Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Link in DHL EMail geöffnet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 11.06.2015, 20:10   #1
Wimmerl82
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Ich weiß nicht warum, aber ich habe einen großen Blödsinn gemacht. Ich habe eine EMail unter dem Absender DHL geöffnet und auf einen Link darin geklickt. Es öffnete sich dann eine Fehler-Seite. Sofort war mir klar, dass ich damit einen großen Blödsinn gemacht habe. Der Absender der Email hatte tatsächlich eine polnische Adresse.

Als erstes machte ich mit meinem Virenprogramm Kaspersky eine Untersuchung auf Viren. Es wurden 7 Bedrohungen gefunden und behoben:

Code:
ATTFilter
Gefundenes Objekt (Datei) wurde gelöscht	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe//data0000.res//Smartbar.cab//LinkuryExeName	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe//data0000.res//Smartbar.cab//LinkuryExeName	not-a-virus:AdWare.MSIL.Agent.af	Adware	05.06.2015, 13:57
Gefundenes Objekt (Datei) wurde gelöscht	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//Installer.exe//#//Smartbar.cab	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//Installer.exe//#//Smartbar.cab	not-a-virus:AdWare.MSIL.Agent.af	Adware	05.06.2015, 15:44
Gefundenes Objekt (Datei) wurde gelöscht	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe//#//Smartbar.cab	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe//#//Smartbar.cab	not-a-virus:AdWare.MSIL.Agent.af	Adware	05.06.2015, 15:42
Gefundenes Objekt (Datei) wurde gelöscht	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//#//data0000.res//Smartbar.cab	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//#//data0000.res//Smartbar.cab	not-a-virus:AdWare.MSIL.Agent.af	Adware	05.06.2015, 15:44
Gefundenes Objekt (Datei) wurde gelöscht	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//Installer.exe//data0000.res//Smartbar.cab//LinkuryExeName	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe//RAWinstaller.exe//Installer.exe//data0000.res//Smartbar.cab//LinkuryExeName	not-a-virus:AdWare.MSIL.Agent.af	Adware	05.06.2015, 13:57
Gefundenes Objekt (Datei) wurde gelöscht	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\LinkuryGA_ALL_p2v5.exe		Unbekannte Bedrohung	05.06.2015, 15:44
Gefundenes Objekt (Datei) wurde gelöscht	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe	C:\Documents and Settings\PC\Anwendungsdaten\OpenCandy\5D963DB386094B90BBE50562A64191BA\Installer.exe		Unbekannte Bedrohung	05.06.2015, 15:42
         
Anschließend habe ich wie hier empfohlen die Logofiles erstellt (Anhang).


Ist mein Laptop noch bedroht. Ich hoffe es kann mir jemand helfen. Vielen Dank!!!

Alt 11.06.2015, 21:01   #2
M-K-D-B
/// TB-Ausbilder
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!





Zukünftig bitte beachten:
Zitat:
Running from C:\Users\PC\Downloads\FRST
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.







Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________


Alt 12.06.2015, 13:57   #3
Wimmerl82
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Vielen Dank!

Hier die Logfile von TDSSKiller:

Code:
ATTFilter
14:48:08.0177 0x121c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:48:15.0509 0x121c  ============================================================
14:48:15.0509 0x121c  Current date / time: 2015/06/12 14:48:15.0509
14:48:15.0509 0x121c  SystemInfo:
14:48:15.0509 0x121c  
14:48:15.0509 0x121c  OS Version: 6.1.7601 ServicePack: 1.0
14:48:15.0509 0x121c  Product type: Workstation
14:48:15.0509 0x121c  ComputerName: PC-PC
14:48:15.0509 0x121c  UserName: PC
14:48:15.0509 0x121c  Windows directory: C:\Windows
14:48:15.0509 0x121c  System windows directory: C:\Windows
14:48:15.0509 0x121c  Running under WOW64
14:48:15.0509 0x121c  Processor architecture: Intel x64
14:48:15.0509 0x121c  Number of processors: 2
14:48:15.0509 0x121c  Page size: 0x1000
14:48:15.0509 0x121c  Boot type: Normal boot
14:48:15.0509 0x121c  ============================================================
14:48:20.0922 0x121c  KLMD registered as C:\Windows\system32\drivers\90166869.sys
14:48:22.0607 0x121c  System UUID: {57F330E0-03EC-1263-0A2F-D4D9FA769BD9}
14:48:24.0978 0x121c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:48:24.0978 0x121c  ============================================================
14:48:24.0978 0x121c  \Device\Harddisk0\DR0:
14:48:24.0978 0x121c  MBR partitions:
14:48:24.0978 0x121c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
14:48:24.0978 0x121c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x38B53000
14:48:24.0978 0x121c  ============================================================
14:48:25.0134 0x121c  C: <-> \Device\Harddisk0\DR0\Partition2
14:48:25.0134 0x121c  ============================================================
14:48:25.0134 0x121c  Initialize success
14:48:25.0134 0x121c  ============================================================
14:48:35.0757 0x13b8  ============================================================
14:48:35.0757 0x13b8  Scan started
14:48:35.0757 0x13b8  Mode: Manual; 
14:48:35.0757 0x13b8  ============================================================
14:48:35.0757 0x13b8  KSN ping started
14:48:38.0207 0x13b8  KSN ping finished: true
14:48:42.0762 0x13b8  ================ Scan system memory ========================
14:48:42.0762 0x13b8  System memory - ok
14:48:42.0762 0x13b8  ================ Scan services =============================
14:48:43.0557 0x13b8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:48:43.0573 0x13b8  1394ohci - ok
14:48:43.0854 0x13b8  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
14:48:43.0869 0x13b8  acedrv11 - ok
14:48:43.0947 0x13b8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:48:43.0963 0x13b8  ACPI - ok
14:48:44.0041 0x13b8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:48:44.0041 0x13b8  AcpiPmi - ok
14:48:44.0384 0x13b8  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:48:44.0384 0x13b8  AdobeARMservice - ok
14:48:45.0008 0x13b8  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:48:45.0086 0x13b8  AdobeFlashPlayerUpdateSvc - ok
14:48:45.0227 0x13b8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:48:45.0242 0x13b8  adp94xx - ok
14:48:45.0539 0x13b8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:48:45.0585 0x13b8  adpahci - ok
14:48:45.0663 0x13b8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:48:45.0663 0x13b8  adpu320 - ok
14:48:45.0773 0x13b8  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:48:45.0788 0x13b8  AeLookupSvc - ok
14:48:45.0929 0x13b8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
14:48:45.0944 0x13b8  AFD - ok
14:48:46.0069 0x13b8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:48:46.0085 0x13b8  agp440 - ok
14:48:46.0116 0x13b8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:48:46.0131 0x13b8  ALG - ok
14:48:46.0209 0x13b8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:48:46.0225 0x13b8  aliide - ok
14:48:46.0287 0x13b8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:48:46.0287 0x13b8  amdide - ok
14:48:46.0381 0x13b8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:48:46.0397 0x13b8  AmdK8 - ok
14:48:46.0412 0x13b8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:48:46.0428 0x13b8  AmdPPM - ok
14:48:46.0506 0x13b8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:48:46.0506 0x13b8  amdsata - ok
14:48:46.0584 0x13b8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:48:46.0599 0x13b8  amdsbs - ok
14:48:46.0677 0x13b8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:48:46.0677 0x13b8  amdxata - ok
14:48:46.0755 0x13b8  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
14:48:46.0755 0x13b8  AppID - ok
14:48:46.0896 0x13b8  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:48:46.0896 0x13b8  AppIDSvc - ok
14:48:47.0005 0x13b8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:48:47.0005 0x13b8  Appinfo - ok
14:48:47.0083 0x13b8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:48:47.0083 0x13b8  arc - ok
14:48:47.0130 0x13b8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:48:47.0130 0x13b8  arcsas - ok
14:48:47.0691 0x13b8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:48:47.0972 0x13b8  aspnet_state - ok
14:48:48.0097 0x13b8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:48:48.0097 0x13b8  AsyncMac - ok
14:48:48.0159 0x13b8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:48:48.0175 0x13b8  atapi - ok
14:48:48.0284 0x13b8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:48:48.0315 0x13b8  AudioEndpointBuilder - ok
14:48:48.0347 0x13b8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:48:48.0378 0x13b8  AudioSrv - ok
14:48:48.0549 0x13b8  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
14:48:48.0565 0x13b8  AVP - ok
14:48:48.0674 0x13b8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:48:48.0674 0x13b8  AxInstSV - ok
14:48:48.0783 0x13b8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:48:48.0815 0x13b8  b06bdrv - ok
14:48:48.0955 0x13b8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:48:48.0971 0x13b8  b57nd60a - ok
14:48:49.0142 0x13b8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:48:49.0142 0x13b8  BDESVC - ok
14:48:49.0205 0x13b8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:48:49.0205 0x13b8  Beep - ok
14:48:49.0392 0x13b8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:48:49.0423 0x13b8  BFE - ok
14:48:49.0532 0x13b8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:48:49.0641 0x13b8  BITS - ok
14:48:49.0688 0x13b8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:48:49.0688 0x13b8  blbdrive - ok
14:48:49.0797 0x13b8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:48:49.0813 0x13b8  bowser - ok
14:48:49.0891 0x13b8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:48:49.0891 0x13b8  BrFiltLo - ok
14:48:49.0938 0x13b8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:48:49.0953 0x13b8  BrFiltUp - ok
14:48:50.0031 0x13b8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:48:50.0063 0x13b8  Browser - ok
14:48:50.0125 0x13b8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:48:50.0141 0x13b8  Brserid - ok
14:48:50.0187 0x13b8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:48:50.0187 0x13b8  BrSerWdm - ok
14:48:50.0219 0x13b8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:48:50.0219 0x13b8  BrUsbMdm - ok
14:48:50.0219 0x13b8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:48:50.0234 0x13b8  BrUsbSer - ok
14:48:50.0297 0x13b8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:48:50.0297 0x13b8  BthEnum - ok
14:48:50.0343 0x13b8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:48:50.0343 0x13b8  BTHMODEM - ok
14:48:50.0390 0x13b8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:48:50.0406 0x13b8  BthPan - ok
14:48:50.0499 0x13b8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:48:50.0515 0x13b8  BTHPORT - ok
14:48:50.0593 0x13b8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:48:50.0593 0x13b8  bthserv - ok
14:48:50.0733 0x13b8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:48:50.0765 0x13b8  BTHUSB - ok
14:48:50.0811 0x13b8  [ 6E04458E98DAF28826482E41A7A62DF5, 995B371E7384CC05D3A0B462B31A3EA56D8715A93D15B45DB3A78C7F7CF13A40 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
14:48:50.0811 0x13b8  btusbflt - ok
14:48:51.0014 0x13b8  [ 6BCFDC2B5B7F66D484486D4BD4B39A6B, 2A2039DD524E989EA91B7C91D5F295C663D1E27ABD64777D2F3137EB1C42C258 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
14:48:51.0014 0x13b8  btwaudio - ok
14:48:51.0077 0x13b8  [ 82DC8B7C626E526681C1BEBED2BC3FF9, 58260E88CDD7388ABA563F9B8F2F3FA17022DB9E4C56EBA0761E99B919A8EAF8 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
14:48:51.0077 0x13b8  btwavdt - ok
14:48:51.0451 0x13b8  [ 9B3BD0ECD82CC08409C55A36D8F56B93, FEFF37ECD21273B927B3A079C56EBC378118996A4C07B4CEE18545656AD6CC4A ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:48:51.0513 0x13b8  btwdins - ok
14:48:51.0576 0x13b8  [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
14:48:51.0576 0x13b8  btwl2cap - ok
14:48:51.0701 0x13b8  [ 28E105AD3B79F440BF94780F507BF66A, EF4E6CCAB16765E2C88666625C13CB3299B668159A94CB201E3B44701A30640A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
14:48:51.0701 0x13b8  btwrchid - ok
14:48:51.0763 0x13b8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:48:51.0763 0x13b8  cdfs - ok
14:48:51.0888 0x13b8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:48:51.0903 0x13b8  cdrom - ok
14:48:51.0966 0x13b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:48:51.0966 0x13b8  CertPropSvc - ok
14:48:52.0059 0x13b8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:48:52.0059 0x13b8  circlass - ok
14:48:52.0169 0x13b8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
14:48:52.0184 0x13b8  CLFS - ok
14:48:52.0309 0x13b8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:48:52.0325 0x13b8  clr_optimization_v2.0.50727_32 - ok
14:48:52.0465 0x13b8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:48:52.0465 0x13b8  clr_optimization_v2.0.50727_64 - ok
14:48:52.0574 0x13b8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:48:52.0980 0x13b8  clr_optimization_v4.0.30319_32 - ok
14:48:53.0058 0x13b8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:48:53.0183 0x13b8  clr_optimization_v4.0.30319_64 - ok
14:48:53.0214 0x13b8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:48:53.0214 0x13b8  CmBatt - ok
14:48:53.0276 0x13b8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:48:53.0276 0x13b8  cmdide - ok
14:48:53.0417 0x13b8  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
14:48:53.0432 0x13b8  CNG - ok
14:48:53.0541 0x13b8  [ 20F3F8674D7DEE5D90A352B775D5D5BA, 3D51276C77183652533A882F6C766075C7F5981DD116888567DC8E7FF3CF0D2D ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:48:53.0557 0x13b8  CnxtHdAudService - ok
14:48:53.0604 0x13b8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:48:53.0619 0x13b8  Compbatt - ok
14:48:53.0682 0x13b8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:48:53.0682 0x13b8  CompositeBus - ok
14:48:53.0713 0x13b8  COMSysApp - ok
14:48:53.0775 0x13b8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:48:53.0775 0x13b8  crcdisk - ok
14:48:53.0853 0x13b8  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:48:53.0853 0x13b8  CryptSvc - ok
14:48:53.0994 0x13b8  [ 5A639B2B630B572FFE9B72448A8A514D, C61C72BC85AD4E2A2AD12E1404601B5FFC26AABB0D9D9CDF48D926443FF91F50 ] DBService       C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
14:48:53.0994 0x13b8  DBService - ok
14:48:54.0181 0x13b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:48:54.0275 0x13b8  DcomLaunch - ok
14:48:54.0337 0x13b8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:48:54.0353 0x13b8  defragsvc - ok
14:48:54.0446 0x13b8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:48:54.0446 0x13b8  DfsC - ok
14:48:54.0524 0x13b8  [ FFCCD922F305B8CFBA8D99F65E35EDD7, DF1334BC63F1008C8F9F80ED30EAB58F918D99BF6DC9E466645CB24A29163079 ] dgderdrv        C:\Windows\system32\drivers\dgderdrv.sys
14:48:54.0540 0x13b8  dgderdrv - ok
14:48:54.0618 0x13b8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:48:54.0618 0x13b8  Dhcp - ok
14:48:54.0899 0x13b8  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:48:54.0930 0x13b8  DiagTrack - ok
14:48:54.0992 0x13b8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:48:54.0992 0x13b8  discache - ok
14:48:55.0055 0x13b8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:48:55.0070 0x13b8  Disk - ok
14:48:55.0445 0x13b8  [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr         C:\Windows\syswow64\Drivers\DKbFltr.sys
14:48:55.0445 0x13b8  DKbFltr - ok
14:48:55.0491 0x13b8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:48:55.0507 0x13b8  Dnscache - ok
14:48:55.0601 0x13b8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:48:55.0616 0x13b8  dot3svc - ok
14:48:55.0694 0x13b8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:48:55.0694 0x13b8  DPS - ok
14:48:55.0772 0x13b8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:48:55.0772 0x13b8  drmkaud - ok
14:48:56.0037 0x13b8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:48:56.0115 0x13b8  DXGKrnl - ok
14:48:56.0225 0x13b8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:48:56.0240 0x13b8  EapHost - ok
14:48:56.0771 0x13b8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:48:56.0973 0x13b8  ebdrv - ok
14:48:57.0051 0x13b8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
14:48:57.0051 0x13b8  EFS - ok
14:48:57.0223 0x13b8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:48:57.0254 0x13b8  ehRecvr - ok
14:48:57.0379 0x13b8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:48:57.0379 0x13b8  ehSched - ok
14:48:57.0488 0x13b8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:48:57.0504 0x13b8  elxstor - ok
14:48:57.0785 0x13b8  [ FB67AA8AC61B9365ADD546139A21BED6, DDE2053071ED1F7E634FF1A74DB0ACC7D0D19B0AD0CF37DE989FA91B93C76452 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:48:57.0878 0x13b8  ePowerSvc - ok
14:48:57.0925 0x13b8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:48:57.0925 0x13b8  ErrDev - ok
14:48:58.0034 0x13b8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:48:58.0050 0x13b8  EventSystem - ok
14:48:58.0112 0x13b8  [ 6BB25543428878BAFBC2F8446343B160, 4F0ADDD1BD1CE6F20476E73950FCE4C25C8A90CB84DCB9A7C91EC34FA4C6FBF3 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
14:48:58.0112 0x13b8  ewusbnet - ok
14:48:58.0190 0x13b8  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:48:58.0206 0x13b8  ew_hwusbdev - ok
14:48:58.0268 0x13b8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:48:58.0268 0x13b8  exfat - ok
14:48:58.0315 0x13b8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:48:58.0315 0x13b8  fastfat - ok
14:48:58.0440 0x13b8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:48:58.0471 0x13b8  Fax - ok
14:48:58.0502 0x13b8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:48:58.0502 0x13b8  fdc - ok
14:48:58.0565 0x13b8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:48:58.0565 0x13b8  fdPHost - ok
14:48:58.0580 0x13b8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:48:58.0580 0x13b8  FDResPub - ok
14:48:58.0611 0x13b8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:48:58.0611 0x13b8  FileInfo - ok
14:48:58.0689 0x13b8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:48:58.0689 0x13b8  Filetrace - ok
14:48:58.0752 0x13b8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:48:58.0752 0x13b8  flpydisk - ok
14:48:58.0923 0x13b8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:48:58.0939 0x13b8  FltMgr - ok
14:48:59.0126 0x13b8  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
14:48:59.0173 0x13b8  FontCache - ok
14:48:59.0469 0x13b8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:48:59.0485 0x13b8  FontCache3.0.0.0 - ok
14:48:59.0547 0x13b8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:48:59.0547 0x13b8  FsDepends - ok
14:48:59.0594 0x13b8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:48:59.0594 0x13b8  Fs_Rec - ok
14:48:59.0688 0x13b8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:48:59.0703 0x13b8  fvevol - ok
14:48:59.0750 0x13b8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:48:59.0750 0x13b8  gagp30kx - ok
14:48:59.0828 0x13b8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:48:59.0859 0x13b8  gpsvc - ok
14:49:00.0171 0x13b8  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
14:49:00.0234 0x13b8  Greg_Service - ok
14:49:00.0437 0x13b8  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate1ca948a3229fde9 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:49:00.0437 0x13b8  gupdate1ca948a3229fde9 - ok
14:49:00.0593 0x13b8  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:49:00.0593 0x13b8  gupdatem - ok
14:49:00.0639 0x13b8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:49:00.0639 0x13b8  hcw85cir - ok
14:49:00.0733 0x13b8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:49:00.0733 0x13b8  HdAudAddService - ok
14:49:00.0780 0x13b8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:49:00.0780 0x13b8  HDAudBus - ok
14:49:00.0858 0x13b8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:49:00.0858 0x13b8  HidBatt - ok
14:49:00.0873 0x13b8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:49:00.0873 0x13b8  HidBth - ok
14:49:00.0905 0x13b8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:49:00.0905 0x13b8  HidIr - ok
14:49:00.0967 0x13b8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:49:00.0967 0x13b8  hidserv - ok
14:49:01.0045 0x13b8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
14:49:01.0045 0x13b8  HidUsb - ok
14:49:01.0107 0x13b8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:49:01.0107 0x13b8  hkmsvc - ok
14:49:01.0185 0x13b8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:49:01.0201 0x13b8  HomeGroupListener - ok
14:49:01.0248 0x13b8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:49:01.0248 0x13b8  HomeGroupProvider - ok
14:49:01.0373 0x13b8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:49:01.0373 0x13b8  HpSAMD - ok
14:49:01.0685 0x13b8  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:49:01.0716 0x13b8  HPSLPSVC - ok
14:49:01.0856 0x13b8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:49:01.0919 0x13b8  HTTP - ok
14:49:02.0012 0x13b8  [ 6E05228393CD614B983568EC40C262C3, CEB1CFDD346534F01A52D2E7004B0220692FC67CAD874FE04740ECDA2F92767D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:49:02.0012 0x13b8  hwdatacard - ok
14:49:02.0059 0x13b8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:49:02.0059 0x13b8  hwpolicy - ok
14:49:02.0153 0x13b8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:49:02.0168 0x13b8  i8042prt - ok
14:49:02.0277 0x13b8  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:49:02.0293 0x13b8  IAANTMON - ok
14:49:02.0355 0x13b8  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:49:02.0355 0x13b8  iaStor - ok
14:49:02.0465 0x13b8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:49:02.0480 0x13b8  iaStorV - ok
14:49:02.0621 0x13b8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:49:02.0652 0x13b8  idsvc - ok
14:49:02.0730 0x13b8  IEEtwCollectorService - ok
14:49:02.0761 0x13b8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:49:02.0777 0x13b8  iirsp - ok
14:49:02.0964 0x13b8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:49:02.0995 0x13b8  IKEEXT - ok
14:49:03.0151 0x13b8  [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4, 04243A34AF13B89DABE4C4D24204438094AA36A83591092E1251AD67E623C10F ] int15.sys       C:\Windows\System32\OEM\Factory\int15.sys
14:49:03.0167 0x13b8  int15.sys - ok
14:49:03.0260 0x13b8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:49:03.0260 0x13b8  intelide - ok
14:49:03.0354 0x13b8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:49:03.0354 0x13b8  intelppm - ok
14:49:03.0416 0x13b8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:49:03.0416 0x13b8  IPBusEnum - ok
14:49:03.0541 0x13b8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:49:03.0541 0x13b8  IpFilterDriver - ok
14:49:03.0666 0x13b8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:49:03.0681 0x13b8  iphlpsvc - ok
14:49:03.0759 0x13b8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:49:03.0759 0x13b8  IPMIDRV - ok
14:49:03.0806 0x13b8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:49:03.0822 0x13b8  IPNAT - ok
14:49:03.0915 0x13b8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:49:03.0915 0x13b8  IRENUM - ok
14:49:03.0962 0x13b8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:49:03.0978 0x13b8  isapnp - ok
14:49:04.0040 0x13b8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:49:04.0056 0x13b8  iScsiPrt - ok
14:49:04.0103 0x13b8  [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:49:04.0118 0x13b8  IviRegMgr - ok
14:49:04.0181 0x13b8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:49:04.0181 0x13b8  kbdclass - ok
14:49:04.0259 0x13b8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:49:04.0259 0x13b8  kbdhid - ok
14:49:04.0368 0x13b8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
14:49:04.0368 0x13b8  KeyIso - ok
14:49:04.0461 0x13b8  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
14:49:04.0477 0x13b8  kl1 - ok
14:49:04.0571 0x13b8  [ D0C3AEF67932D2A80736FBCB956C017D, 166C2FD5F1B6FFE7A71CD821DFDD02B68D25CBF0D44BD6F2522C65CF1DEB363C ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
14:49:04.0586 0x13b8  klflt - ok
14:49:06.0911 0x13b8  [ 41DF293A7F0418F5DDED9F0297DC68F3, 25DE4BB7F2D915FCF576ABD46EEDC5574B694A2D1E5CB7AB565792C7BB57C76B ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
14:49:06.0942 0x13b8  KLIF - ok
14:49:07.0067 0x13b8  [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
14:49:07.0067 0x13b8  KLIM6 - ok
14:49:07.0207 0x13b8  [ 8DA5BC75C3E8A995335642F26CAEA54B, 3995AAB499A37077AA4FB372E75CD9259BA3EA7020B961CF482AC948D2D47AB4 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
14:49:07.0207 0x13b8  klkbdflt - ok
14:49:07.0269 0x13b8  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
14:49:07.0269 0x13b8  klmouflt - ok
14:49:07.0363 0x13b8  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
14:49:07.0363 0x13b8  klpd - ok
14:49:07.0457 0x13b8  [ 4828B3D2BC89B05E07101C6E60CE0A6A, C2D40EA03A526286AEDF27DE80CB0576EB59EB7581C9E9ECFCB867349593D7CE ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
14:49:07.0457 0x13b8  kltdi - ok
14:49:07.0566 0x13b8  [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
14:49:07.0581 0x13b8  kneps - ok
14:49:07.0628 0x13b8  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:49:07.0644 0x13b8  KSecDD - ok
14:49:07.0691 0x13b8  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:49:07.0691 0x13b8  KSecPkg - ok
14:49:07.0753 0x13b8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:49:07.0753 0x13b8  ksthunk - ok
14:49:07.0815 0x13b8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:49:07.0831 0x13b8  KtmRm - ok
14:49:07.0925 0x13b8  [ 2377EC4CC3E356655B996F39B43486B6, 1934013BAC20D857C9060229AC847B5628FB17042057E8B1CB8E3E0F9F26D53F ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
14:49:07.0925 0x13b8  L1C - ok
14:49:08.0112 0x13b8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:49:08.0190 0x13b8  LanmanServer - ok
14:49:08.0268 0x13b8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:49:08.0268 0x13b8  LanmanWorkstation - ok
14:49:08.0346 0x13b8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:49:08.0346 0x13b8  lltdio - ok
14:49:08.0439 0x13b8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:49:08.0455 0x13b8  lltdsvc - ok
14:49:08.0486 0x13b8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:49:08.0486 0x13b8  lmhosts - ok
14:49:08.0533 0x13b8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:49:08.0533 0x13b8  LSI_FC - ok
14:49:08.0580 0x13b8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:49:08.0595 0x13b8  LSI_SAS - ok
14:49:08.0658 0x13b8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:49:08.0658 0x13b8  LSI_SAS2 - ok
14:49:08.0673 0x13b8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:49:08.0673 0x13b8  LSI_SCSI - ok
14:49:08.0720 0x13b8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:49:08.0720 0x13b8  luafv - ok
14:49:08.0767 0x13b8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:49:08.0767 0x13b8  Mcx2Svc - ok
14:49:08.0798 0x13b8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:49:08.0876 0x13b8  megasas - ok
14:49:08.0907 0x13b8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:49:08.0907 0x13b8  MegaSR - ok
14:49:09.0017 0x13b8  Microsoft SharePoint Workspace Audit Service - ok
14:49:09.0063 0x13b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:49:09.0063 0x13b8  MMCSS - ok
14:49:09.0095 0x13b8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:49:09.0095 0x13b8  Modem - ok
14:49:09.0157 0x13b8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:49:09.0157 0x13b8  monitor - ok
14:49:09.0219 0x13b8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:49:09.0219 0x13b8  mouclass - ok
14:49:09.0282 0x13b8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:49:09.0282 0x13b8  mouhid - ok
14:49:09.0360 0x13b8  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:49:09.0360 0x13b8  mountmgr - ok
14:49:09.0469 0x13b8  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:49:09.0485 0x13b8  MozillaMaintenance - ok
14:49:09.0531 0x13b8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:49:09.0547 0x13b8  mpio - ok
14:49:09.0641 0x13b8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:49:09.0641 0x13b8  mpsdrv - ok
14:49:09.0797 0x13b8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:49:09.0999 0x13b8  MpsSvc - ok
14:49:10.0109 0x13b8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:49:10.0109 0x13b8  MRxDAV - ok
14:49:10.0155 0x13b8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:49:10.0187 0x13b8  mrxsmb - ok
14:49:10.0265 0x13b8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:49:10.0265 0x13b8  mrxsmb10 - ok
14:49:10.0389 0x13b8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:49:10.0389 0x13b8  mrxsmb20 - ok
14:49:10.0561 0x13b8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:49:10.0577 0x13b8  msahci - ok
14:49:10.0670 0x13b8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:49:10.0686 0x13b8  msdsm - ok
14:49:10.0733 0x13b8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:49:10.0748 0x13b8  MSDTC - ok
14:49:11.0029 0x13b8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:49:11.0029 0x13b8  Msfs - ok
14:49:11.0138 0x13b8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:49:11.0138 0x13b8  mshidkmdf - ok
14:49:11.0185 0x13b8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:49:11.0185 0x13b8  msisadrv - ok
14:49:11.0279 0x13b8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:49:11.0279 0x13b8  MSiSCSI - ok
14:49:11.0279 0x13b8  msiserver - ok
14:49:12.0043 0x13b8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:49:12.0043 0x13b8  MSKSSRV - ok
14:49:12.0090 0x13b8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:49:12.0090 0x13b8  MSPCLOCK - ok
14:49:12.0246 0x13b8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:49:12.0246 0x13b8  MSPQM - ok
14:49:12.0308 0x13b8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:49:12.0324 0x13b8  MsRPC - ok
14:49:12.0449 0x13b8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:49:12.0449 0x13b8  mssmbios - ok
14:49:12.0714 0x13b8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:49:12.0714 0x13b8  MSTEE - ok
14:49:12.0730 0x13b8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:49:12.0730 0x13b8  MTConfig - ok
14:49:12.0761 0x13b8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:49:12.0776 0x13b8  Mup - ok
14:49:12.0870 0x13b8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:49:12.0886 0x13b8  napagent - ok
14:49:12.0979 0x13b8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:49:12.0995 0x13b8  NativeWifiP - ok
14:49:13.0151 0x13b8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:49:13.0229 0x13b8  NDIS - ok
14:49:13.0338 0x13b8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:49:13.0338 0x13b8  NdisCap - ok
14:49:13.0416 0x13b8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:49:13.0416 0x13b8  NdisTapi - ok
14:49:13.0728 0x13b8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:49:13.0728 0x13b8  Ndisuio - ok
14:49:13.0837 0x13b8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:13.0837 0x13b8  NdisWan - ok
14:49:13.0962 0x13b8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:49:13.0962 0x13b8  NDProxy - ok
14:49:14.0102 0x13b8  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:49:14.0118 0x13b8  Net Driver HPZ12 - ok
14:49:14.0165 0x13b8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:49:14.0180 0x13b8  NetBIOS - ok
14:49:14.0243 0x13b8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:49:14.0243 0x13b8  NetBT - ok
14:49:14.0274 0x13b8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
14:49:14.0274 0x13b8  Netlogon - ok
14:49:14.0352 0x13b8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:49:14.0399 0x13b8  Netman - ok
14:49:14.0570 0x13b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:14.0648 0x13b8  NetMsmqActivator - ok
14:49:14.0680 0x13b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:14.0680 0x13b8  NetPipeActivator - ok
14:49:14.0773 0x13b8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:49:14.0804 0x13b8  netprofm - ok
14:49:14.0882 0x13b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:14.0882 0x13b8  NetTcpActivator - ok
14:49:14.0898 0x13b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:14.0898 0x13b8  NetTcpPortSharing - ok
14:49:16.0224 0x13b8  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
14:49:16.0583 0x13b8  NETw5s64 - ok
14:49:17.0254 0x13b8  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
14:49:17.0550 0x13b8  netw5v64 - ok
14:49:17.0612 0x13b8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:49:17.0612 0x13b8  nfrd960 - ok
14:49:18.0408 0x13b8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:49:18.0486 0x13b8  NlaSvc - ok
14:49:18.0689 0x13b8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:49:18.0782 0x13b8  Npfs - ok
14:49:19.0126 0x13b8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:49:19.0126 0x13b8  nsi - ok
14:49:19.0188 0x13b8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:49:19.0188 0x13b8  nsiproxy - ok
14:49:19.0578 0x13b8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:49:19.0843 0x13b8  Ntfs - ok
14:49:19.0984 0x13b8  [ FD324CCE1D4D5BB5AF65F8E55B462C7E, 901287499F33EFD3B1EE6CBDAD4E4DD342DC62FCDCCEF5375CB9D7B0673EE1E6 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
14:49:19.0999 0x13b8  NTIBackupSvc - ok
14:49:20.0140 0x13b8  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
14:49:20.0140 0x13b8  NTIDrvr - ok
14:49:20.0311 0x13b8  [ 3F6268A2EC33CD38CF75C880AF8DED42, 6CA4A527878042C3BB40A7C0F4F9434827C7E60F989EB7C39BBAD0F270404EEE ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
14:49:20.0436 0x13b8  NTISchedulerSvc - ok
14:49:20.0467 0x13b8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:49:20.0467 0x13b8  Null - ok
14:49:21.0481 0x13b8  [ FD39B98FF1BB8ED3848781497E9D02E0, EF078BC65FAF214860C177206793FFA47EB216FCC2F711DB1D63FE584FF18706 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:49:21.0949 0x13b8  nvlddmkm - ok
14:49:21.0996 0x13b8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:49:22.0012 0x13b8  nvraid - ok
14:49:22.0058 0x13b8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:49:22.0058 0x13b8  nvstor - ok
14:49:22.0136 0x13b8  [ C1668D58547DD0C4A0FBD6AFA20D5890, CF003E17B4DB83B88E3CE3010BE9A970756BB45C4D3500D3F02EBDC92BBC2AF8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:49:22.0136 0x13b8  nvsvc - ok
14:49:22.0183 0x13b8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:49:22.0214 0x13b8  nv_agp - ok
14:49:22.0277 0x13b8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:49:22.0292 0x13b8  ohci1394 - ok
14:49:22.0339 0x13b8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:49:22.0386 0x13b8  ose - ok
14:49:22.0916 0x13b8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:49:23.0166 0x13b8  osppsvc - ok
14:49:23.0416 0x13b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:49:23.0462 0x13b8  p2pimsvc - ok
14:49:23.0759 0x13b8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:49:23.0806 0x13b8  p2psvc - ok
14:49:23.0962 0x13b8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:49:23.0977 0x13b8  Parport - ok
14:49:24.0071 0x13b8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:49:24.0086 0x13b8  partmgr - ok
14:49:24.0180 0x13b8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:49:24.0196 0x13b8  PcaSvc - ok
14:49:24.0211 0x13b8  pccsmcfd - ok
14:49:24.0336 0x13b8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:49:24.0336 0x13b8  pci - ok
14:49:24.0398 0x13b8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:49:24.0398 0x13b8  pciide - ok
14:49:24.0461 0x13b8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:49:24.0476 0x13b8  pcmcia - ok
14:49:24.0554 0x13b8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:49:24.0554 0x13b8  pcw - ok
14:49:24.0929 0x13b8  [ D0AD1271494EB9E065E902D1013BC369, 0E4DB28B5C348DF44BADC64FB8BCDA563D0515A75F0F14FD076BC39AF19BD65F ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
14:49:25.0100 0x13b8  PDF Architect 2 - ok
14:49:25.0818 0x13b8  [ 89436BB836F6737F19EB2B78250E414E, 9140F42CACDDC0979B90553D43A1FA1296DD829E6235D272F9DF3670613445CF ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
14:49:25.0912 0x13b8  pdfforge CrashHandler - ok
14:49:26.0052 0x13b8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:49:26.0083 0x13b8  PEAUTH - ok
14:49:26.0333 0x13b8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:49:26.0348 0x13b8  PerfHost - ok
14:49:26.0692 0x13b8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:49:26.0770 0x13b8  pla - ok
14:49:26.0863 0x13b8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:49:26.0879 0x13b8  PlugPlay - ok
14:49:27.0050 0x13b8  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:49:27.0066 0x13b8  Pml Driver HPZ12 - ok
14:49:27.0160 0x13b8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:49:27.0160 0x13b8  PNRPAutoReg - ok
14:49:27.0316 0x13b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:49:27.0331 0x13b8  PNRPsvc - ok
14:49:27.0425 0x13b8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:49:27.0456 0x13b8  PolicyAgent - ok
14:49:27.0596 0x13b8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:49:27.0612 0x13b8  Power - ok
14:49:27.0737 0x13b8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:49:27.0737 0x13b8  PptpMiniport - ok
14:49:27.0784 0x13b8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:49:27.0784 0x13b8  Processor - ok
14:49:27.0815 0x13b8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:49:27.0830 0x13b8  ProfSvc - ok
14:49:27.0862 0x13b8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
14:49:27.0862 0x13b8  ProtectedStorage - ok
14:49:27.0955 0x13b8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:49:27.0955 0x13b8  Psched - ok
14:49:28.0002 0x13b8  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:49:28.0018 0x13b8  PSI_SVC_2 - ok
14:49:28.0205 0x13b8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:49:28.0298 0x13b8  ql2300 - ok
14:49:28.0361 0x13b8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:49:28.0361 0x13b8  ql40xx - ok
14:49:28.0486 0x13b8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:49:28.0501 0x13b8  QWAVE - ok
14:49:28.0548 0x13b8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:49:28.0548 0x13b8  QWAVEdrv - ok
14:49:28.0720 0x13b8  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
14:49:28.0735 0x13b8  RapiMgr - ok
14:49:28.0766 0x13b8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:49:28.0766 0x13b8  RasAcd - ok
14:49:28.0829 0x13b8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:49:28.0844 0x13b8  RasAgileVpn - ok
14:49:28.0907 0x13b8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:49:28.0922 0x13b8  RasAuto - ok
14:49:28.0985 0x13b8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:49:28.0985 0x13b8  Rasl2tp - ok
14:49:29.0078 0x13b8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:49:29.0110 0x13b8  RasMan - ok
14:49:29.0172 0x13b8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:49:29.0188 0x13b8  RasPppoe - ok
14:49:29.0234 0x13b8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:49:29.0250 0x13b8  RasSstp - ok
14:49:29.0328 0x13b8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:49:29.0328 0x13b8  rdbss - ok
14:49:29.0359 0x13b8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:49:29.0375 0x13b8  rdpbus - ok
14:49:29.0406 0x13b8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:49:29.0406 0x13b8  RDPCDD - ok
14:49:29.0468 0x13b8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:49:29.0468 0x13b8  RDPENCDD - ok
14:49:29.0546 0x13b8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:49:29.0546 0x13b8  RDPREFMP - ok
14:49:29.0640 0x13b8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:49:29.0640 0x13b8  RDPWD - ok
14:49:29.0718 0x13b8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:49:29.0734 0x13b8  rdyboost - ok
14:49:29.0765 0x13b8  regi - ok
14:49:29.0858 0x13b8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:49:29.0858 0x13b8  RemoteAccess - ok
14:49:29.0921 0x13b8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:49:29.0921 0x13b8  RemoteRegistry - ok
14:49:29.0983 0x13b8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:49:29.0983 0x13b8  RFCOMM - ok
14:49:30.0077 0x13b8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:49:30.0077 0x13b8  RpcEptMapper - ok
14:49:30.0124 0x13b8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:49:30.0124 0x13b8  RpcLocator - ok
14:49:30.0186 0x13b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:49:30.0186 0x13b8  RpcSs - ok
14:49:30.0264 0x13b8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:49:30.0264 0x13b8  rspndr - ok
14:49:30.0326 0x13b8  [ A5DF2F732A6C95554E548FCB6932BD31, C86B89CDB42F465329CAD3B601A6A006C4785F0CBF753361A7677D68D558EFC9 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
14:49:30.0326 0x13b8  RSUSBSTOR - ok
14:49:30.0420 0x13b8  [ B5A4B7D779CF4070DF408DE18BD33B02, 45D68D32AE10DB0D76F3455DF84ACD2289485C38FC411B71C2DD3E0FB9923473 ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
14:49:30.0420 0x13b8  RS_Service - ok
14:49:30.0436 0x13b8  RtsUIR - ok
14:49:30.0560 0x13b8  [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus        C:\Windows\system32\DRIVERS\s0016bus.sys
14:49:30.0560 0x13b8  s0016bus - ok
14:49:30.0638 0x13b8  [ F5F9DEB89996D333EF976624D37E24E3, 88DE296EFA6CA2F32318F1807D633C8949D237FB33BA320551B71089CF5EB73B ] s0016mdfl       C:\Windows\system32\DRIVERS\s0016mdfl.sys
14:49:30.0638 0x13b8  s0016mdfl - ok
14:49:30.0670 0x13b8  [ C17CE2AEE67480FEBCC36ECCB54C0BE8, E13F83608B29988CCDB5A462AA3E56D26222427066651EEDF48223664D3FAFEA ] s0016mdm        C:\Windows\system32\DRIVERS\s0016mdm.sys
14:49:30.0685 0x13b8  s0016mdm - ok
14:49:30.0716 0x13b8  [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt       C:\Windows\system32\DRIVERS\s0016mgmt.sys
14:49:30.0732 0x13b8  s0016mgmt - ok
14:49:30.0794 0x13b8  [ 30A35BBCE09D9FE67482FD62C61911FC, 8E8B0910F2A4C7DCFF0F8A83AAA8F9B38D53CEB7B7E7DC5B64350A09CBE6F557 ] s0016nd5        C:\Windows\system32\DRIVERS\s0016nd5.sys
14:49:30.0826 0x13b8  s0016nd5 - ok
14:49:30.0904 0x13b8  [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex       C:\Windows\system32\DRIVERS\s0016obex.sys
14:49:30.0904 0x13b8  s0016obex - ok
14:49:30.0950 0x13b8  [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic       C:\Windows\system32\DRIVERS\s0016unic.sys
14:49:30.0982 0x13b8  s0016unic - ok
14:49:31.0013 0x13b8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
14:49:31.0013 0x13b8  SamSs - ok
14:49:31.0060 0x13b8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:49:31.0106 0x13b8  sbp2port - ok
14:49:31.0169 0x13b8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:49:31.0169 0x13b8  SCardSvr - ok
14:49:31.0216 0x13b8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:49:31.0216 0x13b8  scfilter - ok
14:49:31.0418 0x13b8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:49:31.0450 0x13b8  Schedule - ok
14:49:31.0496 0x13b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:49:31.0496 0x13b8  SCPolicySvc - ok
14:49:31.0590 0x13b8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:49:31.0606 0x13b8  SDRSVC - ok
14:49:31.0637 0x13b8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:49:31.0637 0x13b8  secdrv - ok
14:49:31.0730 0x13b8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:49:31.0746 0x13b8  seclogon - ok
14:49:31.0840 0x13b8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:49:31.0855 0x13b8  SENS - ok
14:49:31.0886 0x13b8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:49:31.0886 0x13b8  SensrSvc - ok
14:49:31.0918 0x13b8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:49:31.0918 0x13b8  Serenum - ok
14:49:31.0964 0x13b8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:49:31.0964 0x13b8  Serial - ok
14:49:32.0027 0x13b8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:49:32.0027 0x13b8  sermouse - ok
14:49:32.0089 0x13b8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:49:32.0105 0x13b8  SessionEnv - ok
14:49:32.0183 0x13b8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:49:32.0183 0x13b8  sffdisk - ok
14:49:32.0214 0x13b8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:49:32.0230 0x13b8  sffp_mmc - ok
14:49:32.0261 0x13b8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:49:32.0261 0x13b8  sffp_sd - ok
14:49:32.0292 0x13b8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:49:32.0292 0x13b8  sfloppy - ok
14:49:32.0339 0x13b8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:49:32.0354 0x13b8  SharedAccess - ok
14:49:32.0417 0x13b8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:49:32.0432 0x13b8  ShellHWDetection - ok
14:49:32.0479 0x13b8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:49:32.0479 0x13b8  SiSRaid2 - ok
14:49:32.0479 0x13b8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:49:32.0495 0x13b8  SiSRaid4 - ok
14:49:32.0604 0x13b8  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:49:32.0604 0x13b8  SkypeUpdate - ok
14:49:32.0651 0x13b8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:49:32.0651 0x13b8  Smb - ok
14:49:32.0729 0x13b8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:49:32.0729 0x13b8  SNMPTRAP - ok
14:49:32.0744 0x13b8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:49:32.0760 0x13b8  spldr - ok
14:49:32.0838 0x13b8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:49:32.0854 0x13b8  Spooler - ok
14:49:33.0322 0x13b8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:49:33.0727 0x13b8  sppsvc - ok
14:49:33.0836 0x13b8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:49:33.0852 0x13b8  sppuinotify - ok
14:49:33.0914 0x13b8  [ D63FC56C7C3F9B576BC25F617E3F7963, 1F1D024A6A41DD93DE4F09999D90DB5148D87C1C1DDEFFC0407C6E59EB7199D1 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:49:33.0930 0x13b8  SQLWriter - ok
14:49:34.0039 0x13b8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:49:34.0055 0x13b8  srv - ok
14:49:34.0117 0x13b8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:49:34.0133 0x13b8  srv2 - ok
14:49:34.0180 0x13b8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:49:34.0195 0x13b8  srvnet - ok
14:49:34.0226 0x13b8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:49:34.0242 0x13b8  SSDPSRV - ok
14:49:34.0289 0x13b8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:49:34.0289 0x13b8  SstpSvc - ok
14:49:34.0367 0x13b8  [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
14:49:34.0367 0x13b8  ss_bus - ok
14:49:34.0445 0x13b8  [ 451DB3D10E6112E06B4506D4A7BECEC1, 18C361E7E478CB9991638EE412C05E40B89BAD542519E62F4CED4055A80F3216 ] ss_mdfl         C:\Windows\system32\DRIVERS\ss_mdfl.sys
14:49:34.0445 0x13b8  ss_mdfl - ok
14:49:34.0507 0x13b8  [ EF40C8A268A5263A0EF48FED8E57CBED, 253C2B5E5075D01B7E27C6F9548291DADB4C9B635849DDA9E2DA3E5785DE9B75 ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
14:49:34.0523 0x13b8  ss_mdm - ok
14:49:34.0554 0x13b8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:49:34.0570 0x13b8  stexstor - ok
14:49:34.0694 0x13b8  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:49:34.0710 0x13b8  StillCam - ok
14:49:34.0819 0x13b8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:49:34.0866 0x13b8  stisvc - ok
14:49:34.0913 0x13b8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:49:34.0913 0x13b8  swenum - ok
14:49:35.0131 0x13b8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:49:35.0178 0x13b8  swprv - ok
14:49:35.0318 0x13b8  [ 924D711941956F7420A4925592BE8253, D621114FC94D9B257EC5B684B90E54B63D4078D5FC19550C2E396AE4EDD2C552 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:49:35.0334 0x13b8  SynTP - ok
14:49:35.0599 0x13b8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:49:35.0693 0x13b8  SysMain - ok
14:49:35.0740 0x13b8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:49:35.0755 0x13b8  TabletInputService - ok
14:49:35.0849 0x13b8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:49:35.0864 0x13b8  TapiSrv - ok
14:49:35.0942 0x13b8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:49:35.0958 0x13b8  TBS - ok
14:49:36.0223 0x13b8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:49:36.0332 0x13b8  Tcpip - ok
14:49:36.0457 0x13b8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:49:36.0520 0x13b8  TCPIP6 - ok
14:49:36.0582 0x13b8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:49:36.0629 0x13b8  tcpipreg - ok
14:49:36.0691 0x13b8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:49:36.0691 0x13b8  TDPIPE - ok
14:49:36.0738 0x13b8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:49:36.0754 0x13b8  TDTCP - ok
14:49:36.0847 0x13b8  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:49:36.0863 0x13b8  tdx - ok
14:49:36.0925 0x13b8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:49:36.0925 0x13b8  TermDD - ok
14:49:37.0081 0x13b8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:49:37.0112 0x13b8  TermService - ok
14:49:37.0237 0x13b8  [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
14:49:37.0237 0x13b8  TFsExDisk - ok
14:49:37.0268 0x13b8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:49:37.0284 0x13b8  Themes - ok
14:49:37.0346 0x13b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:49:37.0346 0x13b8  THREADORDER - ok
14:49:37.0456 0x13b8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:49:37.0456 0x13b8  TrkWks - ok
14:49:37.0565 0x13b8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:49:37.0580 0x13b8  TrustedInstaller - ok
14:49:37.0643 0x13b8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:49:37.0643 0x13b8  tssecsrv - ok
14:49:37.0783 0x13b8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:49:37.0783 0x13b8  TsUsbFlt - ok
14:49:37.0892 0x13b8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:49:37.0892 0x13b8  tunnel - ok
14:49:37.0924 0x13b8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:49:37.0924 0x13b8  uagp35 - ok
14:49:37.0955 0x13b8  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
14:49:37.0955 0x13b8  UBHelper - ok
14:49:38.0017 0x13b8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:49:38.0033 0x13b8  udfs - ok
14:49:38.0142 0x13b8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:49:38.0158 0x13b8  UI0Detect - ok
14:49:38.0251 0x13b8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:49:38.0251 0x13b8  uliagpkx - ok
14:49:38.0392 0x13b8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:49:38.0423 0x13b8  umbus - ok
14:49:38.0470 0x13b8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:49:38.0470 0x13b8  UmPass - ok
14:49:38.0688 0x13b8  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:49:38.0704 0x13b8  Updater Service - ok
14:49:38.0813 0x13b8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:49:38.0828 0x13b8  upnphost - ok
14:49:38.0906 0x13b8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:49:38.0906 0x13b8  usbccgp - ok
14:49:38.0906 0x13b8  USBCCID - ok
14:49:38.0984 0x13b8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:49:38.0984 0x13b8  usbcir - ok
14:49:39.0047 0x13b8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:49:39.0047 0x13b8  usbehci - ok
14:49:39.0078 0x13b8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:49:39.0094 0x13b8  usbhub - ok
14:49:39.0125 0x13b8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:49:39.0125 0x13b8  usbohci - ok
14:49:39.0203 0x13b8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:49:39.0203 0x13b8  usbprint - ok
14:49:39.0374 0x13b8  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:49:39.0374 0x13b8  usbscan - ok
14:49:39.0437 0x13b8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:49:39.0437 0x13b8  USBSTOR - ok
14:49:39.0468 0x13b8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:49:39.0468 0x13b8  usbuhci - ok
14:49:39.0562 0x13b8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:49:39.0577 0x13b8  usbvideo - ok
14:49:39.0640 0x13b8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:49:39.0640 0x13b8  UxSms - ok
14:49:39.0655 0x13b8  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
14:49:39.0671 0x13b8  VaultSvc - ok
14:49:39.0718 0x13b8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:49:39.0718 0x13b8  vdrvroot - ok
14:49:39.0874 0x13b8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:49:39.0905 0x13b8  vds - ok
14:49:40.0030 0x13b8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:49:40.0030 0x13b8  vga - ok
14:49:40.0076 0x13b8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:49:40.0076 0x13b8  VgaSave - ok
14:49:40.0139 0x13b8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:49:40.0170 0x13b8  vhdmp - ok
14:49:40.0217 0x13b8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:49:40.0217 0x13b8  viaide - ok
14:49:40.0264 0x13b8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:49:40.0264 0x13b8  volmgr - ok
14:49:40.0373 0x13b8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:49:40.0388 0x13b8  volmgrx - ok
14:49:40.0498 0x13b8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:49:40.0513 0x13b8  volsnap - ok
14:49:40.0591 0x13b8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:49:40.0591 0x13b8  vsmraid - ok
14:49:40.0872 0x13b8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:49:40.0950 0x13b8  VSS - ok
14:49:41.0012 0x13b8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:49:41.0028 0x13b8  vwifibus - ok
14:49:41.0153 0x13b8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:49:41.0168 0x13b8  vwififlt - ok
14:49:41.0200 0x13b8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:49:41.0200 0x13b8  vwifimp - ok
14:49:41.0621 0x13b8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:49:41.0668 0x13b8  W32Time - ok
14:49:41.0699 0x13b8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:49:41.0699 0x13b8  WacomPen - ok
14:49:41.0761 0x13b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:49:41.0761 0x13b8  WANARP - ok
14:49:41.0777 0x13b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:49:41.0777 0x13b8  Wanarpv6 - ok
14:49:42.0214 0x13b8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:49:42.0323 0x13b8  wbengine - ok
14:49:42.0401 0x13b8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:49:42.0416 0x13b8  WbioSrvc - ok
14:49:42.0479 0x13b8  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
14:49:42.0494 0x13b8  WcesComm - ok
14:49:42.0682 0x13b8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:49:42.0728 0x13b8  wcncsvc - ok
14:49:42.0775 0x13b8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:49:42.0822 0x13b8  WcsPlugInService - ok
14:49:42.0869 0x13b8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:49:42.0869 0x13b8  Wd - ok
14:49:42.0931 0x13b8  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
14:49:42.0931 0x13b8  WDC_SAM - ok
14:49:43.0056 0x13b8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:49:43.0103 0x13b8  Wdf01000 - ok
14:49:43.0165 0x13b8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:49:43.0165 0x13b8  WdiServiceHost - ok
14:49:43.0181 0x13b8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:49:43.0181 0x13b8  WdiSystemHost - ok
14:49:43.0321 0x13b8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:49:43.0446 0x13b8  WebClient - ok
14:49:43.0524 0x13b8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:49:43.0540 0x13b8  Wecsvc - ok
14:49:43.0680 0x13b8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:49:43.0696 0x13b8  wercplsupport - ok
14:49:44.0164 0x13b8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:49:44.0195 0x13b8  WerSvc - ok
14:49:44.0226 0x13b8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:49:44.0226 0x13b8  WfpLwf - ok
14:49:44.0257 0x13b8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:49:44.0257 0x13b8  WIMMount - ok
14:49:44.0304 0x13b8  WinDefend - ok
14:49:44.0351 0x13b8  WinHttpAutoProxySvc - ok
14:49:44.0491 0x13b8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:49:44.0507 0x13b8  Winmgmt - ok
14:49:44.0834 0x13b8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
14:49:45.0022 0x13b8  WinRM - ok
14:49:45.0178 0x13b8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:49:45.0178 0x13b8  WinUsb - ok
14:49:45.0287 0x13b8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:49:45.0412 0x13b8  Wlansvc - ok
14:49:45.0708 0x13b8  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:49:45.0817 0x13b8  wlidsvc - ok
14:49:45.0880 0x13b8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:49:45.0880 0x13b8  WmiAcpi - ok
14:49:45.0958 0x13b8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:49:46.0004 0x13b8  wmiApSrv - ok
14:49:46.0051 0x13b8  WMPNetworkSvc - ok
14:49:46.0176 0x13b8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:49:46.0192 0x13b8  WPCSvc - ok
14:49:46.0238 0x13b8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:49:46.0254 0x13b8  WPDBusEnum - ok
14:49:46.0316 0x13b8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:49:46.0316 0x13b8  ws2ifsl - ok
14:49:46.0394 0x13b8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:49:46.0394 0x13b8  wscsvc - ok
14:49:46.0441 0x13b8  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:49:46.0441 0x13b8  WSDPrintDevice - ok
14:49:46.0441 0x13b8  WSearch - ok
14:49:46.0987 0x13b8  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:49:47.0128 0x13b8  wuauserv - ok
14:49:47.0174 0x13b8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:49:47.0174 0x13b8  WudfPf - ok
14:49:47.0221 0x13b8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:49:47.0252 0x13b8  WUDFRd - ok
14:49:47.0315 0x13b8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:49:47.0330 0x13b8  wudfsvc - ok
14:49:47.0408 0x13b8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:49:47.0408 0x13b8  WwanSvc - ok
14:49:47.0486 0x13b8  ================ Scan global ===============================
14:49:47.0502 0x13b8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:49:47.0549 0x13b8  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
14:49:47.0580 0x13b8  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
14:49:47.0767 0x13b8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:49:47.0892 0x13b8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:49:47.0908 0x13b8  [ Global ] - ok
14:49:47.0908 0x13b8  ================ Scan MBR ==================================
14:49:47.0954 0x13b8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:49:48.0485 0x13b8  \Device\Harddisk0\DR0 - ok
14:49:48.0500 0x13b8  ================ Scan VBR ==================================
14:49:48.0563 0x13b8  [ 1E6A19FED4161BDF10C59031CF0A477F ] \Device\Harddisk0\DR0\Partition1
14:49:48.0797 0x13b8  \Device\Harddisk0\DR0\Partition1 - ok
14:49:48.0859 0x13b8  [ D3D4296A381BFECB4BE7FB91202FC554 ] \Device\Harddisk0\DR0\Partition2
14:49:48.0984 0x13b8  \Device\Harddisk0\DR0\Partition2 - ok
14:49:48.0984 0x13b8  ================ Scan generic autorun ======================
14:49:49.0140 0x13b8  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
14:49:49.0156 0x13b8  IAAnotif - ok
14:49:49.0312 0x13b8  [ D8EF04F75950915BDFA7587A22B24C29, F91666BC69E1641E1F65B7135B0CE161FBB12467F3114F217A9724E6C629B105 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
14:49:49.0327 0x13b8  cAudioFilterAgent - ok
14:49:49.0499 0x13b8  [ E64270B5DB7218E60AD62ED0C52E3A09, E9CC0CA9A19868C34EC782FA9F45617DB81C791393BED68EBF8E38BE2C27F8FA ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
14:49:49.0577 0x13b8  Acer ePower Management - ok
14:49:49.0592 0x13b8  NvCplDaemon - ok
14:49:49.0592 0x13b8  SynTPEnh - ok
14:49:49.0670 0x13b8  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
14:49:49.0686 0x13b8  Windows Mobile Device Center - ok
14:49:49.0967 0x13b8  [ 5D6DDC47D96FB9E26FB457E8FCDEC031, D10AADBFCA0848A00C11E9133D823DEED7FDBDE678E13174EFC5B9350AEC01B5 ] C:\Program Files (x86)\Launch Manager\LManager.exe
14:49:50.0014 0x13b8  LManager - ok
14:49:50.0123 0x13b8  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
14:49:50.0123 0x13b8  HP Software Update - ok
14:49:50.0248 0x13b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:49:50.0341 0x13b8  Sidebar - ok
14:49:50.0466 0x13b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:49:50.0482 0x13b8  mctadmin - ok
14:49:50.0669 0x13b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:49:50.0700 0x13b8  Sidebar - ok
14:49:50.0762 0x13b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:49:50.0762 0x13b8  mctadmin - ok
14:49:50.0918 0x13b8  [ 3A9FA910E679385D3F5647B9B8CF5CA2, DE321EB829E461CF91474C942FEDCC6FA0C20D9674067FE21C6F3DF438F61A4B ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
14:49:50.0965 0x13b8  OfficeSyncProcess - ok
14:49:51.0652 0x13b8  [ FB02263BA280CEF662316EF78D3B9C74, B40E6EF424291E787367AE93A1430C643034D2A3DF68AFBF54819F61DB099AA9 ] C:\Users\PC\AppData\Local\Amazon Music\Amazon Music Helper.exe
14:49:51.0886 0x13b8  Amazon Music - ok
14:49:51.0901 0x13b8  Waiting for KSN requests completion. In queue: 125
14:49:52.0915 0x13b8  Waiting for KSN requests completion. In queue: 125
14:49:53.0929 0x13b8  Waiting for KSN requests completion. In queue: 125
14:49:54.0990 0x13b8  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
14:49:55.0037 0x13b8  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
14:49:57.0517 0x13b8  ============================================================
14:49:57.0517 0x13b8  Scan finished
14:49:57.0517 0x13b8  ============================================================
14:49:57.0533 0x1664  Detected object count: 0
14:49:57.0533 0x1664  Actual detected object count: 0
         
Soll ich nun die Logfile von Defogger, FRST und GMER noch erstellen?
__________________

Alt 12.06.2015, 14:41   #4
M-K-D-B
/// TB-Ausbilder
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Servus,


nein, musst du vorerst mal nicht erstellen.


Wir beginnen mit ComboFix vom Desktop:


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alt 12.06.2015, 21:13   #5
Wimmerl82
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Habe alles nach Anweisung gemacht aber bei mir wurde leider keine combofix.txt erzeugt.

Ich habe alle Fenster geschlossen und Kaspersky und die Windows Firewall deaktiviert. ComboFix startet ganz normal. Plötzlich verschwindet aber das Fenster und es tut sich gar nichts mehr. Habe es auch schon wiederholt, aber es war wieder das Selbe.

Lediglich dieses Verzeichnis ist neu: C:\32788R22FWJFW
Klicke ich dies an öffnet sich Laufwerk C: und D:

Könnt ihr mir bitte helfen


Alt 12.06.2015, 22:59   #6
M-K-D-B
/// TB-Ausbilder
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Servus,


dann machen wir so weiter:


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Alt 13.06.2015, 11:34   #7
Wimmerl82
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Vielen Dank!

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.13.01
  rootkit: v2015.06.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
PC :: PC-PC [administrator]

13.06.2015 11:09:38
mbar-log-2015-06-13 (11-09-38).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 434653
Time elapsed: 1 hour(s), 16 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Delete on reboot. [50e5b2085d2d77bfb827f28e80830ef2]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Delete on reboot. [161febcfdeac75c13c9fe29e32d153ad]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 13.06.2015, 11:53   #8
M-K-D-B
/// TB-Ausbilder
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Alt 13.06.2015, 20:56   #9
Wimmerl82
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



AdwCleaner:

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.206 - Bericht erstellt 13/06/2015 um 19:54:25
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-09.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : PC - PC-PC
# Gestarted von : C:\Users\PC\Desktop\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\AnySend
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\DM
Ordner Gelöscht : C:\Program Files\DM
Ordner Gelöscht : C:\Users\PC\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\PC\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\PC\AppData\Local\DownloadManager
Ordner Gelöscht : C:\Users\PC\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\PC\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\PC\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\PC\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\PC\AppData\Roaming\AnySend
Datei Gelöscht : C:\Users\PC\AppData\Local\Temp\Searchqu.ini
Datei Gelöscht : C:\Users\PC\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gelöscht : C:\Users\PC\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\bprotector_extensions.rdf
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKCU\Software\5ced68db238e947
Schlüssel Gelöscht : HKLM\SOFTWARE\5ced68db238e947
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\SimplyGen
Schlüssel Gelöscht : HKLM\SOFTWARE\AnySend
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v38.0.5 (x86 de)

[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultthis.engineName", "FreeOnlineRadioPlayerRecorder Customized Web Search");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=3&q={searchTerms}");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "788d6456000000000000001e64282e4d");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.id", "788d6456000000000000001e64282e4d");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15410");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119370&babsrc=NT_ss&mntrId=788d6456000000000000001e64282e4d");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:08:24");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.crossrider.bic", "13601a90f67c55ec3f965cc4158c21b8");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3,{49f3fc85-dcfe-4e42-9301-226ebe658509}:0.6.6,youtube2mp3@mondayx.de:1.0.5,virtualKeyboard[...]
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.engineVerified", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.history", "%22disabledstoriesandpics%22%22disabled%20stories%20and%20pics%22disabled%20stories%20and%20picsCindy%20Schmidtdisabledstoriesandpicsgedichte%20liebeSpr%C3[...]
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.installTime", "1276887305");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.newtab_state", "1");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.previousFFVersion", "3.6.16");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.suggestions", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.uninstStatSent", true);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.uniqueID", "127680686512768068651276887305108");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1303409623);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
[guasi40d.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=");

-\\ Google Chrome v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [15948 Bytes] - [13/06/2015 19:50:03]
AdwCleaner[S0].txt - [14474 Bytes] - [13/06/2015 19:54:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14534  Bytes] ##########
         
--- --- ---


Malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 13.06.2015
Suchlauf-Zeit: 20:20:44
Logdatei: mbamlog.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.13.04
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: PC

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 422654
Verstrichene Zeit: 50 Min, 22 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 1
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1479719048-131605857-4171494742-501\SOFTWARE\Datamngr, In Quarantäne, [68d0b505642642f412854e050bfa6898], 

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 14
Trojan.Agent.AI, C:\Users\PC\AppData\Local\Temp\Quarantine.exe, In Quarantäne, [d4648a3025657fb707f7363730d20cf4], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-1.xml, In Quarantäne, [0f29befcc1c97cba53027a7fbe456a96], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-10.xml, In Quarantäne, [62d60dad652520160550ec0dba493dc3], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-11.xml, In Quarantäne, [ce6a5a60f8929f97fa5bcd2cf3105ba5], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-12.xml, In Quarantäne, [76c2caf0b6d471c565f050a9f01316ea], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-2.xml, In Quarantäne, [33056a5003870531ea6bf6036a99d62a], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-3.xml, In Quarantäne, [78c05e5cd3b7a78f470e847520e318e8], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-4.xml, In Quarantäne, [0434fdbd32588caadd7836c356adcc34], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-5.xml, In Quarantäne, [a29629917416b87e43127e7b80839967], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-6.xml, In Quarantäne, [3cfcd2e8b9d1ad89173ec6334ab957a9], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-7.xml, In Quarantäne, [a29656649befe254ee6753a66c97e51b], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-8.xml, In Quarantäne, [e157eeccdeacef47e4713dbc34cf6898], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin-9.xml, In Quarantäne, [b187605acdbdee4892c39e5b6c97cd33], 
PUP.Optional.ICQPlugin.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\icqplugin.xml, In Quarantäne, [59dffac0eaa0340292c39069cb3851af], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Fortsetzung folgt

JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.4 (06.13.2015:2)
OS: Windows 7 Home Premium x64
Ran by PC on 13.06.2015 at 21:31:37,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\getrighttogo



~~~ FireFox






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.06.2015 at 21:36:48,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by PC (administrator) on PC-PC on 13-06-2015 21:43:19
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [825864 2009-09-24] (Dritek System Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Run: [Amazon Music] => C:\Users\PC\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-19] ()
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_Plugin.exe [927920 2015-06-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\MountPoints2: {20310492-097f-11e2-bc9a-0c6076c73fa1} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\MountPoints2: {203104b0-097f-11e2-bc9a-0c6076c73fa1} - E:\.\Setup.exe AUTORUN=1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1479719048-131605857-4171494742-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-06] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-06] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-06] (Kaspersky Lab ZAO)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-03] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-06] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-03] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-02-27] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1479719048-131605857-4171494742-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\PC\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\google-images.xml [2014-11-01]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\searchplugins\google-maps.xml [2014-11-01]
FF Extension: Cliqz Beta - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\Extensions\cliqz@cliqz.com.xpi [2014-11-02]
FF Extension: YouTube to MP3 - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\Extensions\youtube2mp3@mondayx.de.xpi [2012-03-03]
FF Extension: LinkChecker - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\Extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509}.xpi [2012-03-03]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2015-06-04]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2015-06-04]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-06]
FF HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\guasi40d.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
S2 gupdate1ca948a3229fde9; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2010-01-13] (Google Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2012-09-28] (Huawei Technologies Co., Ltd.) [File not signed]
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [117248 2012-09-28] (Huawei Technologies Co., Ltd.) [File not signed]
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [121600 2012-09-28] (Huawei Technologies Co., Ltd.) [File not signed]
S3 int15.sys; C:\Windows\System32\OEM\Factory\int15.sys [17952 2008-03-28] (Acer, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-06] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-06] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-13 21:43 - 2015-06-13 21:44 - 00020430 _____ C:\Users\PC\Desktop\FRST.txt
2015-06-13 21:43 - 2015-06-13 21:43 - 00000000 ____D C:\FRST
2015-06-13 21:41 - 2015-06-13 21:41 - 02109952 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-06-13 21:36 - 2015-06-13 21:36 - 00000883 _____ C:\Users\PC\Desktop\JRT.txt
2015-06-13 21:31 - 2015-06-13 21:31 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-13 21:31 - 2015-06-13 21:31 - 00000000 ____D C:\RegBackup
2015-06-13 21:29 - 2015-06-13 21:30 - 02943739 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2015-06-13 21:14 - 2015-06-13 21:14 - 00003540 _____ C:\Users\PC\Desktop\mbam.txt
2015-06-13 20:17 - 2015-06-13 20:17 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-13 20:17 - 2015-06-13 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-13 20:17 - 2015-06-13 20:17 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-13 20:17 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-13 20:17 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-13 20:10 - 2015-06-13 20:11 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\PC\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-13 19:49 - 2015-06-13 19:56 - 00000000 ____D C:\AdwCleaner
2015-06-13 19:48 - 2015-06-13 19:48 - 02231296 _____ C:\Users\PC\Desktop\AdwCleaner_4.206.exe
2015-06-13 11:09 - 2015-06-13 21:20 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-13 11:09 - 2015-06-13 20:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-13 11:09 - 2015-06-13 19:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-13 11:05 - 2015-06-13 12:26 - 00000000 ____D C:\Users\PC\Desktop\mbar
2015-06-13 11:05 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-13 11:01 - 2015-06-13 11:02 - 16502728 _____ (Malwarebytes Corp.) C:\Users\PC\Desktop\mbar-1.09.1.1004.exe
2015-06-12 22:19 - 2015-06-12 22:19 - 00000000 ___SD C:\ComboFix
2015-06-12 22:19 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-12 22:19 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-12 22:19 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-12 22:19 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-12 20:22 - 2015-06-12 22:19 - 00000000 ____D C:\Qoobox
2015-06-12 20:22 - 2015-06-12 20:22 - 00000000 ____D C:\Windows\erdnt
2015-06-12 20:18 - 2015-06-12 20:18 - 05628161 ____R (Swearware) C:\Users\PC\Desktop\ComboFix.exe
2015-06-12 15:36 - 2015-06-12 15:36 - 00000000 ____D C:\Users\PC\Desktop\Catlux
2015-06-12 14:47 - 2015-06-12 14:47 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\PC\Desktop\tdsskiller.exe
2015-06-11 19:59 - 2015-06-11 19:59 - 00002648 _____ C:\Users\PC\Desktop\Kaspersky.txt
2015-06-09 22:29 - 2015-06-09 22:29 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-09 22:27 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 22:27 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 22:27 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 22:27 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 22:27 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-09 22:27 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 22:27 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-09 22:27 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-09 22:27 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 22:27 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-09 22:27 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 22:27 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-09 22:27 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-09 22:27 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-09 22:27 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 22:27 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-09 22:27 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 22:27 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-09 22:27 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-09 22:27 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-09 22:27 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 22:27 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 22:27 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 22:27 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 22:27 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 22:27 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-09 22:27 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 22:27 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 22:27 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 22:27 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 22:27 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-09 22:27 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-09 22:27 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-09 22:27 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 22:27 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 22:27 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 22:27 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-09 22:27 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-09 22:27 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-09 22:27 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 22:27 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-09 22:27 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 22:27 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 22:27 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 22:27 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-09 22:27 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-09 22:27 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-09 22:27 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-09 22:27 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-09 22:27 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-09 22:27 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 22:27 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-09 22:27 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-09 22:27 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-09 22:27 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-09 22:27 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 22:27 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 22:27 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-09 22:27 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 22:27 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 22:27 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 22:27 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 22:27 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-09 22:27 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-09 22:27 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-09 22:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-09 22:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-09 22:27 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-09 22:27 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-09 22:27 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-09 22:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-09 22:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-09 22:27 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-09 22:22 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-09 22:22 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-09 22:22 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-09 22:22 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-09 22:22 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-09 22:22 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-09 22:22 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-09 22:22 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-09 22:22 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-09 22:22 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-09 22:22 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-09 22:22 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-09 22:22 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-09 22:22 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-09 22:22 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-09 22:22 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-09 22:22 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-09 22:22 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-09 22:22 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-09 22:22 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-09 22:22 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-09 22:22 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-09 22:22 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 22:22 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 22:22 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-09 22:22 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-09 22:22 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 22:22 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-09 22:22 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 22:22 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 22:22 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-06 19:11 - 2015-06-06 19:12 - 00000000 ____D C:\Users\PC\Desktop\Rost
2015-06-04 22:18 - 2015-06-04 23:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 23:03 - 2015-06-01 23:03 - 00000000 ____D C:\Users\PC\AppData\Local\GWX
2015-05-28 22:22 - 2015-05-28 22:22 - 00000000 ____D C:\Users\PC\dwhelper
2015-05-18 23:04 - 2015-05-19 21:25 - 00000000 ____D C:\Users\PC\Desktop\Neuer Ordner (3)
2015-05-15 16:06 - 2015-05-15 16:06 - 00001468 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2015-05-15 16:06 - 2015-05-15 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-05-15 16:05 - 2015-05-15 16:05 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-15 15:56 - 2015-05-15 16:02 - 00000000 ____D C:\Users\PC\Downloads\elster 2014

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-13 21:38 - 2010-01-13 15:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-13 21:30 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-13 21:30 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-13 21:28 - 2013-03-08 23:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-13 21:26 - 2009-07-03 11:04 - 01454834 _____ C:\Windows\WindowsUpdate.log
2015-06-13 21:19 - 2012-09-28 22:05 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-06-13 21:19 - 2009-10-20 02:04 - 01217562 _____ C:\Windows\PFRO.log
2015-06-13 21:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-13 21:19 - 2009-07-14 06:51 - 00479325 _____ C:\Windows\setupact.log
2015-06-13 21:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-06-13 19:54 - 2010-01-16 17:47 - 00000000 ____D C:\ProgramData\ICQ
2015-06-12 19:34 - 2010-01-13 14:02 - 00000000 ____D C:\Users\PC
2015-06-11 20:22 - 2009-07-14 07:13 - 01672220 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 20:22 - 2009-07-03 20:57 - 00722876 _____ C:\Windows\system32\perfh007.dat
2015-06-11 20:22 - 2009-07-03 20:57 - 00158126 _____ C:\Windows\system32\perfc007.dat
2015-06-11 19:49 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 19:49 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-11 19:48 - 2009-07-14 06:45 - 00412016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 19:45 - 2014-12-11 21:55 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 19:45 - 2014-04-30 11:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-11 19:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-09 23:35 - 2009-10-20 01:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-09 23:29 - 2013-08-15 21:27 - 00000000 ____D C:\Windows\system32\MRT
2015-06-09 23:19 - 2010-01-14 10:00 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 23:17 - 2009-07-14 04:34 - 00000545 _____ C:\Windows\win.ini
2015-06-09 22:29 - 2013-03-08 23:15 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 22:29 - 2013-03-08 23:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-09 22:29 - 2011-09-04 22:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-05 13:45 - 2012-05-06 15:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-19 23:33 - 2015-04-06 12:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-19 23:33 - 2015-04-06 12:59 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 23:19 - 2011-12-14 23:55 - 00000000 ____D C:\ProgramData\tmp
2015-05-19 22:37 - 2010-01-23 19:57 - 00000000 ____D C:\ProgramData\hps
2015-05-17 22:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-15 17:21 - 2014-10-11 15:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 16:06 - 2011-02-10 20:36 - 00000000 ____D C:\Users\PC\AppData\Roaming\elsterformular
2015-05-15 16:03 - 2010-01-23 19:05 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2015-05-14 10:52 - 2012-05-14 21:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 10:52 - 2012-05-14 21:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 00:13 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 00:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers

==================== Files in the root of some directories =======

2009-10-20 01:31 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2013-12-26 00:06 - 2013-12-26 00:06 - 0038432 _____ () C:\Users\PC\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2010-01-13 16:01 - 2010-01-13 16:01 - 0001248 _____ () C:\Users\PC\AppData\Roaming\unins000.dat
2010-01-13 16:01 - 2010-01-13 16:01 - 0696341 _____ () C:\Users\PC\AppData\Roaming\unins000.exe
2014-06-05 21:36 - 2014-06-29 18:14 - 0000791 _____ () C:\Users\PC\AppData\Local\cookies.ini
2010-07-04 16:33 - 2010-07-04 16:33 - 0000190 _____ () C:\Users\PC\AppData\Local\MyWinLockerInstaller.txt-20100704.log
2013-11-23 23:58 - 2013-11-23 23:58 - 0000419 _____ () C:\Users\PC\AppData\Local\Temp_tmp_.xml
2012-01-15 12:42 - 2012-01-15 12:42 - 0017408 _____ () C:\Users\PC\AppData\Local\WebpageIcons.db
2009-10-20 01:31 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2011-01-25 20:29 - 2012-07-13 18:12 - 0048936 _____ () C:\ProgramData\hpzinstall.log
2011-08-06 21:45 - 2013-07-20 21:55 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Some files in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\installhelper.dll
C:\Users\PC\AppData\Local\Temp\ose00000.exe
C:\Users\PC\AppData\Local\Temp\sqlite3.dll
C:\Users\PC\AppData\Local\Temp\SRAssetsHelper.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-29 23:26

==================== End of log ============================
         
--- --- ---

Alt 13.06.2015, 20:57   #10
Wimmerl82
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Addition:

[CODE]
Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by PC at 2015-06-13 21:45:41
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1479719048-131605857-4171494742-500 - Administrator - Disabled)
Gast (S-1-5-21-1479719048-131605857-4171494742-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1479719048-131605857-4171494742-1007 - Limited - Enabled)
PC (S-1-5-21-1479719048-131605857-4171494742-1003 - Administrator - Enabled) => C:\Users\PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Crystal Eye webcam Ver:1.1.103.803 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.103.803 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.01.0805 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe PhotoDeluxe Home Edition 4.0 (HKLM-x32\...\Adobe PhotoDeluxe Home Edition 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Amazon Music (HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Artisteer 3 (HKLM-x32\...\Artisteer 3) (Version: 3.0 - Extensoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
B110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant)
DATA BECKER 3D Traumwohnungs-Designer 11 (HKLM-x32\...\3D Traumwohnungs-Designer 11_is1) (Version: 1.3.533.0 - DATA BECKER GmbH & Co. KG)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
E.M. Total Video Player 1.31 (HKLM-x32\...\E.M. Total Video Player 1.31_is1) (Version:  - EffectMatrix Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150424 - Landesfinanzdirektion Thüringen)
ElsterFormular 2007/2008 (HKLM-x32\...\{5BA43E5C-66FD-48D2-AB40-B807D457EF83}) (Version: 9.6.2.0 NE - Steuerverwaltung des Bundes und der Länder)
ElsterFormular 2008/2009 (HKLM-x32\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.3.0.0 - Steuerverwaltung des Bundes und der Länder)
E-Mail Converter (HKLM-x32\...\E-Mail Converter_is1) (Version: Aktuelle Version - IN MEDIA KG)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreeCommander 2009.02 (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Earth (HKLM-x32\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google Update Helper (x32 Version: 1.3.21.135 - Google Inc.) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 17.0.14 - )
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
InterVideo WinDVD 8 (HKLM-x32\...\InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}) (Version: 8.5.10.39 - InterVideo Inc.)
InterVideo WinDVD 8 (x32 Version: 8.5.10.39 - InterVideo Inc.) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kazoo Player (HKLM-x32\...\Kazoo Player) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
meinHausplaner (HKLM-x32\...\meinHausplaner) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F90F5A11-53E6-4045-ACB1-BC03D71FB06C}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{F68310EC-B615-4044-B7D7-1A6349758D42}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird (3.1.9) (HKLM-x32\...\Mozilla Thunderbird (3.1.9)) (Version: 3.1.9 (de) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-1479719048-131605857-4171494742-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sigel Label- und Barcode Software (HKLM-x32\...\Sigel Label- und Barcode Software) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.0.3 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55a - Ghisler Software GmbH)
UBitMenü (HKLM-x32\...\{CBCFD97D-FE82-43F4-A978-996CACF71E6B}_is1) (Version: 01.02 - UBit Schweiz AG)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.4035.00 - Microsoft Corporation)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

13-05-2015 23:06:26 Windows Update
14-05-2015 00:10:34 Windows Update
15-05-2015 16:04:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
19-05-2015 20:59:46 Windows Update
19-05-2015 23:32:02 Windows Update
26-05-2015 21:48:51 Windows Update
29-05-2015 22:35:22 Windows Update
02-06-2015 20:21:45 Windows Update
07-06-2015 21:29:23 Windows Update
09-06-2015 23:16:01 Windows Update
13-06-2015 12:25:30 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E0AFFE4-C208-4A9A-A644-45BD96FD9671} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {19983611-E8FB-4982-BB26-8DB03B255AC1} - System32\Tasks\{063058C6-111A-4CC4-9F18-4B8FF36C975B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {289985F9-269E-4B2C-8ADA-C905348C7451} - System32\Tasks\{860104DB-DCB9-4E02-9909-95814746620D} => pcalua.exe -a "C:\Users\PC\Downloads\FritzBox AddOnIE\FRITZ!BoxAddOnIE64_German.exe" -d "C:\Users\PC\Downloads\FritzBox AddOnIE"
Task: {28AB7621-26C5-4A29-960B-BADC56195383} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13] (Google Inc.)
Task: {2907B909-DFB5-4D77-9CC6-8B5E4A76897B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {2B6376E9-D289-4C00-8DB0-656335358DFF} - System32\Tasks\{7D6857E9-C924-48F5-AA0D-CA4C3394A0F8} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.1.0.179.259&amp;LastError=404
Task: {2BA21982-14E1-403B-B72A-7756DA4AEDDC} - System32\Tasks\{C865003F-8330-4599-BDB9-FA2A3162F171} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.169.259/de/abandoninstall?page=tsChrome&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {2C78FF84-0CD1-44CD-B1CC-E5C2CD8F2007} - System32\Tasks\{BC284986-033D-481A-AC09-342D34B29383} => Firefox.exe hxxp://ui.skype.com/ui/0/6.13.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsPlugin
Task: {2F3F38E8-4B85-4215-96C9-384D3AA74C05} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {318B17AB-3702-419D-A524-EA3851CC42F9} - System32\Tasks\{E56FDD51-70D8-4F9B-B236-96EC15628958} => pcalua.exe -a "C:\tools\Flash Player 10 für Internet Explorer\install_flash_player_10_active_x.exe" -d "C:\tools\Flash Player 10 für Internet Explorer"
Task: {39467EA1-CE76-4401-B7C5-9F2FA9C8EA78} - System32\Tasks\{70B508FD-1C40-407C-8A5A-F60D5C1B38E9} => pcalua.exe -a "C:\Users\PC\Downloads\Flash Player 10 für Internet Explorer\install_flash_player_10_active_x.exe" -d "C:\Users\PC\Downloads\Flash Player 10 für Internet Explorer"
Task: {562A3F12-DCAF-45C8-93CF-631A0CB45AEA} - System32\Tasks\{5082D307-1FD5-48A7-A2CC-369A8159FDBD} => pcalua.exe -a "C:\Users\PC\Downloads\Flash Player 10 für Internet Explorer\install_flash_player_10_active_x.exe" -d "C:\Users\PC\Downloads\Flash Player 10 für Internet Explorer"
Task: {5FD1BEE8-3960-400C-8AAF-FFC6190EDD57} - System32\Tasks\{04044573-9737-4402-B202-9D79E9C72200} => pcalua.exe -a "C:\Users\PC\Downloads\FritzBox AddOnIE\FRITZ!BoxAddOnIE_German.exe" -d "C:\Users\PC\Downloads\FritzBox AddOnIE"
Task: {643C8DDC-B4FB-4DFC-86C8-2A2E1D888528} - System32\Tasks\{ED751AF1-EDF6-4B9A-BBA9-8752877A6154} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {6E3D1A64-F320-49E2-B7C5-3351E4DC018D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {76346FDE-FB23-46B5-ADF4-ACD54AC4D116} - System32\Tasks\{81944B34-CC6A-486C-8DA7-F7CAC155E311} => pcalua.exe -a C:\tools\irfan425\irfanview_plugins_425_setup.exe -d C:\tools\irfan425
Task: {768204F9-4ED1-48C1-95A9-52B64A97FE45} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {7C110542-1DF5-45D7-8140-F1649D43300B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {9CFA8EF0-C86C-40BE-9D5F-EA8AE1281609} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C2E61DFF-75A5-4476-BA5F-CC01B00FFC29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13] (Google Inc.)
Task: {CD932EC3-DFE5-4737-B5F5-713F332274E9} - System32\Tasks\Amazon Music Helper => C:\Users\PC\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-11-19] ()
Task: {CDE89A2E-3AB2-42ED-B76A-A2E017DB13FD} - System32\Tasks\{3505D1A0-1672-4489-9CEF-4E99FF50E372} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {E1B70122-3EB0-463B-B597-760BCF56C3D2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {EC984472-3EA6-49BD-9F04-328BC20F0615} - System32\Tasks\{49211F33-3DEC-480D-8735-8C50FAAA28A7} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.1.0.179.259&amp;LastError=404
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-11-05 15:17 - 2006-02-23 13:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1479719048-131605857-4171494742-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: EPSON Stylus DX4200 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.EXE /F "C:\Windows\TEMP\E_S7D78.tmp" /EF "HKLM"
MSCONFIG\startupreg: KiesHelper => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: MSN Toolbar => "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{12BEB1D0-ECE1-4E17-B95B-BD497DD4EA91}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{A0D45E68-920E-4B31-8823-0AEA78D157A2}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{9DD26D3B-6B3C-44E1-AE53-07914330CA57}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{BD0B6D3F-D83A-4FF4-A3D4-F6A5014F5BAE}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{40EB7E13-0771-48B0-8F0E-148FCA217F13}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{4A1E1A32-091C-4901-80DB-E7BC37696649}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{162D3B8D-8786-4C7B-97CD-C4C5650F4A4E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{63D976C7-C8E2-4439-8F92-076D09253EB7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F48BE481-C243-4A7F-A9BC-33729FB29F85}] => (Allow) svchost.exe
FirewallRules: [{E43DF28D-D4C9-43F8-A456-DA2DF2934EFA}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{27CBBF37-BF8B-47BB-BBA6-F5930225DA4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EAA3F048-204D-4C6E-9EEC-7377A2CC6710}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{DBAEE3DB-28AB-41A2-A034-FB9BA8C7E9DB}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{2EC2E196-3427-4076-9F0E-5A6DA70E2CD4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F5DDBEBF-F03F-452F-903A-8C4FC55ADD11}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1068DFDB-1809-4233-8277-C8C65BCF79A5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{919B9E8C-6DAB-42FD-9B2D-0599EDA9080F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7A9D2263-9054-4A0A-80EC-CCF27D2BEA78}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{84B74553-D39F-4511-87EB-B61C7C76BAA8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E0CC068D-5ABC-4D7F-B013-4063877087FE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5728C7B3-8F33-4933-BF42-7ACA634C970E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B53AF3CD-AC4F-441D-8E42-3CC7F79A215C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{095F0FBA-49E2-494D-B454-6E60433EDA70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{29419808-2CCB-4906-A9B8-2F03DBF5E015}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C14D3A98-1DEE-479E-84E6-C803B8E9765C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F5F81AAA-0A57-494D-9434-AE43C345AB26}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5542F390-8998-498A-9A9E-0BFD4B9B48DE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AB5B72D1-5C1D-4B40-9E6A-562FA9225305}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D092748-4ADB-41A1-9B8E-680B5E1F9BB1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A3373EF1-7566-4628-899B-85279EE1F803}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E7E19204-FBE2-448A-8C86-71328DED554E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DFB04F3F-44B5-4880-8B57-C71D76898A57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{196E60F6-78B8-4B1F-B97D-4522FDEAB08B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{03DA7D71-F050-433B-A0F7-EF7C6835C77C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{41D58664-0FB8-420A-8D5C-1B3EC90A6981}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1E5D1B34-3FB7-42CB-9260-17D58F976ACA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{79F38D2C-22BD-489F-9C88-C9140597E46E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{301F5078-A1E8-4A76-B952-CA37EC98D815}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D814719-E7CB-4137-876F-4B03A8191FEB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DE68D252-3A90-4613-A090-AAA03B4117F8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38A9B811-AC28-4B51-A2AB-C6C50B222977}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{46A19B96-D765-4910-9069-9B8BD24E5B5A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7B112712-BF1F-4809-955A-85CDF9EAAB31}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77697968-28AC-4BC0-A5F1-5CA3BA1DCE28}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8F308D8C-64DC-45BE-80D1-5BD23DE4FC00}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2AFF2BC-E540-4A2A-BA0D-55C5EA8EC32E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38607E62-0C50-4EB8-9387-4FE61D13E7DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{26503111-8334-4BC3-A9C2-0781CA8D5E8D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4A4D696D-87A8-4015-B67D-A0E8F75008B1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8DDEED12-AE6C-4AFF-98D1-3C6BDBF7C816}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6506EA6C-BD8C-43A2-A69C-FE7F2C4C9D2C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{82C692E7-5618-4A15-BC1D-EB89F061D183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{64CECF3D-E9EB-40D6-9F1D-568081685BF7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{42792DE7-F2F5-434E-B200-1E8832E3E4AF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF2F437A-3CAE-4FDF-B331-7028F98CCB20}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4A9DD7B8-2150-4F47-9372-0257149E5505}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2816852-FE44-4108-B46C-9A1C3BBD4EBF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{193BBF6B-9EB9-4935-AC8F-765189AA814C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C1B9FAEC-46C7-496D-B938-312F841FF40D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6886EFC7-EB17-4AE8-B3CF-179A476BCF52}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{87386383-6D8E-409B-A757-4A72F59D4D1C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4053C631-61B6-40D5-B540-E0A442C334FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8F22D525-537D-4E7A-BE9A-ABAECD94496B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC2773AD-5007-4D38-98C4-6A742797FEB3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4B25C925-7367-411A-84B8-5EE85F1373AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F502B13F-373A-459B-8EDF-34ABE9072E77}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{009928F1-F8D1-48A2-8F07-6E1E638CDA69}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3B06093-BF80-457C-890C-2973BD7B2931}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7CA46945-4913-4E11-9273-BBC5E796801A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CE7E7A5A-77DC-4387-9CEB-EE5B2FDD17D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AF6309A5-3D3A-4293-B475-32240D149787}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{35997724-0175-4A20-B3B4-06B14B310BE3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{95F896D5-4C3E-49A4-81D6-A3B93D2C9F9A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FBAFF7C5-321C-4756-8928-676C08AF7EC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3121CCB1-4ACA-43BD-B000-5A00B0C4E62A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C21CC71B-79AF-4909-96C1-B9838AF934C7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7889BF13-03E6-4320-8944-59EB176B703A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EC139703-9D7B-40F0-91F1-82FF6A1DE42C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3FD6DF1C-34BD-4B0C-8297-6FAE174DFA6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A68DB04-CEEA-492C-B1C8-FF98363390CC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99D974CB-907B-4E8C-A81A-D1A0D4CE4170}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{318B7BA8-1D53-49FA-82D6-4320E44CEC0E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8EEC869F-745E-4211-9D14-492103673E31}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC719A8B-9D64-4741-9C07-7A5CB1ACE1A1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{75AE26A3-2EE4-4C81-BF80-F90608FD67E3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{37C24B44-2043-44D0-92D0-9BE25E6750C3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1898C5CE-6349-456B-BB9C-F99B49BE4B4F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{44E3BAAC-4E5F-4043-ABD7-DB1032EC31B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0FAD7496-EA05-4053-822B-ADC9CA820D43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C84551DB-5A48-44AF-924A-223DA1F5E956}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BD0474B7-A0A4-4C5A-9E5C-AB146DF1CAAB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{06E5344C-9375-44E9-B10E-45CDA1610792}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6E1ADC7A-0842-462B-8396-BC5AFFE61DEC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{90C72181-DD30-45E6-805D-FC7FA55D5A74}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8AF181D2-C417-4D3E-AA88-4233C074EDE2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{92B926E8-9FD7-4D19-9D38-C63CFFF419CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{638718D0-6D22-4EC4-AF0A-E014DFDF434D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E27E7AD2-08C8-460F-BBC4-B69B6E6D5DDE}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{46CD65C6-4925-4BB1-A646-844CD029DB0C}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{2A779942-2CD6-48A8-9F9C-DBFCC64232D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2342D53D-14FB-4754-850A-6DF9E49823AC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE5CE5AF-9277-408D-BA93-036FB4E1C6DF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A59B8AF8-B23C-4603-893F-8DD138E3A65F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0ECF5F50-9D30-41C6-B40D-862C6E3DF8CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15675BC3-8B19-4D22-A72D-C6D91ADE8DC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{46B6CA2A-AF64-43B0-875A-08D3196854E1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6C52F3FB-C7E2-4166-97DC-782BB9346F23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{87C61F2C-236F-4ED5-AEEC-7B700CC74F63}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E0623B57-D7E6-4C71-B07F-0E42B0F184D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DFA92C71-A10F-4490-8AA9-BF208B7380E3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{05D0C3D7-8617-4145-AAA3-6E4D8DBF8C98}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{17D0CE0E-82A8-44DD-AB43-34883B9D854F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE991037-1151-41AB-BB64-0F2661547E6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DC18BA2A-1BCE-4BD3-89DC-A4043696C781}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{990801D1-5909-44D9-B26A-11FE53369487}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{183E86C0-CA20-474E-BE9A-80EFF8271318}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B9E3D4B2-CDE9-44C2-80D7-36F296622BA2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EA0FA95D-446B-4994-B169-3394CEBD15CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F0A3BB6A-B6DF-4055-8C6C-9652DB2952FF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA80CA2E-3A69-40BE-B37A-BD9AE2F9987B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F88A3FDD-CE82-4102-9A90-F96C3D56471F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68D5D38A-4189-4777-BED6-64A1D8EC5F6B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4FEEE99A-18F9-4EE6-ADD7-99A24E36F782}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F3C9506C-7B6B-4ABE-BECC-A6AFEC2754CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{14522F16-5860-41D9-AEB9-C69A96CEFC44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CCEAEDDF-6B9F-4C94-87A2-752DE53A927B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{548A8AD6-AB51-4E0B-B571-3D0EAABCA024}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F768AA16-9F9A-4140-A497-0A61653574B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B94484D8-A839-40AD-BC1A-9AEC603A93E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2EAF8A97-77D6-41E2-8C99-68EBF957424D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3E65343A-35F5-46BB-8748-9911D94FAA3B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7B087728-87F3-4CBC-BDEA-7C1BAA815E74}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B5D4E8A0-F8E1-43EC-8903-3721F1242955}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1D5046F9-34FF-4724-A6D4-CC156A5FC2D1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{04707707-3834-4E09-A2FD-38FABBF23C33}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{61C0A4F3-11CC-4942-9276-5B651B5D1F15}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{46700A09-C448-4849-BA1D-E89C92821845}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E72F33A6-44D4-4856-A24C-5A6DBD78237A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D12BDDCB-E33B-4BA4-BF9F-D2A25380671E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{66CC506E-5BD3-4A0D-A2FD-B7BEBBEA3EFA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D7D5DB8F-37A0-45CA-B3D6-1D92BD522BAA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2A6AFB6C-1C2C-414F-A278-B041F0C2ABF9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C21DBF39-52F0-4A32-9999-DC429341A768}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{945BC3AF-32C1-49B2-A621-0E893FB48775}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2CEBF25E-C509-4403-AA2E-A6C2FB40B897}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3CFA417-2491-4694-9290-DE16B19AEFAF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B03C8D03-8F7D-4345-AF95-ED16408A3D3F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4DAA3D05-2EF2-4DDE-94B3-004B21A1DE53}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A5B89811-F923-46B7-B039-3841FCFB718D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A155D376-569D-441B-A08D-9BA6BB8529B6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{10929B58-05B1-4425-8B0A-8DD47BE2781D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1D4A008F-9241-409A-9E4D-0ADF8548A634}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9488A082-F64C-4888-8B40-13BAE61FF33B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FFAC6328-072E-4180-89E8-CD1BB1790AD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3CB55B78-FFEF-44B9-AA82-68794E9E94FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2B882DDD-DA9F-40CD-971D-B343CB0A692F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C958701E-1FC8-4BD6-838D-765558F8A725}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4C371F4E-B666-4C89-8B3D-3A5792C01621}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A156123-C1ED-4490-B982-650CD476B96B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CF10E279-788C-4461-8892-FE96259E49BB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38DB6A1E-3602-40D3-9CD9-C28EDADD8E73}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{44A5C546-33BB-4E75-8CCA-9F84446D96C0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{381DC243-07D3-47DA-B558-51ACD9B0BBE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B70C71E2-179D-4029-82A5-69C640CF5513}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{71545352-A5F4-41A3-8C8B-BC5976679A1A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E24FBE85-3C57-4D7A-B07D-520084A7EAB8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{07174E7B-8D0A-4C1C-9862-BF0B18467DEF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EF653CBA-232F-4591-BF1A-9293E8FAD8CD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6A39AEFB-CA1E-4245-8071-2B385A9805EE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ED254819-41BC-4144-996C-267BA002A0B8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51C6F3F0-8C4A-49B3-B6D9-EB0F6C48DDB7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15533900-1C71-4A3A-BC2B-67311F945A02}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{07A922CB-76E7-487B-9F72-AE07D968BE71}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA77A067-92F8-48BF-8EAF-5DA20FEF5D5C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{610A4D76-1485-4569-A64C-2BCE852405B6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{08045040-47DC-4493-969E-E9FE7AE030EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6CD0EEE-431C-4DBC-95DC-EFEBBE396E43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3F04EB10-AE67-48CF-97B2-C22B74B36963}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD198748-1798-41C0-97BB-59C1FED067D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{78E85CFE-8892-4FB7-A729-B1E0D6BF2492}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5CD07E69-5D85-4E3A-B62E-17C02DC0FC2C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1EEE62C6-DF21-45F3-9585-9A823E992CF3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1540A20-5AE3-46F7-8D54-BA288A32EB24}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CD6E53E2-174B-4726-AA47-8E662FE582D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{160AFB89-5FE5-4E6A-A81E-BD2C59F66975}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{427BEEA2-F14D-4960-9B4F-6BDF6DABE216}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51FABD5D-0621-4AE5-ACE5-170D1A93667D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{55C0E8CE-7CBE-4B8A-8884-806FAEC70EFF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5A1CC96A-7D17-404C-A43B-F8DA10B85014}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88838A7F-A97F-4263-8E50-D3CC198DA392}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D70902BC-9220-4085-9B7A-071AFAA568E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F7145A7A-20E0-43B7-9BEC-68BAF021E970}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0169301E-154A-4DEB-9CB0-6EDD48A65615}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{37C912B8-5E02-4002-9082-94A5A5C9683C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5CA4B26C-39B4-4877-962E-69BD90A5B49F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{569FD5C4-DE2C-40A2-A2C3-4D77878F67D5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C9D62A89-F5E8-422F-9CED-4C051386D7FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CEA95D26-2A4E-4EAC-9ED6-6A94FFFFA1B5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A5C8F87E-FF3B-4A09-8E15-9D955FF5EB82}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1CF5B56-763B-4AC0-AB67-E37A8F20BC0F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{918B7E3C-F5C1-4F4B-8924-0F7F9F760739}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{03DE9711-A16B-4B11-B3EA-183331546B9F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC613E0A-2184-4020-A2EA-640B1E5B97B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{626E8EAB-D9E5-444D-8600-87F29A61C80E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{70442AD6-26A6-4E80-89AC-49E867C08A58}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C72C0B07-CE9D-4AAD-98F2-8BB3BB98FC79}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1505371D-8AF0-4E94-90D2-1FA4CD5C4560}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C992A5A5-F8EF-4642-B07C-F500A2295910}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{45CB0276-9B12-45E9-A115-E799B3F5E48E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A3783B84-0FCD-493A-946F-69D99143E881}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A28AFEF2-BA0A-4F08-986B-7B842800E809}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77937625-A8B9-4CE7-982A-043A7DA68D64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{45964C38-FB0F-4D1B-93C2-E0D108321D9F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{471F895D-0594-4C86-B8C3-A946EADB10DC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{22C5CAC0-31C5-41E4-BAE3-B4A213C85540}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A7CDA54-1CD4-4C61-8037-588D47D1991C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CB7F3875-DEBE-4E46-99BE-C34D2000625A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4ACA93F4-6F4E-4BE8-ACE0-F7119B09F278}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{50093EE2-465B-4051-BD04-39FA48362C81}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F192EBC0-8C27-4DDB-B493-4DD911FC0931}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{85E1F9DD-6717-43EC-AB05-D7EB7D7F151F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F8DCD78A-AE8F-4434-9E91-2FDA923C1FCA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FE90B1FA-EAFB-4918-AA00-8522D85D39FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AB264691-EF38-421B-8E22-B18CA4E04E26}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7887F4BC-C015-422C-A254-4B845C73A8B1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C1B66038-8977-4A22-83A5-B9D0652C110D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B14AA264-47E3-487E-9A83-1F41E870BD28}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1A040149-248D-4A55-BDB5-3F714A8D38F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FE8395A7-F23A-44FC-AC1E-B70DDCFE3858}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51C50A3E-DE0F-4C3F-97B4-B2652A085B71}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1A33AD71-1B1E-41F6-8E1A-BEE3787BA432}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E243457C-D4EC-42B9-8EB0-093BF38DFF55}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{352827E3-AD3B-4E51-9214-A7367FE75CAD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{892B63AC-08CA-4D2F-9555-D00C3AD13FAF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{60582639-70AD-4B68-8967-3A1E25F717CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EA9E0E28-0BF3-4B73-A1F9-CCA4AC1CEA0A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EFF69D3D-C84A-47CA-9FBA-5F9648A36820}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D40D62D0-DA30-4EED-A758-6B5317186E29}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DD72C947-C877-4C42-A4D0-78EC1355FF05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6912DB40-28B4-4418-9427-7D31EC0D375C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{954F6603-BE60-4582-BDD4-E268F07158A6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FF780208-1F85-4E51-9308-27BB4D48B1D0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CC5BDD9E-11D5-41B6-8C01-DD6CEFF8B209}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{431920C5-961B-4B04-89D8-281C4CA08C7E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{250C0131-F229-4F00-AD7A-5424E88BCF57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0E490921-40BE-40E0-ABD9-B43C08E0D285}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{82A522C8-95CC-48F6-B2C0-F63FAF538E3C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{72CE2367-7143-40CB-B4E8-CE3331850DAB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2E87BDF8-7C26-46D0-8D99-DB9A8CA7CAE7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5E9DD8DC-D168-4A9D-9ACA-CCB59D6F730D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7CE2BF5C-A89E-4B22-984F-93000AFEEE91}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A5404C8B-12B0-40CC-B43C-68FA5BA50B43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2C2ADEC8-6834-4647-AA05-AFE90F44CF12}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D932C8FF-B250-41A7-9440-83F90196A721}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{43912C7C-3F60-4E0D-81A7-53812F26C1AF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4F9A5FC9-7E09-4A41-9957-2F753145EA90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{32DADA4D-ADEE-4260-87BB-5C185726477F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A0D8A4AB-3A43-4023-9AD8-8EA73F5EE1B8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B08962BB-455F-4776-B127-3B0D6CEBB186}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9537A5D9-563C-4224-931B-CCF4404C0B7E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FCF5EDB6-95E2-413B-9489-E8299466C58C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{98B656B2-534D-4F9C-9BFB-C8315491C094}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5DB503DD-9A9F-4F5F-B89B-4674F99DAEC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A079EF3C-BA4A-4974-81AC-FE5E73891A23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{16BA3296-37E7-4706-AC2C-626CF1D61E12}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7ACC457F-3877-4F48-BC5B-C4DF6D31D05F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80A01AC5-C72E-4B79-9591-E5F80E9257D1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{782BC28C-9CC5-4F76-94F6-5DC2238859A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99394A18-0E17-4E13-B6CC-7BBD5948D289}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C50EFAB9-D632-463F-940D-F4BE7D4F630F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AEBAD9F1-F57B-4D0B-999F-1ABE2457D08F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1C77BE97-C87F-4DEE-B986-5CE4B901B8AC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0C2AC2D7-E591-4AE8-AB72-0FB93A069369}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA40B17F-2404-482E-B754-74894ACAF66E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7B5D4082-3DFC-4741-B32F-43A37F821D05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A1A508F7-C265-4648-A834-9D7B0844952B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E61D2620-852B-4BD8-9BDD-D6C6F2DA515F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6E679F0-0967-4DF2-82E2-3692213AFB10}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E428714C-ADBA-455F-A08C-93622F8A90C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6695476B-FF6D-4373-A726-8C15254BE69E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{16698491-09DF-4D9B-8CA5-4117773BD18C}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{88567A19-0A26-41CE-A645-939C522E3B35}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{C508DEF5-851B-4979-B2F3-A92C5438F152}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{E6A61B73-34E9-401E-83F2-A8FB0469D718}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{82AF5813-3600-458A-9D92-15B9738810E6}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{7CC269A2-3857-49CD-A999-6058BCD0A93B}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{FF6270F3-7883-4387-B0E4-4DBED0F190FB}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{D6A58A80-3BD6-44DF-9ED5-1F952D5FD727}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{E5B64D22-A9F2-40CB-A0AC-3ACCB0CB5DA7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77891623-8E9F-4947-8CE2-BE73396E1402}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B0DE9B57-5FCF-44B8-8849-E60012795A0D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CBE0BDA9-36B4-4C97-A699-D7A424929BED}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{979E4717-9971-43D8-AED1-DDCE0C1D519F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E9D95CEA-E906-4C29-B7ED-597D9F0BEF64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F34DDE6E-5E08-4164-AB55-3C964F8C3761}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D631721-761C-47C4-9B47-69B5714E7D76}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EC65ACAF-9456-41FA-963C-CB885798EF22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B81E948B-9668-499F-A114-E301E3CC4704}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1C00E5D-80CB-4C93-B530-2CA53D3D06CC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3138DE5-B15D-4001-BE4F-A4C1027927E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E463B993-2D16-4C7C-842E-225F3A5E5C9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2512611D-101D-4B38-8056-961D9C03FDBC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C37A0FA0-D6E0-426E-BBB0-A097A2A3F77C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A331A79E-EEAD-415E-BD18-C2FCBA4DDD05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{343E8DAF-AA59-46C7-8293-A3720680D2CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F37D0715-AF37-4497-AA62-4378527F3D80}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A8D5F8A0-93AB-4A06-AE8E-DE716E3FAAE4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{43220D06-0BEE-43A6-BE5C-51A755797F50}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B32AD525-E171-41C3-A00D-786362EB9DCE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FCEABE2C-69FC-486E-9BCC-8FA49AD44F31}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EF80455F-E269-47B7-A4EF-04F8A4DA5182}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2582710-8D62-44F9-B5EE-782F382ED93B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{11F29B9B-C822-42E7-8F8C-24FC44B48177}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99B3709D-02CE-4BB0-A757-354A77622BA1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C12E3A86-4230-4AFB-AE98-3AE687F27EB6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DEE6B565-8008-4920-A430-150F1D973EE8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6305F5CE-BF18-40F0-A3EC-62E2A8026CB0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{24685DCC-C400-4D0A-94DC-85FF9E77BD7B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0B52CA18-B3A3-4E34-860C-4DEE2D2577AB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC9D1043-41D4-4381-9ABA-15B877F77012}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A3B73198-735A-48E5-9BA5-20C920F49847}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5BB2E5CD-F25A-4981-9901-D59D7229558A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6A2BEEAC-6804-4EE0-BB5D-8D98A8B3C6B3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8749806A-7802-4803-99FD-DBD628AD02AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5B1A480B-38CC-4450-8359-5A2B434BD559}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{39D647CA-EDAE-4320-9548-19F2019B0473}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE76FE5B-132D-46DA-8EE2-051B4A212146}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{03299863-AFA8-4549-9948-3015C0B28C9F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DCBCC28F-5B7B-4DB0-9E1A-64EDA48EA9FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5FD0CB21-5A05-4481-925C-424775081FB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FA78A158-3E5D-4484-88F4-5B25859170D4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80A3429C-9B49-434B-B119-B6CBB8EDC3B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A8E940A8-9F84-49A4-8D5D-9E90360E230A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1614248F-7D14-4B96-9CA0-EBA2159AC2C6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3B5CC481-6C1A-4F79-9302-BB0475C2A532}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2DEA09BB-F9D0-4E0F-9E3A-24C92EDF58FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CEB3F7E9-D585-4BEB-BF7B-999F87B93019}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EFB5A6D0-0735-461C-8238-02C91B73C3F8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7A35AEED-22F0-4092-A408-1B2C7895D898}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1CC62C45-2787-4E0E-8C47-A04FE24F78F0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C7013482-1DDD-4B4B-9DA4-5F1F6C1889E7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1F9C4E34-69E2-4127-A45F-AFDCEC23F470}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6CF6F7F1-64B6-4A97-A7E5-784C53A7FB05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A15DC90E-07E0-45C3-AE6B-B230D0C305E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{808084DE-3F94-4618-B112-E238B2D4E491}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{822B0A40-43A3-452D-AF60-CAA15008BB8B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{75F818B5-D2AB-4578-8515-C01B9C36625B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D39B7E59-769E-4725-8EF7-66E7B77C14EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0F29C555-DBDA-448A-AEFF-41B0FB383F95}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1961F137-CCA0-4D32-886F-EF73B5EB3A66}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{12220510-74DA-4D6D-A937-3FFEE2917C5E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F421E7EC-88FD-446C-8200-F41EDF804E60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EC6EDAC5-3B69-4CAF-B9B2-FED491FF9E1B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E6C7396A-2A1A-4B7E-B77C-52168E0CE107}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C1B13EF0-D4E7-446A-8E3C-56183CE53FD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6E2C8D06-ABC8-414A-9157-987C185AC9E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F08C1BC8-AC63-4A56-BB0F-58B0F3B354E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{081B871E-094B-40A6-971E-7DA4B4B9F7F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0EBD4DFF-5078-4596-9DBD-4B6196FA4F04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CA7AA867-A229-4C51-B492-57D514776321}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2547391-7E31-4809-8C73-7FC19ED5DD70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{73EC3E4A-DE5D-4C9A-AAEA-39A732BD1F36}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5ABF27FD-AE8C-413D-8693-F2B11876CB00}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{96F4DFB1-8C96-4479-83B4-CA677C8111F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{431835E6-2D4E-47BD-9B76-B7C88EE19C49}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{383EAB16-CAEB-4E63-A3A7-46BE2EE72B9A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2CE2870D-570D-459C-AAE4-446EAA9635EC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{70127D56-F171-4574-92B4-2E6B3B65C6B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80FEA712-860D-47A7-BA7A-57377FDFB31C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A68EB7FC-19B9-4E85-906A-9FEB25F24D49}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF6B6BFA-F064-4669-B79E-EE517BFB5A47}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2DDF8F7D-61C3-4C83-9851-F9DC761569D8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{97F41099-EC38-4234-B094-A3C72FCC8FDC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{211474F0-63F8-45FC-83E2-5C2714E38424}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9BC62EF0-6F70-46AD-A007-6BB9423013A6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5583DA7C-4A20-46B3-BEF8-435B240FB63A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC3E27D9-DA01-498D-A674-C27124338AAC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ACB0962C-27F6-4E33-8E26-C94B8F7F2423}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DC47306C-0506-4BB7-88E4-D3DF75947BAA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4B3E4FB5-F756-43EB-8753-136E6342DDFB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EF743711-DA09-443B-B0D4-639152A607CF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE66E717-C8C0-4A4D-B1A0-47D663B9985E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA2329B2-B7E5-4AAD-BD3B-450E32825A3D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{024B0FE8-2AFC-4A1C-92EF-310818422F14}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{82C3AFE3-4B08-4B94-922C-CF76C7BB30F1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{020BC366-B573-482A-B748-458B03BC08DC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{12EC03C2-4A50-45F5-82F6-F89811BFF21A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7C1B6606-9126-4118-B765-4B8173A85DA0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4237B4C9-A84B-476F-B8C1-460608FBE3C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7FBC87A3-D18B-4327-B8F1-1AFB22209C54}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{180A7347-5EA0-4339-9B6C-7BA4C9E4B5AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8976C555-6B39-44E2-9DBA-6B16C75B81A2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D71F374-52F3-41CC-A8C6-12F1A9FE91A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{75D23826-DA5E-4E64-A1CF-E0A334915AE7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{97EA556A-7347-4121-B554-9821664911B5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2241C045-BA7D-452B-B722-0713F954DCB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A57012BB-1B1D-4F88-AB23-E1CA251B5BBD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ECC5DB09-C4D0-4E9C-8EBD-8876635A032F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D532D313-C4CB-40E7-A3A4-4D1AA0EA5301}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{85A7B1AE-83AC-4927-AFF7-4F7F4D0CD178}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{58A484C9-82AB-4867-9679-1E0DFA7E414E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AD2978A2-5B64-4177-A2C6-9CA96BEE301D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0F8443C1-BD82-40C2-A86D-3106DC673B5C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{249AECC1-88AD-4515-8B29-70A05D10A4B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD64EE58-E59F-4C7D-B2F1-082B444BC15C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9029C3CE-2CFE-4906-BFC9-B0EF403022E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0E903791-CFED-4144-A1FE-51E1C71BBD4A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A183BD18-723D-4123-8308-BCF116F5209E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{23E4E8C5-BDE0-4916-9641-BFC2DA35F204}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FDA00C3D-A8B5-45B0-BA47-FED352F8F1E3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D512016B-2EFB-4555-90F1-F61FBCB7CABE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D4611840-9F56-4253-8A4A-B3BD58743676}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A722507-6FE6-45BF-BE9D-130D80C01031}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{34FCF720-97C2-4F4D-9E67-73E99E76955D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2CF72FD2-D6C3-4A4F-95CE-F592BAAA435F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5799ACDF-DFCC-456A-A2F4-364757656231}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{991D078F-EAEE-4ECF-B547-1AA0302A373A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D376A019-16BC-446B-9222-BE3DCAFB4260}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6AD45A46-7A06-424B-BB9A-708CEC5A7347}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DDD5B561-2D96-4D1E-ADEB-363A41EE8693}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1EF2EBEC-6D33-44B7-B78A-131379B94F7C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4BB5A189-57F3-4C79-A4B3-27BA3C6A74C9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C713F18F-223E-4B6D-9C55-C2296BF9CF85}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9A6FE43E-BE71-49BC-80B7-C80C721B321B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5ED73662-55A5-4535-97C2-F71E858F7EB2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F29430BB-5946-4440-8F90-AA813781F0E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E1C0C75A-8027-4155-B258-26E8907F8A77}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6B40641D-3A9F-4C1E-8F63-B2C840BBB498}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FBB6986D-73B8-4F14-8CB9-4D50194DF253}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{426A827B-A057-4ACE-A755-7211F09624B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1071FE9E-04A0-44E7-8B5B-CE617E2E7DEB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2DD1C61E-D3BD-4B55-9369-9644C8694126}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{694991E1-6793-4408-B5A5-82DC13DCA7E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6D528898-193A-4614-ABCF-5DC321A8AEE2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E5DA01BC-F3F6-4FD7-898C-CA7387B19412}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5D04DAC6-0F42-4966-9880-F8B5C44C423F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15AF40C5-DD88-49BB-B688-40F1330AC85E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A0A674D2-ADE0-45A6-8D10-21BEEB939D86}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7ED87DF7-9B31-463A-8B46-3BB05EC6BFBC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1A65D50E-F613-4D6C-91C4-DF283C9F1FE6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C06618F5-6ADC-4B86-B91D-31CD9AD57CFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0ED75C77-73CA-4AA5-808A-F3F1DEF8CD7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{65DDAEFB-9D09-45B0-A4E6-83C233A0A0AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99C1C3C1-1D5F-4C6B-A3E3-E57E153F06A7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E94EF2F2-57E4-4EDB-A524-CDC5D668BBA1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6E9DEDE2-B1F8-4A01-86F1-768ABF7E35D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{31582B83-72FA-4C87-BC51-477AF0B1A4C9}] => (Allow) D:\setup\hpznui40.exe
FirewallRules: [{0AA8171A-586A-4E2D-8CB5-9F52EC4835F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{DF2B952B-8A9F-4F5F-9EE8-1E27C07AF66C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4988D91D-00B9-4897-8F8C-B3DE15F93596}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{5781B90B-7B91-45F0-ACB4-A2DA92670C60}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{4F557376-342A-4EF6-9E3E-53830426C8C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{037092BA-8E49-4868-BBCE-B81ACB29B003}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{41AF5C6A-24D1-4636-A698-1F7F1C1AA9FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1D3952D9-9E77-4F0B-BDD7-076779E8B5D5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{AE607AE9-D6F0-43CD-8BAD-FBFFD12C75C3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{607EF85F-FB3E-4E6E-8E7C-185B40ED53BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{61DFCE77-4CCF-4181-AC37-90AFC802AF10}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{44C856BF-A17D-467D-AEEF-0DAD3CC6C19B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3677FDF4-D3D9-4C95-AC90-FE4FF0900459}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{AA975029-F27D-4341-8729-181654CA6DA7}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{535164E3-53FC-42E0-8631-1965B8D40E4E}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{09CBC8B9-2442-46CE-8177-D9DB3B01CF08}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{314500C7-52D7-4CB1-A666-3A3DF707EF6D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B810E2A8-9933-44C9-BE54-0DCE6EB5575B}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{17EFAEE4-3572-4057-8D8E-679E14F5DC7C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0B8DE4A3-C5BA-488E-B382-AF15D66C0339}] => (Allow) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{154D1F61-6EAE-4C20-8B78-3F56113658F0}] => (Allow) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{682292DD-E27B-4C23-A747-DFB41B802901}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD85DE6A-9196-4597-9D1E-FFDD3AB7AC50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A99F2731-10F2-4BDD-93C9-4EA9D139038F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6A1E489A-31CE-4172-BE5E-49D58B56650D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9794DA47-BD9B-46D4-A85C-587456CE6521}] => (Allow) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{819A1FC6-2521-46C5-926B-AD93559573C7}] => (Allow) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2015 00:34:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x4a0
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3

Error: (06/13/2015 11:01:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x1288
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3

Error: (06/12/2015 03:33:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x10fc
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3

Error: (06/12/2015 02:45:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x910
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3

Error: (06/11/2015 07:53:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x119c
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3

Error: (06/09/2015 09:49:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8808
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x978
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3

Error: (06/09/2015 09:46:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7149.5000, Zeitstempel: 0x552dd352
Name des fehlerhaften Moduls: pstprx32.dll, Version: 14.0.7149.5000, Zeitstempel: 0x552c9630
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00028ac8
ID des fehlerhaften Prozesses: 0x13d0
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (06/07/2015 09:26:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8808
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x26c
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3

Error: (06/04/2015 10:14:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8808
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0xf20
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3

Error: (06/04/2015 11:19:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8808
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0xe9c
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3


System errors:
=============
Error: (06/13/2015 09:32:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/13/2015 09:32:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/13/2015 09:32:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IviRegMgr" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/13/2015 09:32:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Matrix Storage Event Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/13/2015 09:32:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/13/2015 09:32:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/13/2015 09:32:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Raw Socket Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/13/2015 09:32:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Protexis Licensing V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/13/2015 09:32:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NTI Backup Now 5 Scheduler Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/13/2015 09:32:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GRegService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (06/13/2015 00:34:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f4a001d0a5c48680e2b5C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllc75778da-11b7-11e5-808c-00269e9dd695

Error: (06/13/2015 11:01:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f128801d0a5b77719aec1C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllb9f4a7f6-11aa-11e5-b6c7-00269e9dd695

Error: (06/12/2015 03:33:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f10fc01d0a51460e657e3C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dll9ff58fcc-1107-11e5-90d6-00269e9dd695

Error: (06/12/2015 02:45:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f91001d0a50da8d863b9C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dlle8793475-1100-11e5-889c-00269e9dd695

Error: (06/11/2015 07:53:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.1886955636317c0000374000cea5f119c01d0a46f85dc7e22C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllc67ae1be-1062-11e5-b678-00269e9dd695

Error: (06/09/2015 09:49:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.18839553e8808c0000374000cea5f97801d0a2ed705f1907C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllafd24abb-0ee0-11e5-84ce-00269e9dd695

Error: (06/09/2015 09:46:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.7149.5000552dd352pstprx32.dll14.0.7149.5000552c9630c000000500028ac813d001d0a2ecfd2d6bfbC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\pstprx32.dll4474e457-0ee0-11e5-84ce-00269e9dd695

Error: (06/07/2015 09:26:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.18839553e8808c0000374000cea5f26c01d0a157e775a3afC:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dll2876cce3-0d4b-11e5-a42c-00269e9dd695

Error: (06/04/2015 10:14:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.18839553e8808c0000374000cea5ff2001d09f030adae570C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dll4c1c216a-0af6-11e5-ab8a-00269e9dd695

Error: (06/04/2015 11:19:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DATA BECKER Update Service.exe0.0.3.84cd2c1c1ntdll.dll6.1.7601.18839553e8808c0000374000cea5fe9c01d09ea78259379cC:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exeC:\Windows\SysWOW64\ntdll.dllc350699d-0a9a-11e5-9291-00269e9dd695


CodeIntegrity Errors:
===================================
  Date: 2015-02-15 15:10:22.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-15 15:10:21.918
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 11:50:05.539
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 11:50:05.524
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 11:46:14.846
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 11:46:14.706
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 22:51:56.002
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 22:51:56.002
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 22:51:55.986
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-12 22:51:55.986
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6570 @ 2.10GHz
Percentage of memory in use: 29%
Total physical RAM: 4060.93 MB
Available physical RAM: 2862.86 MB
Total Pagefile: 8120.06 MB
Available Pagefile: 6677.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:453.66 GB) (Free:317.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CDF05614)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.7 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---

Alt 14.06.2015, 09:44   #11
M-K-D-B
/// TB-Ausbilder
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
RemoveProxy:
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

Alt 14.06.2015, 20:19   #12
Wimmerl82
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Code:
ATTFilter
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by PC at 2015-06-14 21:10:48 Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & Gast)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
RemoveProxy:
EmptyTemp:
end
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => key removed successfully
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found. 

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1479719048-131605857-4171494742-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => 1.5 GB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 21:12:17 ====
         
Fortsetzung folgt...

Mein PC ist irgendwie total langsam jetzt. Ist das normal?

Alt 15.06.2015, 15:15   #13
M-K-D-B
/// TB-Ausbilder
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



Servus,


mal bitte weiter machen.

Alt 16.06.2015, 20:20   #14
Wimmerl82
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet



ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f5c78bb11ca5f0498455fb5e5ff8777b
# end=init
# utc_time=2015-06-15 07:50:29
# local_time=2015-06-15 09:50:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24341
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f5c78bb11ca5f0498455fb5e5ff8777b
# end=updated
# utc_time=2015-06-15 08:31:22
# local_time=2015-06-15 10:31:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f5c78bb11ca5f0498455fb5e5ff8777b
# engine=24341
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-15 11:32:03
# local_time=2015-06-16 01:32:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777214 100 100 14680 65885545 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 271548 186040973 0 0
# scanned=317334
# found=8
# cleaned=0
# scan_time=10841
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=BA5D225FE04ED9E21278011D1A6F6BBECB9134D8 ft=1 fh=57ab8a13e6ab5320 vn="Variante von Win32/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Local\Temp\SetupDataMngr_Searchqu.exe.vir"
sh=04B4A79CC95C2D2ED13D3951AE54409F15327429 ft=1 fh=395a604ee7c17fd1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\7 Zip\7 Zip 32 Bit - CHIP-Installer.exe"
sh=87DFD82D5434A7E649082BA59389A4E87D40DA5C ft=1 fh=fb6c23061dda6c6a vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\7 Zip\7-zip(1).exe"
sh=87DFD82D5434A7E649082BA59389A4E87D40DA5C ft=1 fh=fb6c23061dda6c6a vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\7 Zip\7-zip.exe"
sh=96FD12ADDAF5F1173C7D841979C4705402EAF899 ft=1 fh=3a5fffaae144af3b vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\Favoriten-Freund\AnySendSetup.exe"
sh=9B1FD212A830B5410380158B5D670752F74082C1 ft=1 fh=3fb6e70c0426ad1b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\Free Mp3 wma converter\Free Mp3 Wma Converter - CHIP-Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\PC\Downloads\pdf creator\PDFCreator-1_7_3_setup.exe"
         
Security Check:

Code:
ATTFilter
Results of screen317's Security Check version 1.002  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 JavaFX 2.1.1    
 Java 7 Update 67  
 Java(TM) 6 Update 29  
 Java version 32-bit out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 17.0.0.188  
 Adobe Reader XI  
 Mozilla Firefox (38.0.5) 
 Mozilla Thunderbird (3.1.9) Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Wie gehts weiter?

Alt 17.06.2015, 14:18   #15
M-K-D-B
/// TB-Ausbilder
 
Link in DHL EMail geöffnet - Standard

Link in DHL EMail geöffnet




Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?




Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
C:\Users\PC\Downloads\7 Zip\7-zi*.exe
C:\Users\PC\Downloads\Favoriten-Freund\AnySendSetup.exe
C:\Users\PC\Downloads\Free Mp3 wma converter\Free Mp3 Wma Converter - CHIP-Installer.exe
C:\Users\PC\Downloads\pdf creator\PDFCreator-1_7_3_setup.exe
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!








Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.


Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 
 


Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Antwort

Themen zu Link in DHL EMail geöffnet
absender, anhang, anwendungsdaten, bedrohungen, bekannte, blödsinn, code, datei, email, empfohlen, erstell, erstellt, gefunde, gen, große, hoffe, kaspersky, laptop, link, objekt, programm, schließe, sofort, untersuchung, virenprogramm, warum



Ähnliche Themen: Link in DHL EMail geöffnet


  1. Win 8.1 - DHL Email - link geöffnet
    Log-Analyse und Auswertung - 30.05.2015 (12)
  2. Macbook / OSX Yosemite 10.10.3: Fake-email link geöffnet, Weiterleitung unklar
    Alles rund um Mac OSX & Linux - 12.05.2015 (5)
  3. Link aus Fake-Email geöffnet - MBAM findet nichts
    Plagegeister aller Art und deren Bekämpfung - 11.05.2015 (11)
  4. DHL-Fake-Email Link geöffnet
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (17)
  5. DHL-Paketankündigung-Email Link geöffnet
    Log-Analyse und Auswertung - 11.03.2015 (13)
  6. DHL-Email-Link geöffnet
    Plagegeister aller Art und deren Bekämpfung - 10.03.2015 (23)
  7. DHL-Fake-Email Link geöffnet, wie kann ich die Malware entfernen?
    Plagegeister aller Art und deren Bekämpfung - 08.03.2015 (9)
  8. EBay Email kaufbestätigung iPhone 6 geöffnet und den Link bestätigt seitdem Fehlfunktion auf mein iPhone 5
    Plagegeister aller Art und deren Bekämpfung - 24.02.2015 (1)
  9. Phishing email service.paypal.de link geöffnet
    Überwachung, Datenschutz und Spam - 23.01.2015 (5)
  10. Verdächtigen Link geöffnet, der über Email von Freundin kam (driversnews.tv)
    Smartphone, Tablet & Handy Security - 07.11.2014 (2)
  11. Email (Spam) geöffnet und auch den Link
    Überwachung, Datenschutz und Spam - 03.08.2014 (3)
  12. Telekom Juni virus (Spam email link geöffnet)
    Log-Analyse und Auswertung - 23.06.2014 (9)
  13. Gefälschte und Telekom-Email und Link unachtsam geöffnet - Trojaner o.ä. eingefangen?
    Log-Analyse und Auswertung - 30.01.2014 (21)
  14. email mit link und Zip endung geöffnet, Virus?
    Smartphone, Tablet & Handy Security - 05.01.2014 (5)
  15. In EMail einen (sehr wahrscheinlich) schadhaften Link geöffnet
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (9)
  16. Blöderweise schlechten Link in Email geöffnet
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (11)
  17. Link in email geöffnet! Virus oder Trojaner eingefangen?
    Log-Analyse und Auswertung - 02.07.2012 (22)

Zum Thema Link in DHL EMail geöffnet - Ich weiß nicht warum, aber ich habe einen großen Blödsinn gemacht. Ich habe eine EMail unter dem Absender DHL geöffnet und auf einen Link darin geklickt. Es öffnete sich dann - Link in DHL EMail geöffnet...
Archiv
Du betrachtest: Link in DHL EMail geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.