Hallo team,

Ich kann seit gestern kein Software auf mein PC installieren.

Ich habe hier alle Threads gelesen bzgl malware und habe versucht Malwarebytes Anti-Malware 2.2.0 zu installieren um mein PC zu scannen leider bekomme ich immer die selber Fehlermeldung. siehe Anhang.

Ich danke euch im voraus fuer eure Hilfe.

Fel

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hallo,

Vielen dank erstmal fuer deine Antwort.

ICh hab mir FRST64 runtergeland, aber als ich versuchte dies auzufuehren bekam ich die gleiche Fehlermeldung siehe Anhang

Was nun , ich bekomme die krise

Hallo nochmal,

Ich hab vieles ausprobiert aber irgendwie klappt nicht.
Ich weiss nicht ob es ein Trojaner auf mein Pc installiert ist oder Problem mit administrator rechte gibt.
Als ich versuch habe das Problem mit admin rechte zu pruefen, indem ich auc Computer/recht Klick / verwalten, bekam ich wieder die Gleiche fehlermeldung: Der angegeben dienst ist kein installierter dienst

Danke nochmal

Hallo,

Ich hab mein PC in safe modus gestartet nun konnte ich FRST 64 bit laufen lassen.

Anbei findest im Anhang die log datei wie gewuenscht.

Was ich kommisch finde, dass sowohl FRST als auch Antimalware irgendwelche Trojaner bzw malware auf mein PC gefunden wurde.

Danke im voraus

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Hallo,

Hier sind die logs ' Addition ;

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by elhamzaf (2015-11-08 16:34:50)
Running from C:\Users\elhamzaf\Downloads
Windows 7 Enterprise Service Pack 1 (X64) (2014-09-24 15:02:15)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

administrateur (S-1-5-21-4196241925-1720168049-4137911289-1001 - Administrator - Enabled) => C:\Users\administrateur
hpadmin (S-1-5-21-4196241925-1720168049-4137911289-1000 - Administrator - Disabled) => C:\Users\hpadmin
hpdisabled (S-1-5-21-4196241925-1720168049-4137911289-500 - Administrator - Disabled)
hpguest (S-1-5-21-4196241925-1720168049-4137911289-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan Enterprise (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan Enterprise Antispyware Module (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Pare-feu Host Intrusion Prevention (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActivClient (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.13 - Adobe Systems)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\{EE56217C-B3F9-402B-B4EC-63F090F51D3D}) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\{2F881898-5300-4D68-AE46-F5FE074D59AA}) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AIC SDK Global Resource Admin (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\50cce0dfd3974f2f) (Version: 0.0.0.5 - HP)
aic sdk mailchat (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\35dae2a944bdacd9) (Version: 1.0.1.52 - HP)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84239}) (Version: 1.7.39.0 - Alcor Micro Corp.)
Avaya Desktop Wallboard Marquee (HKLM-x32\...\{C298EAA4-0269-4AAA-B923-C31C09965A1A}) (Version: 3.2.1.7 - Avaya Inc.)
Avaya one-X Agent R2.5 (HKLM-x32\...\{1135FC2D-B35A-4D4F-90F6-ED63378D2A6E}) (Version: 2.5.00467.0 - Avaya)
Bitcoin Core (64-bit) (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Bitcoin Core (64-bit)) (Version: 0.11.1 - Bitcoin Core project)
BitMinter Client (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\BitMinter Client) (Version:  - BitMinter.com)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.223.181 - Broadcom Corporation)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Citrix Online Plug-in - Web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.0.30 - Citrix Systems, Inc.)
CMS Supervisor R17 (HKLM-x32\...\{9A558293-3B60-4C8F-8FAF-80A1DBC4512B}) (Version: 17.00.015 - Avaya)
Device Installer x64 (HKLM\...\{90FE5BFC-C6C5-45D3-A7E3-463D707E2D44}) (Version: 2.2 - ActivIdentity)
DisplayLink Core Software (HKLM\...\{960E1FC6-B5C9-4DCB-8C95-CB1187A266AC}) (Version: 7.6.55673.0 - DisplayLink Corp.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Forefront Identity Manager Add-ins and Extensions (HKLM\...\{82602802-91A2-449B-98BF-7F86BDE7F7E5}) (Version: 4.0.3606.2 - Microsoft Corporation)
Get IT Icon (x32 Version: 6.0.48 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{84663FDA-1374-4048-9869-DD4A8784785A}) (Version: 6.0.16.1 - Hewlett-Packard Company)
HP Client Automation Application Manager Agent (HKLM-x32\...\{71C1542A-0767-4731-B4C9-119073501295}) (Version: 9.00.0000 - Hewlett-Packard Company)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.2.1744 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4DF9B25C-CC68-49A4-B169-9F49B92368E0}) (Version: 4.6.17.1 - Hewlett-Packard Company)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Fonts (HKLM-x32\...\{05FCDAAC-6974-439F-872C-6921F1424FC5}) (Version: 2.0 - Hewlett-Packard)
HP HD Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10251 - Realtek Semiconductor Corp.)
HP Hotkey Support (HKLM-x32\...\{53C48A27-4079-49EB-8E73-76BA85D2BF6F}) (Version: 5.0.24.1 - Hewlett-Packard Company)
HP IT Virtual Smart Card (HKLM\...\{9A596030-75A6-4157-8D35-E453A62975AF}) (Version: 1.08.4 - Hewlett-Packard Company)
HP Lync Diagnostic Tools (HKLM-x32\...\{642C71D9-6EB3-4B7A-A2F9-043774138614}) (Version: 1.4.1000 - Hewlett-Packard Company)
HP MyRoom (HKLM-x32\...\{A971B592-E7E8-4DDB-8961-2253E154856A}) (Version: 10.3.0104 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.37 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)
HP Timing Service (HKLM-x32\...\{C74C286B-67D8-453B-A639-9C99053E76A2}) (Version: 2.2.1503 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP USB Port Replicator (HKLM\...\{3CF82DFE-969D-4E2A-A7CC-CF8FCE081E98}) (Version: 7.6.55872.0 - Hewlett-Packard)
HPCA_IRU (HKLM-x32\...\{67BC0C72-C1CE-49FB-B70A-E11CDD6619BC}) (Version: 2.0.0 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3324 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1332.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.6.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Juniper Networks Secure Application Manager (HKLM-x32\...\Neoteris_Secure_Application_Manager) (Version: 7.4.0.30667 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Juniper_Setup_Client) (Version: 8.0.8.53815 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junos Pulse (Version: 5.0.53815 - Nom de votre société) Hidden
Junos Pulse 5.0 (HKLM-x32\...\Junos Pulse 5.0) (Version: 5.0.53815 - Juniper Networks, Inc.)
LibreOffice 4.4.6.3 (HKLM-x32\...\{1013DB12-EC2E-455E-B5ED-BFD056DC1A99}) (Version: 4.4.6.3 - The Document Foundation)
McAfee Agent (HKLM-x32\...\{76473CBB-FE8D-4E3A-9591-CD6EFB621063}) (Version: 4.8.0.1938 - McAfee, Inc.)
McAfee Host Intrusion Prevention (HKLM\...\{D2B9C003-A3CD-44A0-9DE5-52FE986C03E5}_Uninst) (Version: 8.00.0600 - McAfee, Inc.)
McAfee Host Intrusion Prevention (Version: 8.00.0600 - McAfee, Inc.) Hidden
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.06000 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Runtime (HKLM-x32\...\{1F8E64E0-FFAB-4D7D-A793-F451D580EF65}) (Version: 8.0.50727.76201 - Hewlett-Packard Company)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myITsupport (HKLM-x32\...\{B76E65D8-019A-4326-AA07-B327324F2322}) (Version: 2.1.0.3 - HEWLETT-PACKARD Enterprise)
NICE Perform ® Release 4.1 - Player Codec Pack (HKLM-x32\...\{C54A4D7D-A50F-43CF-9E65-CA4B9BBC5D83}) (Version: 41.0.0005 - Nice Systems)
NICE Perform ® Release 4.1 - ScreenAgent (HKLM\...\{35043AA2-F0F2-4EF5-BBED-6A5E4A7BBDC1}) (Version: 4.1.1102.451 - NICE Systems)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outlook Diagnostics (HKLM-x32\...\{8BD2B13B-9361-4005-B5BD-7FBEC4AEB105}) (Version: 2.1.0.20 - Hewlett-Packard Company)
PC Backup Agent (HKLM-x32\...\{393E4C89-67E9-43BF-AD29-94D19F7624F7}) (Version: 8.4 - Iron Mountain)
PC COE (HKLM-x32\...\{DF6F1789-2C07-49CB-993D-6B3D5586C34E}) (Version: 31.1.2 - Hewlett-Packard Company)
PC COE Required Settings (HKLM-x32\...\{4D9D12CD-B714-4A8F-A4AB-C33C4DD7F770}) (Version: 31.1.0 - Hewlett-Packard Company)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.23 - Realtek Semiconductor Corp.)
Remote Access to HP Inc. (HKLM\...\{657D03BC-DB47-47C8-9529-EADBB167AF4C}) (Version: 1.0.6.52064 - HP Inc.)
Security Task Manager 2.1 (HKLM-x32\...\Security Task Manager) (Version: 2.1 - Neuber Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Simple Sticky Notes 3.0 (HKLM-x32\...\Simple Sticky Notes_is1) (Version:  - Simnet Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.23 - Synaptics Incorporated)
Tanium Client 6.0.314.1195 (HKLM-x32\...\Tanium Client) (Version: 6.0.314.1195 - Tanium Inc.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Terminal Emulator R16 (HKLM-x32\...\{0874C225-BB08-4996-8C9C-A21AE13EBE3A}) (Version: 16.03.008 - Avaya)
Tweaks.com Logon Changer (HKLM-x32\...\{12F8EFF0-5C16-473B-99AD-67AB866C3E07}) (Version: 2.0.0 - Advanced PC Media LLC)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
WinMend Folder Hidden 1.5.3 (HKLM-x32\...\WinMend Folder Hidden_is1) (Version:  - WinMend.com)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Winpopup Server (HKLM-x32\...\Winpopup Server) (Version:  - )
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1957994488-842925246-40105171-1743549_Classes\CLSID\{ac2d1bd0-b12b-8a7a-9cfb-9deaff6757421}\InprocServer32 -> 0x8C5139742518D1018F592860BC18D101020000000400000000000000 => No File

==================== Restore Points =========================

05-11-2015 23:56:41 Removed Chrome Remote Desktop Host
06-11-2015 00:02:17 Removed Google*Earth*Pro.
06-11-2015 00:11:18 TrueCrypt uninstallation
07-11-2015 19:13:25 Removed Outlook Diagnostics.
07-11-2015 23:02:19 Installed EMET 5.1
07-11-2015 23:05:50 Installed EMET 5.1
08-11-2015 11:58:39 Windows Update
08-11-2015 13:31:56 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2015-11-05 18:51 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01352D68-2AEC-4FFC-AF99-9CB2EFD504AF} - System32\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}001 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\Aimsi.dll,RunPatch
Task: {152892FD-93A8-411F-A0C7-D0591FB12853} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {28271F2D-3318-4332-BB32-404F982DACA2} - System32\Tasks\{133F8D40-91F1-40CE-B193-02893733E7FB} => pcalua.exe -a "C:\Users\elhamzaf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I6VABRLR\NetFx64.exe" -d C:\Users\elhamzaf\Desktop
Task: {3504F2C4-18ED-47BC-B34E-F458962BCECC} - System32\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\critupsi.dll,RunHourlyHook
Task: {3779C535-CA11-4159-8F85-5CF98726ECCD} - System32\Tasks\IDA{24AB88C9-D233-48EF-9EC5-79D902043D09}000 => Rundll32.exe C:\PROGRA~2\HEWLET~1\PCCOE~1\SWBUND~1.DLL,RunSWBundlesSnapin A
Task: {39AC9638-FD00-48FE-8D3D-433A7370B7FA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3E357F9E-D200-4E4D-BCFA-869122FFADDB} - System32\Tasks\{D898B789-52DC-42E3-B3D6-1F1CE848B40D} => pcalua.exe -a C:\Users\elhamzaf\Downloads\sp66915.exe -d C:\Users\elhamzaf\Downloads
Task: {41E8CAED-74BE-4DB0-8A8B-605403CF5B6A} - System32\Tasks\pcpm-consolidator => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe [2010-10-28] (Hewlett-Packard Company)
Task: {6CB3E546-975D-4FD3-BDD3-559131B6B68F} - System32\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}000 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\Aimsi.dll,CheckForUpdates
Task: {70BD6712-05A3-4742-BB0D-D4632F3179D0} - System32\Tasks\Smart Client => C:\Program Files (x86)\SmartClient\Smart.exe [2014-08-25] (Hewlett-Packard Company)
Task: {7577C2FD-6EC0-4A97-BF0D-A0C6AB72908C} - System32\Tasks\IDA{EF242085-E950-E7C0-982D-AC0CAEF9D2B1}000
Task: {757A1885-A1FA-482E-96BB-59462BD2F3BF} - System32\Tasks\Moin Moin => C:\Program Files (x86)\Avaya\CMS Supervisor R16\acsRun.exe
Task: {A2014BD3-EEDE-46A5-BFA5-5460FA094D2B} - System32\Tasks\BitLocker Reminder => C:\Program Files (x86)\SmartClient\Reminder.exe [2014-08-25] (Microsoft)
Task: {A3D76CD0-E0AE-4724-A998-3D1E381825A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {A83D8FD7-5227-4DEC-B951-6F80F5E734C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A89E4B2F-D8C5-4FDA-92C6-5B7D529BEB75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C25BCE29-281A-4C4D-8D23-58A78AD1152A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-03] (Adobe Systems Incorporated)
Task: {CE0CC0BD-FB96-4C14-8CCE-C12FFA3D8CDD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D171B403-6A5C-4510-9378-3B44324C2F8C} - System32\Tasks\pcpm-collector => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe [2010-10-28] (Hewlett-Packard Company)
Task: {D44543A5-9E5F-40EC-8030-E9B8C6CF2D71} - System32\Tasks\Maint => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe [2010-10-28] (Hewlett-Packard Company)
Task: {E0EF639D-35DB-4450-90DD-3652449F8614} - System32\Tasks\IDA{DDC3038B-D87C-4DE6-AD88-05C6E3962FA0}000 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\SWConnSI.dll,SWConnect
Task: {E4693A6B-E91F-4377-928E-9FBCC9E7E5C4} - System32\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001 => c:\Program Files (x86)\Hewlett-Packard\PC COE\coetl32.exe [2007-06-24] (Hewlett-Packard)
Task: {E9504D34-C152-414C-8D5C-BBA771497A0C} - System32\Tasks\CFUWrapper => C:\Program Files (x86)\Hewlett-Packard\PC COE\CFUWrapper.exe [2012-10-26] (Hewlett-Packard)
Task: {EEF47720-0C12-48CC-8DCF-9F8D18773F62} - System32\Tasks\IDA{96A23EF4-3F38-4839-B12A-860409AC2861}000 => Rundll32.exe C:\PROGRA~2\HEWLET~1\PCCOE~1\BIOSSI.dll,RunBIOSSnapin
Task: {F506D7CD-87FA-4650-8311-0B05C0EC7563} - System32\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\clinvsi.dll,SendInventory
Task: {F5E8A8AA-0A2C-4306-AD18-F954838E84C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\CFUWrapper.job => C:\Program Files (x86)\Hewlett-Packard\PC COE\CFUWrapper.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}000.job => C:\windows\system32\rundll32.exe7c:\PROGRA~2\HEWLET~1\PCCOE~1\Aimsi.dll
Task: C:\windows\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}001.job => C:\windows\system32\rundll32.exe0c:\PROGRA~2\HEWLET~1\PCCOE~1\Aimsi.dll
Task: C:\windows\Tasks\IDA{24AB88C9-D233-48EF-9EC5-79D902043D09}000.job => C:\windows\system32\rundll32.exe C:\PROGRA~2\HEWLET~1\PCCOE~1\SWBUND~1.DLL
Task: C:\windows\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000.job => C:\windows\system32\rundll32.exe7c:\PROGRA~2\HEWLET~1\PCCOE~1\clinvsi.dll
Task: C:\windows\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001.job => c:\Program Files (x86)\Hewlett-Packard\PC COE\coetl32.exe
Task: C:\windows\Tasks\IDA{96A23EF4-3F38-4839-B12A-860409AC2861}000.job => C:\windows\system32\rundll32.exe6C:\PROGRA~2\HEWLET~1\PCCOE~1\BIOSSI.dll
Task: C:\windows\Tasks\IDA{DDC3038B-D87C-4DE6-AD88-05C6E3962FA0}000.job => C:\windows\system32\rundll32.exe4c:\PROGRA~2\HEWLET~1\PCCOE~1\SWConnSI.dll
Task: C:\windows\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000.job => C:\windows\system32\rundll32.exe8c:\PROGRA~2\HEWLET~1\PCCOE~1\critupsi.dll
Task: C:\windows\Tasks\IDA{EF242085-E950-E7C0-982D-AC0CAEF9D2B1}000.job => Fp elhamzaf
Task: C:\windows\Tasks\Maint.job => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe
Task: C:\windows\Tasks\pcpm-collector.job => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe
Task: C:\windows\Tasks\pcpm-consolidator.job => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-18 13:08 - 2015-03-18 13:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\eds.com -> eds.com
IE trusted site: HKU\.DEFAULT\...\sharefile.com -> hxxp://hp.sharefile.com
IE trusted site: HKU\.DEFAULT\...\sharefile.com -> hxxps://hp.sharefile.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com -> hxxp://compaq.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.ar -> hxxp://compaq.com.ar
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.br -> hxxp://compaq.com.br
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.co -> hxxp://compaq.com.co
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.mx -> hxxp://compaq.com.mx
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.sg -> hxxp://compaq.com.sg
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.ve -> hxxp://compaq.com.ve
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\cpqcorp.net -> hxxp://cpqcorp.net
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\dcu.org -> hxxps://dcu.org
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\eds.com -> eds.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\hp.com -> hxxps://d2t0361g.austin.hp.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\hpe.com -> hxxps://g1t6040.austin.hpe.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\hpecorp.net -> hxxps://c4t12663.itcs.hpecorp.net
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\hpqcorp.net -> hxxp://hpqcorp.net
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\sharefile.com -> hxxp://hp.sharefile.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\sharefile.com -> hxxps://hp.sharefile.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1957994488-842925246-40105171-1743549\Control Panel\Desktop\\Wallpaper -> C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^launch_splashscreen.vbs => C:\windows\pss\launch_splashscreen.vbs.CommonStartup
MSCONFIG\startupfolder: C:^Users^elhamzaf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^elhamzaf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: AccelerometerSysTrayApplet => c:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: COEMsgDisplay => c:\Program Files (x86)\Hewlett-Packard\PC COE\COEMsgDisplay.exe
MSCONFIG\startupreg: GetITIcon => C:\Program Files (x86)\Hewlett-Packard\GetITIcon\GetITShell.exe
MSCONFIG\startupreg: IDA => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDA.EXE
MSCONFIG\startupreg: JunosPulse => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe -tray
MSCONFIG\startupreg: Lync => "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: PasswordRegistration => C:\Windows\system32\MsPwdRegistration.exe
MSCONFIG\startupreg: QLBController => c:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
MSCONFIG\startupreg: Spotify => "C:\Users\elhamzaf\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\elhamzaf\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Viber => "C:\Users\elhamzaf\AppData\Local\Viber\Viber.exe" StartMinimized

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6B877D3D-BBD9-4A44-BB6C-67140F6ECFAC}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{5259C4B2-0E25-4EBD-9476-D102C59BA9A0}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{19FE08AF-0EF6-4D52-B2B6-8EDCF91229CE}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{84C620BB-E3A3-4EFE-849F-C704AD55B025}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{33477223-34A2-4DE1-A250-A4D29BA4593E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{FAA3F3D3-2055-46AF-B43E-52A7762A1349}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{3F9F922D-F84B-4657-82A6-017A34DAB6D9}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{366F7E01-ABE7-43B4-B825-2ACAF2BEC335}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{1B045724-492B-4F50-B28E-290F7AC1164D}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{553E6FA6-2F6D-4D94-AD29-A6715D1F3720}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{9A47FA20-21AA-4B08-B842-63D0902BA064}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{7AA6E524-BD5A-4BAD-A9D6-5B39DEC179A4}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{14DFCF2A-C0EC-4FBD-8D23-17853D808429}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{80D0C4DE-7191-415E-A171-13F0E74C7FAF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3CB30AC4-E311-409D-81BE-97588C03F52F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5C67F642-0BFF-4E50-A883-3D98F5D60267}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EEDACC4C-C983-4780-B3F6-5DB59DBE35DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8C03C2BE-6134-4DFC-A2B7-E7C3EFA1DF51}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{12ADB01F-D275-4DCC-8037-2425585C79B6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C29DB9AC-61F7-4781-872F-25755229D625}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8DF6BDA2-4B3D-45AC-B448-13C648DFCCA1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FED068A4-41DD-43E4-A834-2D2FEA69CEDC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6F82D59F-2520-48BB-BBC8-BA961FC30B5F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5843AEB4-EC70-4452-A9EE-362ECACC11E8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0D56E31D-D588-404A-BC5E-F48E5610351B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{837FCE06-B75C-4934-85FA-EA366D90BD7E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D2471028-93E1-42A0-9078-B3608311BFB4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F3A44A2F-1898-4808-B8A2-D067ADD900E9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A6AD1534-6E9A-442A-A579-DC67EC470696}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{64ED1668-AAE0-4970-A602-673455A9A74F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDD91197-A297-4709-931C-DDEF2E72672E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{65628C25-5DCC-4C99-A316-DE5A9A963550}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3D2998F2-AB33-4CD0-AD94-ABFEEE18F087}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A61DFF9E-A69E-410E-9C1A-AD2ACF8DE52D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4B9E26B4-A453-48A0-8434-4F7A1DF122C2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D86433CC-0417-49AE-9F09-AA20A161A612}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5B99F45C-9552-45A2-ADB1-3BCB6B257FED}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0FEE0617-FD1D-4FAD-A737-1A9BEB4A3679}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DFC57920-04E7-4E40-8581-1E14AE5D0B1D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{682A43C2-8558-47C2-836C-41BC6CDDA843}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6C45B71B-CB04-4FCE-9BE0-8CA0DAEB0DDA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5CC680F9-7457-499F-A5DA-F843970FF421}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DBA51A1F-268E-4376-8C9C-58766E172577}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDFECD72-3051-4EA9-8C5F-08C0FD37B72E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B412496D-C321-4F79-A919-4686441C5DBE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{940DB9E2-0E1C-47A0-94FB-A604D4D75ADC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A445DCE9-C50A-46F9-874A-A00F3B9DB342}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A7F5F09B-0A84-447B-B5E3-BD8C58863022}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F655EF34-C85E-4134-9544-998C2031334F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3DF42A09-0485-4939-8022-86675DAE78EE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BD56217D-DEAE-4778-A1EE-A7BBD7CD75A9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C2120EE2-58BA-455B-B7DC-FE81530294E1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{38110079-0390-4977-801D-A6C5221EAB01}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{895D708C-A6CE-4C70-BDE2-E067579B8FE6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9EF98CCA-64FA-45C1-A90C-C93D7E209834}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{95725A49-1E66-45F7-8A40-482BA1841B35}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0A8996A1-63E9-4008-8F66-D0223D59A1BE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E8F4C267-E746-40ED-A579-169F3A45ADD7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{52780099-51F5-4CBC-A9EA-0A4027B2CBA6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DBBE5286-F8A4-4317-B75A-D30097027B81}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CBF28D68-A1BC-4B22-8DDC-9E355BCAE5EB}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B6D00574-4D61-46DF-AF29-4CB9BBEBA6ED}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDE55CF1-DBDE-429C-84F9-C9C42EA5D8B5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5A586752-0BBA-4656-B70D-B1091A3218ED}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4A6FA137-2725-440D-8DA3-A2E177C3700B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{29653673-371E-4E1D-A58D-97C4CED16787}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ABF73525-1D47-4469-8EA4-EA98190051FE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{924A3C43-4A98-4C89-96F4-EC414B1A96D0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9F3AB09F-A181-43E1-805E-06E3CE6AC5A4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1F6C1A77-851F-4E3E-BC5D-BD3FA6FF9996}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{42601620-20BF-4D75-9AA1-CDDCC7429F09}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{06C68B23-C054-4B09-BB00-106022B789D8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C4BA8409-E121-4BE6-B64E-ACC23C40F298}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F63AB391-A4C1-4FCA-A2B1-D373A0B7BA17}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{25040186-91A3-4A70-AC2C-486C66E6DA38}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D3AA5012-90AB-47EC-B268-3A087BE21C0A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{89E95580-DC9E-48CF-AF21-B900A916FEB6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5D5C4979-1B8B-4231-835B-7F3266E3DEB4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{30639500-CD45-47B3-86BD-6307F1D1CDE0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{01233B61-450C-4990-A838-7CCED68DBE67}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9600CF08-1487-4E73-B5D8-0A54FDBC74D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9ACB4E22-E8F6-44B5-8759-4D91B71C5B6F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A4350759-7970-4DCA-882C-10A4DB5848C4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FB9E1234-08DA-4422-BC91-3F745C890B7A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8C514DCA-8501-4056-A2B8-31B67C741C48}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{23EAF87D-98AD-455D-B1FF-E1228C1D6900}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9CE4783F-E0A4-4AD9-9447-C837557FBE4D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A8AB2BEA-B06B-45F1-AB39-2C97FD5EB7F7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A0F790B6-7EA4-4E53-A84E-179D1C1C49F1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B8D37D3B-79FD-44D6-A0DD-B0A036B216C5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9DF1740B-AAE5-4105-BC30-AF0380131315}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F1023225-0017-448C-8A9B-0DD6904B9BAC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{294464D3-2390-4101-8AA2-193720F1996B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E589F255-D6D8-4FAB-9340-9C4AA0ADC37B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{40F0709E-7DF3-4FA9-8E64-308A951D2AF7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A50300CF-58E8-426C-8029-B466670E8DB4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{678E2B9A-D3EF-4A68-B378-D7C2683A5DC5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{189F5ADF-8C1F-4285-9AAA-EEA1F2AD6B1A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{05BC0E02-D8EA-4FCB-B0E4-C60DFA78E9C9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5C2B5D80-3CC7-497C-AC5E-5D27FF3C743D}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{C14E8B60-9AB3-4832-84D9-82505E50E214}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{B809C0F0-9D37-410C-8B88-B75C2273E9DD}] => (Allow) LPort=8743
FirewallRules: [{5FB6CB56-5FA5-4EFF-B398-5F55C7CF4A88}] => (Allow) LPort=8643
FirewallRules: [{B80C75D7-DC6D-46E7-B3E3-D36643A2E728}] => (Allow) LPort=7676
FirewallRules: [{E976053A-3EBF-4FC9-8203-4FCFAC49B852}] => (Allow) LPort=7679
FirewallRules: [{B2B34202-393F-4E7F-8E94-6902B0F47912}] => (Allow) LPort=24234
FirewallRules: [{4D4ADA8C-DD2B-4833-B2FF-D6C8C573B569}] => (Allow) LPort=7900
FirewallRules: [{14CBD40A-351C-406B-A6BB-815CA7941A49}] => (Allow) LPort=1900
FirewallRules: [{F9B0E41B-904A-4804-9CA3-769DBB766014}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B2BE1896-8C5F-44D6-882D-A6F5AFA8F493}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{36AD64D7-7F52-41A9-8369-C4254515B8F5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A99CA874-AFE4-47DC-A67C-5C7CC51C9E4B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BA7F4619-34D1-4637-9B9C-21155B10BEF5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F98A429D-4F21-48E7-B043-57A1AE6CC959}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D9DEFFEB-811B-4F15-B3CB-3C72202F43ED}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3EE2A027-8AEF-4E5D-AD11-3B86120EA98C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{75A8091A-C516-49A8-9308-3DACE1BE4B73}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{70F7DCE4-6D98-4DCB-832F-7009C1382CA2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{925B2271-4770-4B31-B90F-2718B8D7DA3D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5595646E-A8FC-4871-9B55-113F99B538EF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E744B5F7-C87E-4A7C-81BA-5944F67E7B76}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A299C17F-DF52-4866-8CE2-2F2A311B3557}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2834FB3C-5D67-4B0F-B8C5-512767B75E1D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DC65438D-2D84-4D60-9C6F-443757D55E9E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D22811F9-3451-4216-8F58-F9BF95066DC2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6CCD1690-A026-415D-8350-FEF6DFFC48C1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B1083203-6228-4836-A5CF-F0E3779DA6A3}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7055042E-B1D2-4AF8-A901-905230A778AE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BA4844BA-A856-4DE6-A8BB-B4984C5D7485}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{191960B5-08A9-479C-8D94-0937A9A5C704}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{31E9D88C-921F-4B19-8897-3C9B6EF9DCF5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CBDE9634-D420-4AEF-804A-A910F9B5ED44}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7565C68D-C760-44D0-9649-514EED2715C2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{492D8C3A-9159-4F21-9DD0-808EEB864FF9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9A8EFD09-4D18-459D-9593-89FE40DE353F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3099E4F6-1809-4678-9A45-A481A8A2366E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E7C25E11-F022-4E35-BF2D-ED67572F5279}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1A2DCFE0-2958-4D25-8A82-F618AA7BAD64}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EBEC6B98-A296-413C-9D3D-A213B021D93D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1F18DF9F-A19E-40A6-8E8E-8FF7720F9B82}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4CBE8654-4B14-435B-A985-33CF71B37FE8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CB5932FA-511D-464C-8670-A2A0F8CCCEFD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B904A73F-F345-4109-9C8C-C847975553B2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C702BE13-121B-424C-9AB6-D73EA5B1DEA5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{43177AD9-27BE-4871-89BA-E93770644713}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B5BD29C3-6952-4EA9-BDF8-9440C254D4CE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{78370AF9-BB3E-4C2D-824B-680382357856}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3771CF43-EB61-4BAC-A9C0-145505E98F58}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{8E163078-ADC8-4772-B6CF-7C4B044A6DBE}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{15FAD68E-4E13-4E31-857D-70C08C4F56D1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0E5C61D4-C093-4CD0-A51F-EF9FB864FC99}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{949D5956-C0F2-4B5D-A990-4F7F05CF349D}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{F2F9481C-9EC1-46B6-91C2-5317D5B184E6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{59D4B9B3-F356-4DDE-97BC-83D6115540CC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDCEF018-0700-47A5-A18F-BE3BB8D2D080}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{A38439F2-D097-4FFD-A130-C5E77E8176D4}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D1B375EE-AC2D-45CF-AA28-A0E2AC9BFC0A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{28937B46-ADDB-44CB-8638-5FD9A7B926C6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0D36E4CD-76DA-47DA-BA47-95E6E8669872}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{897B1563-9761-4E8F-AC7B-006BD608653C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A52849ED-B00D-482D-BAA0-AA8DD42C1F45}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0D8D6CF6-156A-4C8F-A160-BB02129FDD6C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E20A7E81-D969-4C0C-AB62-2495442850BE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6621101A-E5F2-4B1C-A2AB-FCF9F05281AA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A97072C0-252B-4B01-BF66-2C67DE242687}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0E88E068-E97C-48C1-A6A0-C676FEB233D4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{70535680-B359-4BAB-A782-84062FD25C23}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6CDB45F5-FE8F-49C8-918C-D8543C82A564}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AC29534B-2199-409B-B6C3-CE7969A0C9F0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B5AC747A-044F-40F1-9D61-B4C2D6C34339}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{93302DFC-2437-455C-9DAD-95AC80FEA5DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F591D558-D25F-43FF-BB49-23410D7CD4AC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9D917FEB-84A8-478E-98F9-A7CAF7B92FF1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EBA41B9B-4B48-4D33-A210-1D699F893581}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{89DF1A12-FFE4-4712-8590-7E650595D1DA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{01A4D2AC-81EC-43F1-9A9D-501547AB0D85}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{73702A98-9148-4E81-AFEB-E59DECD387F9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EC949EE5-90DD-47BF-B8B9-B62D7DDD1F12}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D456168E-D244-41B5-8196-03E5EAC1C016}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8CFB0C9B-9089-4E1F-AECC-2C6605DD61CE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5C0B9A32-F535-4257-A170-8B8A326A78F4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0EEFAC7B-7A3C-4E31-A1BA-F4FA51C45248}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D564B5FC-CE08-426D-BD5D-FB7210C9FA5B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{89A1A2AD-81C1-4C9C-9FD2-0D2C5D76C844}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5D9AD7E1-02EB-4F63-A434-20E49FA51224}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1C0F1365-5D85-4F8D-88F8-A8DFD3A986D9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B3AC272C-9261-4E2D-AF84-E557DE7D0EBB}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5AF09337-3C6A-4450-AD64-EE132BEE21B6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D2428FCC-E17E-4524-B456-A1F4B9E57410}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BD8EA6B3-3B00-4D47-BC19-7066A42C4139}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{390EEF0B-17B8-46FB-897D-F71E7FC31B11}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F3A2C240-301D-427B-ACC8-4F1DEFF260B2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{54EC4D49-84C1-4A64-A5F1-517DD06162A4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5606BB11-275A-448C-AFBC-406F45A7431F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3066A966-4682-463B-8E32-A24E8803DA09}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{85E7FB44-6C6A-4F6B-AAE3-DFEE5E0E8B6F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9AB087CD-3328-47EE-9471-FB3A7FCDDF9E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{029DEC1A-068C-4E47-B45E-9E368B8F86CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3D1BC4F6-838A-42E1-A9DA-8667A9D08613}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2D9963FA-3163-4341-AA40-0B681B5945C1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A5F5ED7D-7C8C-4C5E-8F81-8335DC7FD8B4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{097E2F0C-D1BE-4D39-B49B-804C620E085F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4064D383-A733-4EEC-BAF0-A1D13FDE2761}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{33A5CF06-78BB-4E29-A47B-F8A22DE8166A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2E26899C-E53C-4DCF-B5A0-2EB221865C61}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AAA06A03-3E60-4180-A6D9-CCAFAC766DA6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C7BB7D62-72A2-450C-93E0-1475C5CD8C97}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5FAEA452-D43E-4DF0-BF40-62CC07886832}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C06AA887-2665-4C12-9523-78531E906590}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5970F23E-BEBD-41EC-A574-17944258C9FF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BEA969B6-8DF8-4BFA-A730-B22B2DB49B39}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{42D2BEDD-42D8-4C2E-9ADD-066B9722DA4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8F33BE45-A324-4D01-8B44-DD5A28772E30}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8AB4C203-194A-423C-9FCA-DCBCD3796517}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D7715132-9C79-4F05-99D8-C03DAB2351AE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{470A5B03-00E9-46BA-B350-A67EC3A0F499}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{334BFC85-C1E5-41B9-91E6-DFBF3A6B63EE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A6BFF72F-53BD-433B-A251-D0BBC5DA108A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{39E786F8-D7E7-4D3E-A18C-56BE1B525675}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6F53DBDC-157C-49A7-8A58-BD64471996A9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C63FCC98-4553-471B-9360-27CC217874CA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FD4B33F7-A498-440B-86C9-16C1529B154B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E25F187A-BB1C-4111-96E7-B27C42C546EA}] => (Allow) LPort=17472
FirewallRules: [{E7D9C6B6-7C5A-4406-B5D1-24FAE2B23A3C}] => (Allow) LPort=17472
FirewallRules: [{E4C5327C-B69F-4E9D-A602-1C8ADB767EFC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{320B92AA-B79D-44C2-BB55-04D3D972DCEE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A342CB97-3497-483B-8C55-3CA53803C97B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{21416E4B-FA0C-4C80-90D8-DE1672BB6B35}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{21CCC654-460F-4E24-ABFF-EA9FD46102DB}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{17766DD5-BBE6-4F52-B0B2-D95D69010B81}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F4BF6F34-5179-4D77-9A07-32239ED324D2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ABEF7C89-914A-4548-9C9C-EE0A21D87985}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{20DAAB47-2A91-4A35-B996-6CA1367DEB94}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6D0CD166-47EE-4CF6-8184-8E9BD2747438}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{557FDDBA-D76A-4864-8AB1-0BE934D9745B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{867E4D68-352D-4CAC-ABD8-D5F96498FD7B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2833B63D-9CC9-4679-93A5-4845538BEF54}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{01C680FB-397A-4491-A238-41D4258A1DF2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D5E38198-82D7-42F5-8EC5-04372A545C23}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DD5BF3E7-38C9-43A7-B379-4EE5E2DAF2AF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5CC745E9-DE0D-4C01-89F0-C4711428A7DD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{60D1C21C-9900-41E1-8284-55EBB022F76A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{36CF3E3C-D84E-41B9-B331-C860F0E9C544}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A59E085C-824C-4085-A0CA-FA1D9CA4F4DF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8813000C-80A3-4D73-97E2-5D4D91E377A7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D9D3DED1-2475-4C42-95AD-96A72CC1A39E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6071F045-B007-4BC7-9322-8F9BCA15157D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F66F1880-AB22-42FD-8A66-FA39E3F0676B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BEDC0940-516B-4441-854E-AABF27A2C9E4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6A175F94-A734-4642-8A68-1D51806560AA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5A58A956-F265-4912-BE35-6D6ADE3F2677}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{56E9D6B5-2651-4F7F-9E44-33E59CA5BEFF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C05BD37F-3B63-4781-918A-15132DF4D869}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D87668BA-1371-443A-A45A-FE92865EE453}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0E24F8B1-B5EC-4D21-8D20-8FECA6F148A2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{99B70ACB-2135-4CD6-96A4-27D8524B80D0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ACC24C31-5439-41E5-9B84-F7740C435D14}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDA4807A-CFEB-41CE-9631-6C30C3649906}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9D0251AD-3115-4E76-9A18-3ED12F2ECD81}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0A98018E-B88A-47FE-8ED1-D93BD3FC9DCD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1F0A6A40-0008-4185-A943-6F77765EA044}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{30731C71-8ACC-4ED1-85CF-5A6FFD9A4B2D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D5F7BEFC-E78A-459B-8D65-9545AF2FDD3A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{462B2985-0DC3-4407-89C5-983DAB3EF91E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4A3AC8BB-3D74-4285-8351-F2646581B815}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{89F4C088-CCF5-4C87-85AB-51EF23DF0126}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EC89FDCF-49FF-4FC4-808D-91147558E807}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{39A5E32B-73FD-4039-91CB-72DDC0F2BE6C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{22E66F31-F5C0-4107-ACFF-9DCDE7DCA5A4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0647DA57-E644-4387-B2C4-770408265C49}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{201A7EE8-604B-43CF-BA28-1A4AE741C797}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A1E7DF2C-9892-4291-9ED7-37F5FDA8B66A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CA441A18-246F-44B0-8863-8A0F4CAC4BC1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ABD2AACC-F360-4438-9F92-C646C4E91EF0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{335A0162-E171-4A39-8FCC-7A950A25BB26}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D8F56268-B417-4DD2-9AB1-3F3A3876C5F9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{52BA2E2A-C547-4B9D-9ECA-69613E4E3A27}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{641CC4DA-0D06-45A4-A95C-5D36DFD0B40B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{354B2E51-5DFB-441F-8857-3453972073FE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1A543321-1F91-46AE-91BF-9456CB5467A8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9B1B5F25-9760-4EC2-8F28-656D0870A357}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{66735F07-E016-4765-8F54-71BB178D1C06}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{62731332-DC6D-482F-BDD5-09BC0F8EDB9B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F6899D00-FFB9-477A-BA40-2B10119B2F15}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{65BE98AF-076B-4FAD-9C0D-FD472318A0BF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5B53E9F0-334B-457F-B32B-0AB509CA0BDE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{57CD081C-7A9B-4923-B99B-762DADFE2A60}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2E76CE6A-56E1-402E-8454-2E7F0ABA5EC5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5CEDF327-CF06-4BE1-B437-0AC6D498CB46}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4886296E-02F1-454C-8FFA-D4902F1BE1B2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{45B6417B-AD29-4888-824E-F460704CB0AB}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{40AEEBC1-393E-4C0F-B5FF-D0825DBCC465}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CE0E6407-8F22-4842-9AE5-AB92662EE77C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AA8827E7-8161-451B-9AF2-4F5474EE3524}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0AB98E0E-F5D3-4C41-A6D0-637978468F51}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B07D7261-388D-4C9F-8E80-D25E15E54BDB}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{4EBDC225-FE9E-42FC-9D6B-8B828513FA71}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F0818ACB-7FF0-4F40-9637-D87DE4DAF62C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0A8EAB56-76E3-46BF-BD38-77883E891B56}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AA111493-2E44-46D3-8C4A-2887B5487B0C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FB292B26-0D5E-4A44-834A-2770B9B1C313}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F80C3D1B-82BF-4031-B19A-421A41BCE1BE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CCA0554F-06C2-4ADA-9724-0CC11393C260}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B1229FF1-22D1-46A6-9C3C-6BD758E9BC11}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2D3851B5-AFE9-463A-8D1E-563B4BF5FB61}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8973DAF8-4878-43FB-921C-10BCDA86D8C5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1ABD8091-36D3-4C40-AA01-FCEB8FDF7F0E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B4046244-E83C-4D37-92A5-66808D30BB70}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7EA04E23-9D3A-417A-9A16-928F1B52D5A1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E2E93C4C-6B6A-4407-B09C-C668A93FC3DD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5B77B001-A275-4C7C-AFC7-0EEDBFDC0274}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8190161B-58FE-43FE-8E04-276AB3397EBE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A4867777-57F1-4240-A46C-7F3DECBC5D79}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3F99B0CF-9F1C-44C6-916C-B22FB64C42A7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B6F0271E-1D63-4942-A1AD-E1F4BBF4285B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A91029EB-0A5E-4447-8380-FF71A8822986}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BD68C7ED-FEFA-4795-8250-B63E8CAB04F5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5D4E8048-2882-4483-821E-325C011FDA11}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A5E480D8-9027-4E28-99FB-99FB9BEF8E18}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{81295DB3-CD7D-434D-B198-4F9116A0EF83}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AB324DF7-FAA5-43A3-8BCE-A77B61910953}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7D42B9D7-65E2-4A83-B990-27D87BCC8499}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9FA433ED-84B1-44C8-84DF-9153872BFCD4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{41F0609A-9EF2-4A0E-92F0-A6AAF8C08841}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0CA3D86B-AD6B-4AA3-82BF-8D7016AE6D37}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8B67A401-16AB-41CB-94CA-28FC9BCB4BE9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0BE56E98-E867-4972-B83A-3B965E3178C0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AA096550-30ED-4419-A4A6-83BCCAE5A1AD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{655EBDA6-0924-4B3D-B32F-3095BEBACD70}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EAFA8521-E833-4C62-96F6-4B02677A4012}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7E594D82-17E6-40C0-B368-7D1E50390630}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3479B766-CF57-479C-B9C7-51FA74F502DF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ED274C6D-2BDB-40E8-BE14-71506B481FCC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{53412E4C-CC27-4144-A0B6-DF637E4F0BF1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{21EFBF58-E7D1-4AE7-8D54-B246E43395A9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6F622E8F-94FC-4123-9B9D-38AFA638CF69}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BD6ED27C-0D78-4D17-8DD6-8B9C464C681F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E47379DC-8AC9-4C52-A21E-CC2F4A832317}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EA49CEB6-8224-4152-B28B-D8FD812C1D9F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6CC65C71-9CD4-485B-9BE6-6D750B73A227}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C3D5BC42-004C-4FCC-B2A3-1387E5EF0769}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F4D5AF6A-205A-4FE8-981A-82BC2BFCFBB8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EB68DCFA-0461-42CF-BF2B-5AA3B90E2E8B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{98C0D004-B32A-4BBC-978C-A28B2E9972E5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{61ADE0C0-0D8C-4AE9-B96A-B3A57B552BE2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FFE166DC-9A45-4117-8A38-A847EEE1E837}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{659C076D-1D5A-4EFC-B865-08A113638707}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1CB58E41-2D49-467E-AEF9-3F4F985E3C5C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C7028667-B8E9-4246-BB28-5AC91A6BE9E0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D50E5BC4-8ADA-4ED1-9825-3AB8AE5E922A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{52C4100A-AD20-43B9-9C3E-78A5989CD270}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F202F25E-46D3-41C1-B42F-BA70398A5B5E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{20997FCB-E9D7-4423-8A90-7BF7931B591C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3CF6977B-BABD-4DD2-9AEE-A3C0F0850F82}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DFDE1788-35C1-46DA-B96F-BC7395BA160B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4FF8D497-8DB9-4422-8580-9383BD24A312}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F3C5CE44-30FE-4CED-ACAC-5BE33AEEABBF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E44BC2C8-548A-4339-B22C-49CB43476B00}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{061D60E1-B3C7-47FB-A983-6084E516BA22}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E64E8336-D744-43DC-9712-187FF6F26C91}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F96149F3-794C-4EF7-A287-A324400864EC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{33BA013F-C0E4-49E4-85C6-9C2381D5F4C0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A8CAA63A-1F7B-4521-89F9-C02C06C15AA5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4A844C3F-DBF8-43FB-B292-31AE9661E527}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C4E538BA-279B-4268-BA3F-B407E7AA13E8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C3427C80-4473-4E3B-BAFA-D2DFB04D8C9D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{678A6C02-E578-4CCF-A139-8B5C2C2D49BC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FB919C48-E3D9-4E22-94A0-99EAD746F3DA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{91A08A33-22E1-43B5-A2E6-A61BB2EE9D5C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6F768B61-E39C-4D61-821F-A0F403EF5827}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F610FF61-BA1D-4A38-8766-12F87D763FAC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{43BE44FC-FCCF-4EAD-82D7-E75EA4BD8420}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E7738E91-41C6-49EC-A93C-FB725D2C080A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8C1B9339-7E56-4D2D-952B-F24687F7280D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D722A690-75AB-468F-BEC5-0CCFD089D18B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{09DF5277-1563-46FB-B806-AB3A9811FF01}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{66516131-BA69-45DA-A0C5-528CEFC2BC73}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AA64BCAE-5F67-4FA6-8DDB-7896FFBBBF04}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{83A43166-BE9C-4C3B-838A-D90057D765F1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EAB4C097-38F6-4F84-B78C-3FF1C8A384C3}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0CC7401E-4752-4A6E-A0EB-A987CCEA106C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{80EB0772-23C5-4751-B1B6-A20D83942BB7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B74B7EE6-8484-4052-9595-B3B3412E3641}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2BC32A12-AC94-427A-975F-F525FD4DA28B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B3F9FBA0-D79E-4C3D-BA8A-767F3530F919}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{45D3BB27-D217-4550-B926-200ECED8051A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8589FC9C-2FAD-497F-96EB-063F90CCD860}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0227003F-0335-402D-971B-E078CB53F0FA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5278F6D9-030A-4A6E-985E-8289B5F10E77}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{43ED94DA-0C6C-498A-A4AB-C123BCE73134}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7C0131B4-4957-48C7-9514-58D44FFD476C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{87F94344-C8B6-4CA9-B727-2FE2218C6503}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{42493F0A-B4DB-4D02-88F4-8DCFC37A9928}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8CD38E54-B069-4581-8100-320CB21FB2A7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FF96FCCC-DE7D-47E5-BB29-19F30598AF3D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0DB77313-08DA-4511-B0B4-49A856DCD767}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1E22B3E0-EE8B-4626-8853-E6E04B2DA00D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8BD5712D-031E-40A6-B8F0-A01B3198FF2A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F44C8977-0860-4302-86C2-EC63799CC5EA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F7366B5F-7CC6-4385-900E-FBBCE762D68A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{73D552D0-4320-4953-8F6D-1312420A3128}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{73771757-35C9-4D01-B303-75D16D54BCAD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{90DE3F24-6F76-4BC3-A613-3F9E88861E34}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{252BC2E5-B10D-4AAD-A105-012F9ACE736B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{546F7334-3B9E-4163-BD2F-25D5663AACD2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FCB6470A-E229-4CAE-A03B-52AAF199A6CE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ECA32A35-4A18-438F-897D-C4F2D52FFABC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D5CAF117-DCBE-440E-8A80-0D01CDAE7173}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{476E05C8-5190-4378-BE54-5A6E15D5D55F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B1A2B711-40B6-40FC-89E5-74ACB3195696}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{95F49684-5394-490F-9AC0-9CE7E62CF2B7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BCD70D1D-4B94-4C6F-9726-DF5F53D2F264}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{96E14C05-6350-4B8C-9134-3281190E3BD7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{36E320D6-92D8-48D5-A297-CA3D936B108C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9425E179-F5A9-4004-9064-D81498D1B2AC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A1980419-4330-4AEA-B661-B993B60C4FD2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D7A37C3A-505A-4FDC-BBDC-15D485AE3461}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F4C19AAF-B965-41EB-96BC-74C17C071B9B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C321E507-FCC4-4CA5-BA5F-5A35FA4A3D8A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{44DB8CE3-EE46-4DED-8D3B-68F1362D21B5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
StandardProfile\AuthorizedApplications: [C:\PROGRA~2\HEWLET~1\PCCOE3~1\OVCMS~1\radexecd.exe] => Enabled:HPCA Notify Daemon

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VSC for SMARTCARD DB
Description: HP IT Virtual Smart Card Reader
Class Guid: {50dd5230-ba8a-11d1-bf5d-0000f805f530}
Manufacturer: Hewlett-Packard Company
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2015 04:20:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/08/2015 04:20:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 04:20:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 01:35:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/08/2015 01:35:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 01:35:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 12:04:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "ASP.NET" (ASP.NET). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/08/2015 12:04:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 12:04:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 12:04:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "ASP.NET" (ASP.NET). Der Fehlercode ist das erste DWORD im Datenbereich.


System errors:
=============
Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


CodeIntegrity:
===================================
  Date: 2015-11-08 13:29:24.067
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-08 13:29:24.020
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-08 11:42:22.990
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-08 11:42:22.943
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-06 17:49:33.461
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-06 17:49:33.415
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-04 10:49:55.256
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-04 10:49:55.209
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-26 15:30:46.859
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-26 15:30:46.812
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4300M CPU @ 2.60GHz
Percentage of memory in use: 13%
Total physical RAM: 8089.11 MB
Available physical RAM: 7020.08 MB
Total Virtual: 18087.3 MB
Available Virtual: 17053.9 MB

==================== Drives ================================

Drive c: (PC COE) (Fixed) (Total:464.78 GB) (Free:328.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85B595F2)
Partition 1: (Not Active) - (Size=500 MB) - (Type=27)
Partition 2: (Active) - (Size=499 MB) - (Type=27)
Partition 3: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
         

Hallo,

Hier sind die logs ' Addition ;

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by elhamzaf (2015-11-08 16:34:50)
Running from C:\Users\elhamzaf\Downloads
Windows 7 Enterprise Service Pack 1 (X64) (2014-09-24 15:02:15)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

administrateur (S-1-5-21-4196241925-1720168049-4137911289-1001 - Administrator - Enabled) => C:\Users\administrateur
hpadmin (S-1-5-21-4196241925-1720168049-4137911289-1000 - Administrator - Disabled) => C:\Users\hpadmin
hpdisabled (S-1-5-21-4196241925-1720168049-4137911289-500 - Administrator - Disabled)
hpguest (S-1-5-21-4196241925-1720168049-4137911289-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan Enterprise (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan Enterprise Antispyware Module (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Pare-feu Host Intrusion Prevention (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActivClient (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.13 - Adobe Systems)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\{EE56217C-B3F9-402B-B4EC-63F090F51D3D}) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\{2F881898-5300-4D68-AE46-F5FE074D59AA}) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AIC SDK Global Resource Admin (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\50cce0dfd3974f2f) (Version: 0.0.0.5 - HP)
aic sdk mailchat (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\35dae2a944bdacd9) (Version: 1.0.1.52 - HP)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84239}) (Version: 1.7.39.0 - Alcor Micro Corp.)
Avaya Desktop Wallboard Marquee (HKLM-x32\...\{C298EAA4-0269-4AAA-B923-C31C09965A1A}) (Version: 3.2.1.7 - Avaya Inc.)
Avaya one-X Agent R2.5 (HKLM-x32\...\{1135FC2D-B35A-4D4F-90F6-ED63378D2A6E}) (Version: 2.5.00467.0 - Avaya)
Bitcoin Core (64-bit) (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Bitcoin Core (64-bit)) (Version: 0.11.1 - Bitcoin Core project)
BitMinter Client (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\BitMinter Client) (Version:  - BitMinter.com)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.223.181 - Broadcom Corporation)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Citrix Online Plug-in - Web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.0.30 - Citrix Systems, Inc.)
CMS Supervisor R17 (HKLM-x32\...\{9A558293-3B60-4C8F-8FAF-80A1DBC4512B}) (Version: 17.00.015 - Avaya)
Device Installer x64 (HKLM\...\{90FE5BFC-C6C5-45D3-A7E3-463D707E2D44}) (Version: 2.2 - ActivIdentity)
DisplayLink Core Software (HKLM\...\{960E1FC6-B5C9-4DCB-8C95-CB1187A266AC}) (Version: 7.6.55673.0 - DisplayLink Corp.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Forefront Identity Manager Add-ins and Extensions (HKLM\...\{82602802-91A2-449B-98BF-7F86BDE7F7E5}) (Version: 4.0.3606.2 - Microsoft Corporation)
Get IT Icon (x32 Version: 6.0.48 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{84663FDA-1374-4048-9869-DD4A8784785A}) (Version: 6.0.16.1 - Hewlett-Packard Company)
HP Client Automation Application Manager Agent (HKLM-x32\...\{71C1542A-0767-4731-B4C9-119073501295}) (Version: 9.00.0000 - Hewlett-Packard Company)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.2.1744 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4DF9B25C-CC68-49A4-B169-9F49B92368E0}) (Version: 4.6.17.1 - Hewlett-Packard Company)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Fonts (HKLM-x32\...\{05FCDAAC-6974-439F-872C-6921F1424FC5}) (Version: 2.0 - Hewlett-Packard)
HP HD Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10251 - Realtek Semiconductor Corp.)
HP Hotkey Support (HKLM-x32\...\{53C48A27-4079-49EB-8E73-76BA85D2BF6F}) (Version: 5.0.24.1 - Hewlett-Packard Company)
HP IT Virtual Smart Card (HKLM\...\{9A596030-75A6-4157-8D35-E453A62975AF}) (Version: 1.08.4 - Hewlett-Packard Company)
HP Lync Diagnostic Tools (HKLM-x32\...\{642C71D9-6EB3-4B7A-A2F9-043774138614}) (Version: 1.4.1000 - Hewlett-Packard Company)
HP MyRoom (HKLM-x32\...\{A971B592-E7E8-4DDB-8961-2253E154856A}) (Version: 10.3.0104 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.37 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)
HP Timing Service (HKLM-x32\...\{C74C286B-67D8-453B-A639-9C99053E76A2}) (Version: 2.2.1503 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP USB Port Replicator (HKLM\...\{3CF82DFE-969D-4E2A-A7CC-CF8FCE081E98}) (Version: 7.6.55872.0 - Hewlett-Packard)
HPCA_IRU (HKLM-x32\...\{67BC0C72-C1CE-49FB-B70A-E11CDD6619BC}) (Version: 2.0.0 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3324 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1332.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.6.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Juniper Networks Secure Application Manager (HKLM-x32\...\Neoteris_Secure_Application_Manager) (Version: 7.4.0.30667 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Juniper_Setup_Client) (Version: 8.0.8.53815 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junos Pulse (Version: 5.0.53815 - Nom de votre société) Hidden
Junos Pulse 5.0 (HKLM-x32\...\Junos Pulse 5.0) (Version: 5.0.53815 - Juniper Networks, Inc.)
LibreOffice 4.4.6.3 (HKLM-x32\...\{1013DB12-EC2E-455E-B5ED-BFD056DC1A99}) (Version: 4.4.6.3 - The Document Foundation)
McAfee Agent (HKLM-x32\...\{76473CBB-FE8D-4E3A-9591-CD6EFB621063}) (Version: 4.8.0.1938 - McAfee, Inc.)
McAfee Host Intrusion Prevention (HKLM\...\{D2B9C003-A3CD-44A0-9DE5-52FE986C03E5}_Uninst) (Version: 8.00.0600 - McAfee, Inc.)
McAfee Host Intrusion Prevention (Version: 8.00.0600 - McAfee, Inc.) Hidden
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.06000 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Runtime (HKLM-x32\...\{1F8E64E0-FFAB-4D7D-A793-F451D580EF65}) (Version: 8.0.50727.76201 - Hewlett-Packard Company)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myITsupport (HKLM-x32\...\{B76E65D8-019A-4326-AA07-B327324F2322}) (Version: 2.1.0.3 - HEWLETT-PACKARD Enterprise)
NICE Perform ® Release 4.1 - Player Codec Pack (HKLM-x32\...\{C54A4D7D-A50F-43CF-9E65-CA4B9BBC5D83}) (Version: 41.0.0005 - Nice Systems)
NICE Perform ® Release 4.1 - ScreenAgent (HKLM\...\{35043AA2-F0F2-4EF5-BBED-6A5E4A7BBDC1}) (Version: 4.1.1102.451 - NICE Systems)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outlook Diagnostics (HKLM-x32\...\{8BD2B13B-9361-4005-B5BD-7FBEC4AEB105}) (Version: 2.1.0.20 - Hewlett-Packard Company)
PC Backup Agent (HKLM-x32\...\{393E4C89-67E9-43BF-AD29-94D19F7624F7}) (Version: 8.4 - Iron Mountain)
PC COE (HKLM-x32\...\{DF6F1789-2C07-49CB-993D-6B3D5586C34E}) (Version: 31.1.2 - Hewlett-Packard Company)
PC COE Required Settings (HKLM-x32\...\{4D9D12CD-B714-4A8F-A4AB-C33C4DD7F770}) (Version: 31.1.0 - Hewlett-Packard Company)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.23 - Realtek Semiconductor Corp.)
Remote Access to HP Inc. (HKLM\...\{657D03BC-DB47-47C8-9529-EADBB167AF4C}) (Version: 1.0.6.52064 - HP Inc.)
Security Task Manager 2.1 (HKLM-x32\...\Security Task Manager) (Version: 2.1 - Neuber Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Simple Sticky Notes 3.0 (HKLM-x32\...\Simple Sticky Notes_is1) (Version:  - Simnet Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.23 - Synaptics Incorporated)
Tanium Client 6.0.314.1195 (HKLM-x32\...\Tanium Client) (Version: 6.0.314.1195 - Tanium Inc.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Terminal Emulator R16 (HKLM-x32\...\{0874C225-BB08-4996-8C9C-A21AE13EBE3A}) (Version: 16.03.008 - Avaya)
Tweaks.com Logon Changer (HKLM-x32\...\{12F8EFF0-5C16-473B-99AD-67AB866C3E07}) (Version: 2.0.0 - Advanced PC Media LLC)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
WinMend Folder Hidden 1.5.3 (HKLM-x32\...\WinMend Folder Hidden_is1) (Version:  - WinMend.com)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Winpopup Server (HKLM-x32\...\Winpopup Server) (Version:  - )
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1957994488-842925246-40105171-1743549_Classes\CLSID\{ac2d1bd0-b12b-8a7a-9cfb-9deaff6757421}\InprocServer32 -> 0x8C5139742518D1018F592860BC18D101020000000400000000000000 => No File

==================== Restore Points =========================

05-11-2015 23:56:41 Removed Chrome Remote Desktop Host
06-11-2015 00:02:17 Removed Google*Earth*Pro.
06-11-2015 00:11:18 TrueCrypt uninstallation
07-11-2015 19:13:25 Removed Outlook Diagnostics.
07-11-2015 23:02:19 Installed EMET 5.1
07-11-2015 23:05:50 Installed EMET 5.1
08-11-2015 11:58:39 Windows Update
08-11-2015 13:31:56 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2015-11-05 18:51 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01352D68-2AEC-4FFC-AF99-9CB2EFD504AF} - System32\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}001 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\Aimsi.dll,RunPatch
Task: {152892FD-93A8-411F-A0C7-D0591FB12853} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {28271F2D-3318-4332-BB32-404F982DACA2} - System32\Tasks\{133F8D40-91F1-40CE-B193-02893733E7FB} => pcalua.exe -a "C:\Users\elhamzaf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I6VABRLR\NetFx64.exe" -d C:\Users\elhamzaf\Desktop
Task: {3504F2C4-18ED-47BC-B34E-F458962BCECC} - System32\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\critupsi.dll,RunHourlyHook
Task: {3779C535-CA11-4159-8F85-5CF98726ECCD} - System32\Tasks\IDA{24AB88C9-D233-48EF-9EC5-79D902043D09}000 => Rundll32.exe C:\PROGRA~2\HEWLET~1\PCCOE~1\SWBUND~1.DLL,RunSWBundlesSnapin A
Task: {39AC9638-FD00-48FE-8D3D-433A7370B7FA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3E357F9E-D200-4E4D-BCFA-869122FFADDB} - System32\Tasks\{D898B789-52DC-42E3-B3D6-1F1CE848B40D} => pcalua.exe -a C:\Users\elhamzaf\Downloads\sp66915.exe -d C:\Users\elhamzaf\Downloads
Task: {41E8CAED-74BE-4DB0-8A8B-605403CF5B6A} - System32\Tasks\pcpm-consolidator => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe [2010-10-28] (Hewlett-Packard Company)
Task: {6CB3E546-975D-4FD3-BDD3-559131B6B68F} - System32\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}000 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\Aimsi.dll,CheckForUpdates
Task: {70BD6712-05A3-4742-BB0D-D4632F3179D0} - System32\Tasks\Smart Client => C:\Program Files (x86)\SmartClient\Smart.exe [2014-08-25] (Hewlett-Packard Company)
Task: {7577C2FD-6EC0-4A97-BF0D-A0C6AB72908C} - System32\Tasks\IDA{EF242085-E950-E7C0-982D-AC0CAEF9D2B1}000
Task: {757A1885-A1FA-482E-96BB-59462BD2F3BF} - System32\Tasks\Moin Moin => C:\Program Files (x86)\Avaya\CMS Supervisor R16\acsRun.exe
Task: {A2014BD3-EEDE-46A5-BFA5-5460FA094D2B} - System32\Tasks\BitLocker Reminder => C:\Program Files (x86)\SmartClient\Reminder.exe [2014-08-25] (Microsoft)
Task: {A3D76CD0-E0AE-4724-A998-3D1E381825A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {A83D8FD7-5227-4DEC-B951-6F80F5E734C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A89E4B2F-D8C5-4FDA-92C6-5B7D529BEB75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C25BCE29-281A-4C4D-8D23-58A78AD1152A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-03] (Adobe Systems Incorporated)
Task: {CE0CC0BD-FB96-4C14-8CCE-C12FFA3D8CDD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D171B403-6A5C-4510-9378-3B44324C2F8C} - System32\Tasks\pcpm-collector => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe [2010-10-28] (Hewlett-Packard Company)
Task: {D44543A5-9E5F-40EC-8030-E9B8C6CF2D71} - System32\Tasks\Maint => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe [2010-10-28] (Hewlett-Packard Company)
Task: {E0EF639D-35DB-4450-90DD-3652449F8614} - System32\Tasks\IDA{DDC3038B-D87C-4DE6-AD88-05C6E3962FA0}000 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\SWConnSI.dll,SWConnect
Task: {E4693A6B-E91F-4377-928E-9FBCC9E7E5C4} - System32\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001 => c:\Program Files (x86)\Hewlett-Packard\PC COE\coetl32.exe [2007-06-24] (Hewlett-Packard)
Task: {E9504D34-C152-414C-8D5C-BBA771497A0C} - System32\Tasks\CFUWrapper => C:\Program Files (x86)\Hewlett-Packard\PC COE\CFUWrapper.exe [2012-10-26] (Hewlett-Packard)
Task: {EEF47720-0C12-48CC-8DCF-9F8D18773F62} - System32\Tasks\IDA{96A23EF4-3F38-4839-B12A-860409AC2861}000 => Rundll32.exe C:\PROGRA~2\HEWLET~1\PCCOE~1\BIOSSI.dll,RunBIOSSnapin
Task: {F506D7CD-87FA-4650-8311-0B05C0EC7563} - System32\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000 => Rundll32.exe c:\PROGRA~2\HEWLET~1\PCCOE~1\clinvsi.dll,SendInventory
Task: {F5E8A8AA-0A2C-4306-AD18-F954838E84C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\CFUWrapper.job => C:\Program Files (x86)\Hewlett-Packard\PC COE\CFUWrapper.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}000.job => C:\windows\system32\rundll32.exe7c:\PROGRA~2\HEWLET~1\PCCOE~1\Aimsi.dll
Task: C:\windows\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}001.job => C:\windows\system32\rundll32.exe0c:\PROGRA~2\HEWLET~1\PCCOE~1\Aimsi.dll
Task: C:\windows\Tasks\IDA{24AB88C9-D233-48EF-9EC5-79D902043D09}000.job => C:\windows\system32\rundll32.exe C:\PROGRA~2\HEWLET~1\PCCOE~1\SWBUND~1.DLL
Task: C:\windows\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000.job => C:\windows\system32\rundll32.exe7c:\PROGRA~2\HEWLET~1\PCCOE~1\clinvsi.dll
Task: C:\windows\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001.job => c:\Program Files (x86)\Hewlett-Packard\PC COE\coetl32.exe
Task: C:\windows\Tasks\IDA{96A23EF4-3F38-4839-B12A-860409AC2861}000.job => C:\windows\system32\rundll32.exe6C:\PROGRA~2\HEWLET~1\PCCOE~1\BIOSSI.dll
Task: C:\windows\Tasks\IDA{DDC3038B-D87C-4DE6-AD88-05C6E3962FA0}000.job => C:\windows\system32\rundll32.exe4c:\PROGRA~2\HEWLET~1\PCCOE~1\SWConnSI.dll
Task: C:\windows\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000.job => C:\windows\system32\rundll32.exe8c:\PROGRA~2\HEWLET~1\PCCOE~1\critupsi.dll
Task: C:\windows\Tasks\IDA{EF242085-E950-E7C0-982D-AC0CAEF9D2B1}000.job => Fp elhamzaf
Task: C:\windows\Tasks\Maint.job => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe
Task: C:\windows\Tasks\pcpm-collector.job => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe
Task: C:\windows\Tasks\pcpm-consolidator.job => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDASnapIn2.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-18 13:08 - 2015-03-18 13:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\eds.com -> eds.com
IE trusted site: HKU\.DEFAULT\...\sharefile.com -> hxxp://hp.sharefile.com
IE trusted site: HKU\.DEFAULT\...\sharefile.com -> hxxps://hp.sharefile.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com -> hxxp://compaq.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.ar -> hxxp://compaq.com.ar
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.br -> hxxp://compaq.com.br
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.co -> hxxp://compaq.com.co
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.mx -> hxxp://compaq.com.mx
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.sg -> hxxp://compaq.com.sg
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\compaq.com.ve -> hxxp://compaq.com.ve
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\cpqcorp.net -> hxxp://cpqcorp.net
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\dcu.org -> hxxps://dcu.org
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\eds.com -> eds.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\hp.com -> hxxps://d2t0361g.austin.hp.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\hpe.com -> hxxps://g1t6040.austin.hpe.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\hpecorp.net -> hxxps://c4t12663.itcs.hpecorp.net
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\hpqcorp.net -> hxxp://hpqcorp.net
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\sharefile.com -> hxxp://hp.sharefile.com
IE trusted site: HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\sharefile.com -> hxxps://hp.sharefile.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1957994488-842925246-40105171-1743549\Control Panel\Desktop\\Wallpaper -> C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^launch_splashscreen.vbs => C:\windows\pss\launch_splashscreen.vbs.CommonStartup
MSCONFIG\startupfolder: C:^Users^elhamzaf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^elhamzaf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: AccelerometerSysTrayApplet => c:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: COEMsgDisplay => c:\Program Files (x86)\Hewlett-Packard\PC COE\COEMsgDisplay.exe
MSCONFIG\startupreg: GetITIcon => C:\Program Files (x86)\Hewlett-Packard\GetITIcon\GetITShell.exe
MSCONFIG\startupreg: IDA => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDA.EXE
MSCONFIG\startupreg: JunosPulse => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe -tray
MSCONFIG\startupreg: Lync => "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: PasswordRegistration => C:\Windows\system32\MsPwdRegistration.exe
MSCONFIG\startupreg: QLBController => c:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
MSCONFIG\startupreg: Spotify => "C:\Users\elhamzaf\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\elhamzaf\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Viber => "C:\Users\elhamzaf\AppData\Local\Viber\Viber.exe" StartMinimized

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6B877D3D-BBD9-4A44-BB6C-67140F6ECFAC}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{5259C4B2-0E25-4EBD-9476-D102C59BA9A0}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{19FE08AF-0EF6-4D52-B2B6-8EDCF91229CE}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{84C620BB-E3A3-4EFE-849F-C704AD55B025}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{33477223-34A2-4DE1-A250-A4D29BA4593E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{FAA3F3D3-2055-46AF-B43E-52A7762A1349}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{3F9F922D-F84B-4657-82A6-017A34DAB6D9}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{366F7E01-ABE7-43B4-B825-2ACAF2BEC335}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{1B045724-492B-4F50-B28E-290F7AC1164D}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{553E6FA6-2F6D-4D94-AD29-A6715D1F3720}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{9A47FA20-21AA-4B08-B842-63D0902BA064}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{7AA6E524-BD5A-4BAD-A9D6-5B39DEC179A4}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{14DFCF2A-C0EC-4FBD-8D23-17853D808429}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{80D0C4DE-7191-415E-A171-13F0E74C7FAF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3CB30AC4-E311-409D-81BE-97588C03F52F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5C67F642-0BFF-4E50-A883-3D98F5D60267}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EEDACC4C-C983-4780-B3F6-5DB59DBE35DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8C03C2BE-6134-4DFC-A2B7-E7C3EFA1DF51}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{12ADB01F-D275-4DCC-8037-2425585C79B6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C29DB9AC-61F7-4781-872F-25755229D625}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8DF6BDA2-4B3D-45AC-B448-13C648DFCCA1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FED068A4-41DD-43E4-A834-2D2FEA69CEDC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6F82D59F-2520-48BB-BBC8-BA961FC30B5F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5843AEB4-EC70-4452-A9EE-362ECACC11E8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0D56E31D-D588-404A-BC5E-F48E5610351B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{837FCE06-B75C-4934-85FA-EA366D90BD7E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D2471028-93E1-42A0-9078-B3608311BFB4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F3A44A2F-1898-4808-B8A2-D067ADD900E9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A6AD1534-6E9A-442A-A579-DC67EC470696}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{64ED1668-AAE0-4970-A602-673455A9A74F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDD91197-A297-4709-931C-DDEF2E72672E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{65628C25-5DCC-4C99-A316-DE5A9A963550}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3D2998F2-AB33-4CD0-AD94-ABFEEE18F087}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A61DFF9E-A69E-410E-9C1A-AD2ACF8DE52D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4B9E26B4-A453-48A0-8434-4F7A1DF122C2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D86433CC-0417-49AE-9F09-AA20A161A612}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5B99F45C-9552-45A2-ADB1-3BCB6B257FED}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0FEE0617-FD1D-4FAD-A737-1A9BEB4A3679}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DFC57920-04E7-4E40-8581-1E14AE5D0B1D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{682A43C2-8558-47C2-836C-41BC6CDDA843}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6C45B71B-CB04-4FCE-9BE0-8CA0DAEB0DDA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5CC680F9-7457-499F-A5DA-F843970FF421}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DBA51A1F-268E-4376-8C9C-58766E172577}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDFECD72-3051-4EA9-8C5F-08C0FD37B72E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B412496D-C321-4F79-A919-4686441C5DBE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{940DB9E2-0E1C-47A0-94FB-A604D4D75ADC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A445DCE9-C50A-46F9-874A-A00F3B9DB342}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A7F5F09B-0A84-447B-B5E3-BD8C58863022}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F655EF34-C85E-4134-9544-998C2031334F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3DF42A09-0485-4939-8022-86675DAE78EE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BD56217D-DEAE-4778-A1EE-A7BBD7CD75A9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C2120EE2-58BA-455B-B7DC-FE81530294E1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{38110079-0390-4977-801D-A6C5221EAB01}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{895D708C-A6CE-4C70-BDE2-E067579B8FE6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9EF98CCA-64FA-45C1-A90C-C93D7E209834}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{95725A49-1E66-45F7-8A40-482BA1841B35}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0A8996A1-63E9-4008-8F66-D0223D59A1BE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E8F4C267-E746-40ED-A579-169F3A45ADD7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{52780099-51F5-4CBC-A9EA-0A4027B2CBA6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DBBE5286-F8A4-4317-B75A-D30097027B81}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CBF28D68-A1BC-4B22-8DDC-9E355BCAE5EB}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B6D00574-4D61-46DF-AF29-4CB9BBEBA6ED}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDE55CF1-DBDE-429C-84F9-C9C42EA5D8B5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5A586752-0BBA-4656-B70D-B1091A3218ED}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4A6FA137-2725-440D-8DA3-A2E177C3700B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{29653673-371E-4E1D-A58D-97C4CED16787}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ABF73525-1D47-4469-8EA4-EA98190051FE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{924A3C43-4A98-4C89-96F4-EC414B1A96D0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9F3AB09F-A181-43E1-805E-06E3CE6AC5A4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1F6C1A77-851F-4E3E-BC5D-BD3FA6FF9996}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{42601620-20BF-4D75-9AA1-CDDCC7429F09}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{06C68B23-C054-4B09-BB00-106022B789D8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C4BA8409-E121-4BE6-B64E-ACC23C40F298}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F63AB391-A4C1-4FCA-A2B1-D373A0B7BA17}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{25040186-91A3-4A70-AC2C-486C66E6DA38}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D3AA5012-90AB-47EC-B268-3A087BE21C0A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{89E95580-DC9E-48CF-AF21-B900A916FEB6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5D5C4979-1B8B-4231-835B-7F3266E3DEB4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{30639500-CD45-47B3-86BD-6307F1D1CDE0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{01233B61-450C-4990-A838-7CCED68DBE67}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9600CF08-1487-4E73-B5D8-0A54FDBC74D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9ACB4E22-E8F6-44B5-8759-4D91B71C5B6F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A4350759-7970-4DCA-882C-10A4DB5848C4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FB9E1234-08DA-4422-BC91-3F745C890B7A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8C514DCA-8501-4056-A2B8-31B67C741C48}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{23EAF87D-98AD-455D-B1FF-E1228C1D6900}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9CE4783F-E0A4-4AD9-9447-C837557FBE4D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A8AB2BEA-B06B-45F1-AB39-2C97FD5EB7F7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A0F790B6-7EA4-4E53-A84E-179D1C1C49F1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B8D37D3B-79FD-44D6-A0DD-B0A036B216C5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9DF1740B-AAE5-4105-BC30-AF0380131315}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F1023225-0017-448C-8A9B-0DD6904B9BAC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{294464D3-2390-4101-8AA2-193720F1996B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E589F255-D6D8-4FAB-9340-9C4AA0ADC37B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{40F0709E-7DF3-4FA9-8E64-308A951D2AF7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A50300CF-58E8-426C-8029-B466670E8DB4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{678E2B9A-D3EF-4A68-B378-D7C2683A5DC5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{189F5ADF-8C1F-4285-9AAA-EEA1F2AD6B1A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{05BC0E02-D8EA-4FCB-B0E4-C60DFA78E9C9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5C2B5D80-3CC7-497C-AC5E-5D27FF3C743D}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{C14E8B60-9AB3-4832-84D9-82505E50E214}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{B809C0F0-9D37-410C-8B88-B75C2273E9DD}] => (Allow) LPort=8743
FirewallRules: [{5FB6CB56-5FA5-4EFF-B398-5F55C7CF4A88}] => (Allow) LPort=8643
FirewallRules: [{B80C75D7-DC6D-46E7-B3E3-D36643A2E728}] => (Allow) LPort=7676
FirewallRules: [{E976053A-3EBF-4FC9-8203-4FCFAC49B852}] => (Allow) LPort=7679
FirewallRules: [{B2B34202-393F-4E7F-8E94-6902B0F47912}] => (Allow) LPort=24234
FirewallRules: [{4D4ADA8C-DD2B-4833-B2FF-D6C8C573B569}] => (Allow) LPort=7900
FirewallRules: [{14CBD40A-351C-406B-A6BB-815CA7941A49}] => (Allow) LPort=1900
FirewallRules: [{F9B0E41B-904A-4804-9CA3-769DBB766014}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B2BE1896-8C5F-44D6-882D-A6F5AFA8F493}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{36AD64D7-7F52-41A9-8369-C4254515B8F5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A99CA874-AFE4-47DC-A67C-5C7CC51C9E4B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BA7F4619-34D1-4637-9B9C-21155B10BEF5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F98A429D-4F21-48E7-B043-57A1AE6CC959}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D9DEFFEB-811B-4F15-B3CB-3C72202F43ED}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3EE2A027-8AEF-4E5D-AD11-3B86120EA98C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{75A8091A-C516-49A8-9308-3DACE1BE4B73}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{70F7DCE4-6D98-4DCB-832F-7009C1382CA2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{925B2271-4770-4B31-B90F-2718B8D7DA3D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5595646E-A8FC-4871-9B55-113F99B538EF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E744B5F7-C87E-4A7C-81BA-5944F67E7B76}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A299C17F-DF52-4866-8CE2-2F2A311B3557}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2834FB3C-5D67-4B0F-B8C5-512767B75E1D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DC65438D-2D84-4D60-9C6F-443757D55E9E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D22811F9-3451-4216-8F58-F9BF95066DC2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6CCD1690-A026-415D-8350-FEF6DFFC48C1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B1083203-6228-4836-A5CF-F0E3779DA6A3}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7055042E-B1D2-4AF8-A901-905230A778AE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BA4844BA-A856-4DE6-A8BB-B4984C5D7485}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{191960B5-08A9-479C-8D94-0937A9A5C704}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{31E9D88C-921F-4B19-8897-3C9B6EF9DCF5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CBDE9634-D420-4AEF-804A-A910F9B5ED44}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7565C68D-C760-44D0-9649-514EED2715C2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{492D8C3A-9159-4F21-9DD0-808EEB864FF9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9A8EFD09-4D18-459D-9593-89FE40DE353F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3099E4F6-1809-4678-9A45-A481A8A2366E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E7C25E11-F022-4E35-BF2D-ED67572F5279}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1A2DCFE0-2958-4D25-8A82-F618AA7BAD64}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EBEC6B98-A296-413C-9D3D-A213B021D93D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1F18DF9F-A19E-40A6-8E8E-8FF7720F9B82}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4CBE8654-4B14-435B-A985-33CF71B37FE8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CB5932FA-511D-464C-8670-A2A0F8CCCEFD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B904A73F-F345-4109-9C8C-C847975553B2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C702BE13-121B-424C-9AB6-D73EA5B1DEA5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{43177AD9-27BE-4871-89BA-E93770644713}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B5BD29C3-6952-4EA9-BDF8-9440C254D4CE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{78370AF9-BB3E-4C2D-824B-680382357856}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3771CF43-EB61-4BAC-A9C0-145505E98F58}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{8E163078-ADC8-4772-B6CF-7C4B044A6DBE}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{15FAD68E-4E13-4E31-857D-70C08C4F56D1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0E5C61D4-C093-4CD0-A51F-EF9FB864FC99}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{949D5956-C0F2-4B5D-A990-4F7F05CF349D}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{F2F9481C-9EC1-46B6-91C2-5317D5B184E6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{59D4B9B3-F356-4DDE-97BC-83D6115540CC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDCEF018-0700-47A5-A18F-BE3BB8D2D080}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{A38439F2-D097-4FFD-A130-C5E77E8176D4}] => (Allow) C:\Users\elhamzaf\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D1B375EE-AC2D-45CF-AA28-A0E2AC9BFC0A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{28937B46-ADDB-44CB-8638-5FD9A7B926C6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0D36E4CD-76DA-47DA-BA47-95E6E8669872}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{897B1563-9761-4E8F-AC7B-006BD608653C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A52849ED-B00D-482D-BAA0-AA8DD42C1F45}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0D8D6CF6-156A-4C8F-A160-BB02129FDD6C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E20A7E81-D969-4C0C-AB62-2495442850BE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6621101A-E5F2-4B1C-A2AB-FCF9F05281AA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A97072C0-252B-4B01-BF66-2C67DE242687}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0E88E068-E97C-48C1-A6A0-C676FEB233D4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{70535680-B359-4BAB-A782-84062FD25C23}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6CDB45F5-FE8F-49C8-918C-D8543C82A564}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AC29534B-2199-409B-B6C3-CE7969A0C9F0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B5AC747A-044F-40F1-9D61-B4C2D6C34339}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{93302DFC-2437-455C-9DAD-95AC80FEA5DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F591D558-D25F-43FF-BB49-23410D7CD4AC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9D917FEB-84A8-478E-98F9-A7CAF7B92FF1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EBA41B9B-4B48-4D33-A210-1D699F893581}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{89DF1A12-FFE4-4712-8590-7E650595D1DA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{01A4D2AC-81EC-43F1-9A9D-501547AB0D85}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{73702A98-9148-4E81-AFEB-E59DECD387F9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EC949EE5-90DD-47BF-B8B9-B62D7DDD1F12}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D456168E-D244-41B5-8196-03E5EAC1C016}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8CFB0C9B-9089-4E1F-AECC-2C6605DD61CE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5C0B9A32-F535-4257-A170-8B8A326A78F4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0EEFAC7B-7A3C-4E31-A1BA-F4FA51C45248}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D564B5FC-CE08-426D-BD5D-FB7210C9FA5B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{89A1A2AD-81C1-4C9C-9FD2-0D2C5D76C844}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5D9AD7E1-02EB-4F63-A434-20E49FA51224}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1C0F1365-5D85-4F8D-88F8-A8DFD3A986D9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B3AC272C-9261-4E2D-AF84-E557DE7D0EBB}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5AF09337-3C6A-4450-AD64-EE132BEE21B6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D2428FCC-E17E-4524-B456-A1F4B9E57410}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BD8EA6B3-3B00-4D47-BC19-7066A42C4139}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{390EEF0B-17B8-46FB-897D-F71E7FC31B11}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F3A2C240-301D-427B-ACC8-4F1DEFF260B2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{54EC4D49-84C1-4A64-A5F1-517DD06162A4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5606BB11-275A-448C-AFBC-406F45A7431F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3066A966-4682-463B-8E32-A24E8803DA09}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{85E7FB44-6C6A-4F6B-AAE3-DFEE5E0E8B6F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9AB087CD-3328-47EE-9471-FB3A7FCDDF9E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{029DEC1A-068C-4E47-B45E-9E368B8F86CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3D1BC4F6-838A-42E1-A9DA-8667A9D08613}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2D9963FA-3163-4341-AA40-0B681B5945C1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A5F5ED7D-7C8C-4C5E-8F81-8335DC7FD8B4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{097E2F0C-D1BE-4D39-B49B-804C620E085F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4064D383-A733-4EEC-BAF0-A1D13FDE2761}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{33A5CF06-78BB-4E29-A47B-F8A22DE8166A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2E26899C-E53C-4DCF-B5A0-2EB221865C61}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AAA06A03-3E60-4180-A6D9-CCAFAC766DA6}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C7BB7D62-72A2-450C-93E0-1475C5CD8C97}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5FAEA452-D43E-4DF0-BF40-62CC07886832}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C06AA887-2665-4C12-9523-78531E906590}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5970F23E-BEBD-41EC-A574-17944258C9FF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BEA969B6-8DF8-4BFA-A730-B22B2DB49B39}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{42D2BEDD-42D8-4C2E-9ADD-066B9722DA4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8F33BE45-A324-4D01-8B44-DD5A28772E30}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8AB4C203-194A-423C-9FCA-DCBCD3796517}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D7715132-9C79-4F05-99D8-C03DAB2351AE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{470A5B03-00E9-46BA-B350-A67EC3A0F499}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{334BFC85-C1E5-41B9-91E6-DFBF3A6B63EE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A6BFF72F-53BD-433B-A251-D0BBC5DA108A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{39E786F8-D7E7-4D3E-A18C-56BE1B525675}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6F53DBDC-157C-49A7-8A58-BD64471996A9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C63FCC98-4553-471B-9360-27CC217874CA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FD4B33F7-A498-440B-86C9-16C1529B154B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E25F187A-BB1C-4111-96E7-B27C42C546EA}] => (Allow) LPort=17472
FirewallRules: [{E7D9C6B6-7C5A-4406-B5D1-24FAE2B23A3C}] => (Allow) LPort=17472
FirewallRules: [{E4C5327C-B69F-4E9D-A602-1C8ADB767EFC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{320B92AA-B79D-44C2-BB55-04D3D972DCEE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A342CB97-3497-483B-8C55-3CA53803C97B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{21416E4B-FA0C-4C80-90D8-DE1672BB6B35}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{21CCC654-460F-4E24-ABFF-EA9FD46102DB}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{17766DD5-BBE6-4F52-B0B2-D95D69010B81}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F4BF6F34-5179-4D77-9A07-32239ED324D2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ABEF7C89-914A-4548-9C9C-EE0A21D87985}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{20DAAB47-2A91-4A35-B996-6CA1367DEB94}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6D0CD166-47EE-4CF6-8184-8E9BD2747438}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{557FDDBA-D76A-4864-8AB1-0BE934D9745B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{867E4D68-352D-4CAC-ABD8-D5F96498FD7B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2833B63D-9CC9-4679-93A5-4845538BEF54}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{01C680FB-397A-4491-A238-41D4258A1DF2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D5E38198-82D7-42F5-8EC5-04372A545C23}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DD5BF3E7-38C9-43A7-B379-4EE5E2DAF2AF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5CC745E9-DE0D-4C01-89F0-C4711428A7DD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{60D1C21C-9900-41E1-8284-55EBB022F76A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{36CF3E3C-D84E-41B9-B331-C860F0E9C544}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A59E085C-824C-4085-A0CA-FA1D9CA4F4DF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8813000C-80A3-4D73-97E2-5D4D91E377A7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D9D3DED1-2475-4C42-95AD-96A72CC1A39E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6071F045-B007-4BC7-9322-8F9BCA15157D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F66F1880-AB22-42FD-8A66-FA39E3F0676B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BEDC0940-516B-4441-854E-AABF27A2C9E4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6A175F94-A734-4642-8A68-1D51806560AA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5A58A956-F265-4912-BE35-6D6ADE3F2677}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{56E9D6B5-2651-4F7F-9E44-33E59CA5BEFF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C05BD37F-3B63-4781-918A-15132DF4D869}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D87668BA-1371-443A-A45A-FE92865EE453}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0E24F8B1-B5EC-4D21-8D20-8FECA6F148A2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{99B70ACB-2135-4CD6-96A4-27D8524B80D0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ACC24C31-5439-41E5-9B84-F7740C435D14}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FDA4807A-CFEB-41CE-9631-6C30C3649906}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9D0251AD-3115-4E76-9A18-3ED12F2ECD81}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0A98018E-B88A-47FE-8ED1-D93BD3FC9DCD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1F0A6A40-0008-4185-A943-6F77765EA044}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{30731C71-8ACC-4ED1-85CF-5A6FFD9A4B2D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D5F7BEFC-E78A-459B-8D65-9545AF2FDD3A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{462B2985-0DC3-4407-89C5-983DAB3EF91E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4A3AC8BB-3D74-4285-8351-F2646581B815}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{89F4C088-CCF5-4C87-85AB-51EF23DF0126}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EC89FDCF-49FF-4FC4-808D-91147558E807}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{39A5E32B-73FD-4039-91CB-72DDC0F2BE6C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{22E66F31-F5C0-4107-ACFF-9DCDE7DCA5A4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0647DA57-E644-4387-B2C4-770408265C49}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{201A7EE8-604B-43CF-BA28-1A4AE741C797}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A1E7DF2C-9892-4291-9ED7-37F5FDA8B66A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CA441A18-246F-44B0-8863-8A0F4CAC4BC1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ABD2AACC-F360-4438-9F92-C646C4E91EF0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{335A0162-E171-4A39-8FCC-7A950A25BB26}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D8F56268-B417-4DD2-9AB1-3F3A3876C5F9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{52BA2E2A-C547-4B9D-9ECA-69613E4E3A27}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{641CC4DA-0D06-45A4-A95C-5D36DFD0B40B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{354B2E51-5DFB-441F-8857-3453972073FE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1A543321-1F91-46AE-91BF-9456CB5467A8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9B1B5F25-9760-4EC2-8F28-656D0870A357}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{66735F07-E016-4765-8F54-71BB178D1C06}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{62731332-DC6D-482F-BDD5-09BC0F8EDB9B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F6899D00-FFB9-477A-BA40-2B10119B2F15}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{65BE98AF-076B-4FAD-9C0D-FD472318A0BF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5B53E9F0-334B-457F-B32B-0AB509CA0BDE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{57CD081C-7A9B-4923-B99B-762DADFE2A60}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2E76CE6A-56E1-402E-8454-2E7F0ABA5EC5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5CEDF327-CF06-4BE1-B437-0AC6D498CB46}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4886296E-02F1-454C-8FFA-D4902F1BE1B2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{45B6417B-AD29-4888-824E-F460704CB0AB}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{40AEEBC1-393E-4C0F-B5FF-D0825DBCC465}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CE0E6407-8F22-4842-9AE5-AB92662EE77C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AA8827E7-8161-451B-9AF2-4F5474EE3524}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0AB98E0E-F5D3-4C41-A6D0-637978468F51}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B07D7261-388D-4C9F-8E80-D25E15E54BDB}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{4EBDC225-FE9E-42FC-9D6B-8B828513FA71}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F0818ACB-7FF0-4F40-9637-D87DE4DAF62C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0A8EAB56-76E3-46BF-BD38-77883E891B56}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AA111493-2E44-46D3-8C4A-2887B5487B0C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FB292B26-0D5E-4A44-834A-2770B9B1C313}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F80C3D1B-82BF-4031-B19A-421A41BCE1BE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{CCA0554F-06C2-4ADA-9724-0CC11393C260}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B1229FF1-22D1-46A6-9C3C-6BD758E9BC11}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2D3851B5-AFE9-463A-8D1E-563B4BF5FB61}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8973DAF8-4878-43FB-921C-10BCDA86D8C5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1ABD8091-36D3-4C40-AA01-FCEB8FDF7F0E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B4046244-E83C-4D37-92A5-66808D30BB70}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7EA04E23-9D3A-417A-9A16-928F1B52D5A1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E2E93C4C-6B6A-4407-B09C-C668A93FC3DD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5B77B001-A275-4C7C-AFC7-0EEDBFDC0274}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8190161B-58FE-43FE-8E04-276AB3397EBE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A4867777-57F1-4240-A46C-7F3DECBC5D79}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3F99B0CF-9F1C-44C6-916C-B22FB64C42A7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B6F0271E-1D63-4942-A1AD-E1F4BBF4285B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A91029EB-0A5E-4447-8380-FF71A8822986}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BD68C7ED-FEFA-4795-8250-B63E8CAB04F5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5D4E8048-2882-4483-821E-325C011FDA11}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A5E480D8-9027-4E28-99FB-99FB9BEF8E18}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{81295DB3-CD7D-434D-B198-4F9116A0EF83}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AB324DF7-FAA5-43A3-8BCE-A77B61910953}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7D42B9D7-65E2-4A83-B990-27D87BCC8499}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9FA433ED-84B1-44C8-84DF-9153872BFCD4}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{41F0609A-9EF2-4A0E-92F0-A6AAF8C08841}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0CA3D86B-AD6B-4AA3-82BF-8D7016AE6D37}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8B67A401-16AB-41CB-94CA-28FC9BCB4BE9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0BE56E98-E867-4972-B83A-3B965E3178C0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AA096550-30ED-4419-A4A6-83BCCAE5A1AD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{655EBDA6-0924-4B3D-B32F-3095BEBACD70}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EAFA8521-E833-4C62-96F6-4B02677A4012}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7E594D82-17E6-40C0-B368-7D1E50390630}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3479B766-CF57-479C-B9C7-51FA74F502DF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ED274C6D-2BDB-40E8-BE14-71506B481FCC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{53412E4C-CC27-4144-A0B6-DF637E4F0BF1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{21EFBF58-E7D1-4AE7-8D54-B246E43395A9}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6F622E8F-94FC-4123-9B9D-38AFA638CF69}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BD6ED27C-0D78-4D17-8DD6-8B9C464C681F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E47379DC-8AC9-4C52-A21E-CC2F4A832317}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EA49CEB6-8224-4152-B28B-D8FD812C1D9F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6CC65C71-9CD4-485B-9BE6-6D750B73A227}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C3D5BC42-004C-4FCC-B2A3-1387E5EF0769}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F4D5AF6A-205A-4FE8-981A-82BC2BFCFBB8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EB68DCFA-0461-42CF-BF2B-5AA3B90E2E8B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{98C0D004-B32A-4BBC-978C-A28B2E9972E5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{61ADE0C0-0D8C-4AE9-B96A-B3A57B552BE2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FFE166DC-9A45-4117-8A38-A847EEE1E837}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{659C076D-1D5A-4EFC-B865-08A113638707}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1CB58E41-2D49-467E-AEF9-3F4F985E3C5C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C7028667-B8E9-4246-BB28-5AC91A6BE9E0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D50E5BC4-8ADA-4ED1-9825-3AB8AE5E922A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{52C4100A-AD20-43B9-9C3E-78A5989CD270}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F202F25E-46D3-41C1-B42F-BA70398A5B5E}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{20997FCB-E9D7-4423-8A90-7BF7931B591C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{3CF6977B-BABD-4DD2-9AEE-A3C0F0850F82}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{DFDE1788-35C1-46DA-B96F-BC7395BA160B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4FF8D497-8DB9-4422-8580-9383BD24A312}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F3C5CE44-30FE-4CED-ACAC-5BE33AEEABBF}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E44BC2C8-548A-4339-B22C-49CB43476B00}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{061D60E1-B3C7-47FB-A983-6084E516BA22}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E64E8336-D744-43DC-9712-187FF6F26C91}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F96149F3-794C-4EF7-A287-A324400864EC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{33BA013F-C0E4-49E4-85C6-9C2381D5F4C0}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A8CAA63A-1F7B-4521-89F9-C02C06C15AA5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{4A844C3F-DBF8-43FB-B292-31AE9661E527}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C4E538BA-279B-4268-BA3F-B407E7AA13E8}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C3427C80-4473-4E3B-BAFA-D2DFB04D8C9D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{678A6C02-E578-4CCF-A139-8B5C2C2D49BC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FB919C48-E3D9-4E22-94A0-99EAD746F3DA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{91A08A33-22E1-43B5-A2E6-A61BB2EE9D5C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{6F768B61-E39C-4D61-821F-A0F403EF5827}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F610FF61-BA1D-4A38-8766-12F87D763FAC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{43BE44FC-FCCF-4EAD-82D7-E75EA4BD8420}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{E7738E91-41C6-49EC-A93C-FB725D2C080A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8C1B9339-7E56-4D2D-952B-F24687F7280D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D722A690-75AB-468F-BEC5-0CCFD089D18B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{09DF5277-1563-46FB-B806-AB3A9811FF01}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{66516131-BA69-45DA-A0C5-528CEFC2BC73}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{AA64BCAE-5F67-4FA6-8DDB-7896FFBBBF04}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{83A43166-BE9C-4C3B-838A-D90057D765F1}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{EAB4C097-38F6-4F84-B78C-3FF1C8A384C3}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0CC7401E-4752-4A6E-A0EB-A987CCEA106C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{80EB0772-23C5-4751-B1B6-A20D83942BB7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B74B7EE6-8484-4052-9595-B3B3412E3641}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{2BC32A12-AC94-427A-975F-F525FD4DA28B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B3F9FBA0-D79E-4C3D-BA8A-767F3530F919}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{45D3BB27-D217-4550-B926-200ECED8051A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8589FC9C-2FAD-497F-96EB-063F90CCD860}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0227003F-0335-402D-971B-E078CB53F0FA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{5278F6D9-030A-4A6E-985E-8289B5F10E77}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{43ED94DA-0C6C-498A-A4AB-C123BCE73134}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{7C0131B4-4957-48C7-9514-58D44FFD476C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{87F94344-C8B6-4CA9-B727-2FE2218C6503}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{42493F0A-B4DB-4D02-88F4-8DCFC37A9928}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8CD38E54-B069-4581-8100-320CB21FB2A7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FF96FCCC-DE7D-47E5-BB29-19F30598AF3D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{0DB77313-08DA-4511-B0B4-49A856DCD767}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{1E22B3E0-EE8B-4626-8853-E6E04B2DA00D}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{8BD5712D-031E-40A6-B8F0-A01B3198FF2A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F44C8977-0860-4302-86C2-EC63799CC5EA}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F7366B5F-7CC6-4385-900E-FBBCE762D68A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{73D552D0-4320-4953-8F6D-1312420A3128}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{73771757-35C9-4D01-B303-75D16D54BCAD}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{90DE3F24-6F76-4BC3-A613-3F9E88861E34}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{252BC2E5-B10D-4AAD-A105-012F9ACE736B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{546F7334-3B9E-4163-BD2F-25D5663AACD2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{FCB6470A-E229-4CAE-A03B-52AAF199A6CE}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{ECA32A35-4A18-438F-897D-C4F2D52FFABC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D5CAF117-DCBE-440E-8A80-0D01CDAE7173}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{476E05C8-5190-4378-BE54-5A6E15D5D55F}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{B1A2B711-40B6-40FC-89E5-74ACB3195696}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{95F49684-5394-490F-9AC0-9CE7E62CF2B7}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{BCD70D1D-4B94-4C6F-9726-DF5F53D2F264}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{96E14C05-6350-4B8C-9134-3281190E3BD7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{36E320D6-92D8-48D5-A297-CA3D936B108C}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{9425E179-F5A9-4004-9064-D81498D1B2AC}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{A1980419-4330-4AEA-B661-B993B60C4FD2}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{D7A37C3A-505A-4FDC-BBDC-15D485AE3461}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{F4C19AAF-B965-41EB-96BC-74C17C071B9B}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{C321E507-FCC4-4CA5-BA5F-5A35FA4A3D8A}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
FirewallRules: [{44DB8CE3-EE46-4DED-8D3B-68F1362D21B5}] => (Allow) C:\Program Files (x86)\Products\Time Service\svctimehpc.exe
StandardProfile\AuthorizedApplications: [C:\PROGRA~2\HEWLET~1\PCCOE3~1\OVCMS~1\radexecd.exe] => Enabled:HPCA Notify Daemon

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VSC for SMARTCARD DB
Description: HP IT Virtual Smart Card Reader
Class Guid: {50dd5230-ba8a-11d1-bf5d-0000f805f530}
Manufacturer: Hewlett-Packard Company
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2015 04:20:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/08/2015 04:20:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 04:20:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 01:35:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/08/2015 01:35:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 01:35:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 12:04:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "ASP.NET" (ASP.NET). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/08/2015 12:04:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 12:04:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/08/2015 12:04:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "ASP.NET" (ASP.NET). Der Fehlercode ist das erste DWORD im Datenbereich.


System errors:
=============
Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/08/2015 04:16:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computer Browser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


CodeIntegrity:
===================================
  Date: 2015-11-08 13:29:24.067
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-08 13:29:24.020
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-08 11:42:22.990
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-08 11:42:22.943
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-06 17:49:33.461
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-06 17:49:33.415
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-04 10:49:55.256
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-04 10:49:55.209
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-26 15:30:46.859
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-10-26 15:30:46.812
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\radiamsi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4300M CPU @ 2.60GHz
Percentage of memory in use: 13%
Total physical RAM: 8089.11 MB
Available physical RAM: 7020.08 MB
Total Virtual: 18087.3 MB
Available Virtual: 17053.9 MB

==================== Drives ================================

Drive c: (PC COE) (Fixed) (Total:464.78 GB) (Free:328.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85B595F2)
Partition 1: (Not Active) - (Size=500 MB) - (Type=27)
Partition 2: (Active) - (Size=499 MB) - (Type=27)
Partition 3: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
         

und FRst log


FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by elhamzaf (administrator) on ELHAMZAF2 (08-11-2015 16:34:17)
Running from C:\Users\elhamzaf\Downloads
Loaded Profiles: elhamzaf (Available Profiles: elhamzaf & hpadmin & administrateur)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [McAfee Host Intrusion Prevention Tray] => C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [239848 2015-06-24] (McAfee, Inc.)
HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-03] (ActivIdentity)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-03] (ActivIdentity)
HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [153816 2013-11-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [BLEServicesCtrl] => c:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "c:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [8628224 2014-09-24] (Broadcom Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-04-07] (Synaptics Incorporated)
HKLM\...\Run: [PasswordRegistration] => C:\Windows\system32\MsPwdRegistration.exe [31080 2012-01-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-06] (IDT, Inc.)
HKLM\...\Run: [HPRAService] => C:\Program Files\RA2HP\HPRAService.exe [610304 2015-05-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [244080 2015-08-20] (McAfee, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-12-10] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [304568 2010-10-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AgentUiRunKey] => C:\Program Files (x86)\PC Backup\Agent.exe [239104 2010-09-08] (Iron Mountain Incorporated)
HKLM-x32\...\Run: [eepc_SmartClient] => C:\Program Files (x86)\SmartClient\Smart.exe [139264 2014-08-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-09-26] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [MigDetect] => C:\Program Files (x86)\Hewlett-Packard\PC COE 3\OV CMS\lib\cache\HPQ_MIGRATION_TOOL_EN\MigDetect.exe [448512 2015-09-30] ()
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [337776 2015-02-10] (McAfee, Inc.)
HKLM-x32\...\Run: [IDA] => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDA.EXE [373760 2015-01-26] (Hewlett-Packard Company)
HKLM-x32\...\Run: [JunosPulse] => c:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2537816 2015-02-24] (Juniper Networks, Inc.)
HKLM-x32\...\Run: [myITSupportE] => C:\Program Files (x86)\myITsupportE\myITSupporte.exe [1754112 2015-09-22] (HEWLETT-PACKARD Enterprise)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoOnlinePrintsWizard] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Run: [GoogleChromeAutoLaunch_4B4F5D917FAE7DBFD434A8BF47BC31E6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk [2014-05-21]
ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lync Monitor.lnk [2015-07-24]
ShortcutTarget: Lync Monitor.lnk -> C:\Windows\Installer\{642C71D9-6EB3-4B7A-A2F9-043774138614}\NewShortcut41_A542611226524D189A82B5C5C0EA8C73.exe (Flexera Software LLC)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\create_shortcut.lnk [2010-11-25]
ShortcutTarget: create_shortcut.lnk -> C:\Users\elhamzaf\create_shortcut.vbs (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reg_off2k7.lnk [2010-11-25]
ShortcutTarget: reg_off2k7.lnk -> C:\Users\elhamzaf\reg_off2k7.vbs (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\set_theme.lnk [2014-06-04]
ShortcutTarget: set_theme.lnk -> C:\Users\elhamzaf\set_theme.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\create_shortcut.lnk [2010-11-25]
ShortcutTarget: create_shortcut.lnk -> C:\Users\elhamzaf\create_shortcut.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reg_off2k7.lnk [2010-11-25]
ShortcutTarget: reg_off2k7.lnk -> C:\Users\elhamzaf\reg_off2k7.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\set_theme.lnk [2014-06-04]
ShortcutTarget: set_theme.lnk -> C:\Users\elhamzaf\set_theme.vbs (No File)
Startup: C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-07-18] ()
Startup: C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2015-08-06]
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office\Office15\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-11-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [HKLM] => Proxy is enabled.
ProxyServer: [HKLM] => hxxp://autocache.hp.com
AutoConfigURL: [S-1-5-21-1957994488-842925246-40105171-1743549] => hxxp://autocache.hp.com/
Tcpip\..\Interfaces\{61DB6A54-A31E-4D7A-B5E8-137A30C8DC35}: [NameServer] 16.110.135.51,16.110.135.52
Tcpip\..\Interfaces\{B3BA9131-D68E-4432-ACD6-FC43AB21C6F0}: [NameServer] 16.110.135.51,16.110.135.52
Tcpip\..\Interfaces\{CBFCF164-8F70-4593-8BF0-B61D47F572CA}: [DhcpNameServer] 16.110.135.52 16.110.135.51
Tcpip\..\Interfaces\{D29FFDC0-DF00-4BEC-999E-B329551E123A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1957994488-842925246-40105171-1743549\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1446764286&z=2d54cf74e8fde472708cc9cg6zez2q0m3qaz6ofb7q&from=amt&uid=hgstxhts725050a7e630_tf0500wh1shtnl1shtnlx&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1446764286&z=2d54cf74e8fde472708cc9cg6zez2q0m3qaz6ofb7q&from=amt&uid=hgstxhts725050a7e630_tf0500wh1shtnl1shtnlx&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20150929070614.dll [2015-09-29] (McAfee, Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-10] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20150929070616.dll [2015-09-29] (McAfee, Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-10] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1957994488-842925246-40105171-1743549 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems Incorporated)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {00000035-9593-4264-8B29-930B3E4EDCCD} hxxps://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall35.cab
DPF: HKLM-x32 {AB01FF2E-A848-410C-B47B-CB467C476AD9} hxxps://g4t7453.houston.hp.com/hpSmartCard/HPPKI.cab
DPF: HKLM-x32 {EF991872-9158-4570-A7FF-E7DBB6A4B8E9} hxxp://192.168.128.85/iqweb.ocx
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://sdcvpn02.omc.hp.net/dana-cached/sc/JuniperSetupClient.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NewTab: about:blank
FF DefaultSearchEngine: Startpage HTTPS
FF SelectedSearchEngine: Startpage HTTPS
FF Homepage: about:home
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-11-03] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-03] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-11-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2013-11-21] (DigitalPersona, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\blekko-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml [2015-02-26]
FF Extension: HTTPS-Everywhere - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2015-03-07] [not signed]
FF Extension: DownloadHelper - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-03-07] [not signed]
FF Extension: CanvasBlocker - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-02-26] [not signed]
FF Extension: JonDoFox - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2015-03-07] [not signed]
FF Extension: NoScript - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-07] [not signed]
FF Extension: Cookie Controller - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{ac2cfa60-bc96-11e0-962b-0800200c9a66}.xpi [2015-02-26] [not signed]
FF Extension: Adblock Plus - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-26] [not signed]
FF Extension: ProfileSwitcher - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2015-02-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-12-31] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2015-09-30] [not signed]
FF Extension: No Name - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]

Chrome: 
=======
CHR Profile: C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (TV) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-12-11]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcjaemihddenoopkkhaamlcoliiiain [2015-11-07]
CHR Extension: (YouTube) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-11-08]
CHR Extension: (Google-Suche) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Google Kalender) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-14]
CHR Extension: (Box) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-04-29]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (FabCam) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-08-05]
CHR Extension: (Google Maps) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-19]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2015-05-14]
CHR Extension: (Need for Speed World) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2014-12-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Foto Rulez) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\odahhdimpaeigjcdbgcnhemlkejclmmk [2014-12-11]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2015-11-05]
CHR Extension: (Google Mail) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-09-26]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2013-11-21]

Opera: 
=======
OPR Extension: (CinemaP-1.9cV05.11) - C:\Users\elhamzaf\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
S2 AgentService; C:\Program Files (x86)\PC Backup\AgentService.exe [7595424 2010-09-08] (Iron Mountain Incorporated)
S2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-01] (DisplayLink Corp.)
S2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-11-21] (DigitalPersona, Inc.)
S2 enterceptAgent; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [811480 2015-06-24] (McAfee, Inc.)
S2 FIMPasswordReset; C:\Program Files\Microsoft Forefront Identity Manager\2010\Password Reset Client Service\PwdMgmtProxy.exe [75608 2012-01-29] (Microsoft Corporation)
S2 HipMgmt; C:\Program Files (x86)\McAfee\Host Intrusion Prevention\HipMgmt.exe [240360 2015-06-24] (McAfee, Inc.)
S2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
S2 iClarityQoSService; C:\windows\SysWOW64\\QosServM.exe [233472 2010-11-09] (Avaya Inc.) [File not signed]
S2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [129904 2015-02-10] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [262544 2015-09-29] (McAfee, Inc.)
S2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [208936 2015-08-20] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-24] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373736 2015-06-24] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-09-29] (McAfee, Inc.)
S2 Radexecd; C:\Program Files (x86)\Hewlett-Packard\PC COE 3\OV CMS\radexecd.exe [353480 2014-08-19] (Persistent Systems)
S2 Radsched; C:\Program Files (x86)\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe [263368 2014-08-19] (Persistent Systems)
S2 Radstgms; C:\Program Files (x86)\Hewlett-Packard\PC COE 3\OV CMS\Radstgms.exe [373960 2014-08-19] (Persistent Systems)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 ScreenAgentService; C:\Program Files (x86)\NICE Systems\ScreenAgent\ScreenAgentSvc.exe [386048 2013-01-24] (NICE Systems) [File not signed]
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-11-06] (IDT, Inc.) [File not signed]
S2 svctimehpc; C:\Program Files (x86)\Products\Time Service\svctimehpc.exe [13387128 2012-09-11] ()
S2 Tanium Client; C:\Program Files (x86)\Tanium\Tanium Client\TaniumClient.exe [10376480 2014-07-26] (Tanium Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Winpopup Server; C:\Program Files (x86)\Winpopup Server\WinpopupServer.exe [479232 2009-10-17] (Fomine Software) [File not signed]
S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2014-09-24] (Broadcom Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
S3 dc21x4vm; C:\Windows\System32\DRIVERS\dc21x4vm.sys [57344 2009-06-10] (Microsoft Corp.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-03-05] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FireNfcp; C:\Windows\System32\drivers\FireNfcp.sys [64808 2015-09-24] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [216336 2015-06-24] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-09-27] (Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-07-22] ()
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [507192 2015-02-24] (Juniper Networks)
S4 jnprTdi_808_53815; C:\windows\system32\Drivers\jnprTdi_808_53815.sys [108344 2015-02-24] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2013-10-28] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2013-10-28] (Juniper Networks, Inc.)
S3 LV_Tracker; C:\Windows\System32\DRIVERS\LV_Tracker64.sys [54824 2010-09-08] ()
S3 Mandiant_Tools; C:\ProgramData\Application Data\Time Service\mktools.sys [25168 2014-05-21] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-09-29] (McAfee, Inc.)
S3 mfeaacsk; C:\Windows\System32\drivers\mfeaacsk.sys [64416 2015-09-29] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2013-12-17] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-09-29] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-09-29] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-09-29] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [87720 2015-06-24] (McAfee, Inc.)
S3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [66080 2015-09-29] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [114880 2015-09-29] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-09-29] (McAfee, Inc.)
R1 NEOFLTR_740_30667; C:\windows\system32\Drivers\NEOFLTR_740_30667.SYS [108344 2014-04-10] (Juniper Networks)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RadiaMsi; C:\Windows\System32\DRIVERS\radiamsi.sys [41496 2014-05-20] (Persistent Systems)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8876248 2013-11-14] (Realtek Semiconductor Corp.)
S1 SARCXPMirrorDevice; C:\Windows\System32\SARCXPMP64.sys [29328 2012-09-28] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-04-07] (Synaptics Incorporated)
S3 TRLNDISMON; C:\Windows\System32\DRIVERS\TRLNDISMON.sys [31392 2015-03-23] (Tarlogic)
S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S4 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-08 16:34 - 2015-11-08 16:34 - 00038648 _____ C:\Users\elhamzaf\Downloads\FRST.txt
2015-11-08 16:34 - 2015-11-08 16:34 - 00000000 ____D C:\FRST
2015-11-08 16:17 - 2015-11-08 16:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-08 16:17 - 2015-11-08 16:17 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-08 16:17 - 2015-11-08 16:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-08 16:16 - 2015-11-08 16:33 - 00000000 ____D C:\Users\elhamzaf\Desktop\mbar
2015-11-08 16:16 - 2015-11-08 16:16 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-11-08 14:35 - 2015-11-08 15:34 - 00000282 _____ C:\windows\Tasks\CFUWrapper.job
2015-11-08 14:35 - 2015-11-08 14:35 - 00003218 _____ C:\windows\System32\Tasks\CFUWrapper
2015-11-08 11:58 - 2015-11-08 13:03 - 416363903 _____ C:\Users\elhamzaf\Downloads\Paragon_Backup_Recovery_14_Free.zip
2015-11-08 11:44 - 2015-11-08 11:45 - 02198528 _____ (Farbar) C:\Users\elhamzaf\Downloads\FRST64.exe
2015-11-07 23:15 - 2015-11-07 23:15 - 00602112 _____ (OldTimer Tools) C:\Users\elhamzaf\Downloads\OTL.exe
2015-11-07 23:11 - 2015-11-07 23:12 - 16563352 _____ (Malwarebytes Corp.) C:\Users\elhamzaf\Downloads\mbar-1.09.3.1001.exe
2015-11-07 23:09 - 2015-11-07 23:09 - 04577440 _____ (Avira Operations GmbH & Co. KG) C:\Users\elhamzaf\Downloads\avira_de_av_563e849102e39__ws.exe
2015-11-07 23:01 - 2015-11-07 23:01 - 11501568 _____ C:\Users\elhamzaf\Desktop\EMET 5.1 Setup.msi
2015-11-06 18:02 - 2015-11-06 18:03 - 00000000 ____D C:\Acrylic Wi-Fi Professional
2015-11-06 17:48 - 2015-11-06 17:49 - 00000000 ____D C:\Users\elhamzaf\AppData\Local\VirtualStore
2015-11-06 17:42 - 2015-11-06 17:44 - 00000000 ____D C:\AdwCleaner
2015-11-05 23:14 - 2015-11-05 23:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-11-05 23:00 - 2015-11-06 12:00 - 00000004 _____ C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-05 23:00 - 2015-11-05 23:01 - 00000000 ____D C:\Program Files (x86)\6c4bdf9b-d126-43f4-8efc-b4837ed4413d
2015-11-05 22:42 - 2015-03-23 11:00 - 00095312 _____ (Tarlogic) C:\windows\system32\airpcap.dll
2015-11-05 22:42 - 2015-03-23 11:00 - 00076880 _____ (Tarlogic) C:\windows\SysWOW64\airpcap.dll
2015-11-05 22:41 - 2015-11-06 18:02 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Acrylic Wi-Fi Professional
2015-11-05 22:41 - 2015-11-05 23:55 - 00000000 ____D C:\Program Files\Acrylic Wi-Fi Professional
2015-11-05 22:41 - 2015-03-23 11:00 - 00031392 _____ (Tarlogic) C:\windows\system32\Drivers\TRLNDISMON.sys
2015-11-05 16:04 - 2015-11-05 17:24 - 00000000 ____D C:\Users\elhamzaf\Desktop\Ponctions salaires
2015-11-04 10:49 - 2015-11-08 16:10 - 00000278 ____H C:\windows\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001.job
2015-11-04 10:49 - 2015-11-08 15:34 - 00000370 ____H C:\windows\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}000.job
2015-11-04 10:49 - 2015-11-07 23:53 - 00000338 ____H C:\windows\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000.job
2015-11-04 10:49 - 2015-11-06 17:47 - 00000374 ____H C:\windows\Tasks\IDA{DDC3038B-D87C-4DE6-AD88-05C6E3962FA0}000.job
2015-11-04 10:49 - 2015-11-06 17:47 - 00000346 ____H C:\windows\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}001.job
2015-11-04 10:49 - 2015-11-06 17:47 - 00000114 ____H C:\windows\Tasks\IDA{EF242085-E950-E7C0-982D-AC0CAEF9D2B1}000.job
2015-11-04 10:49 - 2015-11-06 16:55 - 00003104 _____ C:\windows\System32\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001
2015-11-04 10:49 - 2015-11-06 16:55 - 00002882 _____ C:\windows\System32\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000
2015-11-04 10:49 - 2015-11-06 14:35 - 00002978 _____ C:\windows\System32\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}000
2015-11-04 10:49 - 2015-11-06 11:24 - 00003344 _____ C:\windows\System32\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000
2015-11-04 10:49 - 2015-11-06 11:24 - 00003126 _____ C:\windows\System32\Tasks\IDA{DDC3038B-D87C-4DE6-AD88-05C6E3962FA0}000
2015-11-04 10:49 - 2015-11-06 11:24 - 00003098 _____ C:\windows\System32\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}001
2015-11-04 10:49 - 2015-11-04 10:49 - 00002068 _____ C:\windows\System32\Tasks\IDA{EF242085-E950-E7C0-982D-AC0CAEF9D2B1}000
2015-11-04 10:48 - 2015-11-08 15:29 - 00000392 ____H C:\windows\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000.job
2015-11-04 10:48 - 2015-11-08 12:12 - 00000412 ____H C:\windows\Tasks\IDA{24AB88C9-D233-48EF-9EC5-79D902043D09}000.job
2015-11-04 10:48 - 2015-11-06 17:47 - 00000370 ____H C:\windows\Tasks\IDA{96A23EF4-3F38-4839-B12A-860409AC2861}000.job
2015-11-04 10:48 - 2015-11-06 12:12 - 00003020 _____ C:\windows\System32\Tasks\IDA{24AB88C9-D233-48EF-9EC5-79D902043D09}000
2015-11-04 10:48 - 2015-11-04 10:48 - 00003122 _____ C:\windows\System32\Tasks\IDA{96A23EF4-3F38-4839-B12A-860409AC2861}000
2015-11-04 10:47 - 2015-11-04 10:47 - 00002882 _____ C:\windows\System32\Tasks\Maint
2015-11-03 22:35 - 2015-11-03 22:35 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\LibreOffice
2015-11-03 22:34 - 2015-11-03 22:34 - 00001532 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-11-03 22:34 - 2015-11-03 22:34 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-11-03 22:33 - 2015-11-03 22:34 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2015-11-03 12:12 - 2015-11-08 15:26 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-03 12:12 - 2015-11-03 12:18 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-28 20:08 - 2015-10-28 20:08 - 00002755 _____ C:\Users\Public\Desktop\ myITsupport.lnk
2015-10-28 20:08 - 2015-10-28 20:08 - 00002755 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ myITsupport.lnk
2015-10-28 20:08 - 2015-10-28 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myITsupportIcon
2015-10-28 20:08 - 2015-10-28 20:08 - 00000000 ____D C:\Program Files (x86)\myITsupportE
2015-10-28 11:11 - 2015-10-28 11:21 - 00000000 ____D C:\Users\elhamzaf\Desktop\Business
2015-10-27 13:22 - 2015-10-27 13:22 - 00000649 _____ C:\Users\elhamzaf\Desktop\Bitcoin Core (64-bit).lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000758 _____ C:\Users\elhamzaf\Desktop\Orga.lnk
2015-10-27 13:00 - 2015-10-27 13:03 - 00000000 ____D C:\Arbeit
2015-10-27 12:07 - 2015-10-27 12:07 - 00002165 _____ C:\Users\elhamzaf\Desktop\BitMinter Client.lnk
2015-10-27 12:07 - 2015-10-27 12:07 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitMinter
2015-10-26 14:51 - 2015-10-26 14:51 - 00002471 _____ C:\Users\elhamzaf\Desktop\Marquee.lnk
2015-10-26 14:36 - 2015-10-26 14:36 - 00000422 _____ C:\Users\elhamzaf\Desktop\AIC Global Admin.appref-ms
2015-10-25 15:31 - 2015-11-07 19:33 - 00000000 ____D C:\Outlook Ordner
2015-10-23 23:14 - 2015-10-23 23:16 - 00000000 ____D C:\bitcoin
2015-10-23 23:14 - 2015-10-23 23:14 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin Core
2015-10-18 20:31 - 2015-11-06 17:45 - 00000847 _____ C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-10-18 20:31 - 2015-11-06 17:45 - 00000799 _____ C:\Users\elhamzaf\Desktop\Tor.lnk
2015-10-18 20:30 - 2015-11-06 17:45 - 00000000 ____D C:\Users\elhamzaf\Desktop\Tor Browser
2015-10-18 09:27 - 2015-10-18 09:27 - 01204080 _____ C:\windows\Minidump\101815-21091-01.dmp
2015-10-16 08:35 - 2015-10-16 08:35 - 00000000 _____ C:\Users\elhamzaf\AppData\Local\{24500F75-2570-4221-A876-69D5590A1198}
2015-10-14 08:18 - 2015-10-14 08:18 - 00000023 _____ C:\invalid.txt
2015-10-09 12:20 - 2015-02-24 16:55 - 00108344 _____ (Juniper Networks, Inc.) C:\windows\system32\Drivers\jnprTdi_808_53815.sys
2015-10-09 12:20 - 2015-02-24 13:50 - 00507192 _____ (Juniper Networks) C:\windows\system32\Drivers\jnprns.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-08 16:20 - 2015-07-28 14:58 - 01230574 _____ C:\windows\system32\perfh007.dat
2015-11-08 16:20 - 2015-07-28 14:58 - 00339842 _____ C:\windows\system32\perfc007.dat
2015-11-08 16:20 - 2009-07-14 05:13 - 00006742 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-08 16:15 - 2009-07-14 04:51 - 00163994 _____ C:\windows\setupact.log
2015-11-08 16:15 - 2009-07-14 03:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-08 16:13 - 2014-09-24 15:59 - 01751817 _____ C:\windows\WindowsUpdate.log
2015-11-08 16:13 - 2009-07-14 04:45 - 00019328 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-08 16:13 - 2009-07-14 04:45 - 00019328 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-08 16:00 - 2014-10-13 15:31 - 00000308 _____ C:\windows\Tasks\pcpm-collector.job
2015-11-08 15:19 - 2014-12-11 23:14 - 00001068 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-08 14:30 - 2014-10-13 15:31 - 00000314 _____ C:\windows\Tasks\pcpm-consolidator.job
2015-11-08 13:49 - 2015-04-21 20:08 - 00000000 ____D C:\Users\elhamzaf\Desktop\FUN
2015-11-08 13:27 - 2015-02-03 17:54 - 00001970 _____ C:\windows\SysWOW64\QosServ.log
2015-11-08 13:27 - 2014-12-11 23:14 - 00001064 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-08 13:26 - 2014-12-11 18:06 - 00000000 ____D C:\Program Files (x86)\PC Backup
2015-11-08 13:26 - 2009-07-14 05:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-07 19:33 - 2015-05-04 21:01 - 33276928 _____ C:\Users\elhamzaf\Documents\Meine Outlook bis 102015 .pst
2015-11-07 19:20 - 2014-12-22 11:04 - 00000000 ____D C:\Users\elhamzaf\AppData\Local\CrashDumps
2015-11-07 19:13 - 2014-11-10 14:15 - 00000000 ____D C:\windows\system32\appmgmt
2015-11-07 19:02 - 2014-09-24 15:26 - 00000290 _____ C:\windows\Tasks\Maint.job
2015-11-06 17:46 - 2010-11-21 03:47 - 00217854 _____ C:\windows\PFRO.log
2015-11-06 17:45 - 2015-03-07 16:56 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2015-11-06 17:45 - 2014-12-11 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-06 17:44 - 2015-03-03 14:23 - 00000000 ____D C:\Quarantine
2015-11-06 00:10 - 2014-12-29 10:15 - 00000000 ____D C:\Program Files\Samsung
2015-11-06 00:10 - 2014-12-23 09:33 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-06 00:09 - 2015-02-11 09:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-06 00:01 - 2015-09-17 22:37 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-11-05 23:58 - 2014-12-11 23:14 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-05 23:55 - 2014-12-14 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2015-11-05 23:01 - 2014-05-21 13:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-05 18:16 - 2014-12-11 17:55 - 00029970 __RSH C:\Users\elhamzaf\ntuser.pol
2015-11-05 18:16 - 2014-12-11 17:08 - 00000000 ____D C:\Users\elhamzaf
2015-11-05 18:16 - 2014-12-11 17:04 - 00003304 _____ C:\windows\system32\config\netlogon.ftl
2015-11-05 18:16 - 2014-05-21 13:29 - 00123728 __RSH C:\ProgramData\ntuser.pol
2015-11-05 16:05 - 2014-05-21 14:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-04 15:00 - 2014-12-13 13:23 - 00003322 _____ C:\windows\System32\Tasks\Smart Client
2015-11-04 10:48 - 2014-10-13 15:31 - 00002906 _____ C:\windows\System32\Tasks\pcpm-consolidator
2015-11-04 10:47 - 2014-12-11 17:08 - 00134984 _____ C:\Users\elhamzaf\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-04 10:47 - 2014-10-13 15:31 - 00003244 _____ C:\windows\System32\Tasks\pcpm-collector
2015-11-04 10:47 - 2014-10-10 17:46 - 00000000 ____D C:\windows\SmartClient
2015-11-04 10:46 - 2014-05-21 12:41 - 00000000 ____D C:\ProgramData\Time Service
2015-11-04 10:46 - 2009-07-14 04:45 - 00569888 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-03 12:17 - 2014-05-21 12:42 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 12:17 - 2014-05-21 12:42 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-01 20:39 - 2015-02-21 16:41 - 00000000 ____D C:\Users\elhamzaf\Documents\Simple Sticky Notes
2015-11-01 14:38 - 2015-06-25 11:28 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-28 20:08 - 2014-05-21 10:32 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-10-26 15:28 - 2015-02-21 19:28 - 750288332 _____ C:\windows\MEMORY.DMP
2015-10-26 15:28 - 2014-10-13 15:26 - 00000000 ____D C:\windows\Minidump
2015-10-26 15:01 - 2015-01-27 14:43 - 00000059 _____ C:\windows\cvterm.ini
2015-10-26 14:43 - 2015-01-11 15:49 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-10-26 14:36 - 2014-12-11 23:13 - 00000000 ____D C:\Users\elhamzaf\AppData\Local\Deployment
2015-10-25 15:37 - 2015-05-26 20:29 - 00000000 ____D C:\Users\elhamzaf\Documents\Outlook Files
2015-10-25 15:37 - 2014-12-10 21:35 - 3756467200 _____ C:\Users\elhamzaf\Documents\Meine Outlook.pst
2015-10-25 11:21 - 2014-05-21 11:30 - 01612450 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-10-19 10:08 - 2014-12-15 18:05 - 00000000 ____D C:\Program Files (x86)\Avaya
2015-10-19 10:08 - 2014-12-11 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avaya
2015-10-16 12:32 - 2015-05-16 16:24 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-10-16 12:32 - 2015-05-16 16:09 - 00002055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-10-16 08:37 - 2014-12-11 18:10 - 00000000 ____D C:\windows\HPLogin
2015-10-09 12:18 - 2014-09-24 23:38 - 00000000 ____D C:\Temp
2015-10-09 12:16 - 2014-06-20 12:11 - 00000000 ____D C:\HP

==================== Files in the root of some directories =======

2014-12-11 18:06 - 2014-12-11 18:06 - 0000000 _____ () C:\Program Files (x86)\PC BackupHPSetup.log
2014-12-11 22:25 - 2014-12-11 22:25 - 0000179 _____ () C:\Users\elhamzaf\AppData\Roaming\HP_BITLOCKER_BACKUP2AD.txt
2015-05-25 08:45 - 2015-05-30 17:00 - 0000600 _____ () C:\Users\elhamzaf\AppData\Local\PUTTY.RND
2014-12-11 22:29 - 2014-12-11 22:29 - 0007600 _____ () C:\Users\elhamzaf\AppData\Local\Resmon.ResmonCfg
2015-10-16 08:35 - 2015-10-16 08:35 - 0000000 _____ () C:\Users\elhamzaf\AppData\Local\{24500F75-2570-4221-A876-69D5590A1198}
2015-05-26 09:18 - 2015-05-26 09:18 - 0000000 _____ () C:\Users\elhamzaf\AppData\Local\{E955198A-C33C-41FA-89C6-F89D5AA0A015}
2015-06-10 08:08 - 2015-06-10 08:08 - 0000057 _____ () C:\ProgramData\Ament.ini

Files to move or delete:
====================
C:\Users\Default\create_shortcut.vbs
C:\Users\Default\reg_off2k7.vbs
C:\Users\Default\set_theme.vbs
C:\Users\Default\ThemeTool.exe


Some files in TEMP:
====================
C:\Users\hpadmin\AppData\Local\Temp\CpqMC.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-06 20:06

==================== End of FRST.txt ============================
         

--- --- ---

--- --- ---


und FRst log


FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by elhamzaf (administrator) on ELHAMZAF2 (08-11-2015 16:34:17)
Running from C:\Users\elhamzaf\Downloads
Loaded Profiles: elhamzaf (Available Profiles: elhamzaf & hpadmin & administrateur)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [McAfee Host Intrusion Prevention Tray] => C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [239848 2015-06-24] (McAfee, Inc.)
HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-03] (ActivIdentity)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-03] (ActivIdentity)
HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [153816 2013-11-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [BLEServicesCtrl] => c:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "c:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [8628224 2014-09-24] (Broadcom Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-04-07] (Synaptics Incorporated)
HKLM\...\Run: [PasswordRegistration] => C:\Windows\system32\MsPwdRegistration.exe [31080 2012-01-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-06] (IDT, Inc.)
HKLM\...\Run: [HPRAService] => C:\Program Files\RA2HP\HPRAService.exe [610304 2015-05-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [244080 2015-08-20] (McAfee, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-12-10] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [304568 2010-10-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AgentUiRunKey] => C:\Program Files (x86)\PC Backup\Agent.exe [239104 2010-09-08] (Iron Mountain Incorporated)
HKLM-x32\...\Run: [eepc_SmartClient] => C:\Program Files (x86)\SmartClient\Smart.exe [139264 2014-08-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-09-26] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [MigDetect] => C:\Program Files (x86)\Hewlett-Packard\PC COE 3\OV CMS\lib\cache\HPQ_MIGRATION_TOOL_EN\MigDetect.exe [448512 2015-09-30] ()
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [337776 2015-02-10] (McAfee, Inc.)
HKLM-x32\...\Run: [IDA] => C:\Program Files (x86)\Hewlett-Packard\PC COE\IDA.EXE [373760 2015-01-26] (Hewlett-Packard Company)
HKLM-x32\...\Run: [JunosPulse] => c:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2537816 2015-02-24] (Juniper Networks, Inc.)
HKLM-x32\...\Run: [myITSupportE] => C:\Program Files (x86)\myITsupportE\myITSupporte.exe [1754112 2015-09-22] (HEWLETT-PACKARD Enterprise)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoOnlinePrintsWizard] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Run: [GoogleChromeAutoLaunch_4B4F5D917FAE7DBFD434A8BF47BC31E6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1957994488-842925246-40105171-1743549\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk [2014-05-21]
ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lync Monitor.lnk [2015-07-24]
ShortcutTarget: Lync Monitor.lnk -> C:\Windows\Installer\{642C71D9-6EB3-4B7A-A2F9-043774138614}\NewShortcut41_A542611226524D189A82B5C5C0EA8C73.exe (Flexera Software LLC)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\create_shortcut.lnk [2010-11-25]
ShortcutTarget: create_shortcut.lnk -> C:\Users\elhamzaf\create_shortcut.vbs (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reg_off2k7.lnk [2010-11-25]
ShortcutTarget: reg_off2k7.lnk -> C:\Users\elhamzaf\reg_off2k7.vbs (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\set_theme.lnk [2014-06-04]
ShortcutTarget: set_theme.lnk -> C:\Users\elhamzaf\set_theme.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\create_shortcut.lnk [2010-11-25]
ShortcutTarget: create_shortcut.lnk -> C:\Users\elhamzaf\create_shortcut.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reg_off2k7.lnk [2010-11-25]
ShortcutTarget: reg_off2k7.lnk -> C:\Users\elhamzaf\reg_off2k7.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\set_theme.lnk [2014-06-04]
ShortcutTarget: set_theme.lnk -> C:\Users\elhamzaf\set_theme.vbs (No File)
Startup: C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-07-18] ()
Startup: C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2015-08-06]
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office\Office15\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-11-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [HKLM] => Proxy is enabled.
ProxyServer: [HKLM] => hxxp://autocache.hp.com
AutoConfigURL: [S-1-5-21-1957994488-842925246-40105171-1743549] => hxxp://autocache.hp.com/
Tcpip\..\Interfaces\{61DB6A54-A31E-4D7A-B5E8-137A30C8DC35}: [NameServer] 16.110.135.51,16.110.135.52
Tcpip\..\Interfaces\{B3BA9131-D68E-4432-ACD6-FC43AB21C6F0}: [NameServer] 16.110.135.51,16.110.135.52
Tcpip\..\Interfaces\{CBFCF164-8F70-4593-8BF0-B61D47F572CA}: [DhcpNameServer] 16.110.135.52 16.110.135.51
Tcpip\..\Interfaces\{D29FFDC0-DF00-4BEC-999E-B329551E123A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1957994488-842925246-40105171-1743549\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1446764286&z=2d54cf74e8fde472708cc9cg6zez2q0m3qaz6ofb7q&from=amt&uid=hgstxhts725050a7e630_tf0500wh1shtnl1shtnlx&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1446764286&z=2d54cf74e8fde472708cc9cg6zez2q0m3qaz6ofb7q&from=amt&uid=hgstxhts725050a7e630_tf0500wh1shtnl1shtnlx&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20150929070614.dll [2015-09-29] (McAfee, Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-10] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20150929070616.dll [2015-09-29] (McAfee, Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-10] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1957994488-842925246-40105171-1743549 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems Incorporated)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {00000035-9593-4264-8B29-930B3E4EDCCD} hxxps://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall35.cab
DPF: HKLM-x32 {AB01FF2E-A848-410C-B47B-CB467C476AD9} hxxps://g4t7453.houston.hp.com/hpSmartCard/HPPKI.cab
DPF: HKLM-x32 {EF991872-9158-4570-A7FF-E7DBB6A4B8E9} hxxp://192.168.128.85/iqweb.ocx
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://sdcvpn02.omc.hp.net/dana-cached/sc/JuniperSetupClient.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NewTab: about:blank
FF DefaultSearchEngine: Startpage HTTPS
FF SelectedSearchEngine: Startpage HTTPS
FF Homepage: about:home
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-11-03] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-03] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-11-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2013-11-21] (DigitalPersona, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\blekko-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml [2015-02-26]
FF Extension: HTTPS-Everywhere - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2015-03-07] [not signed]
FF Extension: DownloadHelper - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-03-07] [not signed]
FF Extension: CanvasBlocker - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-02-26] [not signed]
FF Extension: JonDoFox - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2015-03-07] [not signed]
FF Extension: NoScript - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-07] [not signed]
FF Extension: Cookie Controller - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{ac2cfa60-bc96-11e0-962b-0800200c9a66}.xpi [2015-02-26] [not signed]
FF Extension: Adblock Plus - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-26] [not signed]
FF Extension: ProfileSwitcher - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2015-02-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-12-31] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2015-09-30] [not signed]
FF Extension: No Name - C:\Users\elhamzaf\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]

Chrome: 
=======
CHR Profile: C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (TV) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-12-11]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcjaemihddenoopkkhaamlcoliiiain [2015-11-07]
CHR Extension: (YouTube) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-11-08]
CHR Extension: (Google-Suche) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Google Kalender) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-14]
CHR Extension: (Box) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-04-29]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (FabCam) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-08-05]
CHR Extension: (Google Maps) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-19]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2015-05-14]
CHR Extension: (Need for Speed World) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2014-12-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Foto Rulez) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\odahhdimpaeigjcdbgcnhemlkejclmmk [2014-12-11]
CHR Extension: (Google Präsentationen) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2015-11-05]
CHR Extension: (Google Mail) - C:\Users\elhamzaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-09-26]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2013-11-21]

Opera: 
=======
OPR Extension: (CinemaP-1.9cV05.11) - C:\Users\elhamzaf\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
S2 AgentService; C:\Program Files (x86)\PC Backup\AgentService.exe [7595424 2010-09-08] (Iron Mountain Incorporated)
S2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-01] (DisplayLink Corp.)
S2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-11-21] (DigitalPersona, Inc.)
S2 enterceptAgent; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [811480 2015-06-24] (McAfee, Inc.)
S2 FIMPasswordReset; C:\Program Files\Microsoft Forefront Identity Manager\2010\Password Reset Client Service\PwdMgmtProxy.exe [75608 2012-01-29] (Microsoft Corporation)
S2 HipMgmt; C:\Program Files (x86)\McAfee\Host Intrusion Prevention\HipMgmt.exe [240360 2015-06-24] (McAfee, Inc.)
S2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
S2 iClarityQoSService; C:\windows\SysWOW64\\QosServM.exe [233472 2010-11-09] (Avaya Inc.) [File not signed]
S2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [129904 2015-02-10] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [262544 2015-09-29] (McAfee, Inc.)
S2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [208936 2015-08-20] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-24] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373736 2015-06-24] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-09-29] (McAfee, Inc.)
S2 Radexecd; C:\Program Files (x86)\Hewlett-Packard\PC COE 3\OV CMS\radexecd.exe [353480 2014-08-19] (Persistent Systems)
S2 Radsched; C:\Program Files (x86)\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe [263368 2014-08-19] (Persistent Systems)
S2 Radstgms; C:\Program Files (x86)\Hewlett-Packard\PC COE 3\OV CMS\Radstgms.exe [373960 2014-08-19] (Persistent Systems)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 ScreenAgentService; C:\Program Files (x86)\NICE Systems\ScreenAgent\ScreenAgentSvc.exe [386048 2013-01-24] (NICE Systems) [File not signed]
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-11-06] (IDT, Inc.) [File not signed]
S2 svctimehpc; C:\Program Files (x86)\Products\Time Service\svctimehpc.exe [13387128 2012-09-11] ()
S2 Tanium Client; C:\Program Files (x86)\Tanium\Tanium Client\TaniumClient.exe [10376480 2014-07-26] (Tanium Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Winpopup Server; C:\Program Files (x86)\Winpopup Server\WinpopupServer.exe [479232 2009-10-17] (Fomine Software) [File not signed]
S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2014-09-24] (Broadcom Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
S3 dc21x4vm; C:\Windows\System32\DRIVERS\dc21x4vm.sys [57344 2009-06-10] (Microsoft Corp.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-03-05] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FireNfcp; C:\Windows\System32\drivers\FireNfcp.sys [64808 2015-09-24] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [216336 2015-06-24] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-09-27] (Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-07-22] ()
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [507192 2015-02-24] (Juniper Networks)
S4 jnprTdi_808_53815; C:\windows\system32\Drivers\jnprTdi_808_53815.sys [108344 2015-02-24] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2013-10-28] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2013-10-28] (Juniper Networks, Inc.)
S3 LV_Tracker; C:\Windows\System32\DRIVERS\LV_Tracker64.sys [54824 2010-09-08] ()
S3 Mandiant_Tools; C:\ProgramData\Application Data\Time Service\mktools.sys [25168 2014-05-21] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-09-29] (McAfee, Inc.)
S3 mfeaacsk; C:\Windows\System32\drivers\mfeaacsk.sys [64416 2015-09-29] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2013-12-17] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-09-29] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-09-29] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-09-29] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [87720 2015-06-24] (McAfee, Inc.)
S3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [66080 2015-09-29] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [114880 2015-09-29] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-09-29] (McAfee, Inc.)
R1 NEOFLTR_740_30667; C:\windows\system32\Drivers\NEOFLTR_740_30667.SYS [108344 2014-04-10] (Juniper Networks)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RadiaMsi; C:\Windows\System32\DRIVERS\radiamsi.sys [41496 2014-05-20] (Persistent Systems)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8876248 2013-11-14] (Realtek Semiconductor Corp.)
S1 SARCXPMirrorDevice; C:\Windows\System32\SARCXPMP64.sys [29328 2012-09-28] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-04-07] (Synaptics Incorporated)
S3 TRLNDISMON; C:\Windows\System32\DRIVERS\TRLNDISMON.sys [31392 2015-03-23] (Tarlogic)
S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S4 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-08 16:34 - 2015-11-08 16:34 - 00038648 _____ C:\Users\elhamzaf\Downloads\FRST.txt
2015-11-08 16:34 - 2015-11-08 16:34 - 00000000 ____D C:\FRST
2015-11-08 16:17 - 2015-11-08 16:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-08 16:17 - 2015-11-08 16:17 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-08 16:17 - 2015-11-08 16:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-08 16:16 - 2015-11-08 16:33 - 00000000 ____D C:\Users\elhamzaf\Desktop\mbar
2015-11-08 16:16 - 2015-11-08 16:16 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-11-08 14:35 - 2015-11-08 15:34 - 00000282 _____ C:\windows\Tasks\CFUWrapper.job
2015-11-08 14:35 - 2015-11-08 14:35 - 00003218 _____ C:\windows\System32\Tasks\CFUWrapper
2015-11-08 11:58 - 2015-11-08 13:03 - 416363903 _____ C:\Users\elhamzaf\Downloads\Paragon_Backup_Recovery_14_Free.zip
2015-11-08 11:44 - 2015-11-08 11:45 - 02198528 _____ (Farbar) C:\Users\elhamzaf\Downloads\FRST64.exe
2015-11-07 23:15 - 2015-11-07 23:15 - 00602112 _____ (OldTimer Tools) C:\Users\elhamzaf\Downloads\OTL.exe
2015-11-07 23:11 - 2015-11-07 23:12 - 16563352 _____ (Malwarebytes Corp.) C:\Users\elhamzaf\Downloads\mbar-1.09.3.1001.exe
2015-11-07 23:09 - 2015-11-07 23:09 - 04577440 _____ (Avira Operations GmbH & Co. KG) C:\Users\elhamzaf\Downloads\avira_de_av_563e849102e39__ws.exe
2015-11-07 23:01 - 2015-11-07 23:01 - 11501568 _____ C:\Users\elhamzaf\Desktop\EMET 5.1 Setup.msi
2015-11-06 18:02 - 2015-11-06 18:03 - 00000000 ____D C:\Acrylic Wi-Fi Professional
2015-11-06 17:48 - 2015-11-06 17:49 - 00000000 ____D C:\Users\elhamzaf\AppData\Local\VirtualStore
2015-11-06 17:42 - 2015-11-06 17:44 - 00000000 ____D C:\AdwCleaner
2015-11-05 23:14 - 2015-11-05 23:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-11-05 23:00 - 2015-11-06 12:00 - 00000004 _____ C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-05 23:00 - 2015-11-05 23:01 - 00000000 ____D C:\Program Files (x86)\6c4bdf9b-d126-43f4-8efc-b4837ed4413d
2015-11-05 22:42 - 2015-03-23 11:00 - 00095312 _____ (Tarlogic) C:\windows\system32\airpcap.dll
2015-11-05 22:42 - 2015-03-23 11:00 - 00076880 _____ (Tarlogic) C:\windows\SysWOW64\airpcap.dll
2015-11-05 22:41 - 2015-11-06 18:02 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Acrylic Wi-Fi Professional
2015-11-05 22:41 - 2015-11-05 23:55 - 00000000 ____D C:\Program Files\Acrylic Wi-Fi Professional
2015-11-05 22:41 - 2015-03-23 11:00 - 00031392 _____ (Tarlogic) C:\windows\system32\Drivers\TRLNDISMON.sys
2015-11-05 16:04 - 2015-11-05 17:24 - 00000000 ____D C:\Users\elhamzaf\Desktop\Ponctions salaires
2015-11-04 10:49 - 2015-11-08 16:10 - 00000278 ____H C:\windows\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001.job
2015-11-04 10:49 - 2015-11-08 15:34 - 00000370 ____H C:\windows\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}000.job
2015-11-04 10:49 - 2015-11-07 23:53 - 00000338 ____H C:\windows\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000.job
2015-11-04 10:49 - 2015-11-06 17:47 - 00000374 ____H C:\windows\Tasks\IDA{DDC3038B-D87C-4DE6-AD88-05C6E3962FA0}000.job
2015-11-04 10:49 - 2015-11-06 17:47 - 00000346 ____H C:\windows\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}001.job
2015-11-04 10:49 - 2015-11-06 17:47 - 00000114 ____H C:\windows\Tasks\IDA{EF242085-E950-E7C0-982D-AC0CAEF9D2B1}000.job
2015-11-04 10:49 - 2015-11-06 16:55 - 00003104 _____ C:\windows\System32\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001
2015-11-04 10:49 - 2015-11-06 16:55 - 00002882 _____ C:\windows\System32\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000
2015-11-04 10:49 - 2015-11-06 14:35 - 00002978 _____ C:\windows\System32\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}000
2015-11-04 10:49 - 2015-11-06 11:24 - 00003344 _____ C:\windows\System32\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000
2015-11-04 10:49 - 2015-11-06 11:24 - 00003126 _____ C:\windows\System32\Tasks\IDA{DDC3038B-D87C-4DE6-AD88-05C6E3962FA0}000
2015-11-04 10:49 - 2015-11-06 11:24 - 00003098 _____ C:\windows\System32\Tasks\IDA{07A2D605-F561-11D1-BEE5-AC785AC8CD4E}001
2015-11-04 10:49 - 2015-11-04 10:49 - 00002068 _____ C:\windows\System32\Tasks\IDA{EF242085-E950-E7C0-982D-AC0CAEF9D2B1}000
2015-11-04 10:48 - 2015-11-08 15:29 - 00000392 ____H C:\windows\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000.job
2015-11-04 10:48 - 2015-11-08 12:12 - 00000412 ____H C:\windows\Tasks\IDA{24AB88C9-D233-48EF-9EC5-79D902043D09}000.job
2015-11-04 10:48 - 2015-11-06 17:47 - 00000370 ____H C:\windows\Tasks\IDA{96A23EF4-3F38-4839-B12A-860409AC2861}000.job
2015-11-04 10:48 - 2015-11-06 12:12 - 00003020 _____ C:\windows\System32\Tasks\IDA{24AB88C9-D233-48EF-9EC5-79D902043D09}000
2015-11-04 10:48 - 2015-11-04 10:48 - 00003122 _____ C:\windows\System32\Tasks\IDA{96A23EF4-3F38-4839-B12A-860409AC2861}000
2015-11-04 10:47 - 2015-11-04 10:47 - 00002882 _____ C:\windows\System32\Tasks\Maint
2015-11-03 22:35 - 2015-11-03 22:35 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\LibreOffice
2015-11-03 22:34 - 2015-11-03 22:34 - 00001532 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-11-03 22:34 - 2015-11-03 22:34 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-11-03 22:33 - 2015-11-03 22:34 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2015-11-03 12:12 - 2015-11-08 15:26 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-03 12:12 - 2015-11-03 12:18 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-28 20:08 - 2015-10-28 20:08 - 00002755 _____ C:\Users\Public\Desktop\ myITsupport.lnk
2015-10-28 20:08 - 2015-10-28 20:08 - 00002755 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ myITsupport.lnk
2015-10-28 20:08 - 2015-10-28 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myITsupportIcon
2015-10-28 20:08 - 2015-10-28 20:08 - 00000000 ____D C:\Program Files (x86)\myITsupportE
2015-10-28 11:11 - 2015-10-28 11:21 - 00000000 ____D C:\Users\elhamzaf\Desktop\Business
2015-10-27 13:22 - 2015-10-27 13:22 - 00000649 _____ C:\Users\elhamzaf\Desktop\Bitcoin Core (64-bit).lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000758 _____ C:\Users\elhamzaf\Desktop\Orga.lnk
2015-10-27 13:00 - 2015-10-27 13:03 - 00000000 ____D C:\Arbeit
2015-10-27 12:07 - 2015-10-27 12:07 - 00002165 _____ C:\Users\elhamzaf\Desktop\BitMinter Client.lnk
2015-10-27 12:07 - 2015-10-27 12:07 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitMinter
2015-10-26 14:51 - 2015-10-26 14:51 - 00002471 _____ C:\Users\elhamzaf\Desktop\Marquee.lnk
2015-10-26 14:36 - 2015-10-26 14:36 - 00000422 _____ C:\Users\elhamzaf\Desktop\AIC Global Admin.appref-ms
2015-10-25 15:31 - 2015-11-07 19:33 - 00000000 ____D C:\Outlook Ordner
2015-10-23 23:14 - 2015-10-23 23:16 - 00000000 ____D C:\bitcoin
2015-10-23 23:14 - 2015-10-23 23:14 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin Core
2015-10-18 20:31 - 2015-11-06 17:45 - 00000847 _____ C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-10-18 20:31 - 2015-11-06 17:45 - 00000799 _____ C:\Users\elhamzaf\Desktop\Tor.lnk
2015-10-18 20:30 - 2015-11-06 17:45 - 00000000 ____D C:\Users\elhamzaf\Desktop\Tor Browser
2015-10-18 09:27 - 2015-10-18 09:27 - 01204080 _____ C:\windows\Minidump\101815-21091-01.dmp
2015-10-16 08:35 - 2015-10-16 08:35 - 00000000 _____ C:\Users\elhamzaf\AppData\Local\{24500F75-2570-4221-A876-69D5590A1198}
2015-10-14 08:18 - 2015-10-14 08:18 - 00000023 _____ C:\invalid.txt
2015-10-09 12:20 - 2015-02-24 16:55 - 00108344 _____ (Juniper Networks, Inc.) C:\windows\system32\Drivers\jnprTdi_808_53815.sys
2015-10-09 12:20 - 2015-02-24 13:50 - 00507192 _____ (Juniper Networks) C:\windows\system32\Drivers\jnprns.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-08 16:20 - 2015-07-28 14:58 - 01230574 _____ C:\windows\system32\perfh007.dat
2015-11-08 16:20 - 2015-07-28 14:58 - 00339842 _____ C:\windows\system32\perfc007.dat
2015-11-08 16:20 - 2009-07-14 05:13 - 00006742 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-08 16:15 - 2009-07-14 04:51 - 00163994 _____ C:\windows\setupact.log
2015-11-08 16:15 - 2009-07-14 03:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-08 16:13 - 2014-09-24 15:59 - 01751817 _____ C:\windows\WindowsUpdate.log
2015-11-08 16:13 - 2009-07-14 04:45 - 00019328 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-08 16:13 - 2009-07-14 04:45 - 00019328 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-08 16:00 - 2014-10-13 15:31 - 00000308 _____ C:\windows\Tasks\pcpm-collector.job
2015-11-08 15:19 - 2014-12-11 23:14 - 00001068 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-08 14:30 - 2014-10-13 15:31 - 00000314 _____ C:\windows\Tasks\pcpm-consolidator.job
2015-11-08 13:49 - 2015-04-21 20:08 - 00000000 ____D C:\Users\elhamzaf\Desktop\FUN
2015-11-08 13:27 - 2015-02-03 17:54 - 00001970 _____ C:\windows\SysWOW64\QosServ.log
2015-11-08 13:27 - 2014-12-11 23:14 - 00001064 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-08 13:26 - 2014-12-11 18:06 - 00000000 ____D C:\Program Files (x86)\PC Backup
2015-11-08 13:26 - 2009-07-14 05:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-07 19:33 - 2015-05-04 21:01 - 33276928 _____ C:\Users\elhamzaf\Documents\Meine Outlook bis 102015 .pst
2015-11-07 19:20 - 2014-12-22 11:04 - 00000000 ____D C:\Users\elhamzaf\AppData\Local\CrashDumps
2015-11-07 19:13 - 2014-11-10 14:15 - 00000000 ____D C:\windows\system32\appmgmt
2015-11-07 19:02 - 2014-09-24 15:26 - 00000290 _____ C:\windows\Tasks\Maint.job
2015-11-06 17:46 - 2010-11-21 03:47 - 00217854 _____ C:\windows\PFRO.log
2015-11-06 17:45 - 2015-03-07 16:56 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2015-11-06 17:45 - 2014-12-11 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-06 17:44 - 2015-03-03 14:23 - 00000000 ____D C:\Quarantine
2015-11-06 00:10 - 2014-12-29 10:15 - 00000000 ____D C:\Program Files\Samsung
2015-11-06 00:10 - 2014-12-23 09:33 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-06 00:09 - 2015-02-11 09:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-06 00:01 - 2015-09-17 22:37 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-11-05 23:58 - 2014-12-11 23:14 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-05 23:55 - 2014-12-14 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2015-11-05 23:01 - 2014-05-21 13:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-05 18:16 - 2014-12-11 17:55 - 00029970 __RSH C:\Users\elhamzaf\ntuser.pol
2015-11-05 18:16 - 2014-12-11 17:08 - 00000000 ____D C:\Users\elhamzaf
2015-11-05 18:16 - 2014-12-11 17:04 - 00003304 _____ C:\windows\system32\config\netlogon.ftl
2015-11-05 18:16 - 2014-05-21 13:29 - 00123728 __RSH C:\ProgramData\ntuser.pol
2015-11-05 16:05 - 2014-05-21 14:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-04 15:00 - 2014-12-13 13:23 - 00003322 _____ C:\windows\System32\Tasks\Smart Client
2015-11-04 10:48 - 2014-10-13 15:31 - 00002906 _____ C:\windows\System32\Tasks\pcpm-consolidator
2015-11-04 10:47 - 2014-12-11 17:08 - 00134984 _____ C:\Users\elhamzaf\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-04 10:47 - 2014-10-13 15:31 - 00003244 _____ C:\windows\System32\Tasks\pcpm-collector
2015-11-04 10:47 - 2014-10-10 17:46 - 00000000 ____D C:\windows\SmartClient
2015-11-04 10:46 - 2014-05-21 12:41 - 00000000 ____D C:\ProgramData\Time Service
2015-11-04 10:46 - 2009-07-14 04:45 - 00569888 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-03 12:17 - 2014-05-21 12:42 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 12:17 - 2014-05-21 12:42 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-01 20:39 - 2015-02-21 16:41 - 00000000 ____D C:\Users\elhamzaf\Documents\Simple Sticky Notes
2015-11-01 14:38 - 2015-06-25 11:28 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-28 20:08 - 2014-05-21 10:32 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-10-26 15:28 - 2015-02-21 19:28 - 750288332 _____ C:\windows\MEMORY.DMP
2015-10-26 15:28 - 2014-10-13 15:26 - 00000000 ____D C:\windows\Minidump
2015-10-26 15:01 - 2015-01-27 14:43 - 00000059 _____ C:\windows\cvterm.ini
2015-10-26 14:43 - 2015-01-11 15:49 - 00000000 ____D C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-10-26 14:36 - 2014-12-11 23:13 - 00000000 ____D C:\Users\elhamzaf\AppData\Local\Deployment
2015-10-25 15:37 - 2015-05-26 20:29 - 00000000 ____D C:\Users\elhamzaf\Documents\Outlook Files
2015-10-25 15:37 - 2014-12-10 21:35 - 3756467200 _____ C:\Users\elhamzaf\Documents\Meine Outlook.pst
2015-10-25 11:21 - 2014-05-21 11:30 - 01612450 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-10-19 10:08 - 2014-12-15 18:05 - 00000000 ____D C:\Program Files (x86)\Avaya
2015-10-19 10:08 - 2014-12-11 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avaya
2015-10-16 12:32 - 2015-05-16 16:24 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-10-16 12:32 - 2015-05-16 16:09 - 00002055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-10-16 08:37 - 2014-12-11 18:10 - 00000000 ____D C:\windows\HPLogin
2015-10-09 12:18 - 2014-09-24 23:38 - 00000000 ____D C:\Temp
2015-10-09 12:16 - 2014-06-20 12:11 - 00000000 ____D C:\HP

==================== Files in the root of some directories =======

2014-12-11 18:06 - 2014-12-11 18:06 - 0000000 _____ () C:\Program Files (x86)\PC BackupHPSetup.log
2014-12-11 22:25 - 2014-12-11 22:25 - 0000179 _____ () C:\Users\elhamzaf\AppData\Roaming\HP_BITLOCKER_BACKUP2AD.txt
2015-05-25 08:45 - 2015-05-30 17:00 - 0000600 _____ () C:\Users\elhamzaf\AppData\Local\PUTTY.RND
2014-12-11 22:29 - 2014-12-11 22:29 - 0007600 _____ () C:\Users\elhamzaf\AppData\Local\Resmon.ResmonCfg
2015-10-16 08:35 - 2015-10-16 08:35 - 0000000 _____ () C:\Users\elhamzaf\AppData\Local\{24500F75-2570-4221-A876-69D5590A1198}
2015-05-26 09:18 - 2015-05-26 09:18 - 0000000 _____ () C:\Users\elhamzaf\AppData\Local\{E955198A-C33C-41FA-89C6-F89D5AA0A015}
2015-06-10 08:08 - 2015-06-10 08:08 - 0000057 _____ () C:\ProgramData\Ament.ini

Files to move or delete:
====================
C:\Users\Default\create_shortcut.vbs
C:\Users\Default\reg_off2k7.vbs
C:\Users\Default\set_theme.vbs
C:\Users\Default\ThemeTool.exe


Some files in TEMP:
====================
C:\Users\hpadmin\AppData\Local\Temp\CpqMC.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-06 20:06

==================== End of FRST.txt ============================
         

--- --- ---

--- --- ---

--- --- ---

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Ich hab alles versucht um COmbof ix auszufuehren klappt gar nicht?

Ich kann kein software installieren ; ich kann nicht auf systemeinstellung zugreifen oder sonstiges.

Ich kann nichts desinstallieren

Bitte um Hilfe

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lync Monitor.lnk [2015-07-24]
ShortcutTarget: Lync Monitor.lnk -> C:\Windows\Installer\{642C71D9-6EB3-4B7A-A2F9-043774138614}\NewShortcut41_A542611226524D189A82B5C5C0EA8C73.exe (Flexera Software LLC)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\create_shortcut.lnk [2010-11-25]
ShortcutTarget: create_shortcut.lnk -> C:\Users\elhamzaf\create_shortcut.vbs (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reg_off2k7.lnk [2010-11-25]
ShortcutTarget: reg_off2k7.lnk -> C:\Users\elhamzaf\reg_off2k7.vbs (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\set_theme.lnk [2014-06-04]
ShortcutTarget: set_theme.lnk -> C:\Users\elhamzaf\set_theme.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\create_shortcut.lnk [2010-11-25]
ShortcutTarget: create_shortcut.lnk -> C:\Users\elhamzaf\create_shortcut.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reg_off2k7.lnk [2010-11-25]
ShortcutTarget: reg_off2k7.lnk -> C:\Users\elhamzaf\reg_off2k7.vbs (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\set_theme.lnk [2014-06-04]
ShortcutTarget: set_theme.lnk -> C:\Users\elhamzaf\set_theme.vbs (No File)
Startup: C:\Users\elhamzaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-07-18] ()
GroupPolicyScripts: Restriction <======= ATTENTION
ProxyEnable: [HKLM] => Proxy is enabled.
ProxyServer: [HKLM] => hxxp://autocache.hp.com
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.