Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: false positive registry Einträge?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Alt 10.07.2015, 12:56   #1
false positive registry Einträge? - Standard

false positive registry Einträge?

Guten Nachmittag,
es tut mir leid, dass ich schon wieder Hilfe benötige. Ich habe heute Vormittag zur Sicherheit noch einen letzten vollständigen Systemscan (nach den gestrigen Scans mit MBAM, ESET und Trend Micro Housecall) laufen lassen und dabei kam das heraus:


Freitag, 10. Juli 2015 09:48:52 - 10:39:53

Computername: ADMIN-PC 
Scan-Methode: Vollständiger Scan 
Ziel: C:\ E:\ + System + Rootkits

Ergebnis: 2 Malware gefunden

Neustart des Systems erforderlich, um den Desinfektionsvorgang abzuschließen!

Suspicious:W32/Malware!Gemini (Vermutete Infektion)
C:\Users\admin\Desktop\Games\NFS Underground 2 TexMod V2.0 by Dragozool\Texmod.exe
Aktion: unter Quarantäne

Dateien: 551217
Nicht gescannt: 261
Viren: 1
Spyware: 0
Verdächtige Elemente: 1
Riskware: 0
Desinfiziert: 0
Umbenannt: 0
Gelöscht: 0
In Quarantäne: 1
Fehlgeschl.: 0
Gescannt: 3
Infiziert: 0
Verdächtige Elemente: 0
Desinfiziert: 0
Dateien, nicht gescannt:
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\HIBERFIL.SYS
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\PAGEFILE.SYS
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\WINSXS\AMD64_MICROSOFT-WINDOWS-N..N_SERVICE_DATASTORE_31BF3856AD364E35_6.1.7601.17514_NONE_2F54961B4C9F4194\DNARY.XSD
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\TASKS\GOOGLEUPDATETASKMACHINEUA.JOB
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\TASKS\GOOGLEUPDATETASKMACHINECORE.JOB
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSWOW64\LOG.TXT
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\7B296FB0-376B-497E-B012-9C450E1B7327-5P-1.C7483456-A289-439D-8115-601632D005A0
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\7B296FB0-376B-497E-B012-9C450E1B7327-5P-0.C7483456-A289-439D-8115-601632D005A0
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\APPLICATION.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-API-TRACING%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MEDIA CENTER.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPID%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPLICATION SERVER-APPLICATIONS%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\BROADCOM WIRELESS LAN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\KEY MANAGEMENT SERVICE.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\HARDWAREEVENTS.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPLICATION SERVER-APPLICATIONS%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\INTERNET EXPLORER.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPLICATION-EXPERIENCE%4PROBLEM-STEPS-RECORDER.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPLICATION-EXPERIENCE%4PROGRAM-COMPATIBILITY-ASSISTANT.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPLICATION-EXPERIENCE%4PROGRAM-INVENTORY.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPLICATION-EXPERIENCE%4PROGRAM-TELEMETRY.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPLOCKER%4EXE AND DLL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-APPLOCKER%4MSI AND SCRIPT.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-AUDIO%4CAPTUREMONITOR.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-AUDIO%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-AUTHENTICATION USER INTERFACE%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-BACKUP.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-BITS-CLIENT%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-BLUETOOTH-MTPENUM%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-CAPI2%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-CODEINTEGRITY%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-COMPAT-APPRAISER%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-CORRUPTEDFILERECOVERY-CLIENT%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-CORRUPTEDFILERECOVERY-SERVER%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DATETIMECONTROLPANEL%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DEVICESYNC%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DHCP-CLIENT%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DHCPNAP%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DHCPV6-CLIENT%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSIS-DPS%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSIS-PCW%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSIS-SCRIPTED%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSIS-SCHEDULED%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DRIVERFRAMEWORKS-USERMODE%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSIS-SCRIPTEDDIAGNOSTICSPROVIDER%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DISKDIAGNOSTIC%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DISKDIAGNOSTICRESOLVER%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSIS-SCRIPTED%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSIS-PLA%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSTICS-PERFORMANCE%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DISKDIAGNOSTICDATACOLLECTOR%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-EAPHOST%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-DIAGNOSTICS-NETWORKING%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-EVENTCOLLECTOR%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-FAULT-TOLERANT-HEAP%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-FMS%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-FOLDER REDIRECTION%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-FORWARDING%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-GROUPPOLICY%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-GWX-INS%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-HELP%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-HOMEGROUP CONTROL PANEL%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-HOMEGROUP LISTENER SERVICE%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-HOMEGROUP PROVIDER SERVICE%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-IKE%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-INTERNATIONAL%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-INTERNATIONAL-REGIONALOPTIONSCONTROLPANEL%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-IPHLPSVC%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-KERNEL-EVENTTRACING%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-KERNEL-POWER%4THERMAL-OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-KERNEL-STOREMGR%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-KERNEL-WDI%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-KERNEL-WHEA%4ERRORS.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-KERNEL-WHEA%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-KNOWN FOLDERS API SERVICE.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-LANGUAGEPACKSETUP%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-MCT%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-MEMORYDIAGNOSTICS-RESULTS%4DEBUG.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-MUI%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-MUI%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-NCSI%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-NETWORKACCESSPROTECTION%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-NETWORKACCESSPROTECTION%4WHC.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-NETWORKLOCATIONWIZARD%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-NETWORKPROFILE%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-NLASVC%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-NTLM%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-PARENTALCONTROLS%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-PEOPLENEARME%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-POWERSHELL%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-PRINTSERVICE%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-READYBOOST%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-READYBOOSTDRIVER%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-RECOVERY%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-RELIABILITYANALYSISCOMPONENT%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-REMOTEAPP AND DESKTOP CONNECTIONS%4ADMIN.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-REMOTEAPP AND DESKTOP CONNECTIONS%4OPERATIONAL.EVTX
Datei (Klicken Sie hier, um weitere Informationen zu erhalten) kann nicht geöffnet werden C:\WINDOWS\SYSTEM32\WINEVT\LOGS\MICROSOFT-WINDOWS-REMOTEASSISTANCE%4ADMIN.EVTX
Fehler - zu viele geöffnete Dateien: weitere Fehlermeldungen werden übersprungen.
Datei im Archiv C:\Users\admin\Downloads\JaySuS Swords V13C-1002-13C.rar\JSwords.bsa kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3TC\save\X12.sav\X12 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3TC\save\X13.sav\X13 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3TC\save\X11.sav\X11 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X01.sav\X01 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X02.sav\X02 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X03.sav\X03 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X05.sav\X05 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X07.sav\X07 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X06.sav\X06 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X04.sav\X04 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X08.sav\X08 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X09.sav\X09 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X10.sav\X10 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X11.sav\X11 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X12.sav\X12 kann nicht geöffnet werden
Datei im Archiv C:\Users\admin\Documents\Egosoft\X3AP\save\X13.sav\X13 kann nicht geöffnet werden
Scannen von C:\Users\admin\Downloads\VTMBde90.exe wurde abgebrochen [F-Secure Aquarius]
Scannen von C:\Users\admin\Downloads\SE-0971-setup.exe wurde abgebrochen [F-Secure Aquarius]
Scannen von C:\Users\admin\Downloads\SE-0972-setup.exe wurde abgebrochen [F-Secure Aquarius]
Scannen von E:\Spiele\Diaspora\Diaspora_R1_Windows.exe wurde abgebrochen [F-Secure Aquarius]

Version der Definitionen:
Viren: 2015-07-10_06
Spyware: 2015-07-10_06
F-Secure Aquarius: 11.00.01, 2015-07-10
F-Secure Hydra: 5.14.151, 2015-07-08
F-Secure Online: 15.10.112, 0-00-00
F-Secure Gemini: 3.02.384, 2015-06-23
F-Secure BlackLight: 2.04.1100, 2013-05-27
Alle Dateien scannen
Archive scannen
Viren: Nach Scannen fragen
Spyware: Nach Scannen fragen
Verdächtige Elemente nach vollständigem Scan anzeigen

Fehler "Datei kann nicht geöffnet werden" aufgetreten:

Die Fehlermeldung "Datei kann nicht geöffnet werden" bedeutet, dass der Scanner eine Datei nicht öffnen konnte und diese nicht gescannt wurde. Sie können diese Fehlermeldung gewöhnlich ignorieren, da es viele Gründe dafür geben kann, die keine Sicherheitsbedrohung darstellen:
Die Datei war eine Systemdatei. Systemdateien sind standardmäßig durch das Betriebssystem geschützt. In diesem Fall können Sie die Meldung ignorieren.
Sie haben keine Berechtigung, die Datei zu lesen. Melden Sie sich bei einem Benutzerkonto mit entsprechenden Berechtigungen an (beispielsweise bei dem Administratorkonto des Computers) und führen Sie den Scan erneut aus.
Die Datei wurde von einer Anwendung verwendet, als der Scan durchgeführt wurde. Schließen Sie alle Anwendungen und versuchen Sie es erneut, um diese Datei zu scannen.
Wenn ich mir nun den Entfernungsverlauf ansehe, listet es mir neben der TexMod.exe (die aus meiner Sicht ein false positive ist) noch zwei Registrierungseinträge - wobei diese einerseits in der Quarantäne und andererseits Wiederhergestellt wurden- auf:

Registrierung: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer¦NoActiveDesktopChanges
Registrierung: HKEY_USERS\S-1-5-21-2586655326-3906653631-2063846596-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced¦ShowSuperHidden

Diese Registryeinträge lassen mich dann doch am false positive zweifeln. Ausserdem werden im Scan-Bericht 2 Malware erwähnt, aber nur eine aufgelistet und in Quarantäne verfrachtet. Das ganze kommt mir suspekt vor, obwohl die Scans von gestern und jetzt nach der Bereinigung (MBAM, F-Secure) nichts mehr finden können.

Vielen Dank schon mal im Voraus für eure Hilfe.

Gruss Jerot
Angehängte Grafiken
Dateityp: png Entfernungsverlauf.png (24,4 KB, 166x aufgerufen)

Alt 10.07.2015, 13:57   #2
/// the machine
/// TB-Ausbilder

false positive registry Einträge? - Standard

false positive registry Einträge?


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Alt 10.07.2015, 14:45   #3
false positive registry Einträge? - Standard

false positive registry Einträge?

Hallo schrauber,

hier die Logs.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by admin (administrator) on ADMIN-PC on 10-07-2015 15:37:31
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
() C:\Program Files\Corsair USB Headset\Customapp\Program\CAHS.exe
() C:\Program Files\Corsair USB Headset\Customapp\Program\CAHS.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6470760 2012-05-15] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1175656 2012-05-11] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7144960 2013-01-16] (Broadcom Corporation)
HKLM\...\Run: [CAHS1Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CAHS1.dll,CMICtrlWnd
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (45119)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-10-14] (F-Secure Corporation)
HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Run: [Steam] => E:\Steam\steam.exe [2892992 2015-06-20] (Valve Corporation)
HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\MountPoints2: {8cf626a8-6012-11e2-ba8e-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\MountPoints2: {c13f0f34-5fdb-11e2-b63e-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-01-16]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2015-06-15] (F-Secure Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2015-06-15] (F-Secure Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{4683DED9-1F33-466F-9BE9-40EB9011C123}: [DhcpNameServer]
Tcpip\..\Interfaces\{96BC0138-6242-49DA-B98E-FA0E0CFD92E8}: [DhcpNameServer]

FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{ecb89366-3694-4ebf-8b1d-65ac5e87c344}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2014-12-12]

CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-03]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]
CHR Extension: (Search by F-Secure) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkmikccifolokanfakbeadbmgchomeli [2014-12-07]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2014-12-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-03]
CHR HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\F-Secure\apps\SafeSearch\Chrome\main.crx [2014-05-09]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-11-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-10-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-14] (F-Secure Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-09] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-07-09] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; E:\Spiele\Origin\OriginClientService.exe [1931632 2015-05-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-01-29] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-29] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5834752 2013-01-16] (Broadcom Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-11-03] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-20] (Broadcom Corporation.)
R3 CorsairCAHS1; C:\Windows\System32\drivers\CAHS164.sys [1308160 2011-06-16] (C-Media Electronics Inc)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-07-08] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-06-08] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [55336 2015-05-29] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [95784 2015-06-15] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE1200w764.sys [1254464 2011-03-29] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-10 15:37 - 2015-07-10 15:37 - 00016692 _____ C:\Users\admin\Desktop\FRST.txt
2015-07-10 15:37 - 2015-07-10 15:37 - 00000000 ____D C:\FRST
2015-07-10 15:36 - 2015-07-10 15:36 - 02112512 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2015-07-10 14:20 - 2015-07-10 14:28 - 00000000 ____D C:\EEK
2015-07-10 14:20 - 2015-07-10 14:20 - 00000743 _____ C:\Users\admin\Desktop\Start Emsisoft Emergency Kit.lnk
2015-07-10 13:58 - 2015-07-10 14:15 - 160871320 _____ C:\Users\admin\Downloads\EmsisoftEmergencyKit.exe
2015-07-10 13:34 - 2015-07-10 13:34 - 00003370 _____ C:\Users\admin\AppData\Local\recently-used.xbel
2015-07-10 10:44 - 2015-07-10 10:44 - 00036736 _____ C:\Users\admin\Desktop\F-Secure Anti-Virus 11.00.20242 - Scan-Bericht - Freitag, 10. Juli 2015 10_41_06.html
2015-07-09 17:49 - 2015-07-09 17:49 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-09 17:49 - 2015-07-09 17:49 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-09 17:49 - 2015-07-09 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-09 17:49 - 2015-07-09 17:49 - 00000000 ____D C:\Program Files\CCleaner
2015-07-09 16:22 - 2015-07-09 16:22 - 00000208 _____ C:\Users\admin\Desktop\Eset Online Scanner.txt
2015-07-09 11:21 - 2015-07-09 11:21 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ADMIN-PC-Windows-7-Home-Premium-(64-bit).dat
2015-07-09 10:20 - 2015-07-09 10:20 - 02405664 _____ (Trend Micro Inc.) C:\Users\admin\Downloads\HousecallLauncher64 (1).exe
2015-07-08 16:38 - 2015-07-10 09:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-08 16:35 - 2015-07-10 09:39 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-08 16:33 - 2015-07-08 16:34 - 16502728 _____ (Malwarebytes Corp.) C:\Users\admin\Downloads\mbar-
2015-07-08 15:22 - 2015-07-08 15:22 - 00233321 _____ C:\Users\admin\Desktop\GMER full.log
2015-07-08 15:00 - 2015-07-08 15:00 - 00003138 _____ C:\Users\admin\Desktop\F-Secure Anti-Virus 11.00.20242 - Scan-Bericht - Mittwoch, 8. Juli 2015 14_29_51.html
2015-07-08 13:51 - 2015-07-08 13:51 - 12207468 _____ C:\Users\Public\Desktop\fsdiag.zip
2015-07-05 10:53 - 2015-07-05 11:53 - 00183720 _____ C:\Users\admin\Desktop\GMER.log
2015-07-05 10:31 - 2015-07-05 10:31 - 00380416 _____ C:\Users\admin\Desktop\Gmer-19357 (1).exe
2015-07-04 19:20 - 2015-07-04 19:24 - 00000000 ____D C:\Windows\pss
2015-07-04 11:31 - 2015-07-04 19:23 - 00000000 ____D C:\Users\admin\Desktop\CCE
2015-07-04 11:23 - 2015-07-04 11:26 - 23732069 _____ C:\Users\admin\Downloads\cce_2.5.242177.201_x32.zip
2015-07-04 11:20 - 2015-07-04 11:23 - 25543261 _____ C:\Users\admin\Downloads\cce_2.5.242177.201_x64 (1).zip
2015-06-29 20:34 - 2015-06-29 20:37 - 25543261 _____ C:\Users\admin\Downloads\cce_2.5.242177.201_x64.zip
2015-06-29 19:36 - 2015-06-29 19:36 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-27 17:40 - 2015-06-27 18:12 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-22.bin
2015-06-27 16:33 - 2015-06-27 17:05 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-21.bin
2015-06-27 15:42 - 2015-06-27 16:14 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-20.bin
2015-06-27 15:10 - 2015-06-27 15:42 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-19.bin
2015-06-27 14:35 - 2015-06-27 15:07 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-18.bin
2015-06-27 14:00 - 2015-06-27 14:32 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-17.bin
2015-06-27 11:11 - 2015-06-27 11:43 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-16.bin
2015-06-27 10:34 - 2015-06-27 11:06 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-15.bin
2015-06-27 10:00 - 2015-06-27 10:33 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-14.bin
2015-06-27 09:28 - 2015-06-27 10:00 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-13.bin
2015-06-26 16:18 - 2015-06-26 16:50 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-12.bin
2015-06-26 15:46 - 2015-06-26 16:18 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-11.bin
2015-06-26 15:05 - 2015-06-26 15:37 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-10.bin
2015-06-26 14:13 - 2015-06-26 14:46 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-9.bin
2015-06-26 13:29 - 2015-06-26 13:29 - 00000000 ____D C:\Users\admin\AppData\Roaming\NVIDIA
2015-06-26 10:28 - 2015-06-26 10:28 - 00000000 ____D C:\Users\admin\AppData\Local\GWX
2015-06-25 17:32 - 2015-06-25 17:33 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA
2015-06-25 17:32 - 2015-06-25 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-25 17:32 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-25 17:32 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-25 17:32 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-25 17:32 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-06-25 17:30 - 2015-06-25 17:32 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-25 17:30 - 2015-06-25 17:30 - 00000000 ____D C:\NVIDIA
2015-06-25 17:29 - 2015-06-17 08:48 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-06-25 17:29 - 2015-06-17 08:48 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-06-25 17:29 - 2015-06-17 08:48 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-06-25 17:29 - 2015-06-17 08:48 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-06-25 17:29 - 2015-06-17 08:48 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-06-25 17:29 - 2015-06-17 08:48 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-06-25 17:29 - 2015-06-02 16:11 - 04421614 _____ C:\Windows\system32\nvcoproc.bin
2015-06-25 12:34 - 2015-06-25 13:08 - 292264080 _____ (NVIDIA Corporation) C:\Users\admin\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-06-24 12:55 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-06-24 12:55 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-06-24 12:54 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-06-24 12:49 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-06-24 12:49 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-06-24 12:49 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-06-24 12:49 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-06-24 12:49 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-06-24 12:49 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-06-24 12:49 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-06-24 12:49 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-06-24 12:49 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-06-24 12:49 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-06-24 12:49 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-06-24 12:49 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-06-24 12:49 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-06-24 12:49 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-06-24 12:49 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-06-24 12:47 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-24 12:47 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-24 12:47 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-24 12:47 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-24 12:47 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-24 12:47 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-24 12:47 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-24 12:47 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-24 12:47 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-24 12:47 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-24 12:47 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-24 12:47 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-24 12:47 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-24 12:47 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-24 12:47 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-24 12:47 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-24 12:47 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-24 12:47 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-24 12:47 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-24 12:47 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-06-24 12:47 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-06-24 12:47 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-24 12:47 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-24 12:47 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-06-24 12:47 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-06-24 12:47 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-24 12:47 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-06-24 12:47 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-24 12:47 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-06-24 12:46 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-06-24 12:46 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-06-24 12:46 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-06-24 12:46 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-06-24 12:45 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-24 12:45 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-24 12:45 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-24 12:45 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-24 12:45 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-24 12:45 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-24 12:45 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-24 12:45 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-24 12:45 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-24 12:45 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-24 12:45 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-24 12:45 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-24 12:45 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-24 12:45 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-24 12:45 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-24 12:45 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-24 12:45 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-24 12:45 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-24 12:45 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-24 12:45 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-24 12:45 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-24 12:45 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-24 12:45 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-24 12:45 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-24 12:45 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-24 12:45 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-24 12:45 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-24 12:45 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-24 12:45 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-24 12:45 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-24 12:45 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-24 12:45 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-24 12:45 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-24 12:45 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-24 12:45 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-24 12:45 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-24 12:45 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-24 12:45 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-24 12:45 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-24 12:45 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-24 12:45 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-24 12:45 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-24 12:45 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-24 12:45 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-24 12:45 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-24 12:45 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-24 12:45 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-24 12:45 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-24 12:45 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-24 12:45 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-24 12:45 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-24 12:45 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-24 12:45 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-24 12:45 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-24 12:45 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-24 12:45 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-24 12:45 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-24 12:45 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-24 12:45 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-24 12:45 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-24 12:45 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-06-24 12:45 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-06-24 12:35 - 2015-06-24 12:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-24 12:35 - 2015-06-24 12:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-24 12:33 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-06-24 12:33 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-06-24 12:33 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-06-24 12:33 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-06-24 12:33 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-06-24 12:33 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-06-24 12:33 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-06-24 12:33 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-06-24 12:33 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-06-24 12:33 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-06-24 11:40 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-06-24 11:40 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-06-24 11:39 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-06-24 11:39 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-06-24 11:39 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-06-24 11:39 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-06-24 11:39 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-06-24 11:39 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-06-24 11:39 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-06-24 11:39 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-06-24 11:39 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-06-24 11:39 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-06-24 11:33 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-06-24 11:33 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-06-24 11:31 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-06-24 11:31 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-06-24 11:31 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-06-24 11:31 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-06-24 11:31 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-06-24 11:30 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-06-24 11:30 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-06-24 11:23 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-06-24 11:21 - 2015-06-24 11:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-06-24 11:21 - 2015-06-24 11:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-06-24 11:21 - 2015-06-24 11:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-06-24 11:21 - 2015-06-24 11:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-06-24 11:21 - 2015-06-24 11:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-06-24 11:21 - 2015-06-24 11:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-24 11:21 - 2015-06-24 11:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-06-24 11:14 - 2015-06-24 11:23 - 00011802 _____ C:\Windows\IE11_main.log
2015-06-24 11:14 - 2015-06-24 11:14 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-06-24 11:14 - 2015-06-24 11:14 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-06-24 11:01 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-06-24 11:01 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-06-24 11:01 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-06-24 11:01 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-06-24 11:01 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-06-24 11:01 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-06-24 11:01 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-06-24 11:01 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-06-24 11:01 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-06-24 11:01 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-06-24 11:01 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-06-24 11:01 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-06-24 11:01 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-06-24 11:01 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-06-24 10:59 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-06-24 10:59 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-06-24 10:58 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-06-24 10:58 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-06-24 10:58 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-06-24 10:57 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-24 10:56 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-06-24 10:56 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-06-24 10:56 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-06-24 10:56 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-06-24 10:56 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-06-24 10:55 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-06-24 10:55 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-06-24 10:55 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-06-24 10:55 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-06-24 10:55 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-06-24 10:55 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-06-24 10:55 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-06-24 10:54 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-24 10:54 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-24 10:54 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-24 10:54 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-24 10:54 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-24 10:54 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-24 10:54 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-24 10:54 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-24 10:54 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-24 10:54 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-24 10:54 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-24 10:54 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-24 10:54 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-24 10:54 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-24 10:54 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-24 10:54 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-24 10:54 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-24 10:54 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-24 10:54 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-24 10:54 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-24 10:54 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-24 10:54 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-24 10:54 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-24 10:54 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-24 10:54 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-24 10:54 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-24 10:54 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-24 10:54 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-24 10:54 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-24 10:54 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-24 10:54 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-24 10:54 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-24 10:54 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-06-24 10:54 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-06-24 10:54 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-06-24 10:54 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-06-24 10:54 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-06-24 10:35 - 2015-06-24 10:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-24 10:35 - 2015-06-24 10:35 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-24 10:19 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-06-24 10:19 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-06-24 10:19 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-06-24 10:19 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-06-24 10:19 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-06-24 10:19 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-06-24 10:19 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-06-24 10:19 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-06-24 10:19 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-06-24 10:19 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-06-24 10:19 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-06-24 10:19 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-06-24 10:19 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-06-24 10:19 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-06-24 10:19 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-06-24 10:19 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-06-24 10:19 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-06-24 10:19 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-06-24 10:19 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-06-24 10:19 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-06-24 10:19 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-06-24 10:19 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-06-24 10:19 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-06-24 10:19 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-06-24 10:19 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-06-24 10:16 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-24 10:16 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-24 10:16 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-24 10:16 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-24 10:16 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-24 10:16 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-24 10:16 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-24 10:16 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-24 10:16 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-06-24 10:16 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-06-24 10:16 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-06-24 10:16 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-06-24 10:16 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-06-24 10:16 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-06-24 10:16 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-06-24 10:16 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-06-24 10:16 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-06-24 10:16 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-06-24 10:16 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-06-24 10:16 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-06-24 10:16 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-06-24 10:16 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-06-24 10:16 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-06-24 10:16 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-06-24 10:16 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-06-24 10:16 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-06-24 10:16 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-06-24 10:13 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-06-24 10:13 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-06-24 10:12 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-06-24 10:12 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-06-24 10:11 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-06-24 10:11 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-06-24 10:10 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-24 10:10 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-24 10:10 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-24 10:10 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-24 10:10 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-24 10:10 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-24 10:10 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-24 10:10 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-24 10:10 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-24 10:10 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-24 10:09 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-06-24 10:09 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-06-24 10:09 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-06-24 10:08 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-06-24 10:08 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-06-24 10:08 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-06-24 10:08 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-06-24 10:08 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-06-24 10:08 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-06-24 10:08 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-06-24 10:08 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-06-24 10:08 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-06-24 10:08 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-06-24 10:07 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-24 10:07 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-24 10:07 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-06-24 10:07 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-06-24 10:07 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-06-24 10:07 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-06-24 10:07 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-06-24 10:07 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-06-24 10:07 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-06-24 10:07 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-06-24 10:06 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-06-24 10:06 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-06-24 10:06 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-06-24 10:06 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-06-24 10:05 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-06-24 10:05 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-06-24 10:05 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-06-24 10:05 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-06-24 10:05 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-06-24 10:05 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-06-24 10:05 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-06-24 10:05 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-06-24 10:05 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-06-24 10:05 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-06-24 10:03 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-06-24 10:03 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-06-24 10:02 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-06-24 10:02 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-06-24 10:02 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-06-24 10:02 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-06-24 10:02 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-06-24 10:02 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-06-24 10:02 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-06-24 10:01 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-24 10:01 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-06-24 10:01 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-06-24 10:01 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-06-24 10:01 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-06-24 10:01 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-06-24 10:01 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-06-24 10:01 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-06-24 10:01 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-06-24 10:01 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-06-24 10:01 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-06-24 10:01 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-06-24 10:01 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-06-24 10:01 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-06-24 10:01 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-06-24 10:01 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-06-24 10:01 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-06-24 10:01 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-06-24 10:01 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-06-24 10:01 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-06-24 10:00 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-06-24 10:00 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-06-24 10:00 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-06-24 10:00 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-06-24 10:00 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-06-24 10:00 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-06-24 10:00 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-06-24 10:00 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-06-24 10:00 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-06-24 10:00 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-06-24 10:00 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-06-24 10:00 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-06-24 10:00 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-06-24 10:00 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-06-24 10:00 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-06-24 10:00 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-06-24 10:00 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-06-24 10:00 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-06-24 10:00 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-06-24 10:00 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-06-24 10:00 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-06-24 10:00 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-06-24 10:00 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-06-24 10:00 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-06-24 10:00 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-06-24 10:00 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-06-24 10:00 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-06-24 10:00 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-06-24 10:00 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-06-24 10:00 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-06-24 10:00 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-06-24 10:00 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-06-24 10:00 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-06-24 09:52 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-06-24 09:52 - 2015-01-09 01:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-06-24 09:49 - 2015-06-24 09:51 - 00000000 ____D C:\Windows\system32\MRT
2015-06-24 09:49 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-24 09:49 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-24 09:48 - 2015-06-24 09:48 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-24 09:47 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-06-24 09:47 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-06-24 09:47 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-06-24 09:47 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-06-24 09:47 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-06-24 09:47 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-06-24 09:47 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-06-24 09:47 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-06-24 09:18 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-06-24 09:18 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-06-24 09:18 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-06-24 09:18 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-06-24 09:17 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-06-24 09:17 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-06-24 09:17 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-06-24 09:17 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-06-24 09:17 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-06-24 09:17 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-06-24 09:17 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-06-24 09:17 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-06-24 09:17 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-06-24 09:17 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-06-24 09:17 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-06-24 09:17 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-06-24 09:17 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-06-24 09:16 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-06-24 09:16 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-06-24 09:16 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-06-24 09:16 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-06-24 09:16 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-06-24 09:16 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-06-24 09:16 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-06-24 09:16 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-06-24 09:16 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-06-24 09:16 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-06-24 09:16 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-06-24 09:16 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-06-24 09:16 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-06-24 09:16 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-06-24 09:16 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-06-24 09:16 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-06-24 09:16 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-06-24 09:16 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-06-24 09:16 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-06-24 09:16 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-06-24 09:16 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-06-24 09:16 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-06-24 09:16 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-06-24 09:15 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-06-24 09:15 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-06-24 09:15 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-06-24 09:15 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-06-24 09:14 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-06-24 09:14 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-06-24 09:14 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-06-24 09:14 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-06-24 09:14 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-06-23 10:28 - 2015-06-23 10:28 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\admin\Downloads\iexplorer.exe
2015-06-18 20:54 - 2015-06-18 20:54 - 00380416 _____ C:\Users\admin\Downloads\Gmer-19357.exe
2015-06-18 20:24 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-06-18 20:24 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-06-18 20:24 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-06-18 20:24 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-06-18 20:24 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-06-18 20:24 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-06-18 18:27 - 2015-07-10 10:42 - 00001188 _____ C:\Windows\PFRO.log
2015-06-18 16:52 - 2015-06-18 16:52 - 00000748 _____ C:\Users\Public\Desktop\Freelancer Crossfire.lnk
2015-06-18 16:46 - 2015-06-18 16:46 - 00000878 _____ C:\Users\Public\Desktop\Freelancer Mod Manager.lnk
2015-06-18 16:46 - 2015-06-18 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freelancer Mod Manager
2015-06-18 16:41 - 2015-06-18 16:41 - 00000828 _____ C:\Users\Public\Desktop\Freelancer.lnk
2015-06-18 16:38 - 2015-06-18 16:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2015-06-18 16:35 - 2015-07-10 15:34 - 00025401 _____ C:\Windows\setupact.log
2015-06-18 16:35 - 2015-06-18 16:35 - 00000000 _____ C:\Windows\setuperr.log
2015-06-18 15:38 - 2015-06-18 15:39 - 00011426 _____ C:\Users\admin\Documents\cc_20150618_153829.reg
2015-06-18 15:34 - 2015-07-10 15:37 - 01366926 _____ C:\Windows\WindowsUpdate.log
2015-06-17 18:30 - 2015-06-17 18:30 - 02167188 _____ C:\Users\admin\Downloads\Release.zip
2015-06-16 09:16 - 2015-06-16 09:16 - 00008086 _____ C:\Users\admin\Desktop\2.0 Crossfire Installation guide extended.txt
2015-06-15 13:41 - 2015-06-18 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire 2.0
2015-06-15 10:27 - 2015-06-15 10:59 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-8.bin
2015-06-15 09:42 - 2015-06-15 10:14 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-7.bin
2015-06-15 09:04 - 2015-06-15 09:36 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-6.bin
2015-06-11 11:13 - 2015-06-11 11:45 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-5.bin
2015-06-11 10:26 - 2015-06-11 10:58 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-4.bin
2015-06-11 09:04 - 2015-06-11 09:36 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-3.bin
2015-06-10 15:47 - 2015-06-10 16:20 - 300000000 _____ C:\Users\admin\Downloads\TW2EE_Patch-2.bin
2015-06-10 15:13 - 2015-06-10 15:45 - 298480384 _____ C:\Users\admin\Downloads\TW2EE_Patch-1.bin
2015-06-10 14:51 - 2015-06-10 14:51 - 01519109 _____ (CD Projekt RED ) C:\Users\admin\Downloads\TW2EE_Patch.exe
2015-06-10 11:39 - 2015-06-10 11:40 - 06564889 _____ C:\Users\admin\Downloads\Vanessa Follower-Update-20246-1-0.7z

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-10 15:37 - 2013-01-16 14:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-10 15:34 - 2013-01-16 14:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-10 15:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 13:34 - 2014-01-13 15:53 - 00000000 ____D C:\Users\admin\AppData\Local\gtk-2.0
2015-07-10 13:34 - 2014-01-13 15:29 - 00000000 ____D C:\Users\admin\.gimp-2.8
2015-07-10 10:50 - 2009-07-14 06:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-10 10:50 - 2009-07-14 06:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-10 10:47 - 2011-04-12 09:43 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-07-10 10:47 - 2011-04-12 09:43 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-07-10 10:47 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-10 09:45 - 2014-04-12 15:26 - 00001177 _____ C:\DelFix.txt
2015-07-09 23:38 - 2014-08-04 15:52 - 00364220 _____ C:\Users\admin\AppData\Local\census.cache
2015-07-09 23:38 - 2014-08-04 15:52 - 00123213 _____ C:\Users\admin\AppData\Local\ars.cache
2015-07-09 17:26 - 2014-12-07 11:47 - 00000000 ____D C:\Program Files (x86)\F-Secure
2015-07-09 17:26 - 2013-01-16 14:36 - 00000000 ____D C:\Users\admin
2015-07-09 17:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-07-09 10:51 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-08 20:08 - 2013-03-24 23:28 - 00007609 _____ C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2015-07-08 13:39 - 2013-01-16 14:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-29 20:05 - 2014-07-05 14:42 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2015-06-26 10:02 - 2014-12-25 20:24 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 17:33 - 2014-04-12 11:43 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation
2015-06-25 17:33 - 2013-01-16 15:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-25 17:32 - 2015-06-01 09:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-25 17:32 - 2013-01-16 15:20 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-25 17:32 - 2013-01-16 15:20 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-25 17:32 - 2013-01-16 14:45 - 00000000 ____D C:\Temp
2015-06-25 17:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-06-25 12:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-24 17:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-24 12:50 - 2009-07-14 06:45 - 00280504 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-24 12:50 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-24 12:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-06-24 12:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-24 11:26 - 2013-01-16 14:36 - 00001413 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-24 11:25 - 2013-01-16 21:25 - 00000000 ____D C:\Windows\Panther
2015-06-24 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-06-24 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-06-24 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-06-24 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-06-24 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-06-24 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2015-06-24 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-24 10:37 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-24 10:35 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-24 10:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-24 10:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-24 10:29 - 2013-09-11 16:30 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-21 13:40 - 2015-05-03 00:09 - 00000000 ____D C:\Users\admin\Desktop\Neuer Ordner (3)
2015-06-21 13:39 - 2013-06-25 19:40 - 00000000 ____D C:\Users\admin\Documents\ArmA II Scripts & Tutorials
2015-06-20 16:22 - 2013-01-16 14:36 - 00000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2015-06-18 18:28 - 2013-01-16 14:47 - 00059656 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-18 16:43 - 2013-03-08 18:48 - 00000000 ____D C:\Users\admin\Documents\My Games
2015-06-18 16:41 - 2013-01-26 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-06-18 15:45 - 2013-03-02 19:07 - 00000680 _____ C:\Windows\CAHS1.ini.imi
2015-06-17 11:10 - 2012-10-10 22:23 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-17 11:10 - 2012-10-10 22:22 - 00030966 _____ C:\Windows\system32\nvinfo.pb

==================== Files in the root of some directories =======

2014-08-04 15:52 - 2015-07-09 23:38 - 0123213 _____ () C:\Users\admin\AppData\Local\ars.cache
2014-08-04 15:52 - 2015-07-09 23:38 - 0364220 _____ () C:\Users\admin\AppData\Local\census.cache
2014-08-04 15:36 - 2014-08-04 15:36 - 0000036 _____ () C:\Users\admin\AppData\Local\housecall.guid.cache
2015-07-10 13:34 - 2015-07-10 13:34 - 0003370 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2013-03-24 23:28 - 2015-07-08 20:08 - 0007609 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\admin\AppData\Local\setup.txt
2014-08-11 21:37 - 2014-08-11 21:37 - 0000000 _____ () C:\Users\admin\AppData\Local\{F03FCEAC-5973-4679-80EC-0D2464B324BC}
2013-01-26 17:56 - 2013-01-26 17:56 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-09 23:48

==================== End of log ============================

Alt 10.07.2015, 14:50   #4
false positive registry Einträge? - Standard

false positive registry Einträge?

FRST Logfile:
scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by admin at 2015-07-10 15:37:48
Running from C:\Users\admin\Desktop
Boot Mode: Normal

==================== Accounts: =============================

admin (S-1-5-21-2586655326-3906653631-2063846596-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2586655326-3906653631-2063846596-500 - Administrator - Disabled)
Gast (S-1-5-21-2586655326-3906653631-2063846596-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2586655326-3906653631-2063846596-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Computer Security (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Security (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aliens versus Predator 2: Primal Hunt (HKLM-x32\...\{103B6835-DCA0-413F-A99E-ECAD6622726E}) (Version:  - )
Aliens vs. Predator 2 (HKLM-x32\...\{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}) (Version:  - )
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version:  - Gearbox Software)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: - GOG.com)
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version:  - )
ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
Arma: Gold Edition (HKLM-x32\...\Steam App 65780) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A1) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye) (Version:  - )
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: - GOG.com)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Columbus Tree Mod 1.0 deutsch (HKLM-x32\...\Columbus Tree Mod) (Version: 1.0 deutsch - CycleDogg)
Computer Security (release) (x32 Version: - F-Secure Corporation) Hidden
Corsair USB Headset (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB7}) (Version: 1.00.0007 - )
Crossfire 2.0 (HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Crossfire 2.0) (Version: - SWAT-Portal)
Crossfire2.0 (remove only) (HKLM-x32\...\Crossfire) (Version:  - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Diaspora version 1.0.4 (HKLM-x32\...\{1F5ABAAA-6D61-4FC1-A595-86CBA5517E7A}_is1) (Version: 1.0.4 - Diaspora Development)
Dreamfall Chapters (HKLM-x32\...\Steam App 237850) (Version:  - Red Thread Games)
Dreamfall: The Longest Journey (HKLM-x32\...\Steam App 6300) (Version:  - Funcom)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: - GOG.com)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version:  - )
F-Secure CCF Reputation (x32 Version: - F-Secure) Hidden
F-Secure CCF Scanning (release) (x32 Version: - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.136 (x32 Version: 1.02.136 - F-Secure Corporation) Hidden
F-Secure SafeSearch (release) (x32 Version: - F-Secure Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: - Google Inc.) Hidden
Google Update Helper (x32 Version: - Google Inc.) Hidden
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version:  - Rockstar Games)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version:  - Rockstar Games)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hitman 2: Silent Assassin (HKLM-x32\...\Hitman 2: Silent Assassin) (Version:  - Eidos Interactive)
Hitman Blood Money (HKLM-x32\...\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}) (Version: 1.00.0000 - Eidos)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Codename 47 version 1.2 (HKLM-x32\...\{A16EC86A-55AB-4311-BC72-E02C536AF7A1}_is1) (Version: 1.2 - Square Enix)
Hitman: Contracts (HKLM-x32\...\Hitman: Contracts) (Version:  - Eidos)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version:  - Gearbox Software)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{0A8BEF69-0DD7-4A8F-9AED-0CB91BEBCB58}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Imperium Galactica 2 (HKLM-x32\...\Imperium Galactica 2) (Version:  - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation)
Intel(R) Network Connections (HKLM\...\PROSetDX) (Version: - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Internet Security (HKLM-x32\...\F-Secure ServiceEnabler 45119) (Version: 2.06.303.0 - F-Secure Corporation)
Internet Security (x32 Version: 2.06.303.0 - F-Secure Corporation) Hidden
Language patch (HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Language patch) (Version:  - )
Lost Planet 3 (HKLM-x32\...\Steam App 226720) (Version:  - Spark Unlimited)
Malwarebytes Anti-Malware Version (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation)
Max Payne (HKLM-x32\...\Max Payne) (Version: - Rockstar Games)
Max Payne 2 (HKLM-x32\...\Max Payne 2) (Version: - Rockstar Games)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.05.000 - SEGA)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: - Microsoft Corporation)
Microsoft StarLancer (HKLM-x32\...\StarLancer 1.0) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
Network Addon Mod (HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Network Addon Mod) (Version: 32 - The NAM Team)
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: - GOG.com)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.3 - Black Tree Gaming)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: - GOG.com)
NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Online Safety 2.107.2565.1702 (x32 Version: 2.107.2565.1702 - F-Secure Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005] (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0005 - THQ)
SC4 Mapper 2013 (HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\SC4 Mapper 2013) (Version:  - )
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: - NVIDIA Corporation) Hidden
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - )
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
SpaceEngine Version (HKLM-x32\...\{E65FD500-9218-44EC-9586-D39FAB4DFDAF}_is1) (Version: - SpaceEngine)
Stalker Complete 2009 v1.4.4 (HKLM-x32\...\{Stalker Complete 2009 v1.4.4}}_is1) (Version:  - )
Star Wars(TM): Knights of the Old Republic (TM) (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: - GOG.com)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version:  - 2K Marin)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: - GOG.com)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
Vampire: The Masquerade - Bloodlines (HKLM-x32\...\Steam App 2600) (Version:  - Troika Games)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WIDCOMM Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: - Broadcom Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World In Conflict Editor (HKLM-x32\...\{7083067F-42F5-41AF-8422-E22EA391791C}) (Version: - Massive Entertainment AB)
World in Conflict MW Mod 3.5 (HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\...\World in Conflict MW Mod 3.5) (Version:  - )
WORLD IN CONFLICT: SOVIET ASSAULT (HKLM-x32\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: - Ubisoft Entertainment)
X Rebirth (HKLM-x32\...\Steam App 2870) (Version:  - Egosoft)
X3 Terran Conflict v3.2 (HKLM-x32\...\X3TerranConflict_is1) (Version:  - EGOSOFT)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

10-07-2015 09:45:36 Ende der Bereinigung

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0644E23C-826E-452B-9D79-D71759E7C9D9} - System32\Tasks\{51F7C50E-DB2A-478C-87D0-2DC4A7177004} => pcalua.exe -a C:\Users\admin\Desktop\SC4\NetworkAddonMod_Setup_32_SFX.exe -d C:\Users\admin\Desktop\SC4
Task: {0E0BE1F8-3C3E-45C1-89B5-68DCF33023A6} - System32\Tasks\{F6EC153B-D534-43D7-8580-5B7C28A18BD7} => pcalua.exe -a "E:\Steam\SteamApps\common\Morrowind\Installer Files\MGSOOptionsAfterInstall.exe" -d "E:\Steam\SteamApps\common\Morrowind\Installer Files"
Task: {1174246C-C30D-4887-B015-71970760D2D4} - System32\Tasks\{4E4FF085-2174-4810-87A1-6F3779F30147} => pcalua.exe -a "G:\Game Patches and Zips\S.T.A.L.K.E.R. - Shadow of Chernobyl\stk-ww-1-3.exe" -d "G:\Game Patches and Zips\S.T.A.L.K.E.R. - Shadow of Chernobyl"
Task: {198340D4-8162-47AC-9684-D8DCD97800DE} - System32\Tasks\{03B42F16-413B-4440-9DF8-0F2DAD33618C} => pcalua.exe -a C:\Users\admin\Desktop\WiC\world_in_conflict_1.000_to_1.010_de.exe -d C:\Users\admin\Desktop\WiC
Task: {20416793-181D-4F53-863C-7AA49CF11AC6} - System32\Tasks\{B6FD0BC7-4E2A-4743-8CD8-62B7FE1B35EA} => pcalua.exe -a "G:\Game Patches and Zips\S.T.A.L.K.E.R. - Shadow of Chernobyl\stk_ww_10004.exe" -d "G:\Game Patches and Zips\S.T.A.L.K.E.R. - Shadow of Chernobyl"
Task: {364EA5DB-15D9-4634-84B2-DE9D770A2ADD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {43B2E5EB-5491-4A04-A5F5-CF9B6106E6DB} - System32\Tasks\{EACE7BC1-CB24-44A2-B937-B703F4FC8F8B} => pcalua.exe -a "C:\Program Files (x86)\Overwolf\OWUninstallMenu.exe" -d "C:\Program Files (x86)\Overwolf"
Task: {4C4B6E98-5A01-4E90-8A8B-DE729E75BA7E} - System32\Tasks\{F9339031-2AF0-4648-8904-36A585EB0C05} => E:\Spiele\Fallout New Vegas\FalloutNVLauncher.exe
Task: {4DB60BFB-04E2-4011-A6A3-5DF8D5ABD33F} - System32\Tasks\{CB84D875-58A7-40AF-953C-B807553D45D9} => pcalua.exe -a "E:\Spiele\SimCity 4 Deluxe\ExtraTransportation.exe" -d "E:\Spiele\SimCity 4 Deluxe"
Task: {53344E62-42CA-4D66-B818-2D3619F3665C} - System32\Tasks\{F87DB02F-F448-4295-9F9D-5B7377E127DE} => pcalua.exe -a "C:\Users\admin\Desktop\Nero MD5 Verifier.exe" -d C:\Users\admin\Desktop
Task: {54A5530F-F9D2-414F-ABFB-974AEC7C61D0} - System32\Tasks\{8259FA1E-BDDB-457C-99FC-695E26DB0795} => pcalua.exe -a C:\Users\admin\Downloads\FLMM1.5beta1Installer.exe -d C:\Users\admin\Downloads
Task: {742BA1A2-F64F-4640-A5E2-9C3E0ABC1195} - System32\Tasks\{690C34E6-C2A1-416C-B081-1084BF080BC5} => pcalua.exe -a "G:\Game Patches and Zips\S.T.A.L.K.E.R. - Shadow of Chernobyl\stk-WW-10001.exe" -d "G:\Game Patches and Zips\S.T.A.L.K.E.R. - Shadow of Chernobyl"
Task: {77B4D8F8-F1D6-4FA7-8DA7-4A8220484852} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {94281824-7BDA-4172-9556-424B9BCA8B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {98A83768-6F9F-4FDA-8EB4-C9768FB01C5A} - System32\Tasks\{6FD1609D-032F-46A5-9C35-B66A7FF59411} => pcalua.exe -a "G:\Game Patches and Zips\S.T.A.L.K.E.R. - Shadow of Chernobyl\stk-ww-10005.exe" -d "G:\Game Patches and Zips\S.T.A.L.K.E.R. - Shadow of Chernobyl"
Task: {99BBE345-947D-4B7D-A953-6613B61B2D9F} - System32\Tasks\{D08D2970-0037-442C-9C17-BCB61CF9E816} => pcalua.exe -a C:\Users\admin\Desktop\Total_War_Kingdoms_EnFrItGeSp\setup.exe -d C:\Users\admin\Desktop\Total_War_Kingdoms_EnFrItGeSp
Task: {AA853BA5-3D12-47B8-B435-3EC765803E4B} - System32\Tasks\{842F7716-5A7F-4C58-B4BD-45897CC70F2A} => pcalua.exe -a C:\Users\admin\Desktop\WiC\world_in_conflict_1.010_to_1.011_de.exe -d C:\Users\admin\Desktop\WiC
Task: {B1265437-CD33-496C-82C8-94A07F8B38A0} - System32\Tasks\{200AC437-EC38-410B-8C16-C503460609D9} => pcalua.exe -a D:\DE_Austria_Fallout_3_DLC.EXE -d D:\
Task: {B29433EF-F5A3-4614-B910-43E6E9A5F6F3} - System32\Tasks\{3D9D0E11-88EE-4BF4-B8CE-1889272CFEE6} => E:\Spiele\WORLD IN CONFLICT\wic.exe [2009-06-10] (Massive Entertainment)
Task: {B84523C1-128A-43A3-9889-66EDD7933C24} - System32\Tasks\{7ECBEFAF-6BF8-45E8-8D83-9153F25D8504} => pcalua.exe -a "F:\LaCie Setup\LaCie Setup.exe" -d "F:\LaCie Setup"
Task: {CD0C38D9-6D1E-44FD-9DD4-54D6F4AE3214} - System32\Tasks\{5CC5A032-4AF4-42DA-A45B-106CDED99685} => pcalua.exe -a C:\Users\admin\Desktop\TWEE_Upgrade\TWEE_Upgrade.exe -d C:\Users\admin\Desktop\TWEE_Upgrade
Task: {CDBBC71D-36D7-4647-A6A3-2A092613BFCE} - System32\Tasks\{F76C8011-6838-4890-9B7F-536691BABCC3} => pcalua.exe -a C:\Users\admin\Downloads\flmminstaller_v1.31.exe -d C:\Users\admin\Downloads
Task: {E85A486C-B79E-4F13-8D01-7EA7E27120A6} - System32\Tasks\{E9F2113F-B696-44C2-8D39-1AF8BAFDE507} => pcalua.exe -a C:\Users\admin\Desktop\TWEE_Upgrade\TWEE_German_language_pack.exe -d C:\Users\admin\Desktop\TWEE_Upgrade
Task: {F1B75800-1749-4646-BE28-B3C618FF4353} - System32\Tasks\{A1802F05-8587-442B-ADE3-7E188F7A24AB} => E:\Spiele\WORLD IN CONFLICT\wic.exe [2009-06-10] (Massive Entertainment)
Task: {F94293B4-86BF-4B23-ACF4-90830B6D190E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-25 17:29 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-29 16:31 - 2015-01-29 16:31 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2013-03-02 19:08 - 2011-09-28 17:29 - 00905216 ____N () C:\Program Files\Corsair USB Headset\customapp\program\CAHS.EXE
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-07 11:54 - 2014-10-14 17:33 - 00045608 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2014-02-19 14:56 - 2014-02-19 14:56 - 00220200 _____ () C:\Program Files (x86)\F-Secure\daas2.dll
2014-12-07 11:57 - 2014-12-07 11:57 - 00029224 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2014-12-07 11:54 - 2015-04-18 13:38 - 00175144 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Gemini\fsgem.dll
2014-12-07 11:54 - 2015-02-24 14:33 - 00949288 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2015-06-25 17:32 - 2015-06-17 11:10 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-02 19:08 - 2011-04-19 15:56 - 00143360 ____N () C:\Program Files\Corsair USB Headset\customapp\program\VmixHS.dll
2014-12-07 11:47 - 2014-12-07 11:47 - 00592936 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll
2014-12-07 11:54 - 2014-10-14 17:33 - 00056360 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng
2015-06-24 13:43 - 2015-06-24 13:43 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-01-16 14:50 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-01-16 14:44 - 2012-02-07 18:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42933622.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\51899850.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\52636247.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84467776.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42933622.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\51899850.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\52636247.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84467776.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2586655326-3906653631-2063846596-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers:

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4D188411-8434-4D08-8856-5A54798C4CF8}] => (Allow) C:\Program Files\WIDCOMM\Bluetooth Software\EasyBits Games\Backgammon.exe
FirewallRules: [{A56922A6-A47D-4D02-9202-D58E289D1860}] => (Allow) C:\Program Files\WIDCOMM\Bluetooth Software\EasyBits Games\Checkers.exe
FirewallRules: [{E1C4F4E9-70EA-44FF-9FD2-7DF85BFB07BB}] => (Allow) C:\Program Files\WIDCOMM\Bluetooth Software\EasyBits Games\Chess.exe
FirewallRules: [{49C9D6EE-D7BE-49F2-A5A3-EB164B9BE2E3}] => (Allow) C:\Program Files\WIDCOMM\Bluetooth Software\EasyBits Games\EasyChat.exe
FirewallRules: [{3DE13D86-13A4-428D-AEA1-D29E1D4F6A94}] => (Allow) C:\Program Files\WIDCOMM\Bluetooth Software\EasyBits Games\SeaBattle.exe
FirewallRules: [{051C2147-669D-4D5F-9CE6-AB163B096B08}] => (Allow) C:\Program Files\WIDCOMM\Bluetooth Software\EasyBits Games\TicTacToe.exe
FirewallRules: [TCP Query User{5611B4A0-2E4F-4128-B632-F0FF25F109D1}E:\spiele\world in conflict\wic.exe] => (Allow) E:\spiele\world in conflict\wic.exe
FirewallRules: [UDP Query User{408E368A-BEEB-424F-A86C-F4EBF587207D}E:\spiele\world in conflict\wic.exe] => (Allow) E:\spiele\world in conflict\wic.exe
FirewallRules: [TCP Query User{D8CB34D5-A793-4562-9ED9-AEAD1BBE44A3}E:\spiele\homeworld2\bin\release\homeworld2.exe] => (Allow) E:\spiele\homeworld2\bin\release\homeworld2.exe
FirewallRules: [UDP Query User{3230BBB3-B5FA-4D0D-B308-AEAF4BFB2E3A}E:\spiele\homeworld2\bin\release\homeworld2.exe] => (Allow) E:\spiele\homeworld2\bin\release\homeworld2.exe
FirewallRules: [TCP Query User{BD61C46F-0F26-43D9-B7AE-85BA265CCFCA}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{ED3AACB6-FBD0-4864-B6AA-5B96039C0F73}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{4549AC62-615E-4F27-A2E4-616BDB6CB0A9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\FaxApplications.exe
FirewallRules: [{33A014C0-EE10-436B-BBC7-8B27F2C6BA18}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\DigitalWizards.exe
FirewallRules: [{D74D5FBD-660E-44C1-9B65-EDF16EBD8358}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\SendAFax.exe
FirewallRules: [{96C31739-7CDA-4A60-9ABC-1A24A4BCC8F9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{B569FE17-E68D-4869-8ABC-2D52D726A180}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{7D483F62-BA16-4A07-BD8A-5533DD874CAD}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{D00FC6FE-B59B-4F2D-BE5D-0C64436E88A4}E:\spiele\sins of a solar empire\sins of a solar empire diplomacy.exe] => (Allow) E:\spiele\sins of a solar empire\sins of a solar empire diplomacy.exe
FirewallRules: [UDP Query User{6B24B2CF-DA22-40A1-A983-7F06B58318DD}E:\spiele\sins of a solar empire\sins of a solar empire diplomacy.exe] => (Allow) E:\spiele\sins of a solar empire\sins of a solar empire diplomacy.exe
FirewallRules: [TCP Query User{B7AE87EA-BB46-48B4-B7E7-2847D4FF9056}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{FCDBC458-78E8-45D9-877E-143CD4C81697}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [TCP Query User{EBB5312B-C3D6-4223-9DD5-FD831ECB4469}E:\spiele\diaspora\fs2_open_diaspora_r1_debug.exe] => (Allow) E:\spiele\diaspora\fs2_open_diaspora_r1_debug.exe
FirewallRules: [UDP Query User{E382DC59-AEA6-429E-BC12-E51670124F0E}E:\spiele\diaspora\fs2_open_diaspora_r1_debug.exe] => (Allow) E:\spiele\diaspora\fs2_open_diaspora_r1_debug.exe
FirewallRules: [{944E703B-5C74-401B-A8F9-2800545E62C9}] => (Allow) E:\Spiele\WORLD IN CONFLICT\wic.exe
FirewallRules: [{C02459F8-E414-41DE-A35D-455C12A4F021}] => (Allow) E:\Spiele\WORLD IN CONFLICT\wic.exe
FirewallRules: [{D9B79652-83FD-4998-A95B-D8C0F0A29DD8}] => (Allow) E:\Spiele\WORLD IN CONFLICT\wic_online.exe
FirewallRules: [{CCB90544-B5B1-4267-9414-22FCD8C373DB}] => (Allow) E:\Spiele\WORLD IN CONFLICT\wic_online.exe
FirewallRules: [{A2A874B2-46A2-42DE-81FF-E4C21FF452A4}] => (Allow) E:\Spiele\WORLD IN CONFLICT\wic_ds.exe
FirewallRules: [{88A64DE1-2F2D-46C6-B547-C0E7BB1BABA6}] => (Allow) E:\Spiele\WORLD IN CONFLICT\wic_ds.exe
FirewallRules: [{C3C87A2C-D4A7-4E88-9EF9-1A0EA3996FCD}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{86F757AB-2E69-4581-9124-ADC534B16359}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [TCP Query User{7E0EB0B4-C3FF-4661-BB7A-1278D4CE1FE8}E:\spiele\diaspora\fs2_open_diaspora_r1.exe] => (Allow) E:\spiele\diaspora\fs2_open_diaspora_r1.exe
FirewallRules: [UDP Query User{10A955A1-3853-4424-8411-871B20597821}E:\spiele\diaspora\fs2_open_diaspora_r1.exe] => (Allow) E:\spiele\diaspora\fs2_open_diaspora_r1.exe
FirewallRules: [TCP Query User{F74E0154-A3E7-42A9-9246-4AB42CA19F97}E:\spiele\bethesda softworks\fallout 3\fallout3.exe] => (Allow) E:\spiele\bethesda softworks\fallout 3\fallout3.exe
FirewallRules: [UDP Query User{4455DCB7-E39C-4649-BB75-322D2E3B9DE1}E:\spiele\bethesda softworks\fallout 3\fallout3.exe] => (Allow) E:\spiele\bethesda softworks\fallout 3\fallout3.exe
FirewallRules: [{E606BB11-6256-4DA3-8E13-6A51426645C9}] => (Allow) E:\Spiele\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{45D5DABD-ACF5-4B2E-8F25-6AE9E7896377}] => (Allow) E:\Spiele\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{8C8A4D61-EA03-4C13-AEC2-747861D00769}] => (Allow) E:\Spiele\Bohemia Interactive\ArmA 2\arma2OA.exe
FirewallRules: [{8508C09B-5C65-40A8-B8B1-F4644557D11D}] => (Allow) E:\Spiele\Bohemia Interactive\ArmA 2\arma2OA.exe
FirewallRules: [{FDC80AB7-B777-446D-A8FD-53A2E7DFDC03}] => (Allow) E:\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{B2829E2C-FC25-4A2F-BAF8-2381E94B0BD2}] => (Allow) E:\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{1C0DC8D1-58D0-4C13-84DB-072EAA8E8DA0}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{6FCAEEB7-25C1-4BF1-AB42-4D32B64AC329}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{42C403AA-4387-4E44-870C-06457F8582E7}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{F736F50C-2093-4CC5-BB95-E65E4506CEB7}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{28357D1F-C72D-4F07-A59E-912FC4990C57}] => (Allow) E:\Steam\SteamApps\common\ARMA Gold\arma.exe
FirewallRules: [{C4545E36-2361-41B8-A5FF-197360091CE0}] => (Allow) E:\Steam\SteamApps\common\ARMA Gold\arma.exe
FirewallRules: [{822B772B-E6C8-4CF8-B133-8DF423EDF4C1}] => (Allow) E:\Spiele\Bethesda Softworks\Hunted\BINARIES\WIN32\P4DFTRE.DLL
FirewallRules: [{F5A67095-71BF-43E9-A914-5F7BDA773EEE}] => (Allow) E:\Spiele\Bethesda Softworks\Hunted\BINARIES\WIN32\P4DFTRE.DLL
FirewallRules: [TCP Query User{204C0633-D55B-455D-A577-7926BCC7DF7B}E:\lan2013\call of duty\codmp.exe] => (Allow) E:\lan2013\call of duty\codmp.exe
FirewallRules: [UDP Query User{A9371CC2-AC62-473D-BF2E-8AA6725250CA}E:\lan2013\call of duty\codmp.exe] => (Allow) E:\lan2013\call of duty\codmp.exe
FirewallRules: [TCP Query User{E905E5CD-343C-40DE-8E7C-CE12D1612DAA}E:\lan2013\call of duty\codmp.exe] => (Block) E:\lan2013\call of duty\codmp.exe
FirewallRules: [UDP Query User{F86CF155-3A5E-4394-8107-1640C9C21582}E:\lan2013\call of duty\codmp.exe] => (Block) E:\lan2013\call of duty\codmp.exe
FirewallRules: [TCP Query User{D2E0D858-4998-46A6-914E-2D58D17B1D20}E:\lan2013\call of duty modern warfare\setup\data\iw3mp.exe] => (Allow) E:\lan2013\call of duty modern warfare\setup\data\iw3mp.exe
FirewallRules: [UDP Query User{E4C558EF-483A-45F8-9C16-A7BAE142B803}E:\lan2013\call of duty modern warfare\setup\data\iw3mp.exe] => (Allow) E:\lan2013\call of duty modern warfare\setup\data\iw3mp.exe
FirewallRules: [{520D1DC9-618F-4E98-B438-8A6714090D2B}] => (Block) E:\lan2013\call of duty modern warfare\setup\data\iw3mp.exe
FirewallRules: [{565D3023-B4AF-4A48-8FB8-22D2C7DE47AE}] => (Block) E:\lan2013\call of duty modern warfare\setup\data\iw3mp.exe
FirewallRules: [TCP Query User{73655DD9-2390-4B89-B5C6-18EF29ED7F7D}E:\lan2013\killing floor\system\killingfloor.exe] => (Allow) E:\lan2013\killing floor\system\killingfloor.exe
FirewallRules: [UDP Query User{7D6384D6-7A47-4EB4-9F56-E2913D18B041}E:\lan2013\killing floor\system\killingfloor.exe] => (Allow) E:\lan2013\killing floor\system\killingfloor.exe
FirewallRules: [{24668E98-7B09-4C3E-AA0C-7C032F7A0EF4}] => (Block) E:\lan2013\killing floor\system\killingfloor.exe
FirewallRules: [{8F1D7106-5672-45FA-AF2B-5C0BFED1FF5C}] => (Block) E:\lan2013\killing floor\system\killingfloor.exe
FirewallRules: [TCP Query User{14D9C6B2-D2B2-4BCF-9F81-2586B3D9518C}E:\lan2013\age of empires\empires2.exe] => (Allow) E:\lan2013\age of empires\empires2.exe
FirewallRules: [UDP Query User{89A32DF7-630B-497A-95BE-A0315AB6EB87}E:\lan2013\age of empires\empires2.exe] => (Allow) E:\lan2013\age of empires\empires2.exe
FirewallRules: [{7D5E23BE-D02D-41E7-8202-50D678D53DDE}] => (Block) E:\lan2013\age of empires\empires2.exe
FirewallRules: [{FA6626B0-E798-4207-86AC-9777851DE24F}] => (Block) E:\lan2013\age of empires\empires2.exe
FirewallRules: [TCP Query User{B89CEFE6-1DBE-47E7-8B86-D918217705CD}E:\lan2013\age of empires\age2_x1\age2_x1.exe] => (Allow) E:\lan2013\age of empires\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{91F488EF-A19D-4360-BFA5-BFEC226FE80E}E:\lan2013\age of empires\age2_x1\age2_x1.exe] => (Allow) E:\lan2013\age of empires\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{25235F8E-2BA6-455F-A64A-2042CC1BBAB9}E:\lan2013\unreal tournament 3\binaries\ut3.exe] => (Allow) E:\lan2013\unreal tournament 3\binaries\ut3.exe
FirewallRules: [UDP Query User{B170BCA5-7B20-4E6B-910B-901D7AF32B46}E:\lan2013\unreal tournament 3\binaries\ut3.exe] => (Allow) E:\lan2013\unreal tournament 3\binaries\ut3.exe
FirewallRules: [TCP Query User{8E135139-8941-434A-B7E8-3A377C5F204D}E:\lan2013\call of duty world at war\codwawmp.exe] => (Allow) E:\lan2013\call of duty world at war\codwawmp.exe
FirewallRules: [UDP Query User{CABAC4F7-86CB-4458-A0C6-2B965863764D}E:\lan2013\call of duty world at war\codwawmp.exe] => (Allow) E:\lan2013\call of duty world at war\codwawmp.exe
FirewallRules: [TCP Query User{5D79D48C-2D97-468C-B123-6B9393F2F795}E:\lan2013\call of duty 2\cod2mp_s.exe] => (Allow) E:\lan2013\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{86CF2504-F83D-4931-86E7-998ED5C30B7E}E:\lan2013\call of duty 2\cod2mp_s.exe] => (Allow) E:\lan2013\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{EE42E452-BF48-4BDE-B42B-2A2E2C5B1154}E:\lan2013\unreal tournament 3\binaries\ut3.exe] => (Block) E:\lan2013\unreal tournament 3\binaries\ut3.exe
FirewallRules: [UDP Query User{BF2CEC2C-2FD7-4658-AC0C-86DE6231867D}E:\lan2013\unreal tournament 3\binaries\ut3.exe] => (Block) E:\lan2013\unreal tournament 3\binaries\ut3.exe
FirewallRules: [{2CEA7319-0FF0-4114-8F68-E38AD5A1A01E}] => (Allow) E:\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{28DB0AC6-A28C-487C-BCDD-898D58BBB0BA}] => (Allow) E:\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{09DFCBCA-A9E0-4B37-B807-1966EAC95B6E}] => (Allow) E:\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{8C73AE79-D329-4111-892E-1147CF178A64}] => (Allow) E:\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [TCP Query User{2DD9358F-EFD0-4FD2-8E79-FE8591D67D18}E:\spiele\quake\darkplaces.exe] => (Allow) E:\spiele\quake\darkplaces.exe
FirewallRules: [UDP Query User{309BA90E-6A6C-4DF8-A16D-2C93A519183F}E:\spiele\quake\darkplaces.exe] => (Allow) E:\spiele\quake\darkplaces.exe
FirewallRules: [{B712DD18-271C-468D-8ED9-51923B4F454A}] => (Block) E:\spiele\quake\darkplaces.exe
FirewallRules: [{C7E320A9-6FF0-4E5E-A45A-491664AD08AA}] => (Block) E:\spiele\quake\darkplaces.exe
FirewallRules: [TCP Query User{44A2D0E7-E2FC-4AA7-8371-393DCCE4C409}E:\spiele\scourge of armagon\darkplaces.exe] => (Allow) E:\spiele\scourge of armagon\darkplaces.exe
FirewallRules: [UDP Query User{8348DBE9-CC39-46D8-9E4F-90C304760387}E:\spiele\scourge of armagon\darkplaces.exe] => (Allow) E:\spiele\scourge of armagon\darkplaces.exe
FirewallRules: [{A1F98FD0-DBE3-4B8E-8C59-095B1228CA37}] => (Block) E:\spiele\scourge of armagon\darkplaces.exe
FirewallRules: [{B58DE445-C569-4187-A509-6B7A42D3DB20}] => (Block) E:\spiele\scourge of armagon\darkplaces.exe
FirewallRules: [TCP Query User{B40AE834-1EA1-4E42-B8FA-C25E83CF3F38}E:\spiele\dissolution of eternity\darkplaces.exe] => (Allow) E:\spiele\dissolution of eternity\darkplaces.exe
FirewallRules: [UDP Query User{65FA332F-4274-44D6-AABA-FCD76AAD7D0A}E:\spiele\dissolution of eternity\darkplaces.exe] => (Allow) E:\spiele\dissolution of eternity\darkplaces.exe
FirewallRules: [{C72200CE-8934-4DB5-9C83-F8242A6C6D63}] => (Block) E:\spiele\dissolution of eternity\darkplaces.exe
FirewallRules: [{EE635B24-0474-45E7-9C63-DFCFEC8B2BCF}] => (Block) E:\spiele\dissolution of eternity\darkplaces.exe
FirewallRules: [TCP Query User{B15CF4CE-2743-4B88-95FB-2B7DCBF87650}E:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{0ACDA73A-244D-4ECB-9F38-39C2AF961250}E:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{B7C404C1-C5C8-42E1-B614-CFC9AAA402F8}] => (Block) E:\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{96782428-FF87-4229-BF7F-5259FF115DDE}] => (Block) E:\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{AC75C2D1-6AAF-4989-96E6-B677C1F53814}] => (Allow) E:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{9610BA2C-23CC-473E-8A5E-D4B71FB05620}] => (Allow) E:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{AE197F3C-DF47-43A4-92C3-5EE60638605D}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{EB27D62A-C21D-4012-8CC9-CB411BD1F7F9}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{718434AF-6CF1-435E-9AC4-9A75221BD9C1}E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{A3DEA739-D566-4C45-9B1A-674ABF796125}E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{0E742F51-F32B-4D35-83A6-5DB7984A4428}] => (Block) E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{1B558A2B-DA4F-4A15-B167-4C35721358F0}] => (Block) E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{3F437E73-B41C-42D6-A921-5D7097598F40}] => (Allow) E:\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{1E37599E-427C-4FCD-9BA6-912B397665D7}] => (Allow) E:\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{B1342DFC-CA43-4E0B-B489-CBE0F1214BCA}] => (Allow) E:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{832A9494-B881-47B1-B519-F4E570EF97CB}] => (Allow) E:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{48477A43-2BFD-407A-B6A2-5A77AB2FAF4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EBE7945C-6E7C-4B29-864F-155623CE1954}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{05E8364C-D00C-49EB-830B-51F450EEB199}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E77F2A77-E482-4EAC-82F0-449FEEA34CFB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{61F66536-AE0E-4710-A31F-9255D614F735}] => (Allow) E:\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{F0C1EFAE-7177-4A95-9D67-289CF4307054}] => (Allow) E:\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [TCP Query User{993FCC5A-3DD6-44D3-95DD-5B7BBF43735D}E:\spiele\need for speed underground 2\speed2.exe] => (Allow) E:\spiele\need for speed underground 2\speed2.exe
FirewallRules: [UDP Query User{504EA1AD-5264-4E0A-9C2D-F5684F445590}E:\spiele\need for speed underground 2\speed2.exe] => (Allow) E:\spiele\need for speed underground 2\speed2.exe
FirewallRules: [{01135025-EB95-40D1-9A24-C66CAA1C5991}] => (Allow) E:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{D8446F86-EFBF-4A06-BCFC-22653D08EE02}] => (Allow) E:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [TCP Query User{A5388CCB-6EAC-445E-B39A-E518F0970FFC}E:\spiele\dead space\dead space.exe] => (Block) E:\spiele\dead space\dead space.exe
FirewallRules: [UDP Query User{9EF5EFDF-54C5-4E3A-B7D1-78DC443FAC78}E:\spiele\dead space\dead space.exe] => (Block) E:\spiele\dead space\dead space.exe
FirewallRules: [{7EA91F79-C145-4AF3-99EA-B49E39043FBE}] => (Allow) E:\Spiele\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{CDA36429-5FD6-4609-A40F-9679A14A41CB}] => (Allow) E:\Spiele\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{FF4B19D1-29E7-4AC5-883F-D10760BB70F2}] => (Allow) E:\Spiele\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{DE0B0CD1-5173-45DD-9736-7FEC8AE18474}] => (Allow) E:\Spiele\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{488CAFB2-B699-4B71-882C-6E385C090BA0}] => (Allow) E:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{BB266F74-B5C3-4205-9C5F-354B54889ED3}] => (Allow) E:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{863D6E48-BAAB-4A74-9C97-389338B3575E}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{BE3F7EFE-4DF0-4D21-B77A-F0E741A8CAE4}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{C9B31096-A1C8-4CE7-AB80-A5C1F0045B36}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{383B8001-DC9E-440A-985C-8271B8682618}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{8D1CED1D-DAB6-4E40-BBAF-B23883FC687C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{456CA449-7050-40AD-9041-5B8C2763FBF7}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{58BCE217-78A0-4DCB-8BA9-07595368464A}] => (Allow) E:\Spiele\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{205726D9-A103-410D-B84D-70D391A5E0E0}] => (Allow) E:\Spiele\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{0CD8ED60-7C76-4813-8D3D-9013A1DAE7EB}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{6104F9D2-CC14-4580-B008-246FA82F173A}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{8F1D5E30-90EE-46F4-85CB-C6FA7DB4BECE}] => (Allow) E:\Steam\SteamApps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{4D761A24-3447-4B2A-993D-DCBA690DD5D1}] => (Allow) E:\Steam\SteamApps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [TCP Query User{EE8DCF23-8F1C-4B86-8485-D996CF8154C2}E:\spiele\ubisoft\watch_dogs\bin\watch_dogs.exe] => (Allow) E:\spiele\ubisoft\watch_dogs\bin\watch_dogs.exe
FirewallRules: [UDP Query User{5D27467F-96A8-44D3-9498-6C23C187EDAF}E:\spiele\ubisoft\watch_dogs\bin\watch_dogs.exe] => (Allow) E:\spiele\ubisoft\watch_dogs\bin\watch_dogs.exe
FirewallRules: [{AB484F96-8C3F-443E-A1DA-BEBFE0A2F402}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{7CFA7A8F-4AD7-4A54-8ADD-B1E2166CE874}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{460D593D-C39D-41A0-AA0E-C9230848F1E9}] => (Allow) E:\Steam\SteamApps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [{7C26FD73-42F6-4ED1-AED9-435708DF2B16}] => (Allow) E:\Steam\SteamApps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [{0F24179B-1AAE-4894-A6D9-81AD1A76964A}] => (Allow) E:\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{2D1550C5-E6B3-445A-96D6-7E9401F6E175}] => (Allow) E:\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{BF2D63D0-E40D-4A2C-90F5-CDED0C266924}] => (Allow) E:\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{16CF4806-4C29-4290-B8BC-CAA0F06EC335}] => (Allow) E:\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{C9697FC5-D208-4287-8F4D-E62649D21526}] => (Allow) E:\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{9DC4A298-0961-4664-9E90-E9C5DE87FD4B}] => (Allow) E:\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{10790F07-6C55-4789-81EF-D7315129894B}] => (Allow) E:\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{FE6F474A-D0E5-4D4B-B091-0582FE7B3BF4}] => (Allow) E:\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{4C70EC3F-9611-4A23-B7E0-7FDF9D16A19C}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C3A647DD-B973-4605-85AD-0BD4FD19B84F}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{5DC6D51C-7D55-4170-AF77-B4CF9E36BBFF}] => (Allow) E:\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{696F42DA-5A66-45F8-9746-E1CAA2798F35}] => (Allow) E:\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{AAF962CA-95C1-48B9-B4B5-FBCDE0BAD463}] => (Allow) E:\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{1ADD51C8-2BF0-4F73-AD6A-08321E8043F6}] => (Allow) E:\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{E10BC519-8925-42DA-AD12-002DCBCAFD7F}] => (Allow) E:\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{9950ECEA-C033-41E5-A3D6-E1C4CEFBFCE1}] => (Allow) E:\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{245E7342-2A13-4EEA-92B3-D0A693A90E91}] => (Allow) E:\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{675C7F24-2F1C-4620-9D11-ACA41559FCC8}] => (Allow) E:\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{5C7FDEE3-7C1A-499E-BD09-CF2920A966D3}] => (Allow) E:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{B2606003-B0FA-4578-99CB-72EC8EEAA97D}] => (Allow) E:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{64579A3F-A371-472E-947C-5F4F9D005642}] => (Allow) E:\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{BDD86AAE-57C6-4450-93F0-F1CC86AAA0F8}] => (Allow) E:\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{E2C40D83-BB17-4EE0-8108-03932B05A9B3}] => (Allow) E:\Steam\SteamApps\common\Lost Planet 3\Binaries\Win32\LP3Launcher.exe
FirewallRules: [{5D20664F-65E6-46A1-A043-7BD169E2D673}] => (Allow) E:\Steam\SteamApps\common\Lost Planet 3\Binaries\Win32\LP3Launcher.exe
FirewallRules: [{D816A02E-1F61-4B03-8BAB-7DF1754508A3}] => (Allow) E:\Steam\SteamApps\common\Dreamfall The Longest Journey\dreamfall.exe
FirewallRules: [{20EC33EE-1281-4FF0-95C9-DC10DBF9509D}] => (Allow) E:\Steam\SteamApps\common\Dreamfall The Longest Journey\dreamfall.exe
FirewallRules: [{A1A6BC57-CB02-4713-B851-9FBBDEDFC488}] => (Allow) E:\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exe
FirewallRules: [{4B182972-2F32-4632-B72C-08556466CB51}] => (Allow) E:\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exe
FirewallRules: [{7DE7A922-B6BD-404A-95B3-2E39BDB40ACD}] => (Allow) E:\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{EAF12CBD-A812-49ED-8A66-A9BF75222A62}] => (Allow) E:\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{D6B95E04-6C57-4A36-BD13-FB5EA0E0B30A}] => (Allow) E:\Spiele\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{4DDFBD18-EBAA-4BE3-8208-E526E01B092B}] => (Allow) E:\Spiele\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{D6A278C4-96E9-4DD2-A3E5-FC59695D231D}] => (Allow) E:\Spiele\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{06F1F0F8-71BE-4E38-8FE9-D52763FB500E}] => (Allow) E:\Spiele\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C32DEC6B-8C7A-4832-A678-C525DDA67F5E}] => (Allow) E:\Spiele\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{FB82F5AA-2768-40EE-98C4-69A01909CC5D}] => (Allow) E:\Spiele\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{23B8B841-5C11-401E-AFD4-4848C79CEF01}] => (Allow) E:\Spiele\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{92F3ADD5-F674-42FE-A1FB-6D4C6B3A96C4}] => (Allow) E:\Spiele\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{2F60E90B-6D1E-49AC-8099-4BD497A85BA1}] => (Allow) E:\Steam\SteamApps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{2BCCCC7D-C1B2-4D2C-89B4-0E9BB30AD5DF}] => (Allow) E:\Steam\SteamApps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{88A56E93-C15F-4E14-95AA-F2926B813DB2}] => (Allow) E:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{B4CEDC61-647C-4499-BBD7-0A70795D6746}] => (Allow) E:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{9A77AC35-A1FA-4D57-A214-39DAC14A0FD0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FBEACBD2-788D-42C9-B54D-1270A72BC6D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9D14F8F4-D62E-43D4-AB7C-FF8323646FE7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{15E01909-ADAF-46DD-A083-135A2AB4E11C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3D87EA02-E5DB-488D-B6B6-5DEEE69ADEAB}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FD3780F6-4F37-4CA2-B537-31A43FAA303C}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{9AE1D9B7-B61E-4C5D-B28B-DC8296F6CD87}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{5BB4B525-85A5-41C0-9BBD-823F32429841}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{E687E793-05F6-481A-99A6-7FC58C458B0B}E:\steam\steamapps\common\total war attila\attila.exe] => (Allow) E:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{7FB8CCD9-9C96-45F1-9849-A08C21C4A962}E:\steam\steamapps\common\total war attila\attila.exe] => (Allow) E:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{A36E972D-856D-4F31-A390-DB0B5974EFA4}] => (Allow) E:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{8357872D-7DDF-4E8C-A815-0BC7E60D868C}] => (Allow) E:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4F3C7A7C-5BB1-43CC-A995-541246191AD8}E:\steam\steamapps\common\total war attila\attila.exe] => (Allow) E:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{C28AF210-881E-44B0-9B58-480585E7650A}E:\steam\steamapps\common\total war attila\attila.exe] => (Allow) E:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{E4D768A8-1423-4345-9358-C392705D7E4D}] => (Allow) E:\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{8D4EA571-DD51-41F3-BCC1-AF5EE31F4B21}] => (Allow) E:\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{FE1F87FF-C0BE-4577-ABFC-49D0987B1CED}] => (Allow) E:\Steam\SteamApps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{B6F9B7D6-C6DD-4EB1-B5BF-0AA1B1F2DA20}] => (Allow) E:\Steam\SteamApps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{6FF0D883-064F-42D2-8D57-3302FAF9001C}] => (Allow) E:\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{2F7E6EBC-C207-481F-A8D6-33E5E84F1033}] => (Allow) E:\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{AB56A44F-437B-40AA-9799-D7A5C2EBA2FE}E:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) E:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{A98BD680-4577-45A4-B695-9E30C02F4CC9}E:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) E:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{378F3841-3456-4482-846E-6E6AC4FE93F2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DE9E2076-53A3-4527-ABD4-7980CF7600A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{94EE52D7-B69A-4AA9-B93C-9563225ED558}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{666F0EBF-79B9-4167-A487-A49656F4EE08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{58E6C611-E502-45AB-B84B-D4CFB8F4EA92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{46EDCD9D-1975-4B07-8E00-3A487E14D526}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A6CA4226-1704-4C7C-AEE9-ADCA95D7307A}] => (Allow) E:\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{DD1F24A3-570B-47DB-87E6-D0997223AE09}] => (Allow) E:\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{D4B12201-3E2E-44A0-B9C3-837FC49E73EC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Broadcom Virtual Wireless Adapter
Description: Broadcom Virtual Wireless Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BcmVWL
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth module
Description: Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
Error: (07/10/2015 03:36:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 03:34:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [183]).

Error: (07/10/2015 03:34:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (07/10/2015 03:34:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (07/10/2015 03:34:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version:, Zeitstempel: 0x4f434ab4
Name des fehlerhaften Moduls: unknown, Version:, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007ff0048da58
ID des fehlerhaften Prozesses: 0x5d8
Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0
Pfad der fehlerhaften Anwendung: bcmwltry.exe1
Pfad des fehlerhaften Moduls: bcmwltry.exe2
Berichtskennung: bcmwltry.exe3

Error: (07/10/2015 10:44:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 10:43:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: quaranti.exe, Version:, Zeitstempel: 0x52feacc6
Name des fehlerhaften Moduls: quaranti.exe, Version:, Zeitstempel: 0x52feacc6
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000a415
ID des fehlerhaften Prozesses: 0x14c0
Startzeit der fehlerhaften Anwendung: 0xquaranti.exe0
Pfad der fehlerhaften Anwendung: quaranti.exe1
Pfad des fehlerhaften Moduls: quaranti.exe2
Berichtskennung: quaranti.exe3

Error: (07/10/2015 10:41:06 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1  2015-07-10  10:41:06+02:00  ADMIN-PC  admin-PC\admin  F-Secure Anti-Virus
 Manual scanning was finished - workstation was found infected!

Error: (07/10/2015 09:49:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 09:47:29 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [183]).

System errors:
Error: (07/10/2015 09:38:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/10/2015 09:38:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/10/2015 09:38:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/10/2015 09:38:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/10/2015 09:38:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2015 09:38:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/10/2015 09:38:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/10/2015 09:38:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2015 09:38:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2015 09:38:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FSMA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Microsoft Office:
Error: (07/10/2015 03:36:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 03:34:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [183]

Error: (07/10/2015 03:34:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (07/10/2015 03:34:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (07/10/2015 03:34:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bcmwltry.exe5.100.196.164f434ab4unknown0.0.0.000000000c0000005000007ff0048da585d801d0bb151e699708C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeunknown5dd3c35b-2708-11e5-9653-3085a98ebaca

Error: (07/10/2015 10:44:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 10:43:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: quaranti.exe10.0.106.052feacc6quaranti.exe10.0.106.052feacc6400000150000a41514c001d0baec7e87a338C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\quaranti.exeC:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\quaranti.execbb93e60-26df-11e5-af2d-dc85de3d3293

Error: (07/10/2015 10:41:06 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1  2015-07-10  10:41:06+02:00  ADMIN-PC  admin-PC\admin  F-Secure Anti-Virus
 Manual scanning was finished - workstation was found infected!

Error: (07/10/2015 09:49:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 09:47:29 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [183]

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 14%
Total physical RAM: 16332.07 MB
Available physical RAM: 14039.73 MB
Total Virtual: 32662.35 MB
Available Virtual: 30127.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.57 GB) (Free:131.96 GB) NTFS
Drive e: (Daten) (Fixed) (Total:931.41 GB) (Free:265.6 GB) NTFS

==================== MBR & Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C72F980C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: C72F9874)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

Mit Emsisoft Emergency Kit habe ich in der Zwischenzeit noch einen Scan durchgeführt und das erhalten:
Emsisoft Emergency Kit - Version 10.0
Letztes Update: 10.07.2015 14:23:23
Benutzerkonto: admin-PC\admin


Scan-Methode: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien

PUPs-Erkennung: An
Archiv-Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan-Beginn:	10.07.2015 14:23:38
Value: HKEY_USERS\S-1-5-21-2586655326-3906653631-2063846596-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR 	Gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-2586655326-3906653631-2063846596-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS 	Gefunden: Setting.DisableRegistryTools (A)

Gescannt:	70783
Gefunden	2

Scan-Ende:	10.07.2015 14:24:00
Scan-Zeit:	0:00:22

Alt 11.07.2015, 11:37   #5
/// the machine
/// TB-Ausbilder

false positive registry Einträge? - Standard

false positive registry Einträge?

Die Funde bei EEK weisen lediglich auf das Bestehen der Keys hin, diese werden aber auch von Securitysoftware angelegt.

Ich seh in den Logfiles nix


Proud Member of UNITE and ASAP since 2009

Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.07.2015, 11:59   #6
false positive registry Einträge? - Standard

false positive registry Einträge?

Also kann ich die Registry-Funde von F-Secure getrost ignorieren und als false positive abstempeln?

Alt 12.07.2015, 10:27   #7
/// the machine
/// TB-Ausbilder

false positive registry Einträge? - Standard

false positive registry Einträge?

Die beiden Regfunde sind ebenso einfach nur Einstellungen, die vorhanden sind. Selbst wenn diee aktiv geetzt wurden, könntest auch Du das gewesen sein. Der erste ist zb dafür da, wenn man in den Ordneroptionen geschützte Systemdateien wieder einblendet

Proud Member of UNITE and ASAP since 2009

Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.07.2015, 17:23   #8
false positive registry Einträge? - Standard

false positive registry Einträge?

Ok, vielen Dank für deine Hilfe.

Gruss Jerot

Alt 13.07.2015, 08:19   #9
/// the machine
/// TB-Ausbilder

false positive registry Einträge? - Standard

false positive registry Einträge?

Gern Geschehen

Proud Member of UNITE and ASAP since 2009

Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!


Themen zu false positive registry Einträge?
abgebrochen, amd, anwendungen, anzeige, benutzerkonto, code, datei kann nicht geöffnet werden, desktop, false positive, frage, internet, klicke, malware, micro, online, opera, registry, sicherheit, software, spiele, system32, systemdateien, trend, windows, wireless, öffnen

Ähnliche Themen: false positive registry Einträge?

  1. False Positive? Dr. Web Cureit erkennt Treiber von Dell als Trojaner
    Plagegeister aller Art und deren Bekämpfung - 01.02.2015 (5)
  2. VBS:FlufferMiner-D [Trj] : Echte Bedrohung oder False Positive?
    Log-Analyse und Auswertung - 15.11.2013 (2)
  3. Win32:Malware-Gen - False Positive?
    Plagegeister aller Art und deren Bekämpfung - 27.05.2013 (1)
  4. Malwarebytes False Positive
    Antiviren-, Firewall- und andere Schutzprogramme - 16.04.2013 (0)
  5. Virustotal false positive bei CCleaner ccsetup327.exe ?
    Log-Analyse und Auswertung - 14.02.2013 (6)
  6. Avira Echtzeit Scanner - TR/Crypt.ZPACK.Gen - nur false positive?
    Plagegeister aller Art und deren Bekämpfung - 05.07.2012 (2)
  7. Trojan.Deoplive, ein false positive von Arovax?
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (2)
  8. TR/Crypt.XPACK.Gen 5 in SynTPRes.dll False/Positive?
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (8)
  9. False Positive? MBAM erkennt SVKP.sys als Trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (1)
  10. Stolen.Data False Positive oder Malware?
    Log-Analyse und Auswertung - 15.09.2011 (29)
  11. AVG false positive? Notfallproduktivrechner korumpiert?
    Log-Analyse und Auswertung - 12.06.2011 (4)
  12. Trojaner oder False Positive?
    Plagegeister aller Art und deren Bekämpfung - 19.02.2009 (9)
  13. avg findet trojaner. false positive?
    Log-Analyse und Auswertung - 24.01.2009 (3)
  14. False Positive?
    Plagegeister aller Art und deren Bekämpfung - 17.10.2008 (2)
  15. AdAware Meldung, false positive?
    Plagegeister aller Art und deren Bekämpfung - 18.01.2006 (13)

Zum Thema false positive registry Einträge? - Guten Nachmittag, es tut mir leid, dass ich schon wieder Hilfe benötige. Ich habe heute Vormittag zur Sicherheit noch einen letzten vollständigen Systemscan (nach den gestrigen Scans mit MBAM, ESET - false positive registry Einträge?...
Du betrachtest: false positive registry Einträge? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.