x13b8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:48:46.0506 0x13b8 amdsata - ok
14:48:46.0584 0x13b8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:48:46.0599 0x13b8 amdsbs - ok
14:48:46.0677 0x13b8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:48:46.0677 0x13b8 amdxata - ok
14:48:46.0755 0x13b8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
14:48:46.0755 0x13b8 AppID - ok
14:48:46.0896 0x13b8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:48:46.0896 0x13b8 AppIDSvc - ok
14:48:47.0005 0x13b8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:48:47.0005 0x13b8 Appinfo - ok
14:48:47.0083 0x13b8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:48:47.0083 0x13b8 arc - ok
14:48:47.0130 0x13b8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:48:47.0130 0x13b8 arcsas - ok
14:48:47.0691 0x13b8 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:48:47.0972 0x13b8 aspnet_state - ok
14:48:48.0097 0x13b8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:48:48.0097 0x13b8 AsyncMac - ok
14:48:48.0159 0x13b8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:48:48.0175 0x13b8 atapi - ok
14:48:48.0284 0x13b8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:48:48.0315 0x13b8 AudioEndpointBuilder - ok
14:48:48.0347 0x13b8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:48:48.0378 0x13b8 AudioSrv - ok
14:48:48.0549 0x13b8 [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
14:48:48.0565 0x13b8 AVP - ok
14:48:48.0674 0x13b8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:48:48.0674 0x13b8 AxInstSV - ok
14:48:48.0783 0x13b8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:48:48.0815 0x13b8 b06bdrv - ok
14:48:48.0955 0x13b8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:48:48.0971 0x13b8 b57nd60a - ok
14:48:49.0142 0x13b8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:48:49.0142 0x13b8 BDESVC - ok
14:48:49.0205 0x13b8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:48:49.0205 0x13b8 Beep - ok
14:48:49.0392 0x13b8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:48:49.0423 0x13b8 BFE - ok
14:48:49.0532 0x13b8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:48:49.0641 0x13b8 BITS - ok
14:48:49.0688 0x13b8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:48:49.0688 0x13b8 blbdrive - ok
14:48:49.0797 0x13b8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:48:49.0813 0x13b8 bowser - ok
14:48:49.0891 0x13b8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:48:49.0891 0x13b8 BrFiltLo - ok
14:48:49.0938 0x13b8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:48:49.0953 0x13b8 BrFiltUp - ok
14:48:50.0031 0x13b8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:48:50.0063 0x13b8 Browser - ok
14:48:50.0125 0x13b8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:48:50.0141 0x13b8 Brserid - ok
14:48:50.0187 0x13b8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:48:50.0187 0x13b8 BrSerWdm - ok
14:48:50.0219 0x13b8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:48:50.0219 0x13b8 BrUsbMdm - ok
14:48:50.0219 0x13b8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:48:50.0234 0x13b8 BrUsbSer - ok
14:48:50.0297 0x13b8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:48:50.0297 0x13b8 BthEnum - ok
14:48:50.0343 0x13b8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:48:50.0343 0x13b8 BTHMODEM - ok
14:48:50.0390 0x13b8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:48:50.0406 0x13b8 BthPan - ok
14:48:50.0499 0x13b8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:48:50.0515 0x13b8 BTHPORT - ok
14:48:50.0593 0x13b8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:48:50.0593 0x13b8 bthserv - ok
14:48:50.0733 0x13b8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:48:50.0765 0x13b8 BTHUSB - ok
14:48:50.0811 0x13b8 [ 6E04458E98DAF28826482E41A7A62DF5, 995B371E7384CC05D3A0B462B31A3EA56D8715A93D15B45DB3A78C7F7CF13A40 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
14:48:50.0811 0x13b8 btusbflt - ok
14:48:51.0014 0x13b8 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B, 2A2039DD524E989EA91B7C91D5F295C663D1E27ABD64777D2F3137EB1C42C258 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:48:51.0014 0x13b8 btwaudio - ok
14:48:51.0077 0x13b8 [ 82DC8B7C626E526681C1BEBED2BC3FF9, 58260E88CDD7388ABA563F9B8F2F3FA17022DB9E4C56EBA0761E99B919A8EAF8 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
14:48:51.0077 0x13b8 btwavdt - ok
14:48:51.0451 0x13b8 [ 9B3BD0ECD82CC08409C55A36D8F56B93, FEFF37ECD21273B927B3A079C56EBC378118996A4C07B4CEE18545656AD6CC4A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:48:51.0513 0x13b8 btwdins - ok
14:48:51.0576 0x13b8 [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:48:51.0576 0x13b8 btwl2cap - ok
14:48:51.0701 0x13b8 [ 28E105AD3B79F440BF94780F507BF66A, EF4E6CCAB16765E2C88666625C13CB3299B668159A94CB201E3B44701A30640A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:48:51.0701 0x13b8 btwrchid - ok
14:48:51.0763 0x13b8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:48:51.0763 0x13b8 cdfs - ok
14:48:51.0888 0x13b8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:48:51.0903 0x13b8 cdrom - ok
14:48:51.0966 0x13b8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:48:51.0966 0x13b8 CertPropSvc - ok
14:48:52.0059 0x13b8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:48:52.0059 0x13b8 circlass - ok
14:48:52.0169 0x13b8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:48:52.0184 0x13b8 CLFS - ok
14:48:52.0309 0x13b8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:48:52.0325 0x13b8 clr_optimization_v2.0.50727_32 - ok
14:48:52.0465 0x13b8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:48:52.0465 0x13b8 clr_optimization_v2.0.50727_64 - ok
14:48:52.0574 0x13b8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:48:52.0980 0x13b8 clr_optimization_v4.0.30319_32 - ok
14:48:53.0058 0x13b8 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:48:53.0183 0x13b8 clr_optimization_v4.0.30319_64 - ok
14:48:53.0214 0x13b8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:48:53.0214 0x13b8 CmBatt - ok
14:48:53.0276 0x13b8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:48:53.0276 0x13b8 cmdide - ok
14:48:53.0417 0x13b8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
14:48:53.0432 0x13b8 CNG - ok
14:48:53.0541 0x13b8 [ 20F3F8674D7DEE5D90A352B775D5D5BA, 3D51276C77183652533A882F6C766075C7F5981DD116888567DC8E7FF3CF0D2D ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:48:53.0557 0x13b8 CnxtHdAudService - ok
14:48:53.0604 0x13b8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:48:53.0619 0x13b8 Compbatt - ok
14:48:53.0682 0x13b8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:48:53.0682 0x13b8 CompositeBus - ok
14:48:53.0713 0x13b8 COMSysApp - ok
14:48:53.0775 0x13b8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:48:53.0775 0x13b8 crcdisk - ok
14:48:53.0853 0x13b8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:48:53.0853 0x13b8 CryptSvc - ok
14:48:53.0994 0x13b8 [ 5A639B2B630B572FFE9B72448A8A514D, C61C72BC85AD4E2A2AD12E1404601B5FFC26AABB0D9D9CDF48D926443FF91F50 ] DBService C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
14:48:53.0994 0x13b8 DBService - ok
14:48:54.0181 0x13b8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:48:54.0275 0x13b8 DcomLaunch - ok
14:48:54.0337 0x13b8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:48:54.0353 0x13b8 defragsvc - ok
14:48:54.0446 0x13b8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:48:54.0446 0x13b8 DfsC - ok
14:48:54.0524 0x13b8 [ FFCCD922F305B8CFBA8D99F65E35EDD7, DF1334BC63F1008C8F9F80ED30EAB58F918D99BF6DC9E466645CB24A29163079 ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys
14:48:54.0540 0x13b8 dgderdrv - ok
14:48:54.0618 0x13b8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:48:54.0618 0x13b8 Dhcp - ok
14:48:54.0899 0x13b8 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
14:48:54.0930 0x13b8 DiagTrack - ok
14:48:54.0992 0x13b8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:48:54.0992 0x13b8 discache - ok
14:48:55.0055 0x13b8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:48:55.0070 0x13b8 Disk - ok
14:48:55.0445 0x13b8 [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
14:48:55.0445 0x13b8 DKbFltr - ok
14:48:55.0491 0x13b8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:48:55.0507 0x13b8 Dnscache - ok
14:48:55.0601 0x13b8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:48:55.0616 0x13b8 dot3svc - ok
14:48:55.0694 0x13b8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:48:55.0694 0x13b8 DPS - ok
14:48:55.0772 0x13b8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:48:55.0772 0x13b8 drmkaud - ok
14:48:56.0037 0x13b8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:48:56.0115 0x13b8 DXGKrnl - ok
14:48:56.0225 0x13b8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:48:56.0240 0x13b8 EapHost - ok
14:48:56.0771 0x13b8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:48:56.0973 0x13b8 ebdrv - ok
14:48:57.0051 0x13b8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\Windows\System32\lsass.exe
14:48:57.0051 0x13b8 EFS - ok
14:48:57.0223 0x13b8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:48:57.0254 0x13b8 ehRecvr - ok
14:48:57.0379 0x13b8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:48:57.0379 0x13b8 ehSched - ok
14:48:57.0488 0x13b8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:48:57.0504 0x13b8 elxstor - ok
14:48:57.0785 0x13b8 [ FB67AA8AC61B9365ADD546139A21BED6, DDE2053071ED1F7E634FF1A74DB0ACC7D0D19B0AD0CF37DE989FA91B93C76452 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:48:57.0878 0x13b8 ePowerSvc - ok
14:48:57.0925 0x13b8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:48:57.0925 0x13b8 ErrDev - ok
14:48:58.0034 0x13b8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:48:58.0050 0x13b8 EventSystem - ok
14:48:58.0112 0x13b8 [ 6BB25543428878BAFBC2F8446343B160, 4F0ADDD1BD1CE6F20476E73950FCE4C25C8A90CB84DCB9A7C91EC34FA4C6FBF3 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
14:48:58.0112 0x13b8 ewusbnet - ok
14:48:58.0190 0x13b8 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:48:58.0206 0x13b8 ew_hwusbdev - ok
14:48:58.0268 0x13b8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:48:58.0268 0x13b8 exfat - ok
14:48:58.0315 0x13b8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:48:58.0315 0x13b8 fastfat - ok
14:48:58.0440 0x13b8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:48:58.0471 0x13b8 Fax - ok
14:48:58.0502 0x13b8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:48:58.0502 0x13b8 fdc - ok
14:48:58.0565 0x13b8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:48:58.0565 0x13b8 fdPHost - ok
14:48:58.0580 0x13b8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:48:58.0580 0x13b8 FDResPub - ok
14:48:58.0611 0x13b8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:48:58.0611 0x13b8 FileInfo - ok
14:48:58.0689 0x13b8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:48:58.0689 0x13b8 Filetrace - ok
14:48:58.0752 0x13b8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:48:58.0752 0x13b8 flpydisk - ok
14:48:58.0923 0x13b8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:48:58.0939 0x13b8 FltMgr - ok
14:48:59.0126 0x13b8 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
14:48:59.0173 0x13b8 FontCache - ok
14:48:59.0469 0x13b8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:48:59.0485 0x13b8 FontCache3.0.0.0 - ok
14:48:59.0547 0x13b8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:48:59.0547 0x13b8 FsDepends - ok
14:48:59.0594 0x13b8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:48:59.0594 0x13b8 Fs_Rec - ok
14:48:59.0688 0x13b8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:48:59.0703 0x13b8 fvevol - ok
14:48:59.0750 0x13b8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:48:59.0750 0x13b8 gagp30kx - ok
14:48:59.0828 0x13b8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:48:59.0859 0x13b8 gpsvc - ok
14:49:00.0171 0x13b8 [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
14:49:00.0234 0x13b8 Greg_Service - ok
14:49:00.0437 0x13b8 [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate1ca948a3229fde9 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:49:00.0437 0x13b8 gupdate1ca948a3229fde9 - ok
14:49:00.0593 0x13b8 [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:49:00.0593 0x13b8 gupdatem - ok
14:49:00.0639 0x13b8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:49:00.0639 0x13b8 hcw85cir - ok
14:49:00.0733 0x13b8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:49:00.0733 0x13b8 HdAudAddService - ok
14:49:00.0780 0x13b8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:49:00.0780 0x13b8 HDAudBus - ok
14:49:00.0858 0x13b8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:49:00.0858 0x13b8 HidBatt - ok
14:49:00.0873 0x13b8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:49:00.0873 0x13b8 HidBth - ok
14:49:00.0905 0x13b8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:49:00.0905 0x13b8 HidIr - ok
14:49:00.0967 0x13b8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:49:00.0967 0x13b8 hidserv - ok
14:49:01.0045 0x13b8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:49:01.0045 0x13b8 HidUsb - ok
14:49:01.0107 0x13b8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:49:01.0107 0x13b8 hkmsvc - ok
14:49:01.0185 0x13b8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:49:01.0201 0x13b8 HomeGroupListener - ok
14:49:01.0248 0x13b8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:49:01.0248 0x13b8 HomeGroupProvider - ok
14:49:01.0373 0x13b8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:49:01.0373 0x13b8 HpSAMD - ok
14:49:01.0685 0x13b8 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:49:01.0716 0x13b8 HPSLPSVC - ok
14:49:01.0856 0x13b8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:49:01.0919 0x13b8 HTTP - ok
14:49:02.0012 0x13b8 [ 6E05228393CD614B983568EC40C262C3, CEB1CFDD346534F01A52D2E7004B0220692FC67CAD874FE04740ECDA2F92767D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:49:02.0012 0x13b8 hwdatacard - ok
14:49:02.0059 0x13b8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:49:02.0059 0x13b8 hwpolicy - ok
14:49:02.0153 0x13b8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:49:02.0168 0x13b8 i8042prt - ok
14:49:02.0277 0x13b8 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:49:02.0293 0x13b8 IAANTMON - ok
14:49:02.0355 0x13b8 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:49:02.0355 0x13b8 iaStor - ok
14:49:02.0465 0x13b8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:49:02.0480 0x13b8 iaStorV - ok
14:49:02.0621 0x13b8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:49:02.0652 0x13b8 idsvc - ok
14:49:02.0730 0x13b8 IEEtwCollectorService - ok
14:49:02.0761 0x13b8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:49:02.0777 0x13b8 iirsp - ok
14:49:02.0964 0x13b8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:49:02.0995 0x13b8 IKEEXT - ok
14:49:03.0151 0x13b8 [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4, 04243A34AF13B89DABE4C4D24204438094AA36A83591092E1251AD67E623C10F ] int15.sys C:\Windows\System32\OEM\Factory\int15.sys
14:49:03.0167 0x13b8 int15.sys - ok
14:49:03.0260 0x13b8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:49:03.0260 0x13b8 intelide - ok
14:49:03.0354 0x13b8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:49:03.0354 0x13b8 intelppm - ok
14:49:03.0416 0x13b8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:49:03.0416 0x13b8 IPBusEnum - ok
14:49:03.0541 0x13b8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:49:03.0541 0x13b8 IpFilterDriver - ok
14:49:03.0666 0x13b8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:49:03.0681 0x13b8 iphlpsvc - ok
14:49:03.0759 0x13b8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:49:03.0759 0x13b8 IPMIDRV - ok
14:49:03.0806 0x13b8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:49:03.0822 0x13b8 IPNAT - ok
14:49:03.0915 0x13b8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:49:03.0915 0x13b8 IRENUM - ok
14:49:03.0962 0x13b8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:49:03.0978 0x13b8 isapnp - ok
14:49:04.0040 0x13b8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:49:04.0056 0x13b8 iScsiPrt - ok
14:49:04.0103 0x13b8 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:49:04.0118 0x13b8 IviRegMgr - ok
14:49:04.0181 0x13b8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:49:04.0181 0x13b8 kbdclass - ok
14:49:04.0259 0x13b8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:49:04.0259 0x13b8 kbdhid - ok
14:49:04.0368 0x13b8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\Windows\system32\lsass.exe
14:49:04.0368 0x13b8 KeyIso - ok
14:49:04.0461 0x13b8 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
14:49:04.0477 0x13b8 kl1 - ok
14:49:04.0571 0x13b8 [ D0C3AEF67932D2A80736FBCB956C017D, 166C2FD5F1B6FFE7A71CD821DFDD02B68D25CBF0D44BD6F2522C65CF1DEB363C ] klflt C:\Windows\system32\DRIVERS\klflt.sys
14:49:04.0586 0x13b8 klflt - ok
14:49:06.0911 0x13b8 [ 41DF293A7F0418F5DDED9F0297DC68F3, 25DE4BB7F2D915FCF576ABD46EEDC5574B694A2D1E5CB7AB565792C7BB57C76B ] KLIF C:\Windows\system32\DRIVERS\klif.sys
14:49:06.0942 0x13b8 KLIF - ok
14:49:07.0067 0x13b8 [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
14:49:07.0067 0x13b8 KLIM6 - ok
14:49:07.0207 0x13b8 [ 8DA5BC75C3E8A995335642F26CAEA54B, 3995AAB499A37077AA4FB372E75CD9259BA3EA7020B961CF482AC948D2D47AB4 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
14:49:07.0207 0x13b8 klkbdflt - ok
14:49:07.0269 0x13b8 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
14:49:07.0269 0x13b8 klmouflt - ok
14:49:07.0363 0x13b8 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
14:49:07.0363 0x13b8 klpd - ok
14:49:07.0457 0x13b8 [ 4828B3D2BC89B05E07101C6E60CE0A6A, C2D40EA03A526286AEDF27DE80CB0576EB59EB7581C9E9ECFCB867349593D7CE ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
14:49:07.0457 0x13b8 kltdi - ok
14:49:07.0566 0x13b8 [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\Windows\system32\DRIVERS\kneps.sys
14:49:07.0581 0x13b8 kneps - ok
14:49:07.0628 0x13b8 [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:49:07.0644 0x13b8 KSecDD - ok
14:49:07.0691 0x13b8 [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:49:07.0691 0x13b8 KSecPkg - ok
14:49:07.0753 0x13b8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:49:07.0753 0x13b8 ksthunk - ok
14:49:07.0815 0x13b8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:49:07.0831 0x13b8 KtmRm - ok
14:49:07.0925 0x13b8 [ 2377EC4CC3E356655B996F39B43486B6, 1934013BAC20D857C9060229AC847B5628FB17042057E8B1CB8E3E0F9F26D53F ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:49:07.0925 0x13b8 L1C - ok
14:49:08.0112 0x13b8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:49:08.0190 0x13b8 LanmanServer - ok
14:49:08.0268 0x13b8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:49:08.0268 0x13b8 LanmanWorkstation - ok
14:49:08.0346 0x13b8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:49:08.0346 0x13b8 lltdio - ok
14:49:08.0439 0x13b8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:49:08.0455 0x13b8 lltdsvc - ok
14:49:08.0486 0x13b8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:49:08.0486 0x13b8 lmhosts - ok
14:49:08.0533 0x13b8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:49:08.0533 0x13b8 LSI_FC - ok
14:49:08.0580 0x13b8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:49:08.0595 0x13b8 LSI_SAS - ok
14:49:08.0658 0x13b8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:49:08.0658 0x13b8 LSI_SAS2 - ok
14:49:08.0673 0x13b8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:49:08.0673 0x13b8 LSI_SCSI - ok
14:49:08.0720 0x13b8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:49:08.0720 0x13b8 luafv - ok
14:49:08.0767 0x13b8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:49:08.0767 0x13b8 Mcx2Svc - ok
14:49:08.0798 0x13b8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:49:08.0876 0x13b8 megasas - ok
14:49:08.0907 0x13b8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:49:08.0907 0x13b8 MegaSR - ok
14:49:09.0017 0x13b8 Microsoft SharePoint Workspace Audit Service - ok
14:49:09.0063 0x13b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:49:09.0063 0x13b8 MMCSS - ok
14:49:09.0095 0x13b8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:49:09.0095 0x13b8 Modem - ok
14:49:09.0157 0x13b8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:49:09.0157 0x13b8 monitor - ok
14:49:09.0219 0x13b8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:49:09.0219 0x13b8 mouclass - ok
14:49:09.0282 0x13b8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:49:09.0282 0x13b8 mouhid - ok
14:49:09.0360 0x13b8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:49:09.0360 0x13b8 mountmgr - ok
14:49:09.0469 0x13b8 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:49:09.0485 0x13b8 MozillaMaintenance - ok
14:49:09.0531 0x13b8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:49:09.0547 0x13b8 mpio - ok
14:49:09.0641 0x13b8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:49:09.0641 0x13b8 mpsdrv - ok
14:49:09.0797 0x13b8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:49:09.0999 0x13b8 MpsSvc - ok
14:49:10.0109 0x13b8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:49:10.0109 0x13b8 MRxDAV - ok
14:49:10.0155 0x13b8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:49:10.0187 0x13b8 mrxsmb - ok
14:49:10.0265 0x13b8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:49:10.0265 0x13b8 mrxsmb10 - ok
14:49:10.0389 0x13b8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:49:10.0389 0x13b8 mrxsmb20 - ok
14:49:10.0561 0x13b8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:49:10.0577 0x13b8 msahci - ok
14:49:10.0670 0x13b8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:49:10.0686 0x13b8 msdsm - ok
14:49:10.0733 0x13b8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:49:10.0748 0x13b8 MSDTC - ok
14:49:11.0029 0x13b8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:49:11.0029 0x13b8 Msfs - ok
14:49:11.0138 0x13b8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:49:11.0138 0x13b8 mshidkmdf - ok
14:49:11.0185 0x13b8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:49:11.0185 0x13b8 msisadrv - ok
14:49:11.0279 0x13b8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:49:11.0279 0x13b8 MSiSCSI - ok
14:49:11.0279 0x13b8 msiserver - ok
14:49:12.0043 0x13b8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:49:12.0043 0x13b8 MSKSSRV - ok
14:49:12.0090 0x13b8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:49:12.0090 0x13b8 MSPCLOCK - ok
14:49:12.0246 0x13b8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:49:12.0246 0x13b8 MSPQM - ok
14:49:12.0308 0x13b8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:49:12.0324 0x13b8 MsRPC - ok
14:49:12.0449 0x13b8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:49:12.0449 0x13b8 mssmbios - ok
14:49:12.0714 0x13b8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:49:12.0714 0x13b8 MSTEE - ok
14:49:12.0730 0x13b8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:49:12.0730 0x13b8 MTConfig - ok
14:49:12.0761 0x13b8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:49:12.0776 0x13b8 Mup - ok
14:49:12.0870 0x13b8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:49:12.0886 0x13b8 napagent - ok
14:49:12.0979 0x13b8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:49:12.0995 0x13b8 NativeWifiP - ok
14:49:13.0151 0x13b8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:49:13.0229 0x13b8 NDIS - ok
14:49:13.0338 0x13b8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:49:13.0338 0x13b8 NdisCap - ok
14:49:13.0416 0x13b8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:49:13.0416 0x13b8 NdisTapi - ok
14:49:13.0728 0x13b8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:49:13.0728 0x13b8 Ndisuio - ok
14:49:13.0837 0x13b8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:13.0837 0x13b8 NdisWan - ok
14:49:13.0962 0x13b8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:49:13.0962 0x13b8 NDProxy - ok
14:49:14.0102 0x13b8 [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:49:14.0118 0x13b8 Net Driver HPZ12 - ok
14:49:14.0165 0x13b8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:49:14.0180 0x13b8 NetBIOS - ok
14:49:14.0243 0x13b8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:49:14.0243 0x13b8 NetBT - ok
14:49:14.0274 0x13b8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\Windows\system32\lsass.exe
14:49:14.0274 0x13b8 Netlogon - ok
14:49:14.0352 0x13b8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:49:14.0399 0x13b8 Netman - ok
14:49:14.0570 0x13b8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:14.0648 0x13b8 NetMsmqActivator - ok
14:49:14.0680 0x13b8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:14.0680 0x13b8 NetPipeActivator - ok
14:49:14.0773 0x13b8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:49:14.0804 0x13b8 netprofm - ok
14:49:14.0882 0x13b8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:14.0882 0x13b8 NetTcpActivator - ok
14:49:14.0898 0x13b8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:14.0898 0x13b8 NetTcpPortSharing - ok
14:49:16.0224 0x13b8 [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
14:49:16.0583 0x13b8 NETw5s64 - ok
14:49:17.0254 0x13b8 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:49:17.0550 0x13b8 netw5v64 - ok
14:49:17.0612 0x13b8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:49:17.0612 0x13b8 nfrd960 - ok
14:49:18.0408 0x13b8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:49:18.0486 0x13b8 NlaSvc - ok
14:49:18.0689 0x13b8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:49:18.0782 0x13b8 Npfs - ok
14:49:19.0126 0x13b8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:49:19.0126 0x13b8 nsi - ok
14:49:19.0188 0x13b8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:49:19.0188 0x13b8 nsiproxy - ok
14:49:19.0578 0x13b8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:49:19.0843 0x13b8 Ntfs - ok
14:49:19.0984 0x13b8 [ FD324CCE1D4D5BB5AF65F8E55B462C7E, 901287499F33EFD3B1EE6CBDAD4E4DD342DC62FCDCCEF5375CB9D7B0673EE1E6 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
14:49:19.0999 0x13b8 NTIBackupSvc - ok
14:49:20.0140 0x13b8 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
14:49:20.0140 0x13b8 NTIDrvr - ok
14:49:20.0311 0x13b8 [ 3F6268A2EC33CD38CF75C880AF8DED42, 6CA4A527878042C3BB40A7C0F4F9434827C7E60F989EB7C39BBAD0F270404EEE ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
14:49:20.0436 0x13b8 NTISchedulerSvc - ok
14:49:20.0467 0x13b8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:49:20.0467 0x13b8 Null - ok
14:49:21.0481 0x13b8 [ FD39B98FF1BB8ED3848781497E9D02E0, EF078BC65FAF214860C177206793FFA47EB216FCC2F711DB1D63FE584FF18706 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:49:21.0949 0x13b8 nvlddmkm - ok
14:49:21.0996 0x13b8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:49:22.0012 0x13b8 nvraid - ok
14:49:22.0058 0x13b8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:49:22.0058 0x13b8 nvstor - ok
14:49:22.0136 0x13b8 [ C1668D58547DD0C4A0FBD6AFA20D5890, CF003E17B4DB83B88E3CE3010BE9A970756BB45C4D3500D3F02EBDC92BBC2AF8 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:49:22.0136 0x13b8 nvsvc - ok
14:49:22.0183 0x13b8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:49:22.0214 0x13b8 nv_agp - ok
14:49:22.0277 0x13b8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:49:22.0292 0x13b8 ohci1394 - ok
14:49:22.0339 0x13b8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:49:22.0386 0x13b8 ose - ok
14:49:22.0916 0x13b8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:49:23.0166 0x13b8 osppsvc - ok
14:49:23.0416 0x13b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:49:23.0462 0x13b8 p2pimsvc - ok
14:49:23.0759 0x13b8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:49:23.0806 0x13b8 p2psvc - ok
14:49:23.0962 0x13b8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:49:23.0977 0x13b8 Parport - ok
14:49:24.0071 0x13b8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:49:24.0086 0x13b8 partmgr - ok
14:49:24.0180 0x13b8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:49:24.0196 0x13b8 PcaSvc - ok
14:49:24.0211 0x13b8 pccsmcfd - ok
14:49:24.0336 0x13b8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:49:24.0336 0x13b8 pci - ok
14:49:24.0398 0x13b8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:49:24.0398 0x13b8 pciide - ok
14:49:24.0461 0x13b8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:49:24.0476 0x13b8 pcmcia - ok
14:49:24.0554 0x13b8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:49:24.0554 0x13b8 pcw - ok
14:49:24.0929 0x13b8 [ D0AD1271494EB9E065E902D1013BC369, 0E4DB28B5C348DF44BADC64FB8BCDA563D0515A75F0F14FD076BC39AF19BD65F ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
14:49:25.0100 0x13b8 PDF Architect 2 - ok
14:49:25.0818 0x13b8 [ 89436BB836F6737F19EB2B78250E414E, 9140F42CACDDC0979B90553D43A1FA1296DD829E6235D272F9DF3670613445CF ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
14:49:25.0912 0x13b8 pdfforge CrashHandler - ok
14:49:26.0052 0x13b8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:49:26.0083 0x13b8 PEAUTH - ok
14:49:26.0333 0x13b8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:49:26.0348 0x13b8 PerfHost - ok
14:49:26.0692 0x13b8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:49:26.0770 0x13b8 pla - ok
14:49:26.0863 0x13b8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:49:26.0879 0x13b8 PlugPlay - ok
14:49:27.0050 0x13b8 [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:49:27.0066 0x13b8 Pml Driver HPZ12 - ok
14:49:27.0160 0x13b8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:49:27.0160 0x13b8 PNRPAutoReg - ok
14:49:27.0316 0x13b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:49:27.0331 0x13b8 PNRPsvc - ok
14:49:27.0425 0x13b8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:49:27.0456 0x13b8 PolicyAgent - ok
14:49:27.0596 0x13b8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:49:27.0612 0x13b8 Power - ok
14:49:27.0737 0x13b8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:49:27.0737 0x13b8 PptpMiniport - ok
14:49:27.0784 0x13b8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:49:27.0784 0x13b8 Processor - ok
14:49:27.0815 0x13b8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:49:27.0830 0x13b8 ProfSvc - ok
14:49:27.0862 0x13b8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
14:49:27.0862 0x13b8 ProtectedStorage - ok
14:49:27.0955 0x13b8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:49:27.0955 0x13b8 Psched - ok
14:49:28.0002 0x13b8 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:49:28.0018 0x13b8 PSI_SVC_2 - ok
14:49:28.0205 0x13b8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:49:28.0298 0x13b8 ql2300 - ok
14:49:28.0361 0x13b8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:49:28.0361 0x13b8 ql40xx - ok
14:49:28.0486 0x13b8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:49:28.0501 0x13b8 QWAVE - ok
14:49:28.0548 0x13b8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:49:28.0548 0x13b8 QWAVEdrv - ok
14:49:28.0720 0x13b8 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
14:49:28.0735 0x13b8 RapiMgr - ok
14:49:28.0766 0x13b8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:49:28.0766 0x13b8 RasAcd - ok
14:49:28.0829 0x13b8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:49:28.0844 0x13b8 RasAgileVpn - ok
14:49:28.0907 0x13b8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:49:28.0922 0x13b8 RasAuto - ok
14:49:28.0985 0x13b8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:49:28.0985 0x13b8 Rasl2tp - ok
14:49:29.0078 0x13b8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:49:29.0110 0x13b8 RasMan - ok
14:49:29.0172 0x13b8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:49:29.0188 0x13b8 RasPppoe - ok
14:49:29.0234 0x13b8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:49:29.0250 0x13b8 RasSstp - ok
14:49:29.0328 0x13b8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:49:29.0328 0x13b8 rdbss - ok
14:49:29.0359 0x13b8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:49:29.0375 0x13b8 rdpbus - ok
14:49:29.0406 0x13b8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:49:29.0406 0x13b8 RDPCDD - ok
14:49:29.0468 0x13b8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:49:29.0468 0x13b8 RDPENCDD - ok
14:49:29.0546 0x13b8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:49:29.0546 0x13b8 RDPREFMP - ok
14:49:29.0640 0x13b8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:49:29.0640 0x13b8 RDPWD - ok
14:49:29.0718 0x13b8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:49:29.0734 0x13b8 rdyboost - ok
14:49:29.0765 0x13b8 regi - ok
14:49:29.0858 0x13b8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:49:29.0858 0x13b8 RemoteAccess - ok
14:49:29.0921 0x13b8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:49:29.0921 0x13b8 RemoteRegistry - ok
14:49:29.0983 0x13b8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:49:29.0983 0x13b8 RFCOMM - ok
14:49:30.0077 0x13b8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:49:30.0077 0x13b8 RpcEptMapper - ok
14:49:30.0124 0x13b8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:49:30.0124 0x13b8 RpcLocator - ok
14:49:30.0186 0x13b8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:49:30.0186 0x13b8 RpcSs - ok
14:49:30.0264 0x13b8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:49:30.0264 0x13b8 rspndr - ok
14:49:30.0326 0x13b8 [ A5DF2F732A6C95554E548FCB6932BD31, C86B89CDB42F465329CAD3B601A6A006C4785F0CBF753361A7677D68D558EFC9 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:49:30.0326 0x13b8 RSUSBSTOR - ok
14:49:30.0420 0x13b8 [ B5A4B7D779CF4070DF408DE18BD33B02, 45D68D32AE10DB0D76F3455DF84ACD2289485C38FC411B71C2DD3E0FB9923473 ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
14:49:30.0420 0x13b8 RS_Service - ok
14:49:30.0436 0x13b8 RtsUIR - ok
14:49:30.0560 0x13b8 [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
14:49:30.0560 0x13b8 s0016bus - ok
14:49:30.0638 0x13b8 [ F5F9DEB89996D333EF976624D37E24E3, 88DE296EFA6CA2F32318F1807D633C8949D237FB33BA320551B71089CF5EB73B ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
14:49:30.0638 0x13b8 s0016mdfl - ok
14:49:30.0670 0x13b8 [ C17CE2AEE67480FEBCC36ECCB54C0BE8, E13F83608B29988CCDB5A462AA3E56D26222427066651EEDF48223664D3FAFEA ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
14:49:30.0685 0x13b8 s0016mdm - ok
14:49:30.0716 0x13b8 [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
14:49:30.0732 0x13b8 s0016mgmt - ok
14:49:30.0794 0x13b8 [ 30A35BBCE09D9FE67482FD62C61911FC, 8E8B0910F2A4C7DCFF0F8A83AAA8F9B38D53CEB7B7E7DC5B64350A09CBE6F557 ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
14:49:30.0826 0x13b8 s0016nd5 - ok
14:49:30.0904 0x13b8 [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
14:49:30.0904 0x13b8 s0016obex - ok
14:49:30.0950 0x13b8 [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
14:49:30.0982 0x13b8 s0016unic - ok
14:49:31.0013 0x13b8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\Windows\system32\lsass.exe
14:49:31.0013 0x13b8 SamSs - ok
14:49:31.0060 0x13b8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:49:31.0106 0x13b8 sbp2port - ok
14:49:31.0169 0x13b8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:49:31.0169 0x13b8 SCardSvr - ok
14:49:31.0216 0x13b8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:49:31.0216 0x13b8 scfilter - ok
14:49:31.0418 0x13b8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:49:31.0450 0x13b8 Schedule - ok
14:49:31.0496 0x13b8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:49:31.0496 0x13b8 SCPolicySvc - ok
14:49:31.0590 0x13b8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:49:31.0606 0x13b8 SDRSVC - ok
14:49:31.0637 0x13b8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:49:31.0637 0x13b8 secdrv - ok
14:49:31.0730 0x13b8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:49:31.0746 0x13b8 seclogon - ok
14:49:31.0840 0x13b8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:49:31.0855 0x13b8 SENS - ok
14:49:31.0886 0x13b8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:49:31.0886 0x13b8 SensrSvc - ok
14:49:31.0918 0x13b8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:49:31.0918 0x13b8 Serenum - ok
14:49:31.0964 0x13b8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:49:31.0964 0x13b8 Serial - ok
14:49:32.0027 0x13b8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:49:32.0027 0x13b8 sermouse - ok
14:49:32.0089 0x13b8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:49:32.0105 0x13b8 SessionEnv - ok
14:49:32.0183 0x13b8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:49:32.0183 0x13b8 sffdisk - ok
14:49:32.0214 0x13b8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:49:32.0230 0x13b8 sffp_mmc - ok
14:49:32.0261 0x13b8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:49:32.0261 0x13b8 sffp_sd - ok
14:49:32.0292 0x13b8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:49:32.0292 0x13b8 sfloppy - ok
14:49:32.0339 0x13b8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:49:32.0354 0x13b8 SharedAccess - ok
14:49:32.0417 0x13b8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:49:32.0432 0x13b8 ShellHWDetection - ok
14:49:32.0479 0x13b8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:49:32.0479 0x13b8 SiSRaid2 - ok
14:49:32.0479 0x13b8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:49:32.0495 0x13b8 SiSRaid4 - ok
14:49:32.0604 0x13b8 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:49:32.0604 0x13b8 SkypeUpdate - ok
14:49:32.0651 0x13b8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:49:32.0651 0x13b8 Smb - ok
14:49:32.0729 0x13b8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:49:32.0729 0x13b8 SNMPTRAP - ok
14:49:32.0744 0x13b8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:49:32.0760 0x13b8 spldr - ok
14:49:32.0838 0x13b8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:49:32.0854 0x13b8 Spooler - ok
14:49:33.0322 0x13b8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:49:33.0727 0x13b8 sppsvc - ok
14:49:33.0836 0x13b8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:49:33.0852 0x13b8 sppuinotify - ok
14:49:33.0914 0x13b8 [ D63FC56C7C3F9B576BC25F617E3F7963, 1F1D024A6A41DD93DE4F09999D90DB5148D87C1C1DDEFFC0407C6E59EB7199D1 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:49:33.0930 0x13b8 SQLWriter - ok
14:49:34.0039 0x13b8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:49:34.0055 0x13b8 srv - ok
14:49:34.0117 0x13b8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:49:34.0133 0x13b8 srv2 - ok
14:49:34.0180 0x13b8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:49:34.0195 0x13b8 srvnet - ok
14:49:34.0226 0x13b8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:49:34.0242 0x13b8 SSDPSRV - ok
14:49:34.0289 0x13b8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:49:34.0289 0x13b8 SstpSvc - ok
14:49:34.0367 0x13b8 [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
14:49:34.0367 0x13b8 ss_bus - ok
14:49:34.0445 0x13b8 [ 451DB3D10E6112E06B4506D4A7BECEC1, 18C361E7E478CB9991638EE412C05E40B89BAD542519E62F4CED4055A80F3216 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
14:49:34.0445 0x13b8 ss_mdfl - ok
14:49:34.0507 0x13b8 [ EF40C8A268A5263A0EF48FED8E57CBED, 253C2B5E5075D01B7E27C6F9548291DADB4C9B635849DDA9E2DA3E5785DE9B75 ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
14:49:34.0523 0x13b8 ss_mdm - ok
14:49:34.0554 0x13b8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:49:34.0570 0x13b8 stexstor - ok
14:49:34.0694 0x13b8 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:49:34.0710 0x13b8 StillCam - ok
14:49:34.0819 0x13b8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:49:34.0866 0x13b8 stisvc - ok
14:49:34.0913 0x13b8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:49:34.0913 0x13b8 swenum - ok
14:49:35.0131 0x13b8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:49:35.0178 0x13b8 swprv - ok
14:49:35.0318 0x13b8 [ 924D711941956F7420A4925592BE8253, D621114FC94D9B257EC5B684B90E54B63D4078D5FC19550C2E396AE4EDD2C552 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:49:35.0334 0x13b8 SynTP - ok
14:49:35.0599 0x13b8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:49:35.0693 0x13b8 SysMain - ok
14:49:35.0740 0x13b8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:49:35.0755 0x13b8 TabletInputService - ok
14:49:35.0849 0x13b8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:49:35.0864 0x13b8 TapiSrv - ok
14:49:35.0942 0x13b8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:49:35.0958 0x13b8 TBS - ok
14:49:36.0223 0x13b8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:49:36.0332 0x13b8 Tcpip - ok
14:49:36.0457 0x13b8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:49:36.0520 0x13b8 TCPIP6 - ok
14:49:36.0582 0x13b8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:49:36.0629 0x13b8 tcpipreg - ok
14:49:36.0691 0x13b8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:49:36.0691 0x13b8 TDPIPE - ok
14:49:36.0738 0x13b8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:49:36.0754 0x13b8 TDTCP - ok
14:49:36.0847 0x13b8 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:49:36.0863 0x13b8 tdx - ok
14:49:36.0925 0x13b8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:49:36.0925 0x13b8 TermDD - ok
14:49:37.0081 0x13b8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:49:37.0112 0x13b8 TermService - ok
14:49:37.0237 0x13b8 [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
14:49:37.0237 0x13b8 TFsExDisk - ok
14:49:37.0268 0x13b8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:49:37.0284 0x13b8 Themes - ok
14:49:37.0346 0x13b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:49:37.0346 0x13b8 THREADORDER - ok
14:49:37.0456 0x13b8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:49:37.0456 0x13b8 TrkWks - ok
14:49:37.0565 0x13b8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:49:37.0580 0x13b8 TrustedInstaller - ok
14:49:37.0643 0x13b8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:49:37.0643 0x13b8 tssecsrv - ok
14:49:37.0783 0x13b8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:49:37.0783 0x13b8 TsUsbFlt - ok
14:49:37.0892 0x13b8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:49:37.0892 0x13b8 tunnel - ok
14:49:37.0924 0x13b8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:49:37.0924 0x13b8 uagp35 - ok
14:49:37.0955 0x13b8 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
14:49:37.0955 0x13b8 UBHelper - ok
14:49:38.0017 0x13b8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:49:38.0033 0x13b8 udfs - ok
14:49:38.0142 0x13b8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:49:38.0158 0x13b8 UI0Detect - ok
14:49:38.0251 0x13b8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:49:38.0251 0x13b8 uliagpkx - ok
14:49:38.0392 0x13b8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:49:38.0423 0x13b8 umbus - ok
14:49:38.0470 0x13b8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:49:38.0470 0x13b8 UmPass - ok
14:49:38.0688 0x13b8 [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:49:38.0704 0x13b8 Updater Service - ok
14:49:38.0813 0x13b8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:49:38.0828 0x13b8 upnphost - ok
14:49:38.0906 0x13b8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:49:38.0906 0x13b8 usbccgp - ok
14:49:38.0906 0x13b8 USBCCID - ok
14:49:38.0984 0x13b8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:49:38.0984 0x13b8 usbcir - ok
14:49:39.0047 0x13b8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:49:39.0047 0x13b8 usbehci - ok
14:49:39.0078 0x13b8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:49:39.0094 0x13b8 usbhub - ok
14:49:39.0125 0x13b8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:49:39.0125 0x13b8 usbohci - ok
14:49:39.0203 0x13b8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:49:39.0203 0x13b8 usbprint - ok
14:49:39.0374 0x13b8 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:49:39.0374 0x13b8 usbscan - ok
14:49:39.0437 0x13b8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:49:39.0437 0x13b8 USBSTOR - ok
14:49:39.0468 0x13b8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:49:39.0468 0x13b8 usbuhci - ok
14:49:39.0562 0x13b8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:49:39.0577 0x13b8 usbvideo - ok
14:49:39.0640 0x13b8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:49:39.0640 0x13b8 UxSms - ok
14:49:39.0655 0x13b8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\Windows\system32\lsass.exe
14:49:39.0671 0x13b8 VaultSvc - ok
14:49:39.0718 0x13b8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:49:39.0718 0x13b8 vdrvroot - ok
14:49:39.0874 0x13b8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:49:39.0905 0x13b8 vds - ok
14:49:40.0030 0x13b8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:49:40.0030 0x13b8 vga - ok
14:49:40.0076 0x13b8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:49:40.0076 0x13b8 VgaSave - ok
14:49:40.0139 0x13b8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:49:40.0170 0x13b8 vhdmp - ok
14:49:40.0217 0x13b8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:49:40.0217 0x13b8 viaide - ok
14:49:40.0264 0x13b8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:49:40.0264 0x13b8 volmgr - ok
14:49:40.0373 0x13b8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:49:40.0388 0x13b8 volmgrx - ok
14:49:40.0498 0x13b8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:49:40.0513 0x13b8 volsnap - ok
14:49:40.0591 0x13b8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:49:40.0591 0x13b8 vsmraid - ok
14:49:40.0872 0x13b8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:49:40.0950 0x13b8 VSS - ok
14:49:41.0012 0x13b8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:49:41.0028 0x13b8 vwifibus - ok
14:49:41.0153 0x13b8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:49:41.0168 0x13b8 vwififlt - ok
14:49:41.0200 0x13b8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:49:41.0200 0x13b8 vwifimp - ok
14:49:41.0621 0x13b8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:49:41.0668 0x13b8 W32Time - ok
14:49:41.0699 0x13b8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:49:41.0699 0x13b8 WacomPen - ok
14:49:41.0761 0x13b8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:49:41.0761 0x13b8 WANARP - ok
14:49:41.0777 0x13b8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:49:41.0777 0x13b8 Wanarpv6 - ok
14:49:42.0214 0x13b8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:49:42.0323 0x13b8 wbengine - ok
14:49:42.0401 0x13b8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:49:42.0416 0x13b8 WbioSrvc - ok
14:49:42.0479 0x13b8 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
14:49:42.0494 0x13b8 WcesComm - ok
14:49:42.0682 0x13b8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:49:42.0728 0x13b8 wcncsvc - ok
14:49:42.0775 0x13b8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:49:42.0822 0x13b8 WcsPlugInService - ok
14:49:42.0869 0x13b8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:49:42.0869 0x13b8 Wd - ok
14:49:42.0931 0x13b8 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:49:42.0931 0x13b8 WDC_SAM - ok
14:49:43.0056 0x13b8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:49:43.0103 0x13b8 Wdf01000 - ok
14:49:43.0165 0x13b8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:49:43.0165 0x13b8 WdiServiceHost - ok
14:49:43.0181 0x13b8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:49:43.0181 0x13b8 WdiSystemHost - ok
14:49:43.0321 0x13b8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:49:43.0446 0x13b8 WebClient - ok
14:49:43.0524 0x13b8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:49:43.0540 0x13b8 Wecsvc - ok
14:49:43.0680 0x13b8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:49:43.0696 0x13b8 wercplsupport - ok
14:49:44.0164 0x13b8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:49:44.0195 0x13b8 WerSvc - ok
14:49:44.0226 0x13b8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:49:44.0226 0x13b8 WfpLwf - ok
14:49:44.0257 0x13b8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:49:44.0257 0x13b8 WIMMount - ok
14:49:44.0304 0x13b8 WinDefend - ok
14:49:44.0351 0x13b8 WinHttpAutoProxySvc - ok
14:49:44.0491 0x13b8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:49:44.0507 0x13b8 Winmgmt - ok
14:49:44.0834 0x13b8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:49:45.0022 0x13b8 WinRM - ok
14:49:45.0178 0x13b8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:49:45.0178 0x13b8 WinUsb - ok
14:49:45.0287 0x13b8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:49:45.0412 0x13b8 Wlansvc - ok
14:49:45.0708 0x13b8 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:49:45.0817 0x13b8 wlidsvc - ok
14:49:45.0880 0x13b8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:49:45.0880 0x13b8 WmiAcpi - ok
14:49:45.0958 0x13b8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:49:46.0004 0x13b8 wmiApSrv - ok
14:49:46.0051 0x13b8 WMPNetworkSvc - ok
14:49:46.0176 0x13b8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:49:46.0192 0x13b8 WPCSvc - ok
14:49:46.0238 0x13b8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:49:46.0254 0x13b8 WPDBusEnum - ok
14:49:46.0316 0x13b8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:49:46.0316 0x13b8 ws2ifsl - ok
14:49:46.0394 0x13b8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:49:46.0394 0x13b8 wscsvc - ok
14:49:46.0441 0x13b8 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:49:46.0441 0x13b8 WSDPrintDevice - ok
14:49:46.0441 0x13b8 WSearch - ok
14:49:46.0987 0x13b8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
14:49:47.0128 0x13b8 wuauserv - ok
14:49:47.0174 0x13b8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:49:47.0174 0x13b8 WudfPf - ok
14:49:47.0221 0x13b8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:49:47.0252 0x13b8 WUDFRd - ok
14:49:47.0315 0x13b8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:49:47.0330 0x13b8 wudfsvc - ok
14:49:47.0408 0x13b8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:49:47.0408 0x13b8 WwanSvc - ok
14:49:47.0486 0x13b8 ================ Scan global ===============================
14:49:47.0502 0x13b8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:49:47.0549 0x13b8 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
14:49:47.0580 0x13b8 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
14:49:47.0767 0x13b8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:49:47.0892 0x13b8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:49:47.0908 0x13b8 [ Global ] - ok
14:49:47.0908 0x13b8 ================ Scan MBR ==================================
14:49:47.0954 0x13b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:49:48.0485 0x13b8 \Device\Harddisk0\DR0 - ok
14:49:48.0500 0x13b8 ================ Scan VBR ==================================
14:49:48.0563 0x13b8 [ 1E6A19FED4161BDF10C59031CF0A477F ] \Device\Harddisk0\DR0\Partition1
14:49:48.0797 0x13b8 \Device\Harddisk0\DR0\Partition1 - ok
14:49:48.0859 0x13b8 [ D3D4296A381BFECB4BE7FB91202FC554 ] \Device\Harddisk0\DR0\Partition2
14:49:48.0984 0x13b8 \Device\Harddisk0\DR0\Partition2 - ok
14:49:48.0984 0x13b8 ================ Scan generic autorun ======================
14:49:49.0140 0x13b8 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
14:49:49.0156 0x13b8 IAAnotif - ok
14:49:49.0312 0x13b8 [ D8EF04F75950915BDFA7587A22B24C29, F91666BC69E1641E1F65B7135B0CE161FBB12467F3114F217A9724E6C629B105 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
14:49:49.0327 0x13b8 cAudioFilterAgent - ok
14:49:49.0499 0x13b8 [ E64270B5DB7218E60AD62ED0C52E3A09, E9CC0CA9A19868C34EC782FA9F45617DB81C791393BED68EBF8E38BE2C27F8FA ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
14:49:49.0577 0x13b8 Acer ePower Management - ok
14:49:49.0592 0x13b8 NvCplDaemon - ok
14:49:49.0592 0x13b8 SynTPEnh - ok
14:49:49.0670 0x13b8 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
14:49:49.0686 0x13b8 Windows Mobile Device Center - ok
14:49:49.0967 0x13b8 [ 5D6DDC47D96FB9E26FB457E8FCDEC031, D10AADBFCA0848A00C11E9133D823DEED7FDBDE678E13174EFC5B9350AEC01B5 ] C:\Program Files (x86)\Launch Manager\LManager.exe
14:49:50.0014 0x13b8 LManager - ok
14:49:50.0123 0x13b8 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
14:49:50.0123 0x13b8 HP Software Update - ok
14:49:50.0248 0x13b8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:49:50.0341 0x13b8 Sidebar - ok
14:49:50.0466 0x13b8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:49:50.0482 0x13b8 mctadmin - ok
14:49:50.0669 0x13b8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:49:50.0700 0x13b8 Sidebar - ok
14:49:50.0762 0x13b8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:49:50.0762 0x13b8 mctadmin - ok
14:49:50.0918 0x13b8 [ 3A9FA910E679385D3F5647B9B8CF5CA2, DE321EB829E461CF91474C942FEDCC6FA0C20D9674067FE21C6F3DF438F61A4B ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
14:49:50.0965 0x13b8 OfficeSyncProcess - ok
14:49:51.0652 0x13b8 [ FB02263BA280CEF662316EF78D3B9C74, B40E6EF424291E787367AE93A1430C643034D2A3DF68AFBF54819F61DB099AA9 ] C:\Users\PC\AppData\Local\Amazon Music\Amazon Music Helper.exe
14:49:51.0886 0x13b8 Amazon Music - ok
14:49:51.0901 0x13b8 Waiting for KSN requests completion. In queue: 125
14:49:52.0915 0x13b8 Waiting for KSN requests completion. In queue: 125
14:49:53.0929 0x13b8 Waiting for KSN requests completion. In queue: 125
14:49:54.0990 0x13b8 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
14:49:55.0037 0x13b8 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
14:49:57.0517 0x13b8 ============================================================
14:49:57.0517 0x13b8 Scan finished
14:49:57.0517 0x13b8 ============================================================
14:49:57.0533 0x1664 Detected object count: 0
14:49:57.0533 0x1664 Actual detected object count: 0
|
|
12.06.2015, 14:41
| #4 |
| /// TB-Ausbilder | Link in DHL EMail geöffnet Servus, nein, musst du vorerst mal nicht erstellen. Wir beginnen mit ComboFix vom Desktop: Scan mit Combofix
|
|
12.06.2015, 21:13
| #5 |
| | Link in DHL EMail geöffnet Habe alles nach Anweisung gemacht aber bei mir wurde leider keine combofix.txt erzeugt. Ich habe alle Fenster geschlossen und Kaspersky und die Windows Firewall deaktiviert. ComboFix startet ganz normal. Plötzlich verschwindet aber das Fenster und es tut sich gar nichts mehr. Habe es auch schon wiederholt, aber es war wieder das Selbe. Lediglich dieses Verzeichnis ist neu: C:\32788R22FWJFW Klicke ich dies an öffnet sich Laufwerk C: und D: Könnt ihr mir bitte helfen  |
|
12.06.2015, 22:59
| #6 |
| /// TB-Ausbilder | Link in DHL EMail geöffnet Servus, dann machen wir so weiter: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
13.06.2015, 11:34
| #7 |
| | Link in DHL EMail geöffnet Vielen Dank! Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.06.13.01
rootkit: v2015.06.02.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
PC :: PC-PC [administrator]
13.06.2015 11:09:38
mbar-log-2015-06-13 (11-09-38).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 434653
Time elapsed: 1 hour(s), 16 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Delete on reboot. [50e5b2085d2d77bfb827f28e80830ef2]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Delete on reboot. [161febcfdeac75c13c9fe29e32d153ad]
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
13.06.2015, 11:53
| #8 |
| /// TB-Ausbilder | Link in DHL EMail geöffnet Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
13.06.2015, 20:56
| #9 |
| | Link in DHL EMail geöffnet AdwCleaner: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 13/06/2015 um 19:54:25
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-09.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : PC - PC-PC
# Gestarted von : C:\Users\PC\Desktop\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\AnySend
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\DM
Ordner Gelöscht : C:\Program Files\DM
Ordner Gelöscht : C:\Users\PC\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\PC\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\PC\AppData\Local\DownloadManager
Ordner Gelöscht : C:\Users\PC\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\PC\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\PC\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\PC\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\AnySend
Datei Gelöscht : C:\Users\PC\AppData\Local\Temp\Searchqu.ini
Datei Gelöscht : C:\Users\PC\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gelöscht : C:\Users\PC\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\bprotector_extensions.rdf
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKCU\Software\5ced68db238e947
Schlüssel Gelöscht : HKLM\SOFTWARE\5ced68db238e947
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\SimplyGen
Schlüssel Gelöscht : HKLM\SOFTWARE\AnySend
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v38.0.5 (x86 de)
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultthis.engineName", "FreeOnlineRadioPlayerRecorder Customized Web Search");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=3&q={searchTerms}");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "788d6456000000000000001e64282e4d");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.id", "788d6456000000000000001e64282e4d");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15410");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119370&babsrc=NT_ss&mntrId=788d6456000000000000001e64282e4d");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:08:24");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.crossrider.bic", "13601a90f67c55ec3f965cc4158c21b8");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3,{49f3fc85-dcfe-4e42-9301-226ebe658509}:0.6.6,youtube2mp3@mondayx.de:1.0.5,virtualKeyboard[...]
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.engineVerified", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.history", "%22disabledstoriesandpics%22%22disabled%20stories%20and%20pics%22disabled%20stories%20and%20picsCindy%20Schmidtdisabledstoriesandpicsgedichte%20liebeSpr%C3[...]
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.installTime", "1276887305");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.newtab_state", "1");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.previousFFVersion", "3.6.16");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.suggestions", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.uninstStatSent", true);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.uniqueID", "127680686512768068651276887305108");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1303409623);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=");
-\\ Google Chrome v
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [15948 Bytes] - [13/06/2015 19:50:03]
AdwCleaner[S0].txt - [14474 Bytes] - [13/06/2015 19:54:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14534 Bytes] ##########
Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 13.06.2015 Suchlauf-Zeit: 20:20:44 Logdatei: mbamlog.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.13.04 Rootkit Datenbank: v2015.06.02.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: PC Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 422654 Verstrichene Zeit: 50 Min, 22 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 1 PUP.Optional.DataMngr.A, HKU\S-1-5-21-1479719048-131605857-4171494742-501\SOFTWARE\Datamngr, In Quarantäne, [68d0b505642642f412854e050bfa6898], Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 14 Trojan.Agent.AI, C:\Users\PC\AppData\Local\Temp\Quarantine.exe, In Quarantäne, [d4648a3025657fb707f7363730d20cf4], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-1.xml, In Quarantäne, [0f29befcc1c97cba53027a7fbe456a96], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-10.xml, In Quarantäne, [62d60dad652520160550ec0dba493dc3], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-11.xml, In Quarantäne, [ce6a5a60f8929f97fa5bcd2cf3105ba5], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-12.xml, In Quarantäne, [76c2caf0b6d471c565f050a9f01316ea], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-2.xml, In Quarantäne, [33056a5003870531ea6bf6036a99d62a], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-3.xml, In Quarantäne, [78c05e5cd3b7a78f470e847520e318e8], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-4.xml, In Quarantäne, [0434fdbd32588caadd7836c356adcc34], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-5.xml, In Quarantäne, [a29629917416b87e43127e7b80839967], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-6.xml, In Quarantäne, [3cfcd2e8b9d1ad89173ec6334ab957a9], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-7.xml, In Quarantäne, [a29656649befe254ee6753a66c97e51b], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-8.xml, In Quarantäne, [e157eeccdeacef47e4713dbc34cf6898], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-9.xml, In Quarantäne, [b187605acdbdee4892c39e5b6c97cd33], PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin.xml, In Quarantäne, [59dffac0eaa0340292c39069cb3851af], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.4 (06.13.2015:2)
OS: Windows 7 Home Premium x64
Ran by PC on 13.06.2015 at 21:31:37,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\getrighttogo
~~~ FireFox
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.06.2015 at 21:36:48,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by PC (administrator) on PC-PC on 13-06-2015 21:43:19
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [825864 2009-09-24] (Dritek System Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Run: [Amazon Music] => C:\Users\PC\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-19] ()
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_Plugin.exe [927920 2015-06-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\MountPoints2: {20310492-097f-11e2-bc9a-0c6076c73fa1} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\MountPoints2: {203104b0-097f-11e2-bc9a-0c6076c73fa1} - E:\.\Setup.exe AUTORUN=1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-06] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-06] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-06] (Kaspersky Lab ZAO)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-03] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-06] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-03] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-02-27] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1479719048-131605857-4171494742-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\PC\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\google-images.xml [2014-11-01]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\google-maps.xml [2014-11-01]
FF Extension: Cliqz Beta - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\Extensions\cliqz@cliqz.com.xpi [2014-11-02]
FF Extension: YouTube to MP3 - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\Extensions\youtube2mp3@mondayx.de.xpi [2012-03-03]
FF Extension: LinkChecker - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\Extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509}.xpi [2012-03-03]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2015-06-04]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2015-06-04]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-06]
FF HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
S2 gupdate1ca948a3229fde9; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2010-01-13] (Google Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2012-09-28] (Huawei Technologies Co., Ltd.) [File not signed]
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [117248 2012-09-28] (Huawei Technologies Co., Ltd.) [File not signed]
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [121600 2012-09-28] (Huawei Technologies Co., Ltd.) [File not signed]
S3 int15.sys; C:\Windows\System32\OEM\Factory\int15.sys [17952 2008-03-28] (Acer, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-06] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-06] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-13 21:43 - 2015-06-13 21:44 - 00020430 _____ C:\Users\PC\Desktop\FRST.txt
2015-06-13 21:43 - 2015-06-13 21:43 - 00000000 ____D C:\FRST
2015-06-13 21:41 - 2015-06-13 21:41 - 02109952 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-06-13 21:36 - 2015-06-13 21:36 - 00000883 _____ C:\Users\PC\Desktop\JRT.txt
2015-06-13 21:31 - 2015-06-13 21:31 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-13 21:31 - 2015-06-13 21:31 - 00000000 ____D C:\RegBackup
2015-06-13 21:29 - 2015-06-13 21:30 - 02943739 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2015-06-13 21:14 - 2015-06-13 21:14 - 00003540 _____ C:\Users\PC\Desktop\mbam.txt
2015-06-13 20:17 - 2015-06-13 20:17 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-13 20:17 - 2015-06-13 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-06-13 20:17 - 2015-06-13 20:17 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-06-13 20:17 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-13 20:17 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-13 20:10 - 2015-06-13 20:11 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\PC\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-13 19:49 - 2015-06-13 19:56 - 00000000 ____D C:\AdwCleaner
2015-06-13 19:48 - 2015-06-13 19:48 - 02231296 _____ C:\Users\PC\Desktop\AdwCleaner_4.206.exe
2015-06-13 11:09 - 2015-06-13 21:20 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-13 11:09 - 2015-06-13 20:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-13 11:09 - 2015-06-13 19:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-13 11:05 - 2015-06-13 12:26 - 00000000 ____D C:\Users\PC\Desktop\mbar
2015-06-13 11:05 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-13 11:01 - 2015-06-13 11:02 - 16502728 _____ (Malwarebytes Corp.) C:\Users\PC\Desktop\mbar-1.09.1.1004.exe
2015-06-12 22:19 - 2015-06-12 22:19 - 00000000 ___SD C:\ComboFix
2015-06-12 22:19 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-12 22:19 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-12 22:19 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-12 20:22 - 2015-06-12 22:19 - 00000000 ____D C:\Qoobox
2015-06-12 20:22 - 2015-06-12 20:22 - 00000000 ____D C:\Windows\erdnt
2015-06-12 20:18 - 2015-06-12 20:18 - 05628161 ____R (Swearware) C:\Users\PC\Desktop\ComboFix.exe
2015-06-12 15:36 - 2015-06-12 15:36 - 00000000 ____D C:\Users\PC\Desktop\Catlux
2015-06-12 14:47 - 2015-06-12 14:47 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\PC\Desktop\tdsskiller.exe
2015-06-11 19:59 - 2015-06-11 19:59 - 00002648 _____ C:\Users\PC\Desktop\Kaspersky.txt
2015-06-09 22:29 - 2015-06-09 22:29 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-09 22:27 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 22:27 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 22:27 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 22:27 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 22:27 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-09 22:27 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 22:27 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-09 22:27 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-09 22:27 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 22:27 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-09 22:27 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 22:27 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-09 22:27 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-09 22:27 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-09 22:27 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 22:27 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-09 22:27 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 22:27 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-09 22:27 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-09 22:27 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-09 22:27 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 22:27 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 22:27 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 22:27 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 22:27 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 22:27 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-09 22:27 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 22:27 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 22:27 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 22:27 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 22:27 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-09 22:27 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-09 22:27 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-09 22:27 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 22:27 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 22:27 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 22:27 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-09 22:27 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-09 22:27 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-09 22:27 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 22:27 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-09 22:27 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 22:27 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 22:27 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 22:27 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-09 22:27 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-09 22:27 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-09 22:27 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-09 22:27 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-09 22:27 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-09 22:27 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 22:27 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-09 22:27 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-09 22:27 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-09 22:27 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 22:27 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 22:27 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-09 22:27 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 22:27 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 22:27 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 22:27 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 22:27 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-09 22:27 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-09 22:27 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-09 22:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-09 22:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-09 22:27 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-09 22:27 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-09 22:27 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-09 22:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-09 22:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-09 22:27 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-09 22:22 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-09 22:22 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-09 22:22 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-09 22:22 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-09 22:22 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-09 22:22 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-09 22:22 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-09 22:22 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-09 22:22 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-09 22:22 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-09 22:22 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-09 22:22 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-09 22:22 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-09 22:22 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-09 22:22 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-09 22:22 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-09 22:22 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-09 22:22 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-09 22:22 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 22:22 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 22:22 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-09 22:22 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-09 22:22 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-09 22:22 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 22:22 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 22:22 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-06 19:11 - 2015-06-06 19:12 - 00000000 ____D C:\Users\PC\Desktop\Rost
2015-06-04 22:18 - 2015-06-04 23:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 23:03 - 2015-06-01 23:03 - 00000000 ____D C:\Users\PC\AppData\Local\GWX
2015-05-28 22:22 - 2015-05-28 22:22 - 00000000 ____D C:\Users\PC\dwhelper
2015-05-18 23:04 - 2015-05-19 21:25 - 00000000 ____D C:\Users\PC\Desktop\Neuer Ordner (3)
2015-05-15 16:06 - 2015-05-15 16:06 - 00001468 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2015-05-15 16:06 - 2015-05-15 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-05-15 16:05 - 2015-05-15 16:05 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-15 15:56 - 2015-05-15 16:02 - 00000000 ____D C:\Users\PC\Downloads\elster 2014
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-13 21:38 - 2010-01-13 15:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-13 21:30 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-13 21:30 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-13 21:28 - 2013-03-08 23:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-13 21:26 - 2009-07-03 11:04 - 01454834 _____ C:\Windows\WindowsUpdate.log
2015-06-13 21:19 - 2012-09-28 22:05 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-06-13 21:19 - 2009-10-20 02:04 - 01217562 _____ C:\Windows\PFRO.log
2015-06-13 21:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-13 21:19 - 2009-07-14 06:51 - 00479325 _____ C:\Windows\setupact.log
2015-06-13 21:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-06-13 19:54 - 2010-01-16 17:47 - 00000000 ____D C:\ProgramData\ICQ
2015-06-12 19:34 - 2010-01-13 14:02 - 00000000 ____D C:\Users\PC
2015-06-11 20:22 - 2009-07-14 07:13 - 01672220 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 20:22 - 2009-07-03 20:57 - 00722876 _____ C:\Windows\system32\perfh007.dat
2015-06-11 20:22 - 2009-07-03 20:57 - 00158126 _____ C:\Windows\system32\perfc007.dat
2015-06-11 19:49 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 19:49 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-11 19:48 - 2009-07-14 06:45 - 00412016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 19:45 - 2014-12-11 21:55 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 19:45 - 2014-04-30 11:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-11 19:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-09 23:35 - 2009-10-20 01:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-09 23:29 - 2013-08-15 21:27 - 00000000 ____D C:\Windows\system32\MRT
2015-06-09 23:19 - 2010-01-14 10:00 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 23:17 - 2009-07-14 04:34 - 00000545 _____ C:\Windows\win.ini
2015-06-09 22:29 - 2013-03-08 23:15 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 22:29 - 2013-03-08 23:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-09 22:29 - 2011-09-04 22:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-05 13:45 - 2012-05-06 15:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-19 23:33 - 2015-04-06 12:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-19 23:33 - 2015-04-06 12:59 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 23:19 - 2011-12-14 23:55 - 00000000 ____D C:\ProgramData\tmp
2015-05-19 22:37 - 2010-01-23 19:57 - 00000000 ____D C:\ProgramData\hps
2015-05-17 22:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-15 17:21 - 2014-10-11 15:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 16:06 - 2011-02-10 20:36 - 00000000 ____D C:\Users\PC\AppData\Roaming\elsterformular
2015-05-15 16:03 - 2010-01-23 19:05 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2015-05-14 10:52 - 2012-05-14 21:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 10:52 - 2012-05-14 21:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 00:13 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 00:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
==================== Files in the root of some directories =======
2009-10-20 01:31 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2013-12-26 00:06 - 2013-12-26 00:06 - 0038432 _____ () C:\Users\PC\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2010-01-13 16:01 - 2010-01-13 16:01 - 0001248 _____ () C:\Users\PC\AppData\Roaming\unins000.dat
2010-01-13 16:01 - 2010-01-13 16:01 - 0696341 _____ () C:\Users\PC\AppData\Roaming\unins000.exe
2014-06-05 21:36 - 2014-06-29 18:14 - 0000791 _____ () C:\Users\PC\AppData\Local\cookies.ini
2010-07-04 16:33 - 2010-07-04 16:33 - 0000190 _____ () C:\Users\PC\AppData\Local\MyWinLockerInstaller.txt-20100704.log
2013-11-23 23:58 - 2013-11-23 23:58 - 0000419 _____ () C:\Users\PC\AppData\Local\Temp_tmp_.xml
2012-01-15 12:42 - 2012-01-15 12:42 - 0017408 _____ () C:\Users\PC\AppData\Local\WebpageIcons.db
2009-10-20 01:31 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2011-01-25 20:29 - 2012-07-13 18:12 - 0048936 _____ () C:\ProgramData\hpzinstall.log
2011-08-06 21:45 - 2013-07-20 21:55 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\installhelper.dll
C:\Users\PC\AppData\Local\Temp\ose00000.exe
C:\Users\PC\AppData\Local\Temp\sqlite3.dll
C:\Users\PC\AppData\Local\Temp\SRAssetsHelper.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-29 23:26
==================== End of log ============================
|
|
13.06.2015, 20:57
| #10 |
| | Link in DHL EMail geöffnet Addition: [CODE] Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by PC at 2015-06-13 21:45:41
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1479719048-131605857-4171494742-500 - Administrator - Disabled)
Gast (S-1-5-21-1479719048-131605857-4171494742-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1479719048-131605857-4171494742-1007 - Limited - Enabled)
PC (S-1-5-21-1479719048-131605857-4171494742-1003 - Administrator - Enabled) => C:\Users\PC
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Crystal Eye webcam Ver:1.1.103.803 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.103.803 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.01.0805 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe PhotoDeluxe Home Edition 4.0 (HKLM-x32\...\Adobe PhotoDeluxe Home Edition 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
Amazon Music (HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Artisteer 3 (HKLM-x32\...\Artisteer 3) (Version: 3.0 - Extensoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
B110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant)
DATA BECKER 3D Traumwohnungs-Designer 11 (HKLM-x32\...\3D Traumwohnungs-Designer 11_is1) (Version: 1.3.533.0 - DATA BECKER GmbH & Co. KG)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
E.M. Total Video Player 1.31 (HKLM-x32\...\E.M. Total Video Player 1.31_is1) (Version: - EffectMatrix Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150424 - Landesfinanzdirektion Thüringen)
ElsterFormular 2007/2008 (HKLM-x32\...\{5BA43E5C-66FD-48D2-AB40-B807D457EF83}) (Version: 9.6.2.0 NE - Steuerverwaltung des Bundes und der Länder)
ElsterFormular 2008/2009 (HKLM-x32\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.3.0.0 - Steuerverwaltung des Bundes und der Länder)
E-Mail Converter (HKLM-x32\...\E-Mail Converter_is1) (Version: Aktuelle Version - IN MEDIA KG)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreeCommander 2009.02 (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Earth (HKLM-x32\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google Update Helper (x32 Version: 1.3.21.135 - Google Inc.) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 17.0.14 - )
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
InterVideo WinDVD 8 (HKLM-x32\...\InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}) (Version: 8.5.10.39 - InterVideo Inc.)
InterVideo WinDVD 8 (x32 Version: 8.5.10.39 - InterVideo Inc.) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kazoo Player (HKLM-x32\...\Kazoo Player) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
meinHausplaner (HKLM-x32\...\meinHausplaner) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F90F5A11-53E6-4045-ACB1-BC03D71FB06C}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{F68310EC-B615-4044-B7D7-1A6349758D42}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird (3.1.9) (HKLM-x32\...\Mozilla Thunderbird (3.1.9)) (Version: 3.1.9 (de) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sigel Label- und Barcode Software (HKLM-x32\...\Sigel Label- und Barcode Software) (Version: - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.0.3 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55a - Ghisler Software GmbH)
UBitMenü (HKLM-x32\...\{CBCFD97D-FE82-43F4-A978-996CACF71E6B}_is1) (Version: 01.02 - UBit Schweiz AG)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.4035.00 - Microsoft Corporation)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
13-05-2015 23:06:26 Windows Update
14-05-2015 00:10:34 Windows Update
15-05-2015 16:04:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
19-05-2015 20:59:46 Windows Update
19-05-2015 23:32:02 Windows Update
26-05-2015 21:48:51 Windows Update
29-05-2015 22:35:22 Windows Update
02-06-2015 20:21:45 Windows Update
07-06-2015 21:29:23 Windows Update
09-06-2015 23:16:01 Windows Update
13-06-2015 12:25:30 Malwarebytes Anti-Rootkit Restore Point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E0AFFE4-C208-4A9A-A644-45BD96FD9671} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {19983611-E8FB-4982-BB26-8DB03B255AC1} - System32\Tasks\{063058C6-111A-4CC4-9F18-4B8FF36C975B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {289985F9-269E-4B2C-8ADA-C905348C7451} - System32\Tasks\{860104DB-DCB9-4E02-9909-95814746620D} => pcalua.exe -a "C:\Users\PC\Downloads\FritzBox AddOnIE\FRITZ!BoxAddOnIE64_German.exe" -d "C:\Users\PC\Downloads\FritzBox AddOnIE"
Task: {28AB7621-26C5-4A29-960B-BADC56195383} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13] (Google Inc.)
Task: {2907B909-DFB5-4D77-9CC6-8B5E4A76897B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {2B6376E9-D289-4C00-8DB0-656335358DFF} - System32\Tasks\{7D6857E9-C924-48F5-AA0D-CA4C3394A0F8} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.259&LastError=404
Task: {2BA21982-14E1-403B-B72A-7756DA4AEDDC} - System32\Tasks\{C865003F-8330-4599-BDB9-FA2A3162F171} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.169.259/de/abandoninstall?page=tsChrome&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {2C78FF84-0CD1-44CD-B1CC-E5C2CD8F2007} - System32\Tasks\{BC284986-033D-481A-AC09-342D34B29383} => Firefox.exe hxxp://ui.skype.com/ui/0/6.13.0.104/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {2F3F38E8-4B85-4215-96C9-384D3AA74C05} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {318B17AB-3702-419D-A524-EA3851CC42F9} - System32\Tasks\{E56FDD51-70D8-4F9B-B236-96EC15628958} => pcalua.exe -a "C:\tools\Flash Player 10 für Internet Explorer\install_flash_player_10_active_x.exe" -d "C:\tools\Flash Player 10 für Internet Explorer"
Task: {39467EA1-CE76-4401-B7C5-9F2FA9C8EA78} - System32\Tasks\{70B508FD-1C40-407C-8A5A-F60D5C1B38E9} => pcalua.exe -a "C:\Users\PC\Downloads\Flash Player 10 für Internet Explorer\install_flash_player_10_active_x.exe" -d "C:\Users\PC\Downloads\Flash Player 10 für Internet Explorer"
Task: {562A3F12-DCAF-45C8-93CF-631A0CB45AEA} - System32\Tasks\{5082D307-1FD5-48A7-A2CC-369A8159FDBD} => pcalua.exe -a "C:\Users\PC\Downloads\Flash Player 10 für Internet Explorer\install_flash_player_10_active_x.exe" -d "C:\Users\PC\Downloads\Flash Player 10 für Internet Explorer"
Task: {5FD1BEE8-3960-400C-8AAF-FFC6190EDD57} - System32\Tasks\{04044573-9737-4402-B202-9D79E9C72200} => pcalua.exe -a "C:\Users\PC\Downloads\FritzBox AddOnIE\FRITZ!BoxAddOnIE_German.exe" -d "C:\Users\PC\Downloads\FritzBox AddOnIE"
Task: {643C8DDC-B4FB-4DFC-86C8-2A2E1D888528} - System32\Tasks\{ED751AF1-EDF6-4B9A-BBA9-8752877A6154} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {6E3D1A64-F320-49E2-B7C5-3351E4DC018D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {76346FDE-FB23-46B5-ADF4-ACD54AC4D116} - System32\Tasks\{81944B34-CC6A-486C-8DA7-F7CAC155E311} => pcalua.exe -a C:\tools\irfan425\irfanview_plugins_425_setup.exe -d C:\tools\irfan425
Task: {768204F9-4ED1-48C1-95A9-52B64A97FE45} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {7C110542-1DF5-45D7-8140-F1649D43300B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {9CFA8EF0-C86C-40BE-9D5F-EA8AE1281609} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C2E61DFF-75A5-4476-BA5F-CC01B00FFC29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13] (Google Inc.)
Task: {CD932EC3-DFE5-4737-B5F5-713F332274E9} - System32\Tasks\Amazon Music Helper => C:\Users\PC\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-11-19] ()
Task: {CDE89A2E-3AB2-42ED-B76A-A2E017DB13FD} - System32\Tasks\{3505D1A0-1672-4489-9CEF-4E99FF50E372} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {E1B70122-3EB0-463B-B597-760BCF56C3D2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {EC984472-3EA6-49BD-9F04-328BC20F0615} - System32\Tasks\{49211F33-3DEC-480D-8735-8C50FAAA28A7} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.259&LastError=404
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-11-05 15:17 - 2006-02-23 13:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: EPSON Stylus DX4200 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.EXE /F "C:\Windows\TEMP\E_S7D78.tmp" /EF "HKLM"
MSCONFIG\startupreg: KiesHelper => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: MSN Toolbar => "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{12BEB1D0-ECE1-4E17-B95B-BD497DD4EA91}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{A0D45E68-920E-4B31-8823-0AEA78D157A2}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{9DD26D3B-6B3C-44E1-AE53-07914330CA57}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{BD0B6D3F-D83A-4FF4-A3D4-F6A5014F5BAE}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{40EB7E13-0771-48B0-8F0E-148FCA217F13}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{4A1E1A32-091C-4901-80DB-E7BC37696649}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{162D3B8D-8786-4C7B-97CD-C4C5650F4A4E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{63D976C7-C8E2-4439-8F92-076D09253EB7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F48BE481-C243-4A7F-A9BC-33729FB29F85}] => (Allow) svchost.exe
FirewallRules: [{E43DF28D-D4C9-43F8-A456-DA2DF2934EFA}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{27CBBF37-BF8B-47BB-BBA6-F5930225DA4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EAA3F048-204D-4C6E-9EEC-7377A2CC6710}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{DBAEE3DB-28AB-41A2-A034-FB9BA8C7E9DB}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{2EC2E196-3427-4076-9F0E-5A6DA70E2CD4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F5DDBEBF-F03F-452F-903A-8C4FC55ADD11}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1068DFDB-1809-4233-8277-C8C65BCF79A5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{919B9E8C-6DAB-42FD-9B2D-0599EDA9080F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7A9D2263-9054-4A0A-80EC-CCF27D2BEA78}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{84B74553-D39F-4511-87EB-B61C7C76BAA8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E0CC068D-5ABC-4D7F-B013-4063877087FE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5728C7B3-8F33-4933-BF42-7ACA634C970E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B53AF3CD-AC4F-441D-8E42-3CC7F79A215C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{095F0FBA-49E2-494D-B454-6E60433EDA70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{29419808-2CCB-4906-A9B8-2F03DBF5E015}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C14D3A98-1DEE-479E-84E6-C803B8E9765C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F5F81AAA-0A57-494D-9434-AE43C345AB26}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5542F390-8998-498A-9A9E-0BFD4B9B48DE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AB5B72D1-5C1D-4B40-9E6A-562FA9225305}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D092748-4ADB-41A1-9B8E-680B5E1F9BB1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A3373EF1-7566-4628-899B-85279EE1F803}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E7E19204-FBE2-448A-8C86-71328DED554E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DFB04F3F-44B5-4880-8B57-C71D76898A57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{196E60F6-78B8-4B1F-B97D-4522FDEAB08B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{03DA7D71-F050-433B-A0F7-EF7C6835C77C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{41D58664-0FB8-420A-8D5C-1B3EC90A6981}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1E5D1B34-3FB7-42CB-9260-17D58F976ACA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{79F38D2C-22BD-489F-9C88-C9140597E46E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{301F5078-A1E8-4A76-B952-CA37EC98D815}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D814719-E7CB-4137-876F-4B03A8191FEB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DE68D252-3A90-4613-A090-AAA03B4117F8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38A9B811-AC28-4B51-A2AB-C6C50B222977}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{46A19B96-D765-4910-9069-9B8BD24E5B5A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7B112712-BF1F-4809-955A-85CDF9EAAB31}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77697968-28AC-4BC0-A5F1-5CA3BA1DCE28}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8F308D8C-64DC-45BE-80D1-5BD23DE4FC00}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2AFF2BC-E540-4A2A-BA0D-55C5EA8EC32E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38607E62-0C50-4EB8-9387-4FE61D13E7DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{26503111-8334-4BC3-A9C2-0781CA8D5E8D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4A4D696D-87A8-4015-B67D-A0E8F75008B1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8DDEED12-AE6C-4AFF-98D1-3C6BDBF7C816}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6506EA6C-BD8C-43A2-A69C-FE7F2C4C9D2C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{82C692E7-5618-4A15-BC1D-EB89F061D183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{64CECF3D-E9EB-40D6-9F1D-568081685BF7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{42792DE7-F2F5-434E-B200-1E8832E3E4AF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF2F437A-3CAE-4FDF-B331-7028F98CCB20}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4A9DD7B8-2150-4F47-9372-0257149E5505}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2816852-FE44-4108-B46C-9A1C3BBD4EBF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{193BBF6B-9EB9-4935-AC8F-765189AA814C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C1B9FAEC-46C7-496D-B938-312F841FF40D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6886EFC7-EB17-4AE8-B3CF-179A476BCF52}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{87386383-6D8E-409B-A757-4A72F59D4D1C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4053C631-61B6-40D5-B540-E0A442C334FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8F22D525-537D-4E7A-BE9A-ABAECD94496B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC2773AD-5007-4D38-98C4-6A742797FEB3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4B25C925-7367-411A-84B8-5EE85F1373AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F502B13F-373A-459B-8EDF-34ABE9072E77}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{009928F1-F8D1-48A2-8F07-6E1E638CDA69}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3B06093-BF80-457C-890C-2973BD7B2931}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7CA46945-4913-4E11-9273-BBC5E796801A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CE7E7A5A-77DC-4387-9CEB-EE5B2FDD17D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AF6309A5-3D3A-4293-B475-32240D149787}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{35997724-0175-4A20-B3B4-06B14B310BE3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{95F896D5-4C3E-49A4-81D6-A3B93D2C9F9A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FBAFF7C5-321C-4756-8928-676C08AF7EC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3121CCB1-4ACA-43BD-B000-5A00B0C4E62A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C21CC71B-79AF-4909-96C1-B9838AF934C7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7889BF13-03E6-4320-8944-59EB176B703A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EC139703-9D7B-40F0-91F1-82FF6A1DE42C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3FD6DF1C-34BD-4B0C-8297-6FAE174DFA6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A68DB04-CEEA-492C-B1C8-FF98363390CC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99D974CB-907B-4E8C-A81A-D1A0D4CE4170}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{318B7BA8-1D53-49FA-82D6-4320E44CEC0E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8EEC869F-745E-4211-9D14-492103673E31}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC719A8B-9D64-4741-9C07-7A5CB1ACE1A1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{75AE26A3-2EE4-4C81-BF80-F90608FD67E3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{37C24B44-2043-44D0-92D0-9BE25E6750C3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1898C5CE-6349-456B-BB9C-F99B49BE4B4F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{44E3BAAC-4E5F-4043-ABD7-DB1032EC31B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0FAD7496-EA05-4053-822B-ADC9CA820D43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C84551DB-5A48-44AF-924A-223DA1F5E956}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BD0474B7-A0A4-4C5A-9E5C-AB146DF1CAAB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{06E5344C-9375-44E9-B10E-45CDA1610792}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6E1ADC7A-0842-462B-8396-BC5AFFE61DEC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{90C72181-DD30-45E6-805D-FC7FA55D5A74}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8AF181D2-C417-4D3E-AA88-4233C074EDE2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{92B926E8-9FD7-4D19-9D38-C63CFFF419CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{638718D0-6D22-4EC4-AF0A-E014DFDF434D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E27E7AD2-08C8-460F-BBC4-B69B6E6D5DDE}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{46CD65C6-4925-4BB1-A646-844CD029DB0C}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{2A779942-2CD6-48A8-9F9C-DBFCC64232D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2342D53D-14FB-4754-850A-6DF9E49823AC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE5CE5AF-9277-408D-BA93-036FB4E1C6DF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A59B8AF8-B23C-4603-893F-8DD138E3A65F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0ECF5F50-9D30-41C6-B40D-862C6E3DF8CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15675BC3-8B19-4D22-A72D-C6D91ADE8DC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{46B6CA2A-AF64-43B0-875A-08D3196854E1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6C52F3FB-C7E2-4166-97DC-782BB9346F23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{87C61F2C-236F-4ED5-AEEC-7B700CC74F63}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E0623B57-D7E6-4C71-B07F-0E42B0F184D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DFA92C71-A10F-4490-8AA9-BF208B7380E3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{05D0C3D7-8617-4145-AAA3-6E4D8DBF8C98}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{17D0CE0E-82A8-44DD-AB43-34883B9D854F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE991037-1151-41AB-BB64-0F2661547E6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DC18BA2A-1BCE-4BD3-89DC-A4043696C781}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{990801D1-5909-44D9-B26A-11FE53369487}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{183E86C0-CA20-474E-BE9A-80EFF8271318}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B9E3D4B2-CDE9-44C2-80D7-36F296622BA2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EA0FA95D-446B-4994-B169-3394CEBD15CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F0A3BB6A-B6DF-4055-8C6C-9652DB2952FF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA80CA2E-3A69-40BE-B37A-BD9AE2F9987B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F88A3FDD-CE82-4102-9A90-F96C3D56471F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68D5D38A-4189-4777-BED6-64A1D8EC5F6B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4FEEE99A-18F9-4EE6-ADD7-99A24E36F782}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F3C9506C-7B6B-4ABE-BECC-A6AFEC2754CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{14522F16-5860-41D9-AEB9-C69A96CEFC44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CCEAEDDF-6B9F-4C94-87A2-752DE53A927B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{548A8AD6-AB51-4E0B-B571-3D0EAABCA024}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F768AA16-9F9A-4140-A497-0A61653574B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B94484D8-A839-40AD-BC1A-9AEC603A93E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2EAF8A97-77D6-41E2-8C99-68EBF957424D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3E65343A-35F5-46BB-8748-9911D94FAA3B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7B087728-87F3-4CBC-BDEA-7C1BAA815E74}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B5D4E8A0-F8E1-43EC-8903-3721F1242955}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1D5046F9-34FF-4724-A6D4-CC156A5FC2D1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{04707707-3834-4E09-A2FD-38FABBF23C33}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{61C0A4F3-11CC-4942-9276-5B651B5D1F15}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{46700A09-C448-4849-BA1D-E89C92821845}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E72F33A6-44D4-4856-A24C-5A6DBD78237A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D12BDDCB-E33B-4BA4-BF9F-D2A25380671E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{66CC506E-5BD3-4A0D-A2FD-B7BEBBEA3EFA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D7D5DB8F-37A0-45CA-B3D6-1D92BD522BAA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2A6AFB6C-1C2C-414F-A278-B041F0C2ABF9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C21DBF39-52F0-4A32-9999-DC429341A768}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{945BC3AF-32C1-49B2-A621-0E893FB48775}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2CEBF25E-C509-4403-AA2E-A6C2FB40B897}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3CFA417-2491-4694-9290-DE16B19AEFAF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B03C8D03-8F7D-4345-AF95-ED16408A3D3F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4DAA3D05-2EF2-4DDE-94B3-004B21A1DE53}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A5B89811-F923-46B7-B039-3841FCFB718D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A155D376-569D-441B-A08D-9BA6BB8529B6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{10929B58-05B1-4425-8B0A-8DD47BE2781D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1D4A008F-9241-409A-9E4D-0ADF8548A634}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9488A082-F64C-4888-8B40-13BAE61FF33B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FFAC6328-072E-4180-89E8-CD1BB1790AD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3CB55B78-FFEF-44B9-AA82-68794E9E94FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2B882DDD-DA9F-40CD-971D-B343CB0A692F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C958701E-1FC8-4BD6-838D-765558F8A725}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4C371F4E-B666-4C89-8B3D-3A5792C01621}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A156123-C1ED-4490-B982-650CD476B96B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CF10E279-788C-4461-8892-FE96259E49BB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38DB6A1E-3602-40D3-9CD9-C28EDADD8E73}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{44A5C546-33BB-4E75-8CCA-9F84446D96C0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{381DC243-07D3-47DA-B558-51ACD9B0BBE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B70C71E2-179D-4029-82A5-69C640CF5513}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{71545352-A5F4-41A3-8C8B-BC5976679A1A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E24FBE85-3C57-4D7A-B07D-520084A7EAB8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{07174E7B-8D0A-4C1C-9862-BF0B18467DEF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EF653CBA-232F-4591-BF1A-9293E8FAD8CD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6A39AEFB-CA1E-4245-8071-2B385A9805EE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ED254819-41BC-4144-996C-267BA002A0B8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51C6F3F0-8C4A-49B3-B6D9-EB0F6C48DDB7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15533900-1C71-4A3A-BC2B-67311F945A02}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{07A922CB-76E7-487B-9F72-AE07D968BE71}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA77A067-92F8-48BF-8EAF-5DA20FEF5D5C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{610A4D76-1485-4569-A64C-2BCE852405B6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{08045040-47DC-4493-969E-E9FE7AE030EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6CD0EEE-431C-4DBC-95DC-EFEBBE396E43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3F04EB10-AE67-48CF-97B2-C22B74B36963}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD198748-1798-41C0-97BB-59C1FED067D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{78E85CFE-8892-4FB7-A729-B1E0D6BF2492}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5CD07E69-5D85-4E3A-B62E-17C02DC0FC2C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1EEE62C6-DF21-45F3-9585-9A823E992CF3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1540A20-5AE3-46F7-8D54-BA288A32EB24}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CD6E53E2-174B-4726-AA47-8E662FE582D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{160AFB89-5FE5-4E6A-A81E-BD2C59F66975}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{427BEEA2-F14D-4960-9B4F-6BDF6DABE216}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51FABD5D-0621-4AE5-ACE5-170D1A93667D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{55C0E8CE-7CBE-4B8A-8884-806FAEC70EFF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5A1CC96A-7D17-404C-A43B-F8DA10B85014}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88838A7F-A97F-4263-8E50-D3CC198DA392}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D70902BC-9220-4085-9B7A-071AFAA568E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F7145A7A-20E0-43B7-9BEC-68BAF021E970}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0169301E-154A-4DEB-9CB0-6EDD48A65615}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{37C912B8-5E02-4002-9082-94A5A5C9683C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5CA4B26C-39B4-4877-962E-69BD90A5B49F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{569FD5C4-DE2C-40A2-A2C3-4D77878F67D5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C9D62A89-F5E8-422F-9CED-4C051386D7FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CEA95D26-2A4E-4EAC-9ED6-6A94FFFFA1B5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A5C8F87E-FF3B-4A09-8E15-9D955FF5EB82}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1CF5B56-763B-4AC0-AB67-E37A8F20BC0F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{918B7E3C-F5C1-4F4B-8924-0F7F9F760739}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{03DE9711-A16B-4B11-B3EA-183331546B9F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC613E0A-2184-4020-A2EA-640B1E5B97B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{626E8EAB-D9E5-444D-8600-87F29A61C80E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{70442AD6-26A6-4E80-89AC-49E867C08A58}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C72C0B07-CE9D-4AAD-98F2-8BB3BB98FC79}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1505371D-8AF0-4E94-90D2-1FA4CD5C4560}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C992A5A5-F8EF-4642-B07C-F500A2295910}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{45CB0276-9B12-45E9-A115-E799B3F5E48E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A3783B84-0FCD-493A-946F-69D99143E881}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A28AFEF2-BA0A-4F08-986B-7B842800E809}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77937625-A8B9-4CE7-982A-043A7DA68D64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{45964C38-FB0F-4D1B-93C2-E0D108321D9F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{471F895D-0594-4C86-B8C3-A946EADB10DC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{22C5CAC0-31C5-41E4-BAE3-B4A213C85540}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A7CDA54-1CD4-4C61-8037-588D47D1991C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CB7F3875-DEBE-4E46-99BE-C34D2000625A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4ACA93F4-6F4E-4BE8-ACE0-F7119B09F278}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{50093EE2-465B-4051-BD04-39FA48362C81}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F192EBC0-8C27-4DDB-B493-4DD911FC0931}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{85E1F9DD-6717-43EC-AB05-D7EB7D7F151F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F8DCD78A-AE8F-4434-9E91-2FDA923C1FCA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FE90B1FA-EAFB-4918-AA00-8522D85D39FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AB264691-EF38-421B-8E22-B18CA4E04E26}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7887F4BC-C015-422C-A254-4B845C73A8B1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C1B66038-8977-4A22-83A5-B9D0652C110D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B14AA264-47E3-487E-9A83-1F41E870BD28}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1A040149-248D-4A55-BDB5-3F714A8D38F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FE8395A7-F23A-44FC-AC1E-B70DDCFE3858}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51C50A3E-DE0F-4C3F-97B4-B2652A085B71}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1A33AD71-1B1E-41F6-8E1A-BEE3787BA432}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E243457C-D4EC-42B9-8EB0-093BF38DFF55}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{352827E3-AD3B-4E51-9214-A7367FE75CAD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{892B63AC-08CA-4D2F-9555-D00C3AD13FAF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{60582639-70AD-4B68-8967-3A1E25F717CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EA9E0E28-0BF3-4B73-A1F9-CCA4AC1CEA0A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EFF69D3D-C84A-47CA-9FBA-5F9648A36820}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D40D62D0-DA30-4EED-A758-6B5317186E29}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DD72C947-C877-4C42-A4D0-78EC1355FF05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6912DB40-28B4-4418-9427-7D31EC0D375C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{954F6603-BE60-4582-BDD4-E268F07158A6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FF780208-1F85-4E51-9308-27BB4D48B1D0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CC5BDD9E-11D5-41B6-8C01-DD6CEFF8B209}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{431920C5-961B-4B04-89D8-281C4CA08C7E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{250C0131-F229-4F00-AD7A-5424E88BCF57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0E490921-40BE-40E0-ABD9-B43C08E0D285}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{82A522C8-95CC-48F6-B2C0-F63FAF538E3C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{72CE2367-7143-40CB-B4E8-CE3331850DAB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2E87BDF8-7C26-46D0-8D99-DB9A8CA7CAE7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5E9DD8DC-D168-4A9D-9ACA-CCB59D6F730D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7CE2BF5C-A89E-4B22-984F-93000AFEEE91}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A5404C8B-12B0-40CC-B43C-68FA5BA50B43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2C2ADEC8-6834-4647-AA05-AFE90F44CF12}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D932C8FF-B250-41A7-9440-83F90196A721}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{43912C7C-3F60-4E0D-81A7-53812F26C1AF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4F9A5FC9-7E09-4A41-9957-2F753145EA90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{32DADA4D-ADEE-4260-87BB-5C185726477F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A0D8A4AB-3A43-4023-9AD8-8EA73F5EE1B8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B08962BB-455F-4776-B127-3B0D6CEBB186}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9537A5D9-563C-4224-931B-CCF4404C0B7E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FCF5EDB6-95E2-413B-9489-E8299466C58C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{98B656B2-534D-4F9C-9BFB-C8315491C094}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5DB503DD-9A9F-4F5F-B89B-4674F99DAEC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A079EF3C-BA4A-4974-81AC-FE5E73891A23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{16BA3296-37E7-4706-AC2C-626CF1D61E12}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7ACC457F-3877-4F48-BC5B-C4DF6D31D05F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80A01AC5-C72E-4B79-9591-E5F80E9257D1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{782BC28C-9CC5-4F76-94F6-5DC2238859A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99394A18-0E17-4E13-B6CC-7BBD5948D289}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C50EFAB9-D632-463F-940D-F4BE7D4F630F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AEBAD9F1-F57B-4D0B-999F-1ABE2457D08F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1C77BE97-C87F-4DEE-B986-5CE4B901B8AC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0C2AC2D7-E591-4AE8-AB72-0FB93A069369}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA40B17F-2404-482E-B754-74894ACAF66E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7B5D4082-3DFC-4741-B32F-43A37F821D05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A1A508F7-C265-4648-A834-9D7B0844952B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E61D2620-852B-4BD8-9BDD-D6C6F2DA515F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6E679F0-0967-4DF2-82E2-3692213AFB10}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E428714C-ADBA-455F-A08C-93622F8A90C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6695476B-FF6D-4373-A726-8C15254BE69E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{16698491-09DF-4D9B-8CA5-4117773BD18C}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{88567A19-0A26-41CE-A645-939C522E3B35}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{C508DEF5-851B-4979-B2F3-A92C5438F152}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{E6A61B73-34E9-401E-83F2-A8FB0469D718}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{82AF5813-3600-458A-9D92-15B9738810E6}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{7CC269A2-3857-49CD-A999-6058BCD0A93B}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{FF6270F3-7883-4387-B0E4-4DBED0F190FB}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{D6A58A80-3BD6-44DF-9ED5-1F952D5FD727}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{E5B64D22-A9F2-40CB-A0AC-3ACCB0CB5DA7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77891623-8E9F-4947-8CE2-BE73396E1402}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B0DE9B57-5FCF-44B8-8849-E60012795A0D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CBE0BDA9-36B4-4C97-A699-D7A424929BED}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{979E4717-9971-43D8-AED1-DDCE0C1D519F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E9D95CEA-E906-4C29-B7ED-597D9F0BEF64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F34DDE6E-5E08-4164-AB55-3C964F8C3761}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D631721-761C-47C4-9B47-69B5714E7D76}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EC65ACAF-9456-41FA-963C-CB885798EF22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B81E948B-9668-499F-A114-E301E3CC4704}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1C00E5D-80CB-4C93-B530-2CA53D3D06CC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3138DE5-B15D-4001-BE4F-A4C1027927E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E463B993-2D16-4C7C-842E-225F3A5E5C9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2512611D-101D-4B38-8056-961D9C03FDBC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C37A0FA0-D6E0-426E-BBB0-A097A2A3F77C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A331A79E-EEAD-415E-BD18-C2FCBA4DDD05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{343E8DAF-AA59-46C7-8293-A3720680D2CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F37D0715-AF37-4497-AA62-4378527F3D80}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A8D5F8A0-93AB-4A06-AE8E-DE716E3FAAE4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{43220D06-0BEE-43A6-BE5C-51A755797F50}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B32AD525-E171-41C3-A00D-786362EB9DCE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FCEABE2C-69FC-486E-9BCC-8FA49AD44F31}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EF80455F-E269-47B7-A4EF-04F8A4DA5182}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2582710-8D62-44F9-B5EE-782F382ED93B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{11F29B9B-C822-42E7-8F8C-24FC44B48177}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99B3709D-02CE-4BB0-A757-354A77622BA1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C12E3A86-4230-4AFB-AE98-3AE687F27EB6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DEE6B565-8008-4920-A430-150F1D973EE8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6305F5CE-BF18-40F0-A3EC-62E2A8026CB0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{24685DCC-C400-4D0A-94DC-85FF9E77BD7B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0B52CA18-B3A3-4E34-860C-4DEE2D2577AB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC9D1043-41D4-4381-9ABA-15B877F77012}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A3B73198-735A-48E5-9BA5-20C920F49847}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5BB2E5CD-F25A-4981-9901-D59D7229558A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6A2BEEAC-6804-4EE0-BB5D-8D98A8B3C6B3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8749806A-7802-4803-99FD-DBD628AD02AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5B1A480B-38CC-4450-8359-5A2B434BD559}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{39D647CA-EDAE-4320-9548-19F2019B0473}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE76FE5B-132D-46DA-8EE2-051B4A212146}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{03299863-AFA8-4549-9948-3015C0B28C9F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DCBCC28F-5B7B-4DB0-9E1A-64EDA48EA9FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5FD0CB21-5A05-4481-925C-424775081FB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FA78A158-3E5D-4484-88F4-5B25859170D4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80A3429C-9B49-434B-B119-B6CBB8EDC3B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A8E940A8-9F84-49A4-8D5D-9E90360E230A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1614248F-7D14-4B96-9CA0-EBA2159AC2C6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3B5CC481-6C1A-4F79-9302-BB0475C2A532}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2DEA09BB-F9D0-4E0F-9E3A-24C92EDF58FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CEB3F7E9-D585-4BEB-BF7B-999F87B93019}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EFB5A6D0-0735-461C-8238-02C91B73C3F8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7A35AEED-22F0-4092-A408-1B2C7895D898}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1CC62C45-2787-4E0E-8C47-A04FE24F78F0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C7013482-1DDD-4B4B-9DA4-5F1F6C1889E7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1F9C4E34-69E2-4127-A45F-AFDCEC23F470}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6CF6F7F1-64B6-4A97-A7E5-784C53A7FB05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A15DC90E-07E0-45C3-AE6B-B230D0C305E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{808084DE-3F94-4618-B112-E238B2D4E491}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{822B0A40-43A3-452D-AF60-CAA15008BB8B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{75F818B5-D2AB-4578-8515-C01B9C36625B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D39B7E59-769E-4725-8EF7-66E7B77C14EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0F29C555-DBDA-448A-AEFF-41B0FB383F95}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1961F137-CCA0-4D32-886F-EF73B5EB3A66}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{12220510-74DA-4D6D-A937-3FFEE2917C5E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F421E7EC-88FD-446C-8200-F41EDF804E60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EC6EDAC5-3B69-4CAF-B9B2-FED491FF9E1B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E6C7396A-2A1A-4B7E-B77C-52168E0CE107}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C1B13EF0-D4E7-446A-8E3C-56183CE53FD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6E2C8D06-ABC8-414A-9157-987C185AC9E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F08C1BC8-AC63-4A56-BB0F-58B0F3B354E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{081B871E-094B-40A6-971E-7DA4B4B9F7F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0EBD4DFF-5078-4596-9DBD-4B6196FA4F04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CA7AA867-A229-4C51-B492-57D514776321}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2547391-7E31-4809-8C73-7FC19ED5DD70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{73EC3E4A-DE5D-4C9A-AAEA-39A732BD1F36}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5ABF27FD-AE8C-413D-8693-F2B11876CB00}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{96F4DFB1-8C96-4479-83B4-CA677C8111F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{431835E6-2D4E-47BD-9B76-B7C88EE19C49}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{383EAB16-CAEB-4E63-A3A7-46BE2EE72B9A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2CE2870D-570D-459C-AAE4-446EAA9635EC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{70127D56-F171-4574-92B4-2E6B3B65C6B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80FEA712-860D-47A7-BA7A-57377FDFB31C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A68EB7FC-19B9-4E85-906A-9FEB25F24D49}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF6B6BFA-F064-4669-B79E-EE517BFB5A47}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2DDF8F7D-61C3-4C83-9851-F9DC761569D8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{97F41099-EC38-4234-B094-A3C72FCC8FDC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{211474F0-63F8-45FC-83E2-5C2714E38424}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9BC62EF0-6F70-46AD-A007-6BB9423013A6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5583DA7C-4A20-46B3-BEF8-435B240FB63A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC3E27D9-DA01-498D-A674-C27124338AAC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ACB0962C-27F6-4E33-8E26-C94B8F7F2423}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DC47306C-0506-4BB7-88E4-D3DF75947BAA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4B3E4FB5-F756-43EB-8753-136E6342DDFB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EF743711-DA09-443B-B0D4-639152A607CF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE66E717-C8C0-4A4D-B1A0-47D663B9985E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA2329B2-B7E5-4AAD-BD3B-450E32825A3D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{024B0FE8-2AFC-4A1C-92EF-310818422F14}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{82C3AFE3-4B08-4B94-922C-CF76C7BB30F1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{020BC366-B573-482A-B748-458B03BC08DC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{12EC03C2-4A50-45F5-82F6-F89811BFF21A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7C1B6606-9126-4118-B765-4B8173A85DA0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4237B4C9-A84B-476F-B8C1-460608FBE3C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7FBC87A3-D18B-4327-B8F1-1AFB22209C54}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{180A7347-5EA0-4339-9B6C-7BA4C9E4B5AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8976C555-6B39-44E2-9DBA-6B16C75B81A2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D71F374-52F3-41CC-A8C6-12F1A9FE91A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{75D23826-DA5E-4E64-A1CF-E0A334915AE7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{97EA556A-7347-4121-B554-9821664911B5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2241C045-BA7D-452B-B722-0713F954DCB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A57012BB-1B1D-4F88-AB23-E1CA251B5BBD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ECC5DB09-C4D0-4E9C-8EBD-8876635A032F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D532D313-C4CB-40E7-A3A4-4D1AA0EA5301}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{85A7B1AE-83AC-4927-AFF7-4F7F4D0CD178}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{58A484C9-82AB-4867-9679-1E0DFA7E414E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AD2978A2-5B64-4177-A2C6-9CA96BEE301D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0F8443C1-BD82-40C2-A86D-3106DC673B5C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{249AECC1-88AD-4515-8B29-70A05D10A4B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD64EE58-E59F-4C7D-B2F1-082B444BC15C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9029C3CE-2CFE-4906-BFC9-B0EF403022E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0E903791-CFED-4144-A1FE-51E1C71BBD4A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A183BD18-723D-4123-8308-BCF116F5209E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{23E4E8C5-BDE0-4916-9641-BFC2DA35F204}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FDA00C3D-A8B5-45B0-BA47-FED352F8F1E3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D512016B-2EFB-4555-90F1-F61FBCB7CABE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D4611840-9F56-4253-8A4A-B3BD58743676}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A722507-6FE6-45BF-BE9D-130D80C01031}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{34FCF720-97C2-4F4D-9E67-73E99E76955D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2CF72FD2-D6C3-4A4F-95CE-F592BAAA435F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5799ACDF-DFCC-456A-A2F4-364757656231}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{991D078F-EAEE-4ECF-B547-1AA0302A373A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D376A019-16BC-446B-9222-BE3DCAFB4260}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6AD45A46-7A06-424B-BB9A-708CEC5A7347}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DDD5B561-2D96-4D1E-ADEB-363A41EE8693}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1EF2EBEC-6D33-44B7-B78A-131379B94F7C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4BB5A189-57F3-4C79-A4B3-27BA3C6A74C9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C713F18F-223E-4B6D-9C55-C2296BF9CF85}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9A6FE43E-BE71-49BC-80B7-C80C721B321B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5ED73662-55A5-4535-97C2-F71E858F7EB2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F29430BB-5946-4440-8F90-AA813781F0E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E1C0C75A-8027-4155-B258-26E8907F8A77}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6B40641D-3A9F-4C1E-8F63-B2C840BBB498}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FBB6986D-73B8-4F14-8CB9-4D50194DF253}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{426A827B-A057-4ACE-A755-7211F09624B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1071FE9E-04A0-44E7-8B5B-CE617E2E7DEB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2DD1C61E-D3BD-4B55-9369-9644C8694126}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{694991E1-6793-4408-B5A5-82DC13DCA7E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6D528898-193A-4614-ABCF-5DC321A8AEE2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E5DA01BC-F3F6-4FD7-898C-CA7387B19412}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5D04DAC6-0F42-4966-9880-F8B5C44C423F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15AF40C5-DD88-49BB-B688-40F1330AC85E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A0A674D2-ADE0-45A6-8D10-21BEEB939D86}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7ED87DF7-9B31-463A-8B46-3BB05EC6BFBC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1A65D50E-F613-4D6C-91C4-DF283C9F1FE6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C06618F5-6ADC-4B86-B91D-31CD9AD57CFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0ED75C77-73CA-4AA5-808A-F3F1DEF8CD7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{65DDAEFB-9D09-45B0-A4E6-83C233A0A0AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99C1C3C1-1D5F-4C6B-A3E3-E57E153F06A7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E94EF2F2-57E4-4EDB-A524-CDC5D668BBA1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6E9DEDE2-B1F8-4A01-86F1-768ABF7E35D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{31582B83-72FA-4C87-BC51-477AF0B1A4C9}] => (Allow) D:\setup\hpznui40.exe
FirewallRules: [{0AA8171A-586A-4E2D-8CB5-9F52EC4835F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{DF2B952B-8A9F-4F5F-9EE8-1E27C07AF66C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4988D91D-00B9-4897-8F8C-B3DE15F93596}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{5781B90B-7B91-45F0-ACB4-A2DA92670C60}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{4F557376-342A-4EF6-9E3E-53830426C8C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{037092BA-8E49-4868-BBCE-B81ACB29B003}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{41AF5C6A-24D1-4636-A698-1F7F1C1AA9FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1D3952D9-9E77-4F0B-BDD7-076779E8B5D5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{AE607AE9-D6F0-43CD-8BAD-FBFFD12C75C3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{607EF85F-FB3E-4E6E-8E7C-185B40ED53BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{61DFCE77-4CCF-4181-AC37-90AFC802AF10}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{44C856BF-A17D-467D-AEEF-0DAD3CC6C19B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3677FDF4-D3D9-4C95-AC90-FE4FF0900459}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{AA975029-F27D-4341-8729-181654CA6DA7}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{535164E3-53FC-42E0-8631-1965B8D40E4E}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{09CBC8B9-2442-46CE-8177-D9DB3B01CF08}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{314500C7-52D7-4CB1-A666-3A3DF707EF6D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B810E2A8-9933-44C9-BE54-0DCE6EB5575B}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{17EFAEE4-3572-4057-8D8E-679E14F5DC7C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0B8DE4A3-C5BA-488E-B382-AF15D66C0339}] => (Allow) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{154D1F61-6EAE-4C20-8B78-3F56113658F0}] => (Allow) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{682292DD-E27B-4C23-A747-DFB41B802901}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD85DE6A-9196-4597-9D1E-FFDD3AB7AC50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A99F2731-10F2-4BDD-93C9-4EA9D139038F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6A1E489A-31CE-4172-BE5E-49D58B56650D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9794DA47-BD9B-46D4-A85C-587456CE6521}] => (Allow) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{819A1FC6-2521-46C5-926B-AD93559573C7}] => (Allow) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
==================== Faulty Device Manager Devices =============
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/13/2015 00:34:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x4a0
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Error: (06/13/2015 11:01:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x1288
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Error: (06/12/2015 03:33:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x10fc
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Error: (06/12/2015 02:45:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x910
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Error: (06/11/2015 07:53:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x119c
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Error: (06/09/2015 09:49:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8808
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x978
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Error: (06/09/2015 09:46:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7149.5000, Zeitstempel: 0x552dd352
Name des fehlerhaften Moduls: pstprx32.dll, Version: 14.0.7149.5000, Zeitstempel: 0x552c9630
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00028ac8
ID des fehlerhaften Prozesses: 0x13d0
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3
Error: (06/07/2015 09:26:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8808
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x26c
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Error: (06/04/2015 10:14:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8808
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0xf20
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Error: (06/04/2015 11:19:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8808
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0xe9c
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
System errors:
=============
Error: (06/13/2015 09:32:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/13/2015 09:32:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/13/2015 09:32:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IviRegMgr" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 09:32:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Matrix Storage Event Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 09:32:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 09:32:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 09:32:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Raw Socket Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 09:32:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Protexis Licensing V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 09:32:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NTI Backup Now 5 Scheduler Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 09:32:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GRegService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (06/13/2015 00:34:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f4a001d0a5c48680e2b5C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllc75778da-11b7-11e5-808c-00269e9dd695
Error: (06/13/2015 11:01:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f128801d0a5b77719aec1C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllb9f4a7f6-11aa-11e5-b6c7-00269e9dd695
Error: (06/12/2015 03:33:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f10fc01d0a51460e657e3C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dll9ff58fcc-1107-11e5-90d6-00269e9dd695
Error: (06/12/2015 02:45:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f91001d0a50da8d863b9C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dlle8793475-1100-11e5-889c-00269e9dd695
Error: (06/11/2015 07:53:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f119c01d0a46f85dc7e22C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllc67ae1be-1062-11e5-b678-00269e9dd695
Error: (06/09/2015 09:49:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.18839553e8808c0000374000cea5f97801d0a2ed705f1907C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllafd24abb-0ee0-11e5-84ce-00269e9dd695
Error: (06/09/2015 09:46:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.7149.5000552dd352pstprx32.dll14.0.7149.5000552c9630c000000500028ac813d001d0a2ecfd2d6bfbC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\pstprx32.dll4474e457-0ee0-11e5-84ce-00269e9dd695
Error: (06/07/2015 09:26:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.18839553e8808c0000374000cea5f26c01d0a157e775a3afC:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dll2876cce3-0d4b-11e5-a42c-00269e9dd695
Error: (06/04/2015 10:14:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.18839553e8808c0000374000cea5ff2001d09f030adae570C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dll4c1c216a-0af6-11e5-ab8a-00269e9dd695
Error: (06/04/2015 11:19:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.18839553e8808c0000374000cea5fe9c01d09ea78259379cC:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllc350699d-0a9a-11e5-9291-00269e9dd695
CodeIntegrity Errors:
===================================
Date: 2015-02-15 15:10:22.011
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-15 15:10:21.918
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 11:50:05.539
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 11:50:05.524
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 11:46:14.846
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 11:46:14.706
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 22:51:56.002
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 22:51:56.002
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 22:51:55.986
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 22:51:55.986
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6570 @ 2.10GHz
Percentage of memory in use: 29%
Total physical RAM: 4060.93 MB
Available physical RAM: 2862.86 MB
Total Pagefile: 8120.06 MB
Available Pagefile: 6677.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:453.66 GB) (Free:317.29 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CDF05614)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.7 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
14.06.2015, 09:44
| #11 |
| /// TB-Ausbilder | Link in DHL EMail geöffnet Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
RemoveProxy:
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
14.06.2015, 20:19
| #12 |
| | Link in DHL EMail geöffnetCode:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by PC at 2015-06-14 21:10:48 Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & Gast)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
RemoveProxy:
EmptyTemp:
end
*****************
Processes closed successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => key removed successfully
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 1.5 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 21:12:17 ====
Mein PC ist irgendwie total langsam jetzt. Ist das normal? |
|
15.06.2015, 15:15
| #13 |
| /// TB-Ausbilder | Link in DHL EMail geöffnet Servus, mal bitte weiter machen.  |
|
16.06.2015, 20:20
| #14 |
| | Link in DHL EMail geöffnet ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f5c78bb11ca5f0498455fb5e5ff8777b
# end=init
# utc_time=2015-06-15 07:50:29
# local_time=2015-06-15 09:50:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24341
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f5c78bb11ca5f0498455fb5e5ff8777b
# end=updated
# utc_time=2015-06-15 08:31:22
# local_time=2015-06-15 10:31:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f5c78bb11ca5f0498455fb5e5ff8777b
# engine=24341
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-15 11:32:03
# local_time=2015-06-16 01:32:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777214 100 100 14680 65885545 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 271548 186040973 0 0
# scanned=317334
# found=8
# cleaned=0
# scan_time=10841
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=BA5D225FE04ED9E21278011D1A6F6BBECB9134D8 ft=1 fh=57ab8a13e6ab5320 vn="Variante von Win32/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Local\Temp\SetupDataMngr_Searchqu.exe.vir"
sh=04B4A79CC95C2D2ED13D3951AE54409F15327429 ft=1 fh=395a604ee7c17fd1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\7 Zip\7 Zip 32 Bit - CHIP-Installer.exe"
sh=87DFD82D5434A7E649082BA59389A4E87D40DA5C ft=1 fh=fb6c23061dda6c6a vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\7 Zip\7-zip(1).exe"
sh=87DFD82D5434A7E649082BA59389A4E87D40DA5C ft=1 fh=fb6c23061dda6c6a vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\7 Zip\7-zip.exe"
sh=96FD12ADDAF5F1173C7D841979C4705402EAF899 ft=1 fh=3a5fffaae144af3b vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\Favoriten-Freund\AnySendSetup.exe"
sh=9B1FD212A830B5410380158B5D670752F74082C1 ft=1 fh=3fb6e70c0426ad1b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\Free Mp3 wma converter\Free Mp3 Wma Converter - CHIP-Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\pdf creator\PDFCreator-1_7_3_setup.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.002
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java 7 Update 67
Java(TM) 6 Update 29
Java version 32-bit out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 17.0.0.188
Adobe Reader XI
Mozilla Firefox (38.0.5)
Mozilla Thunderbird (3.1.9) Thunderbird out of Date!
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe
Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
17.06.2015, 14:18
| #15 | |||||||||||
| /// TB-Ausbilder | Link in DHL EMail geöffnetZitat:
Reste entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
C:\Users\PC\Downloads\7 Zip\7-zi*.exe
C:\Users\PC\Downloads\Favoriten-Freund\AnySendSetup.exe
C:\Users\PC\Downloads\Free Mp3 wma converter\Free Mp3 Wma Converter - CHIP-Installer.exe
C:\Users\PC\Downloads\pdf creator\PDFCreator-1_7_3_setup.exe
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
| Themen zu Link in DHL EMail geöffnet |
| absender, anhang, anwendungsdaten, bedrohungen, bekannte, blödsinn, code, datei, email, empfohlen, erstell, erstellt, gefunde, gen, große, hoffe, kaspersky, laptop, link, objekt, programm, schließe, sofort, untersuchung, virenprogramm, warum |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
