| |
| |||||||
Log-Analyse und Auswertung: Google-Meldung ungewöhnlicher DatenverkehrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
02.06.2013, 14:14
| #1 |
 |  Google-Meldung ungewöhnlicher Datenverkehr Hallo, ich habe gestern gegoogelt und dann kam folgende Meldung: „Unsere Systeme haben ungewöhnlichen Datenverkehr aus Ihrem Computernetzwerk festgestellt. Diese Seite überprüft, ob die Anfragen wirklich von Ihnen und nicht von einem Robot gesendet werden.“ (hxxp://forum.computerbild.de/sicherheit/mysterioese-google-meldung-bzgl-datenverkehr_116644.html) Ich wurde zur Bestätigung aufgefordert einen Captcha einzugeben. Ich habe die Seite geschlossen und das ganze noch 3 mal versucht, es hat sich nicht geändert. Dann habe ich einen Scan mit Kaspersky gemacht (negativ), den Suchverlauf gelöscht und anschließend nochmal mit Firefox gegoogelt und es hat wieder funktioniert. Dieser Vorfall wurde schon im Netz besprochen. (hxxp://forum.chip.de/rund-um-online/google-suche-captcha-meldung-1655159.html) (http://www.trojaner-board.de/112438-...e-meldung.html) (hxxp://www.zeit.de/digital/internet/2013-01/google-captcha-scrapen) Es wird dabei gesagt, dass das Problem meistens bei Google liegt. Ich weiß jedoch für meinen Fall, dass mein Adobe-Acrobat-Plug-in nicht aktuell war. Außerdem wird der User Guide in der Task-Leiste, wenn man ihn anklickt, nicht mehr vom Adobe Reader erkannt. Die Meldung von Google kam auch nicht bei der ersten Suche an dem Tag sondern einfach mittendrin: ich wollte eine Seite aufrufen, die Seite wurde nicht richtig aufgebaut, und ich habe die Seite geschlossen und beim nächsten Googel kam dann die Meldung. Also da mein Plug-in nicht aktuell war und jetzt der Adobe Reader nicht den User Guide erkennt, würde ich mich über Hilfe bei der Systemanalyse freuen. OTL-Text: HTML-Code: OTL logfile created on: 02.06.2013 11:32:14 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Malte\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16580) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,71 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 74,61% Memory free 7,08 Gb Paging File | 5,53 Gb Available in Paging File | 78,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 439,18 Gb Total Space | 394,58 Gb Free Space | 89,84% Space Free | Partition Type: NTFS Computer Name: PC-MALTE | User Name: Malte | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013.06.02 11:30:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Malte\Desktop\OTL.exe PRC - [2013.05.30 14:56:34 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.18 15:56:22 | 001,227,800 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe PRC - [2013.04.18 15:56:10 | 000,563,224 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe PRC - [2012.09.18 10:48:58 | 002,791,544 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe PRC - [2012.09.05 09:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe PRC - [2012.09.05 09:50:24 | 000,085,112 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe PRC - [2012.09.05 09:50:16 | 002,623,096 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe PRC - [2012.08.15 13:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2012.08.10 10:37:48 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2012.07.31 18:02:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.07.18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.07.18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.07.18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012.07.18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012.09.05 09:50:28 | 000,110,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll MOD - [2012.09.05 09:50:22 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll MOD - [2012.09.05 09:50:16 | 000,060,536 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll MOD - [2012.09.05 09:50:10 | 000,103,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll MOD - [2012.09.05 09:50:10 | 000,026,744 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll MOD - [2012.08.17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll MOD - [2012.06.08 04:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2012.04.20 07:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2013.05.31 17:11:07 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.30 14:56:34 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.04.18 15:56:22 | 001,227,800 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2013.04.18 15:56:14 | 000,659,992 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.09.05 09:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher) SRV - [2012.08.16 13:08:56 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.08.10 11:28:14 | 000,211,584 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2012.08.10 10:37:48 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent) SRV - [2012.07.31 18:02:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012.07.18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.07.18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.07.18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012.07.18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013.05.30 15:04:35 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\kneps.sys -- (kneps) DRV:[b]64bit:[/b] - [2013.05.30 15:04:35 | 000,050,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\klwfp.sys -- (klwfp) DRV:[b]64bit:[/b] - [2013.05.30 15:04:34 | 000,619,616 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2013.05.30 15:04:34 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\klmouflt.sys -- (klmouflt) DRV:[b]64bit:[/b] - [2013.05.30 15:04:34 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\klkbdflt.sys -- (klkbdflt) DRV:[b]64bit:[/b] - [2013.04.18 15:55:50 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\psi_mf_amd64.sys -- (PSI) DRV:[b]64bit:[/b] - [2013.04.09 07:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2013.01.11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2012.10.08 11:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2012.08.16 04:26:42 | 008,987,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012.08.10 11:09:46 | 000,567,808 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2012.08.10 11:09:44 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2012.08.10 11:09:42 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2012.08.10 11:09:42 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2012.08.10 11:09:42 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2012.08.10 11:09:40 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2012.08.10 11:09:40 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2012.08.10 11:09:40 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2012.08.06 04:41:28 | 000,313,712 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2012.08.02 15:09:32 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2012.07.31 04:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2012.07.27 18:38:24 | 000,029,616 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\klelam.sys -- (klelam) DRV:[b]64bit:[/b] - [2012.07.27 14:00:03 | 000,023,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini) DRV:[b]64bit:[/b] - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2012.07.24 01:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2012.06.25 03:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV:[b]64bit:[/b] - [2012.06.19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\kl1.sys -- (kl1) DRV:[b]64bit:[/b] - [2012.06.19 01:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2012.06.12 14:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV - [2013.01.21 19:57:13 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {50952DBE-9475-4D32-B175-B9D835C33E99} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{50952DBE-9475-4D32-B175-B9D835C33E99}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {50952DBE-9475-4D32-B175-B9D835C33E99} IE - HKLM\..\SearchScopes\{50952DBE-9475-4D32-B175-B9D835C33E99}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com IE - HKCU\..\SearchScopes,DefaultScope = {50952DBE-9475-4D32-B175-B9D835C33E99} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4307 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.05.30 15:04:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.05.30 15:04:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.05.30 15:04:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.05.30 15:04:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.05.30 15:04:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.30 19:52:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malte\AppData\Roaming\mozilla\Extensions [2013.05.31 13:27:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.31 13:27:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.05.30 15:04:39 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:[b]64bit:[/b] - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:[b]64bit:[/b] - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:[b]64bit:[/b] - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:[b]64bit:[/b] - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros) O4:[b]64bit:[/b] - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not found O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:[b]64bit:[/b] - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9:[b]64bit:[/b] - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O9:[b]64bit:[/b] - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{040733CB-4D7C-4428-9C2C-E2D12538D345}: DhcpNameServer = 192.168.178.1 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013.06.02 11:30:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Malte\Desktop\OTL.exe [2013.06.02 09:42:15 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2013.06.01 16:47:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013.06.01 16:47:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013.05.31 18:04:23 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Macromedia [2013.05.31 17:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.05.31 17:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.05.31 17:15:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.05.31 12:45:43 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice [2013.05.31 10:34:58 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Secunia PSI [2013.05.31 10:34:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia [2013.05.30 20:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013.05.30 20:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013.05.30 20:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.05.30 20:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.05.30 20:42:22 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Microsoft Help [2013.05.30 20:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.05.30 20:41:57 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.05.30 19:52:12 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Mozilla [2013.05.30 19:52:12 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Mozilla [2013.05.30 19:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.05.30 19:51:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.05.30 19:51:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.30 19:46:11 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Macromedia [2013.05.30 15:04:41 | 000,178,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kneps.sys [2013.05.30 15:04:41 | 000,050,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klwfp.sys [2013.05.30 15:04:40 | 000,619,616 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klif.sys [2013.05.30 15:04:40 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klflt.sys [2013.05.30 15:04:40 | 000,029,528 | ---- | C] (Kaspersky Lab) -- C:\windows\SysNative\drivers\klmouflt.sys [2013.05.30 15:04:40 | 000,029,016 | ---- | C] (Kaspersky Lab) -- C:\windows\SysNative\drivers\klkbdflt.sys [2013.05.30 14:48:47 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\windows\SysNative\klfphc.dll [2013.05.30 14:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013.05.30 14:48:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013.05.28 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Adobe [2013.05.28 16:20:19 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Power2Go8 [2013.05.28 16:20:14 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\BMExplorer [2013.05.28 16:20:14 | 000,000,000 | ---D | C] -- C:\Users\Malte\Documents\Bluetooth Folder [2013.05.28 16:20:09 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Atheros [2013.05.28 16:19:29 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.05.28 16:19:29 | 000,000,000 | R--D | C] -- C:\Users\Malte\Searches [2013.05.28 16:19:29 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.05.28 16:19:28 | 000,000,000 | R--D | C] -- C:\Users\Malte\Contacts [2013.05.28 16:19:24 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Adobe [2013.05.28 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Samsung [2013.05.28 16:17:20 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\VirtualStore [2013.05.28 16:17:00 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Packages [2013.05.28 16:16:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Vorlagen [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\AppData\Local\Verlauf [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\AppData\Local\Temporary Internet Files [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Startmenü [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\SendTo [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Recent [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Netzwerkumgebung [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Lokale Einstellungen [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Documents\Eigene Videos [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Documents\Eigene Musik [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Eigene Dateien [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Documents\Eigene Bilder [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Druckumgebung [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Cookies [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\AppData\Local\Anwendungsdaten [2013.05.28 16:16:17 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Anwendungsdaten [2013.05.28 16:16:16 | 000,000,000 | --SD | C] -- C:\Users\Malte\AppData\Roaming\Microsoft [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Videos [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Saved Games [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Pictures [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Music [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Links [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Favorites [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Downloads [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Documents [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\Desktop [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.05.28 16:16:16 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.05.28 16:16:16 | 000,000,000 | -H-D | C] -- C:\Users\Malte\AppData [2013.05.28 16:16:16 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Temp [2013.05.28 16:16:16 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Microsoft [2013.05.28 16:16:16 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.10.20 08:00:42 | 002,258,432 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013.06.02 11:30:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Malte\Desktop\OTL.exe [2013.06.02 11:29:00 | 000,000,360 | ---- | M] () -- C:\windows\tasks\Xerox PhotoCafe Communicator.job [2013.06.02 11:28:51 | 000,000,000 | ---- | M] () -- C:\Users\Malte\defogger_reenable [2013.06.02 11:26:52 | 000,050,477 | ---- | M] () -- C:\Users\Malte\Desktop\Defogger.exe [2013.06.02 11:19:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013.06.02 09:36:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.06.01 16:47:52 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.05.31 17:25:04 | 001,745,416 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013.05.31 17:25:04 | 000,753,134 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2013.05.31 17:25:04 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013.05.31 17:25:04 | 000,155,826 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2013.05.31 17:25:04 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013.05.31 17:17:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.31 17:17:08 | 3183,919,104 | -HS- | M] () -- C:\hiberfil.sys [2013.05.31 15:20:23 | 000,355,944 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2013.05.31 13:27:52 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.31 10:34:20 | 000,001,112 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2013.05.30 15:04:35 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kneps.sys [2013.05.30 15:04:35 | 000,050,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klwfp.sys [2013.05.30 15:04:34 | 000,619,616 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klif.sys [2013.05.30 15:04:34 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klflt.sys [2013.05.30 15:04:34 | 000,029,528 | ---- | M] (Kaspersky Lab) -- C:\windows\SysNative\drivers\klmouflt.sys [2013.05.30 15:04:34 | 000,029,016 | ---- | M] (Kaspersky Lab) -- C:\windows\SysNative\drivers\klkbdflt.sys [2013.05.30 14:50:46 | 000,002,376 | ---- | M] () -- C:\Users\Malte\Desktop\Sicherer Zahlungsverkehr.lnk [2013.05.30 14:48:47 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.05.28 16:18:05 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_300E4_P04R.mrk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013.06.02 11:28:51 | 000,000,000 | ---- | C] () -- C:\Users\Malte\defogger_reenable [2013.06.02 11:26:47 | 000,050,477 | ---- | C] () -- C:\Users\Malte\Desktop\Defogger.exe [2013.06.01 16:47:52 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.06.01 16:47:52 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.05.31 17:11:09 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013.05.31 15:20:06 | 000,355,944 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT [2013.05.31 13:24:45 | 000,002,143 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk [2013.05.31 10:52:59 | 000,387,688 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml [2013.05.31 10:34:20 | 000,001,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2013.05.31 10:34:20 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2013.05.30 19:51:14 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.05.30 19:51:14 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.30 14:50:47 | 000,001,357 | ---- | C] () -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013.lnk [2013.05.30 14:50:46 | 000,002,376 | ---- | C] () -- C:\Users\Malte\Desktop\Sicherer Zahlungsverkehr.lnk [2013.05.30 14:49:12 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.05.28 16:19:24 | 000,001,446 | ---- | C] () -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.05.28 16:18:05 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_300E4_P04R.mrk [2012.10.20 08:00:42 | 000,003,196 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml [2012.10.20 06:43:14 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll [2012.08.16 04:27:12 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin [2012.08.16 04:27:12 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin [2012.08.16 04:26:34 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll [2012.08.16 04:26:32 | 000,963,388 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin [2012.08.16 04:26:32 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat [2012.04.20 06:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [color=#E56717]========== Purity Check ==========[/color] < End of report > HTML-Code: OTL Extras logfile created on: 02.06.2013 11:32:14 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Malte\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16580) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,71 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 74,61% Memory free 7,08 Gb Paging File | 5,53 Gb Available in Paging File | 78,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 439,18 Gb Total Space | 394,58 Gb Free Space | 89,84% Space Free | Partition Type: NTFS Computer Name: PC-MALTE | User Name: Malte | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{12F3AABB-993F-4FEA-B4E1-53B14EEDB2B7}" = lport=445 | protocol=6 | dir=in | app=system | "{13333A39-B61B-4A4C-A5CD-77AF7954AC52}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1FA94316-742C-4340-B1F8-A4CC6D33CE84}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2671E3F7-6E91-4ADB-B8A9-E7564E67B5C3}" = rport=445 | protocol=6 | dir=out | app=system | "{293A3381-B01C-461E-9F5F-B3D58C1394A8}" = rport=138 | protocol=17 | dir=out | app=system | "{4C8D4E13-489C-44B2-A3F2-E9955E6E13DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{6ECFBC35-D6C1-4EFB-A3AA-DE38FA9191DA}" = rport=137 | protocol=17 | dir=out | app=system | "{7EFDF94C-45DB-479A-BCEF-CA15E6A47FEA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{831B7DAE-190E-4E2A-BC61-3991179B551B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8483597B-46E5-4C77-ACDC-AADBF0793E52}" = lport=2869 | protocol=6 | dir=in | app=system | "{8D1BB866-2AC2-4E7E-989C-166EB21C416A}" = lport=138 | protocol=17 | dir=in | app=system | "{96A2F88F-4378-42E6-9804-22B46999D650}" = lport=10243 | protocol=6 | dir=in | app=system | "{9D0F090E-BCA0-4D93-9137-A3E682D22E02}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A248ACE9-78C0-4CC5-85FA-E956A440468D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{A2A82CED-1FEA-49C3-91B7-7B3DA2DC5C57}" = lport=137 | protocol=17 | dir=in | app=system | "{A9624166-0825-490E-8EE7-975885923BC5}" = lport=139 | protocol=6 | dir=in | app=system | "{AF299934-0CC4-4724-963F-1099EDD3BA95}" = rport=139 | protocol=6 | dir=out | app=system | "{BCC9A104-604B-4387-BAE3-D1F9CAACFA37}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BE9BEE86-74D6-4741-878F-5C9F2E2C7325}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{C2138286-E097-46A6-89D5-8A754C218155}" = rport=10243 | protocol=6 | dir=out | app=system | "{C2CA0B5C-0E33-4D72-B4B3-7572BAAFCFA6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{D9B9AAA8-60C4-436A-8645-4003235FB5E4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DC6A3584-21F4-4AA4-AF63-8AE0B000B1F2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00988309-7B30-4C34-994A-6C01A1701B5A}" = protocol=6 | dir=out | app=system | "{00A0EC0F-B247-4C0B-9516-A9CBB7182E8D}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{023C85E4-CD5C-440E-A1EF-67EB4559610D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{03A29763-A37B-43D5-A4E7-B928A677CE9C}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{10D3E0EF-8039-4DA4-A44E-885B7BFC119A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{14A3DA2F-97FE-46FE-9828-DFF1C09F14D8}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{15B973FC-2E04-4236-9738-49E4D7464E87}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{17731317-0A77-4D64-B3C3-09C774ED05D5}" = dir=out | name=jamie's recipes | "{1F068434-04E6-45EE-A3D5-544FFCF307F9}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{1F8B052F-F100-46E7-AFFD-7EE911A35136}" = dir=in | name=kindle | "{20197014-AB09-428E-925C-8B293724E12C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{20C578D6-3C4D-4A6C-8932-CCD6AABC525F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{2128DA75-5634-48D3-B8EC-0099A5B35676}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{2227222B-A82C-4E72-960A-678260FE9025}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{25BF0F2A-D25F-4978-8985-BCDB960FA0EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{25F56B12-E06D-4A96-83F6-D2D1C551742F}" = dir=out | name=music hub | "{2D31CC41-2874-413B-AF93-CFF7121E2389}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2DC580FE-B150-4D9B-B295-8EFC5AEAC586}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{2FA29A5D-6300-4645-9DAD-6101BF2562DB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{389B13B5-5C84-488A-9D23-433838CDCC8F}" = protocol=6 | dir=in | app=c:\users\malte\appdata\local\temp\7zse5a7.tmp\symnrt.exe | "{40C08032-A567-4A82-B091-2473C9C91D49}" = dir=out | name=kindle | "{41050A7A-0739-440B-BED0-A429D57F4ADF}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{43E28805-454F-4580-B390-F3F049BAF810}" = dir=out | name=evernote | "{4CDFF93A-BE65-4E08-98BA-D17642D13ED6}" = dir=in | name=skype | "{4D8A574E-B441-4EF2-B45A-F541A1B1073C}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{4E8C5049-A8EB-4D80-8EF3-38F683A8D9CE}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{5312B321-5F33-4615-8D04-373867659407}" = protocol=17 | dir=in | app=c:\users\malte\appdata\local\temp\7zse5a7.tmp\symnrt.exe | "{5765F1D1-659E-48C4-A2E7-0C6E629C41A2}" = dir=out | name=skype | "{5D60A647-38C4-4604-9125-236985D8BF93}" = dir=out | name=s gallery | "{61C16A80-1BAD-4E70-8185-3C755CBA5DEE}" = dir=in | name=evernote | "{6499C762-D07F-43DA-94EC-3B486268C1D0}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{68411BCD-A1F7-48BD-B9CA-B70EF71EAFB5}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{696B3C99-4512-4EC0-9957-B1D37A0C0A8F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{6C31A95F-6CFC-482F-9660-45D6ABEE1290}" = dir=out | name=chaton | "{732E6729-0953-43E0-AAEE-63CB36696491}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{75547563-4F55-49E3-92AF-CEA15342434A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{756D71E3-2DE3-47C2-8D36-EC8E9A5316C2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{77344A79-7B9F-4687-8E4E-D07C07DD310C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{7A515E0A-BF48-467F-95BA-1FB69DB7FF07}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{7E2C3784-60A2-4430-9954-DDFA6E5B811C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{84E0FE4E-D467-41EB-A4C2-8E6CEBAA6E71}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{858CA8F3-C1D6-4D33-9BC7-82CE698173CB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{87BA492F-C6E8-4152-A6E2-CCB1EC9CC1A8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{8886D094-8C39-495F-8659-5C4914AB8F51}" = dir=out | name=merriam-webster dictionary | "{88ACB9D7-54F7-49DA-A083-31224BA8D82C}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{8A702C51-ED4A-48BC-9257-81D84EE3D7A6}" = dir=out | name=fresh paint | "{8F3ECC97-467B-40BA-A661-7AC4FD183704}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{902E6AFC-32BB-4D8D-8C41-E1BC927D9C66}" = dir=out | name=s player | "{932686DC-82A3-4FBF-995B-8A2985452A57}" = dir=out | name=windows_ie_ac_001 | "{A09DE2D4-69E8-4E28-9CBC-6871030B4191}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{A138F0F5-16CF-4996-8D78-87CD324311B4}" = dir=out | name=family story | "{A55EB585-F87E-4DD1-B836-6B69F329F023}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{A6629736-9F63-439E-9D33-99B24CEF1793}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{AB16DEC6-33EC-43F6-924E-F82873C5199B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{AE3D2A73-D57F-4CED-9FF7-6CBD7B9462A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AEC23253-785E-4F90-B1FF-2AAD6B12B8E4}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{C125EE7F-3828-4F05-A6EE-9FE77072410E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{E8A18E6D-460A-4560-A476-DAC75E95626D}" = dir=out | name=photoeditor | "{F0A675CB-59EE-4964-9A32-9DBAB7717BB7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F2153430-B3E5-408F-AEAD-C20C53CB147D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F2890A00-2860-4450-985F-FBA5092D0468}" = dir=out | name=music maker jam | "{F2E2B49E-D8EC-4CD2-A6F2-A45A8B857361}" = dir=out | name=adera | "{FF17571D-DD7D-4AEF-B613-1C28E593C404}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{FF52FC7C-FC5F-4AD3-BFA8-557E9578DA0B}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{FFA90FAD-10C4-4E9A-BD77-E7B741048EA0}" = dir=out | name=s camera | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{18BB06D9-8518-48E5-88F7-5AE1DF02546B}" = Help Desk "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{73280CF7-9471-4FB6-B018-E5FD7A09F1AF}" = Support Center "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{969B5BFB-094D-4D96-AC0C-C1A2675DB583}" = S Agent "{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0613 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client "{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64 "9F04C462DAB591BDCCE784F77E4D4F1736010B92" = Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) "Elantech" = ETDWare PS/2-X64 11.7.2.1_WHQL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Recovery "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{233B918E-99FD-4643-BEDD-A9855A56FC3A}" = Windows Live UX Platform Language Pack "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program "{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform "{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8 "{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials "{35BD47F4-C19B-474F-AACC-E8C0BE38148A}" = Photo Common "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{403BBE15-C64E-429A-9652-1C4EFF327457}" = SW Update "{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack "{4C0D8B3E-63F0-4773-83F5-C5B7795B0FB8}" = Photo Gallery "{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE "{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions "{52E5DE60-C96B-42CC-9A37-FE04725940AE}" = Settings "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "{57EC0BAF-E65F-4758-A6AB-586535C870A2}" = Windows Live Essentials "{61889FC7-9738-439A-96B3-17AF981BDDEF}" = Movie Maker "{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack "{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX "{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6C955C6B-83AB-402B-8E38-86CFBFB738B1}" = Support Center FAQ "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{741ECBB6-1A0B-42F1-A7BF-76222734A63A}" = Movie Maker "{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer "{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live "{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker "{86CAC8DE-288A-410D-A4A4-0190060E69AE}" = Raccolta foto "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office "{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker "{9914AD8E-C0D6-420D-BEF6-40BF4DEDE3BA}" = User Guide "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent "{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}" = Easy File Share "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch "{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie "{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common "{B6829511-95BB-46FC-9030-957D54B8EFE2}" = Windows Live UX Platform Language Pack "{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform "{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common "{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker "{DC2CB432-D3B9-4F81-8ACB-7775FD5202E5}" = Photo Common "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EBFCBD05-77A3-4FC3-A6D2-27218B61D957}" = Windows Live Essentials "{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package "{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8 "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "Intel AppUp(SM) center 33070" = Intel AppUp(SM) center "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.SingleImage" = Microsoft Office Home and Student 2010 "Plants vs. Zombies" = Plants vs. Zombies "Secunia PSI" = Secunia PSI (3.0.0.7009) "WinLiveSuite" = Windows Live Essentials "Xerox PhotoCafe" = Xerox PhotoCafe [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 28.05.2013 10:18:22 | Computer Name = PC-Malte | Source = Software Protection Platform Service | ID = 8200 Description = Lizenzerwerb-Fehlerdetails. hr=0x80072EE7 Error - 28.05.2013 10:18:22 | Computer Name = PC-Malte | Source = Software Protection Platform Service | ID = 1014 Description = Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7 SKU-ID=9e4b231b-3e45-41f4-967f-c914f178b6ac Error - 28.05.2013 10:18:22 | Computer Name = PC-Malte | Source = Software Protection Platform Service | ID = 8198 Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode: hr=0x80072EE7 Befehlszeilenargumente: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=9e4b231b-3e45-41f4-967f-c914f178b6ac;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 [ System Events ] Error - 31.05.2013 07:48:42 | Computer Name = PC-Malte | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2785220) Error - 31.05.2013 07:48:51 | Computer Name = PC-Malte | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Update für Microsoft Camera Codec Pack unter Windows 8 für x64-basierte Systeme (KB2779444) Error - 31.05.2013 07:48:51 | Computer Name = PC-Malte | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2727528) Error - 31.05.2013 07:50:50 | Computer Name = PC-Malte | Source = Service Control Manager | ID = 7043 Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error - 31.05.2013 08:57:48 | Computer Name = PC-Malte | Source = Service Control Manager | ID = 7022 Description = Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet. Error - 31.05.2013 09:19:21 | Computer Name = PC-Malte | Source = Service Control Manager | ID = 7038 Description = Der Dienst "TrustedInstaller" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error - 31.05.2013 09:19:21 | Computer Name = PC-Malte | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error - 31.05.2013 09:19:21 | Computer Name = PC-Malte | Source = DCOM | ID = 10005 Description = Error - 31.05.2013 09:26:41 | Computer Name = PC-Malte | Source = Service Control Manager | ID = 7022 Description = Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet. Error - 31.05.2013 09:32:53 | Computer Name = PC-Malte | Source = Service Control Manager | ID = 7022 Description = Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet. < End of report > "C:windows/system32/config/system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird." Ich habe den Scan trotzdem durchgeführt. HTML-Code: GMER 2.1.19163 - hxxp://www.gmer.net Rootkit scan 2013-06-02 12:46:40 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003a rev. 0,00MB Running: gmer_2.1.19163.exe; Driver: C:\Users\Malte\AppData\Local\Temp\uwriapoc.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\windows\system32\ntoskrnl.exe!KiCpuId + 988 fffff803016cd41c 1 byte [31] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1232] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1232] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1232] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] .text C:\windows\system32\nvvsvc.exe[1248] C:\windows\system32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\windows\system32\nvvsvc.exe[1248] C:\windows\system32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\windows\system32\nvvsvc.exe[1248] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] .text C:\windows\system32\nvvsvc.exe[1248] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fe7c5f177a 4 bytes [5F, 7C, FE, 07] .text C:\windows\system32\nvvsvc.exe[1248] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fe7c5f1782 4 bytes [5F, 7C, FE, 07] .text C:\windows\Explorer.EXE[2424] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\windows\Explorer.EXE[2424] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\windows\Explorer.EXE[2424] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[644] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[644] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[644] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4204] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4204] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4204] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] .text C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4256] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4256] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[4256] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4268] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4268] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4268] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4268] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007fe70d21b32 4 bytes [D2, 70, FE, 07] .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[4268] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007fe70d21b3a 4 bytes [D2, 70, FE, 07] .text C:\Windows\System32\igfxpers.exe[4420] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fe7c5f177a 4 bytes [5F, 7C, FE, 07] .text C:\Windows\System32\igfxpers.exe[4420] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fe7c5f1782 4 bytes [5F, 7C, FE, 07] .text C:\Program Files\Elantech\ETDCtrl.exe[4472] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\Program Files\Elantech\ETDCtrl.exe[4472] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\Program Files\Elantech\ETDCtrl.exe[4472] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[4644] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe786f1532 4 bytes [6F, 78, FE, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[4644] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe786f153a 4 bytes [6F, 78, FE, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[4644] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe786f165a 4 bytes [6F, 78, FE, 07] ---- Threads - GMER 2.1 ---- Thread C:\windows\system32\csrss.exe [748:772] fffff960008665e8 Thread C:\windows\system32\svchost.exe [476:216] 000007fe6fc610f0 Thread C:\windows\system32\svchost.exe [476:2012] 000007fe6f5d16b0 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior ---- EOF - GMER 2.1 ---- |
|
02.06.2013, 14:18
| #2 |
| /// the machine /// TB-Ausbilder    | Google-Meldung ungewöhnlicher Datenverkehr Hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
02.06.2013, 15:02
| #3 |
| | Google-Meldung ungewöhnlicher Datenverkehr Danke für die schnelle Antwort!
__________________Hier ist das Logfile vom TDSS-Killer: Code:
ATTFilter 15:53:16.0553 4632 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:53:16.0553 4632 UEFI system
15:53:16.0741 4632 ============================================================
15:53:16.0741 4632 Current date / time: 2013/06/02 15:53:16.0741
15:53:16.0741 4632 SystemInfo:
15:53:16.0741 4632
15:53:16.0741 4632 OS Version: 6.2.9200 ServicePack: 0.0
15:53:16.0741 4632 Product type: Workstation
15:53:16.0741 4632 ComputerName: PC-MALTE
15:53:16.0741 4632 UserName: Malte
15:53:16.0741 4632 Windows directory: C:\windows
15:53:16.0741 4632 System windows directory: C:\windows
15:53:16.0741 4632 Running under WOW64
15:53:16.0741 4632 Processor architecture: Intel x64
15:53:16.0741 4632 Number of processors: 4
15:53:16.0741 4632 Page size: 0x1000
15:53:16.0741 4632 Boot type: Normal boot
15:53:16.0741 4632 ============================================================
15:53:17.0975 4632 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:17.0975 4632 ============================================================
15:53:17.0975 4632 \Device\Harddisk0\DR0:
15:53:17.0975 4632 GPT partitions:
15:53:17.0991 4632 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {919EB873-9BA3-4819-924D-2C3A7D841283}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
15:53:17.0991 4632 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B6F82410-D7FB-4937-8E7B-8B04FBF749C8}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
15:53:17.0991 4632 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7CAADF75-4B35-4B9C-905B-1461C6CA43D6}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
15:53:17.0991 4632 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6F9F5CCF-8470-4EDF-9C62-E48075890735}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x36E5D001
15:53:17.0991 4632 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5F6A38EA-1EA3-4B39-87E7-58EC642511AA}, Name: Basic data partition, StartLBA 0x3702D801, BlocksNum 0x3158800
15:53:17.0991 4632 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5609BD37-D034-415A-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A186001, BlocksNum 0x200000
15:53:17.0991 4632 MBR partitions:
15:53:17.0991 4632 ============================================================
15:53:18.0007 4632 C: <-> \Device\Harddisk0\DR0\Partition4
15:53:18.0007 4632 ============================================================
15:53:18.0007 4632 Initialize success
15:53:18.0007 4632 ============================================================
15:53:48.0413 1900 ============================================================
15:53:48.0413 1900 Scan started
15:53:48.0413 1900 Mode: Manual; SigCheck; TDLFS;
15:53:48.0413 1900 ============================================================
15:53:49.0511 1900 ================ Scan system memory ========================
15:53:49.0511 1900 System memory - ok
15:53:49.0511 1900 ================ Scan services =============================
15:53:49.0761 1900 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
15:53:49.0902 1900 1394ohci - ok
15:53:49.0902 1900 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\windows\system32\drivers\3ware.sys
15:53:49.0949 1900 3ware - ok
15:53:49.0996 1900 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\windows\system32\drivers\ACPI.sys
15:53:50.0043 1900 ACPI - ok
15:53:50.0074 1900 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\windows\system32\Drivers\acpiex.sys
15:53:50.0105 1900 acpiex - ok
15:53:50.0121 1900 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
15:53:50.0183 1900 acpipagr - ok
15:53:50.0183 1900 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
15:53:50.0230 1900 AcpiPmi - ok
15:53:50.0230 1900 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\windows\System32\drivers\acpitime.sys
15:53:50.0293 1900 acpitime - ok
15:53:50.0402 1900 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:53:50.0433 1900 AdobeARMservice - ok
15:53:50.0589 1900 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:53:50.0621 1900 AdobeFlashPlayerUpdateSvc - ok
15:53:50.0668 1900 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\windows\system32\drivers\adp94xx.sys
15:53:50.0714 1900 adp94xx - ok
15:53:50.0746 1900 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\windows\system32\drivers\adpahci.sys
15:53:50.0793 1900 adpahci - ok
15:53:50.0808 1900 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\windows\system32\drivers\adpu320.sys
15:53:50.0839 1900 adpu320 - ok
15:53:50.0871 1900 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:53:50.0918 1900 AeLookupSvc - ok
15:53:50.0980 1900 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\windows\system32\drivers\afd.sys
15:53:51.0075 1900 AFD - ok
15:53:51.0106 1900 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\windows\system32\drivers\agp440.sys
15:53:51.0137 1900 agp440 - ok
15:53:51.0168 1900 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\windows\System32\alg.exe
15:53:51.0231 1900 ALG - ok
15:53:51.0262 1900 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
15:53:51.0309 1900 AllUserInstallAgent - ok
15:53:51.0356 1900 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\windows\System32\drivers\amdk8.sys
15:53:51.0418 1900 AmdK8 - ok
15:53:51.0465 1900 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\windows\System32\drivers\amdppm.sys
15:53:51.0543 1900 AmdPPM - ok
15:53:51.0575 1900 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\windows\system32\drivers\amdsata.sys
15:53:51.0606 1900 amdsata - ok
15:53:51.0653 1900 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
15:53:51.0684 1900 amdsbs - ok
15:53:51.0700 1900 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\windows\system32\drivers\amdxata.sys
15:53:51.0731 1900 amdxata - ok
15:53:51.0731 1900 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\windows\system32\drivers\appid.sys
15:53:51.0793 1900 AppID - ok
15:53:51.0825 1900 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:53:51.0871 1900 AppIDSvc - ok
15:53:51.0934 1900 [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\windows\System32\appinfo.dll
15:53:51.0996 1900 Appinfo - ok
15:53:52.0012 1900 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\windows\system32\drivers\arc.sys
15:53:52.0043 1900 arc - ok
15:53:52.0059 1900 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\windows\system32\drivers\arcsas.sys
15:53:52.0090 1900 arcsas - ok
15:53:52.0090 1900 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:53:52.0153 1900 AsyncMac - ok
15:53:52.0168 1900 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\windows\system32\drivers\atapi.sys
15:53:52.0200 1900 atapi - ok
15:53:52.0231 1900 [ 4885C14A6AB6969B5773A42DA0BA3DA4 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
15:53:52.0278 1900 AthBTPort - ok
15:53:52.0325 1900 [ 7CA5397A47843B0BD36898F32F2D403B ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:53:52.0356 1900 AtherosSvc - ok
15:53:52.0465 1900 [ F17ABC4AA1FE4989E812858261414FE5 ] athr C:\windows\system32\DRIVERS\athw8x.sys
15:53:52.0637 1900 athr - ok
15:53:52.0658 1900 [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
15:53:52.0751 1900 AudioEndpointBuilder - ok
15:53:52.0798 1900 [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv C:\windows\System32\Audiosrv.dll
15:53:52.0954 1900 Audiosrv - ok
15:53:53.0235 1900 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
15:53:53.0266 1900 AVP - ok
15:53:53.0313 1900 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\windows\System32\AxInstSV.dll
15:53:53.0376 1900 AxInstSV - ok
15:53:53.0423 1900 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
15:53:53.0485 1900 b06bdrv - ok
15:53:53.0516 1900 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
15:53:53.0563 1900 BasicDisplay - ok
15:53:53.0579 1900 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
15:53:53.0610 1900 BasicRender - ok
15:53:53.0657 1900 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\windows\System32\bdesvc.dll
15:53:53.0735 1900 BDESVC - ok
15:53:53.0751 1900 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\windows\system32\drivers\Beep.sys
15:53:53.0813 1900 Beep - ok
15:53:53.0845 1900 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\windows\System32\bfe.dll
15:53:53.0938 1900 BFE - ok
15:53:54.0016 1900 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\windows\System32\qmgr.dll
15:53:54.0095 1900 BITS - ok
15:53:54.0126 1900 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:53:54.0157 1900 bowser - ok
15:53:54.0188 1900 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
15:53:54.0236 1900 BrokerInfrastructure - ok
15:53:54.0283 1900 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\windows\System32\browser.dll
15:53:54.0345 1900 Browser - ok
15:53:54.0377 1900 [ 942F3F6286056D6BBB5B02ED2B7088BD ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
15:53:54.0408 1900 BTATH_A2DP - ok
15:53:54.0423 1900 [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
15:53:54.0455 1900 btath_avdt - ok
15:53:54.0486 1900 [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS C:\windows\System32\drivers\btath_bus.sys
15:53:54.0502 1900 BTATH_BUS - ok
15:53:54.0517 1900 [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP C:\windows\System32\drivers\btath_hcrp.sys
15:53:54.0548 1900 BTATH_HCRP - ok
15:53:54.0564 1900 [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
15:53:54.0580 1900 BTATH_LWFLT - ok
15:53:54.0611 1900 [ EC7BB341229E9E6B04349580F55218B2 ] BTATH_RCP C:\windows\System32\drivers\btath_rcp.sys
15:53:54.0627 1900 BTATH_RCP - ok
15:53:54.0658 1900 [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
15:53:54.0783 1900 BtFilter - ok
15:53:54.0830 1900 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
15:53:54.0877 1900 BthAvrcpTg - ok
15:53:54.0923 1900 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\windows\System32\drivers\BthEnum.sys
15:53:55.0002 1900 BthEnum - ok
15:53:55.0048 1900 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
15:53:55.0111 1900 BthHFEnum - ok
15:53:55.0142 1900 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
15:53:55.0220 1900 bthhfhid - ok
15:53:55.0252 1900 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys
15:53:55.0345 1900 BthLEEnum - ok
15:53:55.0345 1900 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
15:53:55.0423 1900 BTHMODEM - ok
15:53:55.0439 1900 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
15:53:55.0486 1900 BthPan - ok
15:53:55.0564 1900 [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
15:53:55.0658 1900 BTHPORT - ok
15:53:55.0689 1900 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\windows\system32\bthserv.dll
15:53:55.0752 1900 bthserv - ok
15:53:55.0783 1900 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
15:53:55.0830 1900 BTHUSB - ok
15:53:55.0861 1900 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:53:55.0908 1900 cdfs - ok
15:53:55.0923 1900 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\windows\System32\drivers\cdrom.sys
15:53:55.0970 1900 cdrom - ok
15:53:56.0002 1900 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\windows\System32\certprop.dll
15:53:56.0064 1900 CertPropSvc - ok
15:53:56.0095 1900 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\windows\System32\drivers\circlass.sys
15:53:56.0173 1900 circlass - ok
15:53:56.0205 1900 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\windows\system32\drivers\CLFS.sys
15:53:56.0314 1900 CLFS - ok
15:53:56.0377 1900 [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys
15:53:56.0392 1900 CLVirtualDrive - ok
15:53:56.0439 1900 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\windows\System32\drivers\CmBatt.sys
15:53:56.0470 1900 CmBatt - ok
15:53:56.0533 1900 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\windows\system32\Drivers\cng.sys
15:53:56.0595 1900 CNG - ok
15:53:56.0627 1900 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
15:53:56.0720 1900 CompositeBus - ok
15:53:56.0720 1900 COMSysApp - ok
15:53:56.0752 1900 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\windows\system32\drivers\condrv.sys
15:53:56.0814 1900 condrv - ok
15:53:56.0908 1900 [ C6D620A69098AB17EBD5C0CAADA1D7DC ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
15:53:56.0939 1900 cphs - ok
15:53:56.0971 1900 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\windows\system32\cryptsvc.dll
15:53:57.0017 1900 CryptSvc - ok
15:53:57.0049 1900 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\windows\system32\drivers\dam.sys
15:53:57.0096 1900 dam - ok
15:53:57.0158 1900 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\windows\system32\rpcss.dll
15:53:57.0221 1900 DcomLaunch - ok
15:53:57.0283 1900 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\windows\System32\defragsvc.dll
15:53:57.0361 1900 defragsvc - ok
15:53:57.0392 1900 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
15:53:57.0455 1900 DeviceAssociationService - ok
15:53:57.0502 1900 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
15:53:57.0533 1900 DeviceInstall - ok
15:53:57.0596 1900 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
15:53:57.0642 1900 Dfsc - ok
15:53:57.0689 1900 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\windows\system32\dhcpcore.dll
15:53:57.0830 1900 Dhcp - ok
15:53:57.0861 1900 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\windows\system32\drivers\discache.sys
15:53:57.0908 1900 discache - ok
15:53:57.0924 1900 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\windows\system32\drivers\disk.sys
15:53:57.0955 1900 disk - ok
15:53:57.0971 1900 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\windows\System32\drivers\dmvsc.sys
15:53:58.0017 1900 dmvsc - ok
15:53:58.0064 1900 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:53:58.0158 1900 Dnscache - ok
15:53:58.0205 1900 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\windows\System32\dot3svc.dll
15:53:58.0299 1900 dot3svc - ok
15:53:58.0299 1900 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\windows\system32\dps.dll
15:53:58.0361 1900 DPS - ok
15:53:58.0408 1900 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:53:58.0455 1900 drmkaud - ok
15:53:58.0486 1900 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
15:53:58.0533 1900 DsmSvc - ok
15:53:58.0628 1900 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:53:58.0769 1900 DXGKrnl - ok
15:53:58.0800 1900 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\windows\System32\eapsvc.dll
15:53:58.0894 1900 Eaphost - ok
15:53:59.0019 1900 [ 843E8B2127D7283845E29E6176C15887 ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
15:53:59.0112 1900 Easy Launcher - ok
15:53:59.0362 1900 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\windows\system32\drivers\evbda.sys
15:53:59.0675 1900 ebdrv - ok
15:53:59.0706 1900 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\windows\System32\lsass.exe
15:53:59.0753 1900 EFS - ok
15:53:59.0784 1900 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
15:53:59.0816 1900 EhStorClass - ok
15:53:59.0831 1900 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
15:53:59.0862 1900 EhStorTcgDrv - ok
15:53:59.0894 1900 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\windows\System32\drivers\errdev.sys
15:53:59.0925 1900 ErrDev - ok
15:53:59.0956 1900 [ 6073E00157E6D99FC8D0D0CC8EF61DF9 ] ETD C:\windows\system32\DRIVERS\ETD.sys
15:53:59.0987 1900 ETD - ok
15:54:00.0050 1900 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\windows\system32\es.dll
15:54:00.0097 1900 EventSystem - ok
15:54:00.0128 1900 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\windows\system32\drivers\exfat.sys
15:54:00.0206 1900 exfat - ok
15:54:00.0222 1900 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\windows\system32\drivers\fastfat.sys
15:54:00.0269 1900 fastfat - ok
15:54:00.0316 1900 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\windows\system32\fxssvc.exe
15:54:00.0362 1900 Fax - ok
15:54:00.0362 1900 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\windows\System32\drivers\fdc.sys
15:54:00.0409 1900 fdc - ok
15:54:00.0441 1900 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\windows\system32\fdPHost.dll
15:54:00.0503 1900 fdPHost - ok
15:54:00.0534 1900 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\windows\system32\fdrespub.dll
15:54:00.0581 1900 FDResPub - ok
15:54:00.0612 1900 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\windows\system32\fhsvc.dll
15:54:00.0691 1900 fhsvc - ok
15:54:00.0706 1900 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:54:00.0737 1900 FileInfo - ok
15:54:00.0769 1900 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:54:00.0831 1900 Filetrace - ok
15:54:00.0862 1900 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\windows\System32\drivers\flpydisk.sys
15:54:00.0909 1900 flpydisk - ok
15:54:00.0925 1900 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:54:00.0972 1900 FltMgr - ok
15:54:01.0034 1900 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\windows\system32\FntCache.dll
15:54:01.0144 1900 FontCache - ok
15:54:01.0284 1900 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:54:01.0316 1900 FontCache3.0.0.0 - ok
15:54:01.0347 1900 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:54:01.0378 1900 FsDepends - ok
15:54:01.0409 1900 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:54:01.0441 1900 Fs_Rec - ok
15:54:01.0472 1900 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:54:01.0534 1900 fvevol - ok
15:54:01.0566 1900 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\windows\System32\drivers\fxppm.sys
15:54:01.0612 1900 FxPPM - ok
15:54:01.0644 1900 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
15:54:01.0675 1900 gagp30kx - ok
15:54:01.0706 1900 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
15:54:01.0753 1900 gencounter - ok
15:54:01.0816 1900 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
15:54:01.0847 1900 GPIOClx0101 - ok
15:54:01.0909 1900 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\windows\System32\gpsvc.dll
15:54:02.0003 1900 gpsvc - ok
15:54:02.0050 1900 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:54:02.0113 1900 HdAudAddService - ok
15:54:02.0144 1900 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
15:54:02.0191 1900 HDAudBus - ok
15:54:02.0206 1900 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\windows\System32\drivers\HidBatt.sys
15:54:02.0269 1900 HidBatt - ok
15:54:02.0316 1900 [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\windows\System32\drivers\hidbth.sys
15:54:02.0425 1900 HidBth - ok
15:54:02.0441 1900 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
15:54:02.0488 1900 hidi2c - ok
15:54:02.0534 1900 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\windows\System32\drivers\hidir.sys
15:54:02.0581 1900 HidIr - ok
15:54:02.0628 1900 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\windows\system32\hidserv.dll
15:54:02.0722 1900 hidserv - ok
15:54:02.0753 1900 [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb C:\windows\System32\drivers\hidusb.sys
15:54:02.0831 1900 HidUsb - ok
15:54:02.0894 1900 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\windows\system32\kmsvc.dll
15:54:02.0941 1900 hkmsvc - ok
15:54:02.0988 1900 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:54:03.0081 1900 HomeGroupListener - ok
15:54:03.0128 1900 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:54:03.0191 1900 HomeGroupProvider - ok
15:54:03.0222 1900 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:54:03.0253 1900 HpSAMD - ok
15:54:03.0300 1900 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\windows\system32\drivers\HTTP.sys
15:54:03.0394 1900 HTTP - ok
15:54:03.0425 1900 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:54:03.0456 1900 hwpolicy - ok
15:54:03.0472 1900 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
15:54:03.0550 1900 hyperkbd - ok
15:54:03.0566 1900 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
15:54:03.0613 1900 HyperVideo - ok
15:54:03.0628 1900 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\windows\System32\drivers\i8042prt.sys
15:54:03.0706 1900 i8042prt - ok
15:54:03.0753 1900 [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA C:\windows\system32\drivers\iaStorA.sys
15:54:03.0800 1900 iaStorA - ok
15:54:03.0831 1900 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:54:03.0878 1900 iaStorV - ok
15:54:04.0161 1900 [ 11A31FC2481BFE69B0507ED8C80215F4 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
15:54:04.0552 1900 igfx - ok
15:54:04.0599 1900 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\windows\system32\drivers\iirsp.sys
15:54:04.0614 1900 iirsp - ok
15:54:04.0693 1900 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\windows\System32\ikeext.dll
15:54:04.0786 1900 IKEEXT - ok
15:54:04.0927 1900 [ 8524178B895E4BC04776B319DA3A70EC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:54:05.0146 1900 IntcAzAudAddService - ok
15:54:05.0208 1900 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
15:54:05.0255 1900 IntcDAud - ok
15:54:05.0365 1900 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:54:05.0411 1900 Intel(R) Capability Licensing Service Interface - ok
15:54:05.0474 1900 [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
15:54:05.0490 1900 Intel(R) ME Service - ok
15:54:05.0505 1900 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\windows\system32\drivers\intelide.sys
15:54:05.0536 1900 intelide - ok
15:54:05.0568 1900 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\windows\System32\drivers\intelppm.sys
15:54:05.0646 1900 intelppm - ok
15:54:05.0693 1900 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:54:05.0755 1900 IpFilterDriver - ok
15:54:05.0880 1900 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:54:05.0958 1900 iphlpsvc - ok
15:54:05.0974 1900 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
15:54:06.0021 1900 IPMIDRV - ok
15:54:06.0068 1900 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:54:06.0115 1900 IPNAT - ok
15:54:06.0130 1900 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\windows\system32\drivers\irenum.sys
15:54:06.0161 1900 IRENUM - ok
15:54:06.0177 1900 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:54:06.0208 1900 isapnp - ok
15:54:06.0240 1900 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
15:54:06.0302 1900 iScsiPrt - ok
15:54:06.0349 1900 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:54:06.0365 1900 jhi_service - ok
15:54:06.0396 1900 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
15:54:06.0427 1900 kbdclass - ok
15:54:06.0458 1900 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\windows\System32\drivers\kbdhid.sys
15:54:06.0505 1900 kbdhid - ok
15:54:06.0521 1900 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
15:54:06.0552 1900 kdnic - ok
15:54:06.0568 1900 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\windows\system32\lsass.exe
15:54:06.0599 1900 KeyIso - ok
15:54:06.0661 1900 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\windows\system32\DRIVERS\kl1.sys
15:54:06.0693 1900 kl1 - ok
15:54:06.0740 1900 [ F2EB9202FCCC81E0902D3C5A70037A44 ] klelam C:\windows\system32\DRIVERS\klelam.sys
15:54:06.0771 1900 klelam - ok
15:54:06.0833 1900 [ 1C1C504316F52184D2E6272F143035A3 ] KLIF C:\windows\system32\DRIVERS\klif.sys
15:54:06.0896 1900 KLIF - ok
15:54:06.0927 1900 [ 1B5B924D27399F41DECD1CC6D706429F ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
15:54:06.0943 1900 KLIM6 - ok
15:54:06.0974 1900 [ A0B1AE842D7C7F2FDF530A7049CB988D ] klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys
15:54:06.0990 1900 klkbdflt - ok
15:54:07.0021 1900 [ A8FFD74947077D8BD9A80936EC24514D ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
15:54:07.0036 1900 klmouflt - ok
15:54:07.0099 1900 [ 781EFBB7BDE229C1615892E2A2D98721 ] klwfp C:\windows\system32\DRIVERS\klwfp.sys
15:54:07.0130 1900 klwfp - ok
15:54:07.0162 1900 [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps C:\windows\system32\DRIVERS\kneps.sys
15:54:07.0193 1900 kneps - ok
15:54:07.0208 1900 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:54:07.0255 1900 KSecDD - ok
15:54:07.0287 1900 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:54:07.0318 1900 KSecPkg - ok
15:54:07.0380 1900 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
15:54:07.0412 1900 ksthunk - ok
15:54:07.0443 1900 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\windows\system32\msdtckrm.dll
15:54:07.0505 1900 KtmRm - ok
15:54:07.0541 1900 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\windows\system32\srvsvc.dll
15:54:07.0587 1900 LanmanServer - ok
15:54:07.0618 1900 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:54:07.0665 1900 LanmanWorkstation - ok
15:54:07.0680 1900 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:54:07.0727 1900 lltdio - ok
15:54:07.0758 1900 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\windows\System32\lltdsvc.dll
15:54:07.0821 1900 lltdsvc - ok
15:54:07.0852 1900 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\windows\System32\lmhsvc.dll
15:54:07.0883 1900 lmhosts - ok
15:54:07.0946 1900 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:54:07.0977 1900 LMS - ok
15:54:08.0008 1900 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
15:54:08.0040 1900 LSI_SAS - ok
15:54:08.0055 1900 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
15:54:08.0087 1900 LSI_SAS2 - ok
15:54:08.0087 1900 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
15:54:08.0133 1900 LSI_SCSI - ok
15:54:08.0149 1900 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
15:54:08.0180 1900 LSI_SSS - ok
15:54:08.0212 1900 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\windows\System32\lsm.dll
15:54:08.0274 1900 LSM - ok
15:54:08.0290 1900 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\windows\system32\drivers\luafv.sys
15:54:08.0352 1900 luafv - ok
15:54:08.0368 1900 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\windows\system32\drivers\megasas.sys
15:54:08.0399 1900 megasas - ok
15:54:08.0415 1900 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
15:54:08.0462 1900 MegaSR - ok
15:54:08.0493 1900 [ 2BB3EAE2EA641515D4B205CAB29E1624 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys
15:54:08.0524 1900 MEIx64 - ok
15:54:08.0555 1900 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\windows\system32\mmcss.dll
15:54:08.0602 1900 MMCSS - ok
15:54:08.0602 1900 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\windows\system32\drivers\modem.sys
15:54:08.0649 1900 Modem - ok
15:54:08.0680 1900 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\windows\System32\drivers\monitor.sys
15:54:08.0727 1900 monitor - ok
15:54:08.0727 1900 [ 618446B98C79776654340CE27C73485E ] mouclass C:\windows\System32\drivers\mouclass.sys
15:54:08.0758 1900 mouclass - ok
15:54:08.0790 1900 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\windows\System32\drivers\mouhid.sys
15:54:08.0852 1900 mouhid - ok
15:54:08.0899 1900 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:54:08.0915 1900 mountmgr - ok
15:54:08.0962 1900 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:54:08.0977 1900 MozillaMaintenance - ok
15:54:09.0071 1900 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:54:09.0180 1900 mpsdrv - ok
15:54:09.0243 1900 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\windows\system32\mpssvc.dll
15:54:09.0337 1900 MpsSvc - ok
15:54:09.0384 1900 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:54:09.0430 1900 MRxDAV - ok
15:54:09.0477 1900 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:54:09.0524 1900 mrxsmb - ok
15:54:09.0587 1900 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:54:09.0618 1900 mrxsmb10 - ok
15:54:09.0649 1900 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:54:09.0696 1900 mrxsmb20 - ok
15:54:09.0727 1900 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
15:54:09.0790 1900 MsBridge - ok
15:54:09.0805 1900 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\windows\System32\msdtc.exe
15:54:09.0852 1900 MSDTC - ok
15:54:09.0868 1900 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\windows\system32\drivers\Msfs.sys
15:54:09.0899 1900 Msfs - ok
15:54:09.0930 1900 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
15:54:09.0977 1900 msgpiowin32 - ok
15:54:09.0993 1900 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:54:10.0024 1900 mshidkmdf - ok
15:54:10.0040 1900 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
15:54:10.0087 1900 mshidumdf - ok
15:54:10.0118 1900 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:54:10.0149 1900 msisadrv - ok
15:54:10.0196 1900 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:54:10.0227 1900 MSiSCSI - ok
15:54:10.0243 1900 msiserver - ok
15:54:10.0259 1900 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:54:10.0305 1900 MSKSSRV - ok
15:54:10.0305 1900 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
15:54:10.0337 1900 MsLldp - ok
15:54:10.0352 1900 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:54:10.0399 1900 MSPCLOCK - ok
15:54:10.0399 1900 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:54:10.0446 1900 MSPQM - ok
15:54:10.0477 1900 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:54:10.0524 1900 MsRPC - ok
15:54:10.0571 1900 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\windows\System32\drivers\mssmbios.sys
15:54:10.0587 1900 mssmbios - ok
15:54:10.0618 1900 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:54:10.0649 1900 MSTEE - ok
15:54:10.0665 1900 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\windows\System32\drivers\MTConfig.sys
15:54:10.0696 1900 MTConfig - ok
15:54:10.0712 1900 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\windows\system32\Drivers\mup.sys
15:54:10.0743 1900 Mup - ok
15:54:10.0759 1900 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\windows\system32\drivers\mvumis.sys
15:54:10.0774 1900 mvumis - ok
15:54:10.0837 1900 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\windows\system32\qagentRT.dll
15:54:10.0962 1900 napagent - ok
15:54:10.0993 1900 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:54:11.0055 1900 NativeWifiP - ok
15:54:11.0087 1900 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\windows\System32\ncasvc.dll
15:54:11.0149 1900 NcaSvc - ok
15:54:11.0165 1900 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
15:54:11.0227 1900 NcdAutoSetup - ok
15:54:11.0295 1900 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\windows\system32\drivers\ndis.sys
15:54:11.0388 1900 NDIS - ok
15:54:11.0420 1900 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:54:11.0466 1900 NdisCap - ok
15:54:11.0482 1900 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
15:54:11.0529 1900 NdisImPlatform - ok
15:54:11.0560 1900 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:54:11.0591 1900 NdisTapi - ok
15:54:11.0623 1900 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:54:11.0654 1900 Ndisuio - ok
15:54:11.0654 1900 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:54:11.0716 1900 NdisWan - ok
15:54:11.0716 1900 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
15:54:11.0763 1900 NDISWANLEGACY - ok
15:54:11.0810 1900 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:54:11.0888 1900 NDProxy - ok
15:54:11.0904 1900 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\windows\system32\drivers\Ndu.sys
15:54:11.0951 1900 Ndu - ok
15:54:11.0982 1900 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:54:12.0091 1900 NetBIOS - ok
15:54:12.0107 1900 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:54:12.0138 1900 NetBT - ok
15:54:12.0170 1900 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\windows\system32\lsass.exe
15:54:12.0201 1900 Netlogon - ok
15:54:12.0248 1900 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\windows\System32\netman.dll
15:54:12.0295 1900 Netman - ok
15:54:12.0341 1900 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\windows\System32\netprofmsvc.dll
15:54:12.0498 1900 netprofm - ok
15:54:12.0560 1900 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:12.0591 1900 NetTcpPortSharing - ok
15:54:12.0623 1900 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
15:54:12.0654 1900 nfrd960 - ok
15:54:12.0685 1900 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\windows\System32\nlasvc.dll
15:54:12.0732 1900 NlaSvc - ok
15:54:12.0795 1900 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\windows\system32\drivers\Npfs.sys
15:54:12.0841 1900 Npfs - ok
15:54:12.0857 1900 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
15:54:12.0920 1900 npsvctrig - ok
15:54:12.0951 1900 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\windows\system32\nsisvc.dll
15:54:12.0998 1900 nsi - ok
15:54:13.0029 1900 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:54:13.0060 1900 nsiproxy - ok
15:54:13.0154 1900 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:54:13.0295 1900 Ntfs - ok
15:54:13.0326 1900 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\windows\system32\drivers\Null.sys
15:54:13.0357 1900 Null - ok
15:54:13.0717 1900 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
15:54:14.0420 1900 nvlddmkm - ok
15:54:14.0467 1900 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
15:54:14.0482 1900 nvpciflt - ok
15:54:14.0545 1900 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\windows\system32\drivers\nvraid.sys
15:54:14.0576 1900 nvraid - ok
15:54:14.0592 1900 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\windows\system32\drivers\nvstor.sys
15:54:14.0623 1900 nvstor - ok
15:54:14.0670 1900 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\windows\system32\nvvsvc.exe
15:54:14.0732 1900 nvsvc - ok
15:54:14.0795 1900 [ 249357999355A998AA94A3673C3367EB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:54:14.0857 1900 nvUpdatusService - ok
15:54:14.0889 1900 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:54:14.0920 1900 nv_agp - ok
15:54:15.0029 1900 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:54:15.0060 1900 ose - ok
15:54:15.0217 1900 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:54:15.0498 1900 osppsvc - ok
15:54:15.0560 1900 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:54:15.0592 1900 p2pimsvc - ok
15:54:15.0623 1900 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\windows\system32\p2psvc.dll
15:54:15.0670 1900 p2psvc - ok
15:54:15.0701 1900 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\windows\System32\drivers\parport.sys
15:54:15.0732 1900 Parport - ok
15:54:15.0779 1900 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\windows\system32\drivers\partmgr.sys
15:54:15.0810 1900 partmgr - ok
15:54:15.0857 1900 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\windows\System32\pcasvc.dll
15:54:15.0904 1900 PcaSvc - ok
15:54:15.0935 1900 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\windows\system32\drivers\pci.sys
15:54:15.0982 1900 pci - ok
15:54:15.0998 1900 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\windows\system32\drivers\pciide.sys
15:54:16.0029 1900 pciide - ok
15:54:16.0045 1900 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
15:54:16.0092 1900 pcmcia - ok
15:54:16.0092 1900 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\windows\system32\drivers\pcw.sys
15:54:16.0123 1900 pcw - ok
15:54:16.0154 1900 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\windows\system32\drivers\pdc.sys
15:54:16.0185 1900 pdc - ok
15:54:16.0232 1900 [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:54:16.0389 1900 PEAUTH - ok
15:54:16.0483 1900 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\windows\SysWow64\perfhost.exe
15:54:16.0530 1900 PerfHost - ok
15:54:16.0608 1900 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\windows\system32\pla.dll
15:54:16.0702 1900 pla - ok
15:54:16.0733 1900 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:54:16.0765 1900 PlugPlay - ok
15:54:16.0874 1900 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:54:16.0905 1900 PNRPAutoReg - ok
15:54:16.0937 1900 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:54:16.0983 1900 PNRPsvc - ok
15:54:17.0015 1900 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:54:17.0093 1900 PolicyAgent - ok
15:54:17.0124 1900 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\windows\system32\umpo.dll
15:54:17.0171 1900 Power - ok
15:54:17.0187 1900 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:54:17.0249 1900 PptpMiniport - ok
15:54:17.0452 1900 [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
15:54:17.0593 1900 PrintNotify - ok
15:54:17.0624 1900 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\windows\System32\drivers\processr.sys
15:54:17.0749 1900 Processor - ok
15:54:17.0796 1900 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\windows\system32\profsvc.dll
15:54:17.0843 1900 ProfSvc - ok
15:54:17.0874 1900 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:54:17.0921 1900 Psched - ok
15:54:17.0952 1900 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI C:\windows\system32\DRIVERS\psi_mf_amd64.sys
15:54:17.0968 1900 PSI - ok
15:54:18.0015 1900 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\windows\system32\qwave.dll
15:54:18.0140 1900 QWAVE - ok
15:54:18.0171 1900 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:54:18.0218 1900 QWAVEdrv - ok
15:54:18.0280 1900 [ 194ED3C117525613E701FF257882303E ] RadioHIDMini C:\windows\System32\drivers\RadioHIDMini.sys
15:54:18.0296 1900 RadioHIDMini - ok
15:54:18.0327 1900 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:54:18.0374 1900 RasAcd - ok
15:54:18.0405 1900 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:54:18.0452 1900 RasAgileVpn - ok
15:54:18.0484 1900 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\windows\System32\rasauto.dll
15:54:18.0609 1900 RasAuto - ok
15:54:18.0640 1900 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:54:18.0702 1900 Rasl2tp - ok
15:54:18.0718 1900 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\windows\System32\rasmans.dll
15:54:18.0796 1900 RasMan - ok
15:54:18.0796 1900 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:54:18.0843 1900 RasPppoe - ok
15:54:18.0859 1900 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:54:18.0905 1900 RasSstp - ok
15:54:18.0937 1900 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:54:18.0984 1900 rdbss - ok
15:54:18.0999 1900 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
15:54:19.0046 1900 rdpbus - ok
15:54:19.0046 1900 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
15:54:19.0124 1900 RDPDR - ok
15:54:19.0155 1900 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
15:54:19.0202 1900 RdpVideoMiniport - ok
15:54:19.0234 1900 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:54:19.0280 1900 RDPWD - ok
15:54:19.0296 1900 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:54:19.0327 1900 rdyboost - ok
15:54:19.0359 1900 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\windows\System32\mprdim.dll
15:54:19.0421 1900 RemoteAccess - ok
15:54:19.0499 1900 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\windows\system32\regsvc.dll
15:54:19.0562 1900 RemoteRegistry - ok
15:54:19.0593 1900 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
15:54:19.0718 1900 RFCOMM - ok
15:54:19.0765 1900 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:54:19.0796 1900 RpcEptMapper - ok
15:54:19.0827 1900 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\windows\system32\locator.exe
15:54:19.0874 1900 RpcLocator - ok
15:54:19.0921 1900 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\windows\system32\rpcss.dll
15:54:19.0968 1900 RpcSs - ok
15:54:19.0999 1900 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:54:20.0062 1900 rspndr - ok
15:54:20.0109 1900 [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
15:54:20.0218 1900 RTL8168 - ok
15:54:20.0265 1900 [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport C:\windows\SysWOW64\drivers\rtport.sys
15:54:20.0296 1900 rtport - ok
15:54:20.0343 1900 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\windows\System32\drivers\vms3cap.sys
15:54:20.0390 1900 s3cap - ok
15:54:20.0421 1900 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\windows\system32\lsass.exe
15:54:20.0452 1900 SamSs - ok
15:54:20.0546 1900 SBIOSIO - ok
15:54:20.0640 1900 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:54:20.0671 1900 sbp2port - ok
15:54:20.0702 1900 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\windows\System32\SCardSvr.dll
15:54:20.0749 1900 SCardSvr - ok
15:54:20.0781 1900 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:54:20.0827 1900 scfilter - ok
15:54:20.0890 1900 [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\windows\system32\schedsvc.dll
15:54:20.0999 1900 Schedule - ok
15:54:21.0046 1900 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\windows\System32\certprop.dll
15:54:21.0093 1900 SCPolicySvc - ok
15:54:21.0140 1900 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\windows\System32\drivers\sdbus.sys
15:54:21.0202 1900 sdbus - ok
15:54:21.0265 1900 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\windows\System32\SDRSVC.dll
15:54:21.0343 1900 SDRSVC - ok
15:54:21.0390 1900 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\windows\System32\drivers\sdstor.sys
15:54:21.0437 1900 sdstor - ok
15:54:21.0453 1900 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
15:54:21.0484 1900 secdrv - ok
15:54:21.0499 1900 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\windows\system32\seclogon.dll
15:54:21.0562 1900 seclogon - ok
15:54:21.0687 1900 [ 86C9FD4982D0BEAEDF0C8BBF02AA148B ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
15:54:21.0765 1900 Secunia PSI Agent - ok
15:54:21.0828 1900 [ 808E07BBD5C68BEB844F46F164F8509E ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
15:54:21.0874 1900 Secunia Update Agent - ok
15:54:21.0921 1900 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\windows\System32\sens.dll
15:54:21.0968 1900 SENS - ok
15:54:21.0984 1900 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\windows\system32\sensrsvc.dll
15:54:22.0015 1900 SensrSvc - ok
15:54:22.0046 1900 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\windows\system32\drivers\SerCx.sys
15:54:22.0093 1900 SerCx - ok
15:54:22.0093 1900 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\windows\System32\drivers\serenum.sys
15:54:22.0140 1900 Serenum - ok
15:54:22.0156 1900 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\windows\System32\drivers\serial.sys
15:54:22.0187 1900 Serial - ok
15:54:22.0203 1900 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\windows\System32\drivers\sermouse.sys
15:54:22.0234 1900 sermouse - ok
15:54:22.0281 1900 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\windows\system32\sessenv.dll
15:54:22.0312 1900 SessionEnv - ok
15:54:22.0328 1900 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\windows\System32\drivers\sfloppy.sys
15:54:22.0359 1900 sfloppy - ok
15:54:22.0421 1900 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\windows\System32\ipnathlp.dll
15:54:22.0515 1900 SharedAccess - ok
15:54:22.0578 1900 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:54:22.0656 1900 ShellHWDetection - ok
15:54:22.0687 1900 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
15:54:22.0718 1900 SiSRaid2 - ok
15:54:22.0734 1900 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
15:54:22.0765 1900 SiSRaid4 - ok
15:54:22.0796 1900 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:54:22.0843 1900 SNMPTRAP - ok
15:54:22.0890 1900 [ 872E937681910E2456A054331C7D5A18 ] spaceport C:\windows\system32\drivers\spaceport.sys
15:54:22.0937 1900 spaceport - ok
15:54:22.0953 1900 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\windows\system32\drivers\SpbCx.sys
15:54:23.0000 1900 SpbCx - ok
15:54:23.0062 1900 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\windows\System32\spoolsv.exe
15:54:23.0125 1900 Spooler - ok
15:54:23.0265 1900 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\windows\system32\sppsvc.exe
15:54:23.0500 1900 sppsvc - ok
15:54:23.0531 1900 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\windows\system32\DRIVERS\srv.sys
15:54:23.0593 1900 srv - ok
15:54:23.0671 1900 [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:54:23.0734 1900 srv2 - ok
15:54:23.0750 1900 [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:54:23.0781 1900 srvnet - ok
15:54:23.0828 1900 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:54:23.0875 1900 SSDPSRV - ok
15:54:23.0890 1900 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\windows\system32\sstpsvc.dll
15:54:23.0937 1900 SstpSvc - ok
15:54:23.0968 1900 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\windows\system32\drivers\stexstor.sys
15:54:24.0000 1900 stexstor - ok
15:54:24.0046 1900 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\windows\System32\wiaservc.dll
15:54:24.0109 1900 stisvc - ok
15:54:24.0140 1900 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\windows\system32\drivers\storahci.sys
15:54:24.0187 1900 storahci - ok
15:54:24.0218 1900 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
15:54:24.0234 1900 storflt - ok
15:54:24.0265 1900 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\windows\system32\storsvc.dll
15:54:24.0312 1900 StorSvc - ok
15:54:24.0390 1900 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\windows\system32\drivers\storvsc.sys
15:54:24.0406 1900 storvsc - ok
15:54:24.0437 1900 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\windows\system32\svsvc.dll
15:54:24.0500 1900 svsvc - ok
15:54:24.0531 1900 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\windows\System32\drivers\swenum.sys
15:54:24.0562 1900 swenum - ok
15:54:24.0593 1900 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\windows\System32\swprv.dll
15:54:24.0703 1900 swprv - ok
15:54:24.0812 1900 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\windows\system32\sysmain.dll
15:54:24.0906 1900 SysMain - ok
15:54:24.0968 1900 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
15:54:25.0015 1900 SystemEventsBroker - ok
15:54:25.0046 1900 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
15:54:25.0093 1900 TabletInputService - ok
15:54:25.0125 1900 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\windows\System32\tapisrv.dll
15:54:25.0187 1900 TapiSrv - ok
15:54:25.0281 1900 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:54:25.0437 1900 Tcpip - ok
15:54:25.0500 1900 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:54:25.0640 1900 TCPIP6 - ok
15:54:25.0687 1900 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:54:25.0718 1900 tcpipreg - ok
15:54:25.0734 1900 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:54:25.0765 1900 tdx - ok
15:54:25.0797 1900 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\windows\System32\drivers\terminpt.sys
15:54:25.0828 1900 terminpt - ok
15:54:25.0875 1900 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\windows\System32\termsrv.dll
15:54:25.0953 1900 TermService - ok
15:54:25.0968 1900 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\windows\system32\themeservice.dll
15:54:26.0015 1900 Themes - ok
15:54:26.0047 1900 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\windows\system32\mmcss.dll
15:54:26.0078 1900 THREADORDER - ok
15:54:26.0125 1900 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
15:54:26.0187 1900 TimeBroker - ok
15:54:26.0218 1900 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\windows\system32\drivers\tpm.sys
15:54:26.0328 1900 TPM - ok
15:54:26.0359 1900 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\windows\System32\trkwks.dll
15:54:26.0390 1900 TrkWks - ok
15:54:26.0453 1900 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:54:26.0469 1900 TrustedInstaller - ok
15:54:26.0515 1900 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:54:26.0531 1900 TsUsbFlt - ok
15:54:26.0547 1900 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
15:54:26.0578 1900 TsUsbGD - ok
15:54:26.0594 1900 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:54:26.0656 1900 tunnel - ok
15:54:26.0656 1900 TVICPORT - ok
15:54:26.0687 1900 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\windows\system32\drivers\uagp35.sys
15:54:26.0719 1900 uagp35 - ok
15:54:26.0719 1900 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\windows\System32\drivers\uaspstor.sys
15:54:26.0750 1900 UASPStor - ok
15:54:26.0797 1900 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
15:54:26.0828 1900 UCX01000 - ok
15:54:26.0859 1900 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:54:26.0922 1900 udfs - ok
15:54:26.0969 1900 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\windows\system32\UI0Detect.exe
15:54:27.0015 1900 UI0Detect - ok
15:54:27.0015 1900 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:54:27.0062 1900 uliagpkx - ok
15:54:27.0078 1900 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\windows\System32\drivers\umbus.sys
15:54:27.0125 1900 umbus - ok
15:54:27.0140 1900 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\windows\System32\drivers\umpass.sys
15:54:27.0156 1900 UmPass - ok
15:54:27.0203 1900 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\windows\System32\umrdp.dll
15:54:27.0265 1900 UmRdpService - ok
15:54:27.0359 1900 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:54:27.0390 1900 UNS - ok
15:54:27.0469 1900 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\windows\System32\upnphost.dll
15:54:27.0531 1900 upnphost - ok
15:54:27.0578 1900 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\windows\System32\drivers\usbccgp.sys
15:54:27.0625 1900 usbccgp - ok
15:54:27.0656 1900 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\windows\System32\drivers\usbcir.sys
15:54:27.0766 1900 usbcir - ok
15:54:27.0797 1900 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\windows\System32\drivers\usbehci.sys
15:54:27.0828 1900 usbehci - ok
15:54:27.0875 1900 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\windows\System32\drivers\usbhub.sys
15:54:27.0953 1900 usbhub - ok
15:54:27.0984 1900 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
15:54:28.0062 1900 USBHUB3 - ok
15:54:28.0078 1900 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\windows\System32\drivers\usbohci.sys
15:54:28.0141 1900 usbohci - ok
15:54:28.0281 1900 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\windows\System32\drivers\usbprint.sys
15:54:28.0328 1900 usbprint - ok
15:54:28.0328 1900 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
15:54:28.0359 1900 USBSTOR - ok
15:54:28.0391 1900 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\windows\System32\drivers\usbuhci.sys
15:54:28.0484 1900 usbuhci - ok
15:54:28.0500 1900 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
15:54:28.0547 1900 usbvideo - ok
15:54:28.0594 1900 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
15:54:28.0656 1900 USBXHCI - ok
15:54:28.0687 1900 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\windows\system32\lsass.exe
15:54:28.0703 1900 VaultSvc - ok
15:54:28.0750 1900 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:54:28.0766 1900 vdrvroot - ok
15:54:28.0844 1900 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\windows\System32\vds.exe
15:54:28.0937 1900 vds - ok
15:54:28.0937 1900 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
15:54:28.0969 1900 VerifierExt - ok
15:54:29.0000 1900 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\windows\System32\drivers\vhdmp.sys
15:54:29.0079 1900 vhdmp - ok
15:54:29.0095 1900 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\windows\system32\drivers\viaide.sys
15:54:29.0126 1900 viaide - ok
15:54:29.0142 1900 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\windows\system32\drivers\vmbus.sys
15:54:29.0173 1900 vmbus - ok
15:54:29.0173 1900 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
15:54:29.0204 1900 VMBusHID - ok
15:54:29.0267 1900 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\windows\System32\ICSvc.dll
15:54:29.0376 1900 vmicheartbeat - ok
15:54:29.0392 1900 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
15:54:29.0423 1900 vmickvpexchange - ok
15:54:29.0438 1900 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\windows\System32\ICSvc.dll
15:54:29.0470 1900 vmicrdv - ok
15:54:29.0485 1900 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\windows\System32\ICSvc.dll
15:54:29.0517 1900 vmicshutdown - ok
15:54:29.0532 1900 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\windows\System32\ICSvc.dll
15:54:29.0579 1900 vmictimesync - ok
15:54:29.0579 1900 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\windows\System32\ICSvc.dll
15:54:29.0626 1900 vmicvss - ok
15:54:29.0657 1900 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:54:29.0688 1900 volmgr - ok
15:54:29.0704 1900 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:54:29.0751 1900 volmgrx - ok
15:54:29.0782 1900 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\windows\system32\drivers\volsnap.sys
15:54:29.0829 1900 volsnap - ok
15:54:29.0845 1900 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\windows\System32\drivers\vpci.sys
15:54:29.0876 1900 vpci - ok
15:54:29.0892 1900 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
15:54:29.0923 1900 vsmraid - ok
15:54:30.0001 1900 [ EA658570314042C914964FC72AB50E6B ] VSS C:\windows\system32\vssvc.exe
15:54:30.0095 1900 VSS - ok
15:54:30.0126 1900 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
15:54:30.0157 1900 VSTXRAID - ok
15:54:30.0189 1900 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
15:54:30.0220 1900 vwifibus - ok
15:54:30.0220 1900 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:54:30.0267 1900 vwififlt - ok
15:54:30.0282 1900 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
15:54:30.0313 1900 vwifimp - ok
15:54:30.0407 1900 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\windows\system32\w32time.dll
15:54:30.0454 1900 W32Time - ok
15:54:30.0485 1900 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\windows\System32\drivers\wacompen.sys
15:54:30.0532 1900 WacomPen - ok
15:54:30.0564 1900 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
15:54:30.0626 1900 Wanarp - ok
15:54:30.0626 1900 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:54:30.0657 1900 Wanarpv6 - ok
15:54:30.0735 1900 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\windows\system32\wbengine.exe
15:54:30.0829 1900 wbengine - ok
15:54:30.0845 1900 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:54:30.0892 1900 WbioSrvc - ok
15:54:30.0907 1900 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\windows\System32\wcmsvc.dll
15:54:30.0970 1900 Wcmsvc - ok
15:54:31.0032 1900 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\windows\System32\wcncsvc.dll
15:54:31.0157 1900 wcncsvc - ok
15:54:31.0189 1900 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:54:31.0235 1900 WcsPlugInService - ok
15:54:31.0282 1900 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\windows\system32\drivers\wd.sys
15:54:31.0298 1900 Wd - ok
15:54:31.0345 1900 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\windows\system32\drivers\WdBoot.sys
15:54:31.0392 1900 WdBoot - ok
15:54:31.0439 1900 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:54:31.0501 1900 Wdf01000 - ok
15:54:31.0548 1900 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\windows\system32\drivers\WdFilter.sys
15:54:31.0595 1900 WdFilter - ok
15:54:31.0626 1900 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\windows\system32\wdi.dll
15:54:31.0673 1900 WdiServiceHost - ok
15:54:31.0689 1900 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\windows\system32\wdi.dll
15:54:31.0735 1900 WdiSystemHost - ok
15:54:31.0782 1900 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\windows\System32\webclnt.dll
15:54:31.0829 1900 WebClient - ok
15:54:31.0845 1900 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\windows\system32\wecsvc.dll
15:54:31.0892 1900 Wecsvc - ok
15:54:31.0907 1900 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\windows\System32\wercplsupport.dll
15:54:31.0985 1900 wercplsupport - ok
15:54:32.0032 1900 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\windows\System32\WerSvc.dll
15:54:32.0079 1900 WerSvc - ok
15:54:32.0126 1900 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
15:54:32.0157 1900 WFPLWFS - ok
15:54:32.0204 1900 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\windows\System32\wiarpc.dll
15:54:32.0298 1900 WiaRpc - ok
15:54:32.0314 1900 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:54:32.0345 1900 WIMMount - ok
15:54:32.0360 1900 WinDefend - ok
15:54:32.0470 1900 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
15:54:32.0517 1900 WinHttpAutoProxySvc - ok
15:54:32.0642 1900 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:54:32.0689 1900 Winmgmt - ok
15:54:32.0845 1900 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\windows\system32\WsmSvc.dll
15:54:32.0986 1900 WinRM - ok
15:54:33.0095 1900 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\windows\System32\wlansvc.dll
15:54:33.0251 1900 WlanSvc - ok
15:54:33.0376 1900 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\windows\system32\wlidsvc.dll
15:54:33.0486 1900 wlidsvc - ok
15:54:33.0517 1900 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
15:54:33.0548 1900 WmiAcpi - ok
15:54:33.0580 1900 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:54:33.0626 1900 wmiApSrv - ok
15:54:33.0673 1900 WMPNetworkSvc - ok
15:54:33.0705 1900 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
15:54:33.0736 1900 wpcfltr - ok
15:54:33.0767 1900 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\windows\System32\wpcsvc.dll
15:54:33.0798 1900 WPCSvc - ok
15:54:33.0845 1900 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:54:33.0939 1900 WPDBusEnum - ok
15:54:33.0955 1900 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
15:54:33.0986 1900 WpdUpFltr - ok
15:54:34.0017 1900 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:54:34.0048 1900 ws2ifsl - ok
15:54:34.0080 1900 [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\windows\System32\wscsvc.dll
15:54:34.0111 1900 wscsvc - ok
15:54:34.0126 1900 WSearch - ok
15:54:34.0220 1900 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\windows\System32\WSService.dll
15:54:34.0408 1900 WSService - ok
15:54:34.0580 1900 [ 79F95469604B77296346DE7DB463EA2A ] wuauserv C:\windows\system32\wuaueng.dll
15:54:34.0720 1900 wuauserv - ok
15:54:34.0767 1900 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:54:34.0814 1900 WudfPf - ok
15:54:34.0908 1900 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
15:54:34.0955 1900 WUDFRd - ok
15:54:35.0017 1900 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:54:35.0064 1900 wudfsvc - ok
15:54:35.0080 1900 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
15:54:35.0111 1900 WUDFWpdFs - ok
15:54:35.0158 1900 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\windows\System32\wwansvc.dll
15:54:35.0220 1900 WwanSvc - ok
15:54:35.0283 1900 [ 918C73F0275D7813E6F01E100B39DBD9 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
15:54:35.0314 1900 ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
15:54:35.0314 1900 ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
15:54:35.0345 1900 ================ Scan global ===============================
15:54:35.0392 1900 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
15:54:35.0455 1900 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
15:54:35.0486 1900 [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
15:54:35.0533 1900 [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
15:54:35.0533 1900 [Global] - ok
15:54:35.0548 1900 ================ Scan MBR ==================================
15:54:35.0580 1900 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:54:35.0673 1900 \Device\Harddisk0\DR0 - ok
15:54:35.0673 1900 ================ Scan VBR ==================================
15:54:35.0705 1900 [ E45E2D323CDB4DF16A721D0A374F3BDC ] \Device\Harddisk0\DR0\Partition1
15:54:35.0705 1900 \Device\Harddisk0\DR0\Partition1 - ok
15:54:35.0720 1900 [ 29C133CA3D661B2687A9BCED2E2FB14C ] \Device\Harddisk0\DR0\Partition2
15:54:35.0720 1900 \Device\Harddisk0\DR0\Partition2 - ok
15:54:35.0752 1900 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
15:54:35.0752 1900 \Device\Harddisk0\DR0\Partition3 - ok
15:54:35.0752 1900 [ 1643FB9F30F221F2D5B53A5B91E84302 ] \Device\Harddisk0\DR0\Partition4
15:54:35.0767 1900 \Device\Harddisk0\DR0\Partition4 - ok
15:54:35.0798 1900 [ 2285C2002331C27EFD3A27C80A862BF1 ] \Device\Harddisk0\DR0\Partition5
15:54:35.0798 1900 \Device\Harddisk0\DR0\Partition5 - ok
15:54:35.0830 1900 [ FC717664D0DF98657CB7D221EAA6C0B6 ] \Device\Harddisk0\DR0\Partition6
15:54:35.0830 1900 \Device\Harddisk0\DR0\Partition6 - ok
15:54:35.0830 1900 ============================================================
15:54:35.0830 1900 Scan finished
15:54:35.0830 1900 ============================================================
15:54:35.0845 4324 Detected object count: 1
15:54:35.0845 4324 Actual detected object count: 1
15:56:14.0237 4324 ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:14.0237 4324 ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:44.0739 4492 Deinitialize success
|
|
02.06.2013, 15:04
| #4 |
| /// the machine /// TB-Ausbilder | Google-Meldung ungewöhnlicher Datenverkehr Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32bit oder FRST 64bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.06.2013, 15:32
| #5 |
| | Google-Meldung ungewöhnlicher Datenverkehr Hier sind die FRST-Datein: FRST-EDITOR: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2013
Ran by Malte (administrator) on 02-06-2013 16:15:50
Running from C:\Users\Malte\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]
HKLM-x32\...\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2013-05-30] (Kaspersky Lab ZAO)
AppInit_DLLs: C:\windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKCU SearchScopes: DefaultScope {50952DBE-9475-4D32-B175-B9D835C33E99} URL =
SearchScopes: HKCU - {50952DBE-9475-4D32-B175-B9D835C33E99} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\w5rkfkjm.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-30] (Kaspersky Lab ZAO)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-30] (Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2013-05-30] (Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-30] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-30] (Kaspersky Lab ZAO)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2013-01-21] (Windows (R) 2003 DDK 3790 provider)
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [x]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-02 16:15 - 2013-06-02 16:15 - 00000000 ____D C:\FRST
2013-06-02 16:10 - 2013-06-02 16:10 - 01916278 ____A (Farbar) C:\Users\Malte\Desktop\FRST64.exe
2013-06-02 15:28 - 2013-06-02 15:28 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Malte\Desktop\tdsskiller.exe
2013-06-02 12:46 - 2013-06-02 12:46 - 00006859 ____A C:\Users\Malte\Desktop\Gmer.txt
2013-06-02 12:05 - 2013-06-02 12:05 - 00377856 ____A C:\Users\Malte\Desktop\gmer_2.1.19163.exe
2013-06-02 11:44 - 2013-06-02 12:01 - 00064194 ____A C:\Users\Malte\Desktop\Extras.Txt
2013-06-02 11:43 - 2013-06-02 12:01 - 00115478 ____A C:\Users\Malte\Desktop\OTL.Txt
2013-06-02 11:30 - 2013-06-02 11:30 - 00602112 ____A (OldTimer Tools) C:\Users\Malte\Desktop\OTL.exe
2013-06-02 11:28 - 2013-06-02 11:28 - 00000472 ____A C:\Users\Malte\Desktop\defogger_disable.log
2013-06-02 11:28 - 2013-06-02 11:28 - 00000000 ____A C:\Users\Malte\defogger_reenable
2013-06-02 11:26 - 2013-06-02 11:26 - 00050477 ____A C:\Users\Malte\Desktop\Defogger.exe
2013-06-01 16:47 - 2013-06-01 16:47 - 00002029 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-06-01 16:47 - 2013-06-01 16:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-31 18:04 - 2013-05-31 18:04 - 00000000 ____D C:\Users\Malte\AppData\Local\Macromedia
2013-05-31 17:15 - 2013-05-31 17:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-31 17:15 - 2013-05-31 17:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-05-31 17:11 - 2013-06-02 15:19 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-31 15:20 - 2013-05-31 15:20 - 00355944 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 15:17 - 2013-01-10 03:53 - 00028904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-05-31 15:17 - 2013-01-10 03:29 - 00785504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-05-31 15:17 - 2013-01-10 03:29 - 00091880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-05-31 15:17 - 2013-01-10 01:26 - 01752064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-05-31 15:17 - 2013-01-10 01:26 - 01611776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-05-31 15:17 - 2013-01-10 01:26 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-05-31 15:17 - 2013-01-10 01:26 - 00436736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-05-31 15:17 - 2013-01-10 01:26 - 00261120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-05-31 15:17 - 2013-01-10 01:26 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-05-31 15:17 - 2013-01-10 01:26 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-05-31 15:17 - 2013-01-10 01:23 - 02094592 ____A (Microsoft Corporation) C:\Windows\System32\mmc.exe
2013-05-31 15:17 - 2013-01-10 01:23 - 01964544 ____A (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2013-05-31 15:17 - 2013-01-10 01:23 - 01886208 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2013-05-31 15:17 - 2013-01-10 01:23 - 00728064 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-05-31 15:17 - 2013-01-10 01:23 - 00406016 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2013-05-31 15:17 - 2013-01-10 01:23 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
2013-05-31 15:17 - 2013-01-10 01:23 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\wiaacmgr.exe
2013-05-31 15:17 - 2013-01-10 01:22 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-05-31 15:17 - 2013-01-10 01:22 - 00894464 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-05-31 15:17 - 2013-01-10 01:22 - 00666112 ____A (Microsoft Corporation) C:\Windows\System32\MP4SDECD.DLL
2013-05-31 15:17 - 2013-01-10 01:22 - 00438272 ____A (Microsoft Corporation) C:\Windows\System32\lsm.dll
2013-05-31 15:17 - 2013-01-10 01:22 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2013-05-31 15:17 - 2013-01-09 05:59 - 00341504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-05-31 15:17 - 2012-11-02 07:19 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\ncbservice.dll
2013-05-31 15:17 - 2012-11-02 07:18 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\httpprxm.dll
2013-05-31 15:17 - 2012-11-02 07:18 - 00062464 ____A (Microsoft Corporation) C:\Windows\System32\adhsvc.dll
2013-05-31 15:17 - 2012-11-02 07:18 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\adhapi.dll
2013-05-31 15:17 - 2012-11-02 07:18 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\httpprxp.dll
2013-05-31 15:17 - 2012-11-02 07:18 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\keepaliveprovider.dll
2013-05-31 14:11 - 2012-11-20 07:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-05-31 14:11 - 2012-11-20 07:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-05-31 14:11 - 2012-11-20 07:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-05-31 14:11 - 2012-11-20 06:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
2013-05-31 14:11 - 2012-11-08 06:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-05-31 14:11 - 2012-11-08 06:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-05-31 14:11 - 2012-11-08 06:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-05-31 14:11 - 2012-11-08 06:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-05-31 14:11 - 2012-11-08 06:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-05-31 14:11 - 2012-11-08 06:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-05-31 14:07 - 2012-10-24 06:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2013-05-31 14:07 - 2012-10-17 06:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
2013-05-31 14:07 - 2012-10-17 06:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2013-05-31 14:07 - 2012-10-17 06:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2013-05-31 14:07 - 2012-10-17 05:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-05-31 14:07 - 2012-10-17 05:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-05-31 14:07 - 2012-10-17 05:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-05-31 14:07 - 2012-10-12 08:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
2013-05-31 14:07 - 2012-10-12 07:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-05-31 14:06 - 2012-10-11 09:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-05-31 14:06 - 2012-10-11 09:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-05-31 14:06 - 2012-10-11 09:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-05-31 14:06 - 2012-10-11 07:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-05-31 14:06 - 2012-10-11 07:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2013-05-31 14:06 - 2012-10-11 07:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-05-31 14:06 - 2012-10-11 07:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
2013-05-31 14:06 - 2012-10-11 07:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2013-05-31 14:06 - 2012-10-11 07:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2013-05-31 14:06 - 2012-10-11 07:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-05-31 14:06 - 2012-10-11 07:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-05-31 14:06 - 2012-10-11 07:44 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-05-31 14:06 - 2012-10-11 07:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-05-31 14:06 - 2012-10-11 07:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-05-31 14:06 - 2012-10-11 07:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-05-31 14:06 - 2012-10-11 07:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-05-31 14:06 - 2012-10-11 07:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-05-31 14:06 - 2012-10-11 07:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-05-31 14:06 - 2012-10-11 02:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
2013-05-31 14:06 - 2012-10-11 02:44 - 00478424 ____A C:\Windows\System32\locale.nls
2013-05-31 14:05 - 2012-10-11 09:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-05-31 14:05 - 2012-10-11 09:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-05-31 14:05 - 2012-10-11 09:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-05-31 14:05 - 2012-10-11 09:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-05-31 14:05 - 2012-10-11 09:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-05-31 14:05 - 2012-10-11 09:02 - 01636672 ____A (Microsoft Corporation) C:\Windows\System32\WMALFXGFXDSP.dll
2013-05-31 14:05 - 2012-10-11 07:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
2013-05-31 14:05 - 2012-10-11 07:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
2013-05-31 14:05 - 2012-10-11 07:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-05-31 14:05 - 2012-10-11 07:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
2013-05-31 14:05 - 2012-10-11 07:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2013-05-31 14:05 - 2012-10-11 07:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
2013-05-31 14:05 - 2012-10-11 07:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-05-31 14:05 - 2012-10-11 07:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2013-05-31 14:05 - 2012-10-11 07:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2013-05-31 14:05 - 2012-10-11 07:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 01294336 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
2013-05-31 14:05 - 2012-10-11 07:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-05-31 14:05 - 2012-10-11 07:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
2013-05-31 14:05 - 2012-10-11 07:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
2013-05-31 14:05 - 2012-10-11 07:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-05-31 14:05 - 2012-10-11 07:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-05-31 14:05 - 2012-10-11 07:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2013-05-31 14:05 - 2012-10-11 07:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-05-31 14:05 - 2012-10-11 07:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-05-31 14:05 - 2012-10-11 07:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-05-31 14:05 - 2012-10-11 07:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-05-31 14:05 - 2012-10-11 07:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-05-31 14:05 - 2012-10-11 07:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-05-31 14:05 - 2012-10-11 07:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-05-31 14:05 - 2012-10-11 06:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-05-31 14:05 - 2012-10-11 05:11 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-05-31 14:04 - 2012-11-29 07:05 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-05-31 14:04 - 2012-11-29 07:05 - 00707584 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-05-31 14:03 - 2012-11-27 08:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2013-05-31 14:03 - 2012-11-27 06:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-05-31 14:03 - 2012-11-27 06:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-05-31 14:03 - 2012-11-27 06:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-05-31 14:03 - 2012-11-27 06:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-05-31 14:03 - 2012-11-27 06:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-05-31 14:03 - 2012-11-27 06:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-05-31 14:03 - 2012-11-27 06:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-05-31 14:03 - 2012-11-27 06:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-05-31 14:03 - 2012-11-27 06:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-05-31 14:03 - 2012-11-27 06:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-05-31 14:03 - 2012-11-27 06:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-05-31 14:03 - 2012-11-27 06:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
2013-05-31 14:03 - 2012-11-27 06:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2013-05-31 14:03 - 2012-11-27 06:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2013-05-31 14:03 - 2012-11-27 06:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-05-31 14:03 - 2012-11-27 06:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2013-05-31 14:03 - 2012-11-27 06:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-05-31 14:03 - 2012-11-27 06:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-05-31 14:03 - 2012-11-27 06:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-05-31 14:03 - 2012-11-27 06:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-05-31 14:03 - 2012-10-12 10:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-05-31 14:03 - 2012-10-12 08:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
2013-05-31 14:03 - 2012-10-12 07:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-05-31 14:03 - 2012-09-11 07:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
2013-05-31 14:03 - 2012-09-11 07:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-05-31 14:03 - 2012-09-11 07:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
2013-05-31 14:02 - 2012-12-04 06:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-05-31 13:46 - 2012-11-06 06:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-05-31 13:46 - 2012-11-06 06:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2013-05-31 13:45 - 2012-11-06 09:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-05-31 13:45 - 2012-11-06 09:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-05-31 13:45 - 2012-11-06 06:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-05-31 13:45 - 2012-11-06 06:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-05-31 13:45 - 2012-11-06 06:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-05-31 13:45 - 2012-11-06 06:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-05-31 13:45 - 2012-11-06 06:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-05-31 13:45 - 2012-11-06 06:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-05-31 13:45 - 2012-11-06 06:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-05-31 13:45 - 2012-11-06 06:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-05-31 13:45 - 2012-11-06 06:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
2013-05-31 13:45 - 2012-11-06 06:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
2013-05-31 13:45 - 2012-11-06 06:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-05-31 13:45 - 2012-11-06 06:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-05-31 13:45 - 2012-11-06 06:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-05-31 13:45 - 2012-11-06 06:18 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-05-31 13:45 - 2012-11-06 06:18 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-05-31 13:45 - 2012-11-06 06:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-05-31 13:45 - 2012-11-06 06:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2013-05-31 13:45 - 2012-11-06 06:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-05-31 13:45 - 2012-11-06 06:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-05-31 13:45 - 2012-11-06 06:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-05-31 13:45 - 2012-11-06 06:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
2013-05-31 13:45 - 2012-11-06 06:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-05-31 13:45 - 2012-11-06 05:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
2013-05-31 13:45 - 2012-11-06 05:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-05-31 13:45 - 2012-11-06 05:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-05-31 13:45 - 2012-11-06 05:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-05-31 13:45 - 2012-11-06 05:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-05-31 13:45 - 2012-11-06 05:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2013-05-31 13:45 - 2012-11-06 05:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-05-31 13:45 - 2012-11-06 05:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-05-31 13:45 - 2012-11-06 05:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-05-31 13:08 - 2013-05-07 22:07 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-31 13:08 - 2013-05-07 22:07 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-31 12:45 - 2013-05-31 13:24 - 00000000 ___RD C:\Windows\BrowserChoice
2013-05-31 11:56 - 2012-10-10 09:04 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-05-31 11:56 - 2012-10-10 08:31 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-05-31 11:42 - 2013-04-10 01:17 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-31 11:42 - 2013-04-10 00:29 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-31 11:42 - 2012-11-26 06:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-05-31 11:42 - 2012-11-26 06:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2013-05-31 11:41 - 2013-04-10 01:17 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-31 11:41 - 2013-04-10 01:17 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-31 11:41 - 2013-04-10 01:17 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-05-31 11:41 - 2013-04-10 01:17 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-31 11:41 - 2013-04-10 01:17 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-31 11:41 - 2013-04-10 01:16 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-31 11:41 - 2013-04-10 01:16 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-31 11:41 - 2013-04-10 01:16 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-31 11:41 - 2013-04-10 01:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-31 11:41 - 2013-04-10 00:30 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-31 11:41 - 2013-04-10 00:30 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-31 11:41 - 2013-04-10 00:29 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-31 11:41 - 2013-04-10 00:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-31 11:41 - 2013-04-10 00:29 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-31 11:41 - 2013-04-10 00:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-31 11:41 - 2013-04-10 00:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-31 11:41 - 2013-02-21 12:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-31 11:41 - 2013-02-21 12:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-31 11:41 - 2013-02-21 12:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-31 11:41 - 2013-02-21 12:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-31 11:41 - 2013-02-21 12:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-31 11:41 - 2013-02-21 12:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-31 11:41 - 2013-02-19 11:53 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-05-31 11:41 - 2013-02-12 03:30 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-05-31 11:41 - 2013-02-12 02:56 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-05-31 11:41 - 2013-01-04 07:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-31 11:41 - 2013-01-04 06:19 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-31 11:41 - 2012-11-08 06:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-31 11:41 - 2012-11-08 06:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-31 11:39 - 2013-04-16 04:34 - 01455368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-31 11:35 - 2012-11-10 06:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-05-31 11:35 - 2012-11-10 06:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-05-31 11:35 - 2012-11-10 06:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-05-31 11:35 - 2012-11-10 06:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
2013-05-31 11:35 - 2012-11-10 06:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
2013-05-31 11:35 - 2012-11-10 06:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
2013-05-31 11:31 - 2012-08-31 02:52 - 00017888 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
2013-05-31 11:29 - 2012-08-31 02:53 - 00017888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2013-05-31 11:24 - 2013-05-31 11:24 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-05-31 11:24 - 2013-05-31 11:24 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-31 11:16 - 2013-03-02 13:02 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-05-31 11:16 - 2013-03-02 12:57 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-05-31 11:16 - 2013-03-02 12:57 - 00332520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-05-31 11:16 - 2013-03-02 12:57 - 00077544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2013-05-31 11:16 - 2013-03-02 12:45 - 00194792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-05-31 11:16 - 2013-03-02 12:45 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-05-31 11:16 - 2013-03-02 12:45 - 00125160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-05-31 11:16 - 2013-03-02 12:39 - 00495336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-05-31 11:16 - 2013-03-02 12:39 - 00327912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-05-31 11:16 - 2013-03-02 11:59 - 02231528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-05-31 11:16 - 2013-03-02 11:59 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-05-31 11:16 - 2013-03-02 10:24 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-05-31 11:16 - 2013-03-02 10:23 - 01338880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00893952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00601088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00504320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00356352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00100864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-05-31 11:16 - 2013-03-02 10:23 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-05-31 11:16 - 2013-03-02 10:22 - 05091840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-05-31 11:16 - 2013-03-02 10:22 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-05-31 11:16 - 2013-03-02 10:22 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-05-31 11:16 - 2013-03-02 10:21 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-05-31 11:16 - 2013-03-02 10:21 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-05-31 11:16 - 2013-03-02 10:21 - 00145408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-05-31 11:16 - 2013-03-02 10:21 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 03240448 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 01627648 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 01161728 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 01149952 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 01101824 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00951808 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00645120 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
2013-05-31 11:16 - 2013-03-02 04:45 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-05-31 11:16 - 2013-03-02 04:45 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
2013-05-31 11:16 - 2013-03-02 04:45 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\WSDPrintProxy.DLL
2013-05-31 11:16 - 2013-03-02 04:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-05-31 11:16 - 2013-03-02 04:45 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-05-31 11:16 - 2013-03-02 04:44 - 05978624 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-05-31 11:16 - 2013-03-02 04:44 - 01048576 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-05-31 11:16 - 2013-03-02 04:44 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-05-31 11:16 - 2013-03-02 04:44 - 00455168 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2013-05-31 11:16 - 2013-03-02 04:44 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2013-05-31 11:16 - 2013-03-02 04:44 - 00150016 ____A (Microsoft Corporation) C:\Windows\System32\discan.dll
2013-05-31 11:16 - 2013-03-02 04:44 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncInfo.dll
2013-05-31 11:16 - 2013-03-02 04:44 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\NdisImPlatform.dll
2013-05-31 11:16 - 2013-03-02 04:44 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2013-05-31 11:16 - 2013-03-02 04:43 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-05-31 11:16 - 2013-03-02 04:43 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2013-05-31 11:16 - 2013-03-02 04:15 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2013-05-31 11:16 - 2013-03-01 06:56 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-05-31 11:16 - 2013-03-01 06:55 - 01175040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-05-31 11:16 - 2012-11-06 06:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-05-31 11:16 - 2012-11-06 06:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
2013-05-31 11:16 - 2012-11-02 07:20 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-05-31 11:15 - 2013-03-01 06:56 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2013-05-31 11:15 - 2013-01-09 05:59 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2013-05-31 11:15 - 2013-01-09 05:58 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-05-31 11:15 - 2012-11-06 06:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
2013-05-31 11:12 - 2013-05-03 16:15 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-31 11:02 - 2012-10-24 05:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2013-05-31 11:02 - 2012-10-24 04:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-05-31 11:01 - 2013-03-02 10:23 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-05-31 11:01 - 2013-03-02 04:44 - 01011200 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2013-05-31 11:01 - 2013-02-02 13:19 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-05-31 11:01 - 2013-02-02 13:19 - 00446184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-05-31 11:01 - 2013-02-02 13:19 - 00061672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2013-05-31 11:01 - 2013-02-02 12:54 - 01933544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-31 11:01 - 2013-02-02 12:28 - 00993512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-05-31 11:01 - 2013-02-02 10:40 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-05-31 11:01 - 2013-02-02 10:40 - 00370688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-05-31 11:01 - 2013-02-02 10:40 - 00197632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-05-31 11:01 - 2013-02-02 10:40 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-05-31 11:01 - 2013-02-02 10:40 - 00079360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-05-31 11:01 - 2013-02-02 10:39 - 00157696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-05-31 11:01 - 2013-02-02 10:39 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-05-31 11:01 - 2013-02-02 10:39 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-05-31 11:01 - 2013-02-02 10:39 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-05-31 11:01 - 2013-02-02 10:39 - 00015872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-05-31 11:01 - 2013-02-02 10:39 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-05-31 11:01 - 2013-02-02 10:38 - 00567808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-05-31 11:01 - 2013-02-02 10:24 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\taskkill.exe
2013-05-31 11:01 - 2013-02-02 10:24 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\tasklist.exe
2013-05-31 11:01 - 2013-02-02 10:23 - 00731648 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-05-31 11:01 - 2013-02-02 10:23 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2013-05-31 11:01 - 2013-02-02 10:23 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
2013-05-31 11:01 - 2013-02-02 10:23 - 00475136 ____A (Microsoft Corporation) C:\Windows\System32\WWanAPI.dll
2013-05-31 11:01 - 2013-02-02 10:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2013-05-31 11:01 - 2013-02-02 10:23 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2013-05-31 11:01 - 2013-02-02 10:21 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-05-31 11:01 - 2013-02-02 10:21 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-05-31 11:01 - 2013-02-02 10:21 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\mbsmsapi.dll
2013-05-31 11:01 - 2013-02-02 10:20 - 00729600 ____A (Microsoft Corporation) C:\Windows\System32\duser.dll
2013-05-31 11:01 - 2013-02-02 10:20 - 00260096 ____A (Microsoft Corporation) C:\Windows\System32\hotspotauth.dll
2013-05-31 11:01 - 2013-02-02 09:25 - 00297984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2013-05-31 11:01 - 2013-02-02 09:25 - 00037632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-05-31 11:01 - 2012-12-15 06:55 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2013-05-31 11:01 - 2012-11-27 05:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-05-31 11:01 - 2012-11-27 05:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2013-05-31 11:01 - 2012-11-20 06:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-05-31 11:01 - 2012-11-03 07:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
2013-05-31 11:01 - 2012-11-03 07:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
2013-05-31 11:00 - 2013-02-06 00:29 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-05-31 11:00 - 2013-02-06 00:28 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-05-31 11:00 - 2013-02-02 07:41 - 01437184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-05-31 11:00 - 2013-02-02 07:31 - 01690624 ____A (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2013-05-31 10:59 - 2013-03-06 09:10 - 00112872 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-31 10:59 - 2013-03-06 08:31 - 19758592 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-31 10:59 - 2013-03-06 08:31 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-31 10:59 - 2013-03-06 08:29 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-31 10:59 - 2013-03-06 07:03 - 17561600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-31 10:59 - 2013-03-06 07:03 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-31 10:59 - 2013-02-12 02:17 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-31 10:57 - 2013-03-22 05:49 - 02382336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-05-31 10:57 - 2013-03-22 00:47 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-05-31 10:57 - 2013-03-15 02:17 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-05-31 10:57 - 2012-12-16 10:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-05-31 10:57 - 2012-12-16 10:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-05-31 10:57 - 2012-12-16 10:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-05-31 10:57 - 2012-12-16 09:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-05-31 10:57 - 2012-11-08 06:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-05-31 10:57 - 2012-11-08 06:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-05-31 10:57 - 2012-11-08 06:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-05-31 10:57 - 2012-11-08 06:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2013-05-31 10:57 - 2012-11-08 06:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
2013-05-31 10:57 - 2012-11-08 06:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-05-31 10:57 - 2012-11-03 07:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2013-05-31 10:57 - 2012-11-03 07:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-05-31 10:57 - 2012-11-03 07:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-05-31 10:57 - 2012-11-03 07:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-05-31 10:57 - 2012-11-03 07:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2013-05-31 10:57 - 2012-11-03 07:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-05-31 10:57 - 2012-11-03 07:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
2013-05-31 10:57 - 2012-11-03 07:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
2013-05-31 10:57 - 2012-11-03 07:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-05-31 10:57 - 2012-11-03 07:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-05-31 10:57 - 2012-11-03 07:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
2013-05-31 10:57 - 2012-11-03 07:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2013-05-31 10:57 - 2012-11-03 07:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-05-31 10:57 - 2012-11-03 07:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-05-31 10:57 - 2012-10-24 05:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2013-05-31 10:57 - 2012-10-24 05:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2013-05-31 10:57 - 2012-10-24 05:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2013-05-31 10:57 - 2012-10-24 05:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2013-05-31 10:53 - 2013-04-09 07:33 - 00489576 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-05-31 10:53 - 2013-04-09 07:33 - 00446792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-05-31 10:53 - 2013-04-09 07:33 - 00253544 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-05-31 10:53 - 2013-04-09 07:20 - 00306952 ____A (Microsoft Corporation) C:\Windows\System32\kd_02_10ec.dll
2013-05-31 10:53 - 2013-04-09 07:17 - 01829408 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-05-31 10:53 - 2013-04-09 06:52 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-05-31 10:53 - 2013-04-09 06:52 - 00804352 ____A (Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
2013-05-31 10:53 - 2013-04-09 06:52 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-05-31 10:53 - 2013-04-09 06:51 - 14267904 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-05-31 10:53 - 2013-04-09 06:51 - 13648384 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-31 10:53 - 2013-04-09 06:51 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-05-31 10:53 - 2013-04-09 06:51 - 03552768 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-05-31 10:53 - 2013-04-09 06:51 - 00595456 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-05-31 10:53 - 2013-04-09 06:51 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 10:53 - 2013-04-09 06:51 - 00456704 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-05-31 10:53 - 2013-04-09 06:51 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-05-31 10:53 - 2013-04-09 06:51 - 00367616 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-31 10:53 - 2013-04-09 06:50 - 02107904 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-05-31 10:53 - 2013-04-09 06:50 - 01285632 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-05-31 10:53 - 2013-04-09 06:50 - 00435200 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-05-31 10:53 - 2013-04-09 06:50 - 00422400 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-05-31 10:53 - 2013-04-09 06:49 - 01444864 ____A (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2013-05-31 10:53 - 2013-04-09 06:49 - 00817152 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-05-31 10:53 - 2013-04-09 06:49 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-05-31 10:53 - 2013-04-09 06:49 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-05-31 10:53 - 2013-04-09 06:48 - 02303488 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-31 10:53 - 2013-04-09 06:48 - 00785408 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-05-31 10:53 - 2013-04-09 04:35 - 04038144 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-31 10:53 - 2013-04-09 04:33 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-05-31 10:53 - 2013-04-09 04:32 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2013-05-31 10:53 - 2013-04-09 04:31 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-05-31 10:53 - 2013-04-09 01:39 - 01408896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-05-31 10:53 - 2013-04-09 01:37 - 00426024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-05-31 10:53 - 2013-04-09 01:37 - 00324368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-05-31 10:53 - 2013-04-08 23:52 - 11878912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-05-31 10:53 - 2013-04-08 23:52 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-05-31 10:53 - 2013-04-08 23:52 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-05-31 10:53 - 2013-04-08 23:51 - 10789888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-05-31 10:53 - 2013-04-08 23:51 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-05-31 10:53 - 2013-04-08 23:51 - 02767360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-05-31 10:53 - 2013-04-08 23:51 - 02035200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-31 10:53 - 2013-04-08 23:51 - 01593344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-05-31 10:53 - 2013-04-08 23:51 - 01113600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-05-31 10:53 - 2013-04-08 23:51 - 00656896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-05-31 10:53 - 2013-04-08 23:51 - 00403968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-05-31 10:53 - 2013-04-08 23:51 - 00324096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-05-31 10:53 - 2013-03-30 20:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-05-31 10:53 - 2013-03-30 20:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-05-31 10:53 - 2013-03-29 00:09 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-05-31 10:53 - 2013-03-29 00:09 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-05-31 10:53 - 2013-03-16 00:05 - 00298456 ____A (Microsoft Corporation) C:\Windows\System32\rsaenh.dll
2013-05-31 10:53 - 2013-03-16 00:05 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-05-31 10:53 - 2013-02-07 03:33 - 00754176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-05-31 10:52 - 2013-04-11 08:40 - 06987528 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-31 10:52 - 2013-04-09 07:27 - 00284424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-05-31 10:52 - 2013-04-09 07:20 - 00086280 ____A (Microsoft Corporation) C:\Windows\System32\kdnet.dll
2013-05-31 10:52 - 2013-04-09 07:18 - 00077960 ____A (Microsoft Corporation) C:\Windows\System32\kdvm.dll
2013-05-31 10:52 - 2013-04-09 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-05-31 10:52 - 2013-04-09 06:52 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\Robocopy.exe
2013-05-31 10:52 - 2013-04-09 06:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-05-31 10:52 - 2013-04-09 06:50 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-05-31 10:52 - 2013-04-09 06:50 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\GenuineCenter.dll
2013-05-31 10:52 - 2013-04-09 06:50 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-05-31 10:52 - 2013-04-09 06:50 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-05-31 10:52 - 2013-04-09 06:50 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-05-31 10:52 - 2013-04-09 06:49 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-05-31 10:52 - 2013-04-09 06:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-05-31 10:52 - 2013-04-09 06:49 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2013-05-31 10:52 - 2013-04-09 06:49 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\dmvdsitf.dll
2013-05-31 10:52 - 2013-04-09 06:49 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\fmifs.dll
2013-05-31 10:52 - 2013-04-09 06:48 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-05-31 10:52 - 2013-04-09 06:48 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-05-31 10:52 - 2013-04-09 04:34 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-05-31 10:52 - 2013-04-09 04:34 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-05-31 10:52 - 2013-04-09 04:34 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-05-31 10:52 - 2013-04-09 04:33 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-05-31 10:52 - 2013-04-09 04:31 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-05-31 10:52 - 2013-04-09 01:44 - 00123880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-05-31 10:52 - 2013-04-08 23:52 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 10:52 - 2013-04-08 23:52 - 00171008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-05-31 10:52 - 2013-04-08 23:52 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-05-31 10:52 - 2013-04-08 23:51 - 00659456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-05-31 10:52 - 2013-04-08 23:51 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00155648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-05-31 10:52 - 2013-04-08 23:51 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-05-31 10:52 - 2013-04-05 01:30 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-05-31 10:52 - 2013-04-03 00:08 - 00387688 ____A C:\Windows\System32\ApnDatabase.xml
2013-05-31 10:52 - 2013-03-02 12:39 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2013-05-31 10:52 - 2013-03-02 04:43 - 02146304 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2013-05-31 10:52 - 2013-02-02 10:40 - 00155136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-05-31 10:52 - 2013-02-02 10:23 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-05-31 10:52 - 2013-01-29 03:57 - 00035232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2013-05-31 10:52 - 2013-01-29 01:08 - 00230904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2013-05-31 10:52 - 2013-01-10 03:40 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-31 10:52 - 2012-12-13 06:00 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-05-31 10:52 - 2012-12-13 05:59 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-05-31 10:52 - 2012-11-20 06:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-05-31 10:52 - 2012-11-06 09:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2013-05-31 10:52 - 2012-11-06 07:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-05-31 10:52 - 2012-11-06 06:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2013-05-31 10:52 - 2012-10-11 07:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-05-31 10:52 - 2012-10-11 07:44 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-05-31 10:52 - 2012-10-11 07:06 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-05-31 10:52 - 2012-10-11 07:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-05-31 10:50 - 2012-11-01 06:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-05-31 10:50 - 2012-11-01 06:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-05-31 10:50 - 2012-11-01 06:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-05-31 10:50 - 2012-11-01 06:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-05-31 10:50 - 2012-11-01 06:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-05-31 10:50 - 2012-11-01 06:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-05-31 10:50 - 2012-11-01 06:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-05-31 10:50 - 2012-11-01 06:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-05-31 10:34 - 2013-05-31 10:34 - 00000000 ____D C:\Users\Malte\AppData\Local\Secunia PSI
2013-05-31 10:34 - 2013-05-31 10:34 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-05-31 10:32 - 2013-05-31 10:33 - 03270960 ____A (Secunia) C:\Users\Malte\Downloads\PSISetup7009.exe
2013-05-30 20:44 - 2013-05-30 20:44 - 00000000 ____D C:\Program Files\Microsoft Office
2013-05-30 20:43 - 2013-05-30 20:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-05-30 20:42 - 2013-05-31 13:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-30 20:42 - 2013-05-30 20:42 - 00000000 ____D C:\Users\Malte\AppData\Local\Microsoft Help
2013-05-30 20:41 - 2013-05-30 20:41 - 00000000 __RHD C:\MSOCache
2013-05-30 19:52 - 2013-05-30 19:52 - 00000000 ____D C:\Users\Malte\AppData\Roaming\Mozilla
2013-05-30 19:52 - 2013-05-30 19:52 - 00000000 ____D C:\Users\Malte\AppData\Local\Mozilla
2013-05-30 19:51 - 2013-05-31 13:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-30 19:51 - 2013-05-31 13:27 - 00001159 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-05-30 19:51 - 2013-05-31 13:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-30 19:51 - 2013-05-30 19:51 - 00000000 ____D C:\ProgramData\Mozilla
2013-05-30 19:46 - 2013-05-30 19:46 - 00000000 ____D C:\Users\Malte\AppData\Roaming\Macromedia
2013-05-30 15:04 - 2013-05-30 15:04 - 00619616 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klif.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00178448 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kneps.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00090208 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klflt.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00050448 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klwfp.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00029528 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klmouflt.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00029016 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klkbdflt.sys
2013-05-30 14:50 - 2013-05-30 14:50 - 00002376 ____A C:\Users\Malte\Desktop\Sicherer Zahlungsverkehr.lnk
2013-05-30 14:49 - 2013-05-30 14:48 - 00001186 ____A C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2013-05-30 14:48 - 2013-06-02 15:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-05-30 14:48 - 2013-05-30 14:48 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-05-30 14:48 - 2012-07-11 17:09 - 00064856 ____A (Kaspersky Lab) C:\Windows\System32\klfphc.dll
2013-05-30 12:48 - 2013-05-30 12:48 - 00000000 ____A C:\Users\Malte\agent.log
2013-05-28 16:30 - 2013-06-01 16:48 - 00000000 ____D C:\Users\Malte\AppData\Local\Adobe
2013-05-28 16:20 - 2013-05-28 16:20 - 00000000 ____D C:\Users\Malte\Documents\Bluetooth Folder
2013-05-28 16:20 - 2013-05-28 16:20 - 00000000 ____D C:\Users\Malte\AppData\Roaming\Atheros
2013-05-28 16:20 - 2013-05-28 16:20 - 00000000 ____D C:\Users\Malte\AppData\Local\Power2Go8
2013-05-28 16:20 - 2013-05-28 16:20 - 00000000 ____D C:\Users\Malte\AppData\Local\BMExplorer
2013-05-28 16:19 - 2013-05-28 16:30 - 00000000 ____D C:\Users\Malte\AppData\Roaming\Adobe
2013-05-28 16:18 - 2013-05-28 16:18 - 00000000 ____D C:\Users\Malte\AppData\Local\Samsung
2013-05-28 16:18 - 2013-05-28 16:18 - 00000000 ____A C:\Windows\System32\Drivers\144D_SAMSUNG_na_300E4_P04R.mrk
2013-05-28 16:17 - 2013-05-31 13:24 - 00000000 ____D C:\Users\Malte\AppData\Local\Packages
2013-05-28 16:17 - 2013-05-28 16:17 - 00000000 ____D C:\Users\Malte\AppData\Local\VirtualStore
2013-05-28 16:16 - 2013-06-02 11:28 - 00000000 ____D C:\users\Malte
2013-05-28 16:16 - 2013-05-28 16:16 - 00000020 ___SH C:\Users\Malte\ntuser.ini
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Vorlagen
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Startmenü
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Netzwerkumgebung
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Lokale Einstellungen
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Eigene Dateien
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Druckumgebung
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Documents\Eigene Musik
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Documents\Eigene Bilder
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\AppData\Local\Verlauf
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\AppData\Local\Anwendungsdaten
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Anwendungsdaten
==================== One Month Modified Files and Folders =======
2013-06-02 16:15 - 2013-06-02 16:15 - 00000000 ____D C:\FRST
2013-06-02 16:10 - 2013-06-02 16:10 - 01916278 ____A (Farbar) C:\Users\Malte\Desktop\FRST64.exe
2013-06-02 16:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-06-02 15:30 - 2013-05-30 14:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-02 15:29 - 2012-10-20 07:54 - 00000360 ____A C:\Windows\Tasks\Xerox PhotoCafe Communicator.job
2013-06-02 15:28 - 2013-06-02 15:28 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Malte\Desktop\tdsskiller.exe
2013-06-02 15:19 - 2013-05-31 17:11 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-02 13:12 - 2012-10-20 22:21 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-06-02 13:12 - 2012-10-20 22:21 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-06-02 13:12 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-02 13:11 - 2012-10-20 07:47 - 00000000 ____D C:\ProgramData\WinClon
2013-06-02 13:07 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-02 13:06 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-02 12:46 - 2013-06-02 12:46 - 00006859 ____A C:\Users\Malte\Desktop\Gmer.txt
2013-06-02 12:36 - 2012-10-20 06:41 - 01409835 ____A C:\Windows\WindowsUpdate.log
2013-06-02 12:07 - 2012-08-05 23:07 - 00707890 ____A C:\Windows\PFRO.log
2013-06-02 12:05 - 2013-06-02 12:05 - 00377856 ____A C:\Users\Malte\Desktop\gmer_2.1.19163.exe
2013-06-02 12:01 - 2013-06-02 11:44 - 00064194 ____A C:\Users\Malte\Desktop\Extras.Txt
2013-06-02 12:01 - 2013-06-02 11:43 - 00115478 ____A C:\Users\Malte\Desktop\OTL.Txt
2013-06-02 11:30 - 2013-06-02 11:30 - 00602112 ____A (OldTimer Tools) C:\Users\Malte\Desktop\OTL.exe
2013-06-02 11:28 - 2013-06-02 11:28 - 00000472 ____A C:\Users\Malte\Desktop\defogger_disable.log
2013-06-02 11:28 - 2013-06-02 11:28 - 00000000 ____A C:\Users\Malte\defogger_reenable
2013-06-02 11:28 - 2013-05-28 16:16 - 00000000 ____D C:\users\Malte
2013-06-02 11:26 - 2013-06-02 11:26 - 00050477 ____A C:\Users\Malte\Desktop\Defogger.exe
2013-06-01 16:48 - 2013-05-28 16:30 - 00000000 ____D C:\Users\Malte\AppData\Local\Adobe
2013-06-01 16:47 - 2013-06-01 16:47 - 00002029 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-06-01 16:47 - 2013-06-01 16:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-01 16:47 - 2012-10-20 07:51 - 00000000 ____D C:\ProgramData\Adobe
2013-06-01 11:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-05-31 18:04 - 2013-05-31 18:04 - 00000000 ____D C:\Users\Malte\AppData\Local\Macromedia
2013-05-31 17:15 - 2013-05-31 17:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-31 17:15 - 2013-05-31 17:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-05-31 16:08 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-05-31 15:20 - 2013-05-31 15:20 - 00355944 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 14:37 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-05-31 14:37 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-05-31 13:51 - 2013-05-30 19:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-31 13:49 - 2013-05-30 20:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-31 13:27 - 2013-05-30 19:51 - 00001159 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-05-31 13:27 - 2013-05-30 19:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-31 13:24 - 2013-05-31 12:45 - 00000000 ___RD C:\Windows\BrowserChoice
2013-05-31 13:24 - 2013-05-28 16:17 - 00000000 ____D C:\Users\Malte\AppData\Local\Packages
2013-05-31 13:24 - 2012-08-05 23:11 - 00000000 ____D C:\ProgramData\PRICache
2013-05-31 13:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-05-31 13:02 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-05-31 13:02 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-05-31 13:02 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-05-31 13:01 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-05-31 13:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-05-31 13:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-05-31 13:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-05-31 13:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\migwiz
2013-05-31 13:01 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-05-31 13:01 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-05-31 13:01 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-05-31 13:01 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-05-31 13:01 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-05-31 13:01 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\System32\winrm
2013-05-31 13:01 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-05-31 13:01 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-05-31 12:58 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\System32\slmgr
2013-05-31 12:58 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Sysprep
2013-05-31 12:58 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\oobe
2013-05-31 12:57 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\System32\WCN
2013-05-31 12:57 - 2012-07-26 09:51 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2013-05-31 12:57 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-05-31 12:56 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\SystemResetPlatform
2013-05-31 12:56 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\Com
2013-05-31 12:49 - 2012-10-20 22:44 - 00000000 ____D C:\Windows\en-GB
2013-05-31 12:49 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-31 12:49 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-05-31 12:48 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\en-GB
2013-05-31 12:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\MUI
2013-05-31 12:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-05-31 11:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-31 11:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-05-31 11:24 - 2013-05-31 11:24 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-05-31 11:24 - 2013-05-31 11:24 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-05-31 10:34 - 2013-05-31 10:34 - 00000000 ____D C:\Users\Malte\AppData\Local\Secunia PSI
2013-05-31 10:34 - 2013-05-31 10:34 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-05-31 10:33 - 2013-05-31 10:32 - 03270960 ____A (Secunia) C:\Users\Malte\Downloads\PSISetup7009.exe
2013-05-31 10:19 - 2012-10-20 07:38 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-05-31 10:19 - 2012-10-20 07:38 - 00000000 ____D C:\Windows\System32\NV
2013-05-31 10:19 - 2012-10-20 07:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-05-30 20:49 - 2012-10-20 08:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-05-30 20:44 - 2013-05-30 20:44 - 00000000 ____D C:\Program Files\Microsoft Office
2013-05-30 20:43 - 2013-05-30 20:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-05-30 20:43 - 2012-07-26 09:52 - 00000000 ____D C:\Windows\ShellNew
2013-05-30 20:42 - 2013-05-30 20:42 - 00000000 ____D C:\Users\Malte\AppData\Local\Microsoft Help
2013-05-30 20:41 - 2013-05-30 20:41 - 00000000 __RHD C:\MSOCache
2013-05-30 19:52 - 2013-05-30 19:52 - 00000000 ____D C:\Users\Malte\AppData\Roaming\Mozilla
2013-05-30 19:52 - 2013-05-30 19:52 - 00000000 ____D C:\Users\Malte\AppData\Local\Mozilla
2013-05-30 19:51 - 2013-05-30 19:51 - 00000000 ____D C:\ProgramData\Mozilla
2013-05-30 19:46 - 2013-05-30 19:46 - 00000000 ____D C:\Users\Malte\AppData\Roaming\Macromedia
2013-05-30 15:04 - 2013-05-30 15:04 - 00619616 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klif.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00178448 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kneps.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00090208 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klflt.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00050448 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klwfp.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00029528 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klmouflt.sys
2013-05-30 15:04 - 2013-05-30 15:04 - 00029016 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klkbdflt.sys
2013-05-30 14:50 - 2013-05-30 14:50 - 00002376 ____A C:\Users\Malte\Desktop\Sicherer Zahlungsverkehr.lnk
2013-05-30 14:48 - 2013-05-30 14:49 - 00001186 ____A C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2013-05-30 14:48 - 2013-05-30 14:48 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-05-30 14:48 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-05-30 14:48 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-05-30 14:32 - 2012-07-26 09:21 - 00027159 ____A C:\Windows\setupact.log
2013-05-30 12:48 - 2013-05-30 12:48 - 00000000 ____A C:\Users\Malte\agent.log
2013-05-28 16:30 - 2013-05-28 16:19 - 00000000 ____D C:\Users\Malte\AppData\Roaming\Adobe
2013-05-28 16:20 - 2013-05-28 16:20 - 00000000 ____D C:\Users\Malte\Documents\Bluetooth Folder
2013-05-28 16:20 - 2013-05-28 16:20 - 00000000 ____D C:\Users\Malte\AppData\Roaming\Atheros
2013-05-28 16:20 - 2013-05-28 16:20 - 00000000 ____D C:\Users\Malte\AppData\Local\Power2Go8
2013-05-28 16:20 - 2013-05-28 16:20 - 00000000 ____D C:\Users\Malte\AppData\Local\BMExplorer
2013-05-28 16:20 - 2012-10-20 08:09 - 00000000 ____D C:\ProgramData\Atheros
2013-05-28 16:18 - 2013-05-28 16:18 - 00000000 ____D C:\Users\Malte\AppData\Local\Samsung
2013-05-28 16:18 - 2013-05-28 16:18 - 00000000 ____A C:\Windows\System32\Drivers\144D_SAMSUNG_na_300E4_P04R.mrk
2013-05-28 16:17 - 2013-05-28 16:17 - 00000000 ____D C:\Users\Malte\AppData\Local\VirtualStore
2013-05-28 16:16 - 2013-05-28 16:16 - 00000020 ___SH C:\Users\Malte\ntuser.ini
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Vorlagen
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Startmenü
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Netzwerkumgebung
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Lokale Einstellungen
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Eigene Dateien
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Druckumgebung
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Documents\Eigene Musik
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Documents\Eigene Bilder
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\AppData\Local\Verlauf
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\AppData\Local\Anwendungsdaten
2013-05-28 16:16 - 2013-05-28 16:16 - 00000000 __SHD C:\Users\Malte\Anwendungsdaten
2013-05-07 22:07 - 2013-05-31 13:08 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-07 22:07 - 2013-05-31 13:08 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-03 16:15 - 2013-05-31 11:12 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Last Boot: 2012-08-05 23:07
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2013
Ran by Malte at 2013-06-02 16:17:16 Run:
Running from C:\Users\Malte\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
CyberLink Power2Go 8 (Version: 8.0.0.1912)
CyberLink PowerDVD 10 (Version: 10.0.4421.02)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Easy File Share (Version: 1.3.4)
E-POP (Version: 1.0.1)
ETDWare PS/2-X64 11.7.2.1_WHQL (Version: 11.7.2.1)
Fotogalerie (Version: 16.4.3503.0728)
Galerie de photos (Version: 16.4.3503.0728)
Help Desk (Version: 1.0.6)
Intel AppUp(SM) center (Version: 3.6.1.33070.11)
Intel(R) Manageability Engine Firmware Recovery Agent (Version: 1.0.0.36702)
Intel(R) Management Engine Components (Version: 8.1.0.1252)
Intel(R) Processor Graphics (Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (Version: 11.5.2.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
NVIDIA Grafiktreiber 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (Version: 9.12.0613)
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613)
NVIDIA Systemsteuerung 306.97 (Version: 306.97)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Photo Common (Version: 16.4.3503.0728)
Photo Gallery (Version: 16.4.3503.0728)
Plants vs. Zombies
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206)
Qualcomm Atheros Client Installation Program (Version: 10.0)
Raccolta foto (Version: 16.4.3503.0728)
Realtek Ethernet Controller Driver (Version: 8.2.612.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6699)
Recovery (Version: 6.0.6.5)
S Agent (Version: 1.0.7)
Secunia PSI (3.0.0.7009) (Version: 3.0.0.7009)
Settings (Version: 2.0.0)
Support Center (Version: 2.0.13)
Support Center FAQ (Version: 1.0.5)
SW Update (Version: 2.0.20)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
User Guide (Version: 1.2.00)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (Version: 07/27/2012 20.57.1.735)
Windows Live (Version: 16.4.3503.0728)
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Xerox PhotoCafe (Version: 1.0.0.6162)
==================== Restore Points =========================
28-05-2013 15:57:07 Removed Norton Online Backup
30-05-2013 18:40:55 Installed Microsoft Office Home and Student 2010
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/28/2013 04:18:22 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x80072EE7
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=9e4b231b-3e45-41f4-967f-c914f178b6ac;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (05/28/2013 04:18:22 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7
SKU-ID=9e4b231b-3e45-41f4-967f-c914f178b6ac
Error: (05/28/2013 04:18:22 PM) (Source: Software Protection Platform Service) (User: )
Description: Lizenzerwerb-Fehlerdetails.
hr=0x80072EE7
System errors:
=============
Error: (05/31/2013 03:32:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (05/31/2013 03:26:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (05/31/2013 03:19:21 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: 1069TrustedInstallerNicht verfügbar{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (05/31/2013 03:19:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/31/2013 03:19:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TrustedInstaller" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/31/2013 02:57:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (05/31/2013 01:50:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (05/31/2013 01:48:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2727528)
Error: (05/31/2013 01:48:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Update für Microsoft Camera Codec Pack unter Windows 8 für x64-basierte Systeme (KB2779444)
Error: (05/31/2013 01:48:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2785220)
Microsoft Office Sessions:
=========================
Error: (05/28/2013 04:18:22 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x80072EE7RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=9e4b231b-3e45-41f4-967f-c914f178b6ac;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (05/28/2013 04:18:22 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x80072EE79e4b231b-3e45-41f4-967f-c914f178b6ac
Error: (05/28/2013 04:18:22 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x80072EE700010001(0x00000000, 16:18:21:766 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=DM)
00020001(0x00000000, 16:18:21:969)
00030001(0x00000000, 16:18:21:969 - https://activation.sls.microsoft.com)
00030002(0x00000000, 16:18:21:969 - 0)
00040001(0x00000000, 16:18:21:969 - https://activation.sls.microsoft.com)
00040002(0x00000000, 16:18:22:079 - 1, <NULL>, <NULL>, <NULL>)
00050002(0x80072F94, 16:18:22:079 - 0, 1)
00040006(0x00000001, 16:18:22:079 - 0, https://activation.sls.microsoft.com, <N/A>, <N/A>)
00020005(0x00000000, 16:18:22:079 - 0)
00020008(0x80072EE7, 16:18:22:360 - SOAPAction: "hxxp://microsoft.com/SL/ProductActivationService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>ProductActivation</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[1]"><TokenEntry><Name>PublishLicense</Name><Value>ESAsELDv/U+0vFxlu3RfQK4fATUzRPBXxRCXb869a8vp49baIbgxvvKm52Jy3DYz3vaGMVQZ9Zn7MOQK3/+5kOVk9hsuzFAhoRolimVHRWgpeF4uFsjVTnVIXGVLs66KP2c/rFvQ4etjgCBL+msU09sRHhrCWRtFjyJMb5+MwtJjMZMHMcBoh7C7bN8P+nI5P/uzLqKazYbNKISF7EdBBAbWOPh3FaHBDhVqg6Ms6P6ZswMupK2EBGVuHJKtYyrYLhFE77HjHazmE8HYUsnuWHm2eldaxXbCZvO9WXd/8TOGuc89bW9Bttpvg+5HhIa55hz3UKW6h8v6t7zGRDD/8FC/Vi2YmlYhlbdy7V1vFyoYYD9bbzZVGtdS1q0FDf1uDnbsdeX1wFShLkSDCACvrO9drf+xO42JhtvBNZ026c9+vrPESS1nwix09yFOwZbvcqZZGLh/yTiJRnZuvG+GJUilWcU9Ng24xFPJJtgLoPYDgarXOlqqI2ISaq9yT7sV8ZfgPFHar4lDmrlh0dzH29e/z8+8XAIEshHcaKU12b4CkmboWlgKMSQvK7RbWF6Mn4yemS7NaV2rVYv7zIEB/tCmgdJa40xkyVrPjYmAxmVZqqdxF/2SCzlGOJ0IYwwyKW8FbxIQvvR3vJmpz6k3g3DGaon8MAO6GQaV/lexsHWib7aMBsHbnLD/sANCbrMG6F9jxDo85PzXDCS96NwrqRb7S+MbkPDzu+uQgsZY/xPM1OZJQWrWZVpH+rXe7GFX1xk7Ig2lc1VqVkV17WimrN8rIBodR5uWWNWs6vOSN2Rthu/ww8HquLeXhuJV4Lq6IXzItbYuxW6mGo1vJHDm7Z+jzAe7DVKXbGFmj7UJlNo7u8QEtXvuFij75mH7YOlj+LV898M0ENguggOeK6Bv0RPKeRUtl2x4RgbCsZz2gHt4+uCEDihkYv5AVeKeNy4PHViRpKuytkzjkXxk6bNt/0DwLVDn2lSPyvCEqjvaUW8neehMXxSisEn5TIjg2F56TVydJjnc7hOWiEyPyFAO2izk8rt8Oazn29emIqjYE4+o8C6U3GPNHvNAUo3UaHvlrKp4c3NtL9znG0himwB6o/Krp9NbCyufiU70r+s8+J+hamXcjuf9HVwXBOQM7ryFAcdG5tTBe+c7RW2zQ++t8X2i0JGbfOkUew11qyIDqPNixqhKTDtJpGFfpv9ZJ1zzBLREsLeE8dahq06aO+cF1FHY6+e95+/4OpY/le/F6fyuuc62NAzf8LjLHQ4Rg7Jq4QxPvof6drTVuBbMzToJFxMuO/cazb31mKvv+roRgjEU7mk/cSnKQVNUPju8rtPOtUdSRGBHmrrFIfFLY4JYfsnSlDYHAmgI33h4lYBrYKLFr+kWq3ATiJxO2cVo38chwVXgpMGFrKSjzGNh35Oo5LuWxH6lq+HR51N/1Byg3NozhubYeSUDZ/fpUchOWwYZyXJ81QsdmtQXF8893N5xBkE+2vgPq16aCLH4090G1vjoxriSaCMNByg8MJn5XiRMQJQ+BNf9KKkG19Q/Zhqc9yNIPBFwq4ZhcBQ5LLMzPAI49HKMwpM52WLGmOnu32ELreCFLznKSiOfd+Tf/CYEv+GOY0u6m9QocgUtcBsQSHuan/CqXGqiEEcRCMAjf9umcmjav0j/Zfr/jWCNC9lBIF92yTxSEfjhdTk7biCyYOiL0PvjyLmgZGiJeG9OO4/GH6/oGu8tpRteubGEukczqoNO5uRdy1HEnIUp2dS/P9HfMYNAcX2ZWemS3DR+MGRzT1w/M7KWdcCo3dJ7zsrJqU896r4DSG3o7/8kekOf3uzZIwmsOh30i/oIkfTxND/QarK8dnoR1i4fEa4qp0P+uch5vSGfPV4qZ4h49qo9/l2cxmwDT13PIQXWqCv+9vkItMFlf4oXFOFFWZzPozpOgw2mRxHP3RnRqQEVdF5c7hXK6uh/EN4hxDZ+d3Wp1bTlFR4GolckVcuq4SanEOaE6CwsSYh5K48LyJ0yj2cNfi16ybioCuiSEm0x4rE10n1UI42cCrCUgnvEl5mjF1yu4NdzH3eACKo+55yqWCnUFXSSa002vbEPIlcEpNXZRldddRyOTP/zjcYjObm5z2GBDLWVyOn1QzbMgLcNdSUVnMmAkfRrMdy1Yg7CTY/IoOtb0/qeaUxhzG2LZlXZPDPhfF7YI8KfgaSF8CRXvnAR0pAqgY7AYQySJm2Oe5THWoFn0qagYCosHMHsqQswAcNu8Ih9Rf1nhKuQF2W6gRjAhe/OOn5MO3ZSd586symy/mVuIjmC7FnA64XlGGRNQQydzPdVen7cggfclEvR7sdsfg8ZOIbTuHekZJvUhnl8ghXuYMYIMe/IcJkMTdrnw6sf2eVg+5N3K9sHuofrfOIOYf+wF8fe2IYgWg8+dKUdDfkURcXgzqvXNVBz1Dy4jJn6846FwJ7KvLnS+XS+jDWSijwmL5O5p4Rx2CUTuAJWkvz4zUKvoTzRhKgwtUzjIkq28XFti9M0+lUtlAlaqyt9OrzJbnfTB8xd8Wr8HCspcsglnUw7/sEqqeGuVcH6Htz0p1lnabmns+rOr+C6TLgsrnYN85u0yV9/pGRQ17vWa/W6adatYntZSR9kiLgykHeDFbpSlrSKEvUOHqmPT9yvhYoMMlaCUqV46GnDkZ+9h+ttNTb88naFcrVg9BIrZVJ1ZqKYRXyZxtek9stJLh1tkXOXz9LMXkdtDjwSUq7zPu7rywgJGDvGATjFHQzjKzs5Z0/IWV0jD+TsvQrnQvJJ8qsBHR9iSpaCB0icFg/J9laiAIxAbLbb3ZEdJ4oyvqHfIADHpAa/f9m2WgrZ+fqKyfsmzigKLm/6HErKLa/m1op0+NKLMRD5QtyYD5ewsLgH+RJc7fkBh7eZwqSMn+QcVQYVLN1hIi3IfWy13R5s6UFkl8pu7ieLhCAQqxPPt6TKXNiprjrRQijo1Lt1UdnFny/N0aHsPwiekwrITqbW06K2v9X9XVsUkjs9Z4y/UfFrw1Uc01MdOAXGI/OdC71sa/95MQP+agPudg2JpMO6jFot1hXM/ckKnev7ehdRJ1ZGe7frj2m6HuIInYaFgyjZPsorV4sKOIht2gEm84zkWaAGN+IxMhrwcIvmkPf+759q1qEKDJKGFV+KKhGH0KvGcFN+8YRCRKbp7FXgSQIThmK3ImUw2HLCYomSHoWTDx/vhMnU4Y54O+3p80gZxJ2kGQxPDem0ZODrfqMvyR0phnUfhLnKpg5tdrrZLwLS8wKdJNqqYJRf9a/v7NQksqqsgIgLgcieP5fXdJkM96hWMFwkbr+S1y/SYyH9sqAMVYIbjmtede9G+fdtEWB+nF+FHDfGauhmT2VbdDe2a/mD2Qe9AZc5o3qzaUV7KL5xOncIkJFKuUW9i4Dg/STcu9WH9rnYrfvfvvYmxG+ZrnU6B/OD+Zzp+kdShYK172BK86N6PbluiS7+AR5zOWP+sjfUSbcKDoFsD0NSu7/4c8E6ct59m4N0r+pOl1UqrDPNyyPgDfmBleS5U88x9XQoB90P6oxdtwYCsIay+XPb0VmlSqhdJnRtE57Q/5cNBt/0gZnooi29Qu6d85C1kXScyLm+umP04nObxKpCzf9iTlBvANcyD64ePSZAtSawm/ivXzpHHTZ582rhPwN9XpB5dTDoKmMGKQnG3xih0woc3G7mI3SCBOYeC9wc89f/Q8wZLLwkWatGZFXT+k3YRLe0zrkG8b0oQXBnMQX6mXUm0h55iyKDPaw/fHkgFq8oeqHR0+7NB37RuZ+fZLKtnqPup5Z3nasr98LkA4HOQel9zmCiLMq471nUASL88H145+vOEo2SWCl8iBgNFKyhp6Ec1eXQEvVnQFsgg7kAjo16yphRS7lqnSAt6AeQYBPXwWr3gimey47/id1PRHOogR1/t5oJqYzFb5dUSGF5VrQ1VU411fnrK78m6iTq0fqdZuIT8aLiKR7YlF0cmKQOmMRIkZ1IK9w1Szu1pZXdBtTGrFfdUMflCXEHKzXBDKpFfsBUJAUgu9stAv70jmrWoooMZMKt5KNh/n9orI3rdCKRwUqJTC1GkOLj1wUS57Ol691GVXe3nt/t5Fd0RYCB8phbRuOeimLY547VlrK8Dcs3lEEMZFlFFFJ/QnvwTSdUjdwW6e1ZiQtmMQzHKF3Xtrq1b6u2j5AI7UMsLzJQv1SgzFjaIYRUW/GopH1IiGP+sR2ds/eBFdGeznjx6jVzoKZfkQjftlGfreIkR25NueiUWUx0XmomucYlXZoj0QSNLJxW8CTiltbAIfkfUBEEqFO9dgHKUI1ITH5H3lbH/DV7yyJPjM7gkJaQB5N9nQe5ZTIF4i7+R9w6Bp9A4xSAWysfhKua76ZMNpQGqhTy6iC8syd/TbX6XKrxvJ+otdQIs5oFf7rINOX3xZC3H5egiQm/L7VYhosU81xTJSzENdodxtWJoP9V6Au1e8dUR1qP0VkBXaif8sjw1bXnI2W4mFf/Skf4CD3ypNPFm65ugDpmbDAGiPWapBAZP9mDntxD4QFoMG8xZEVJAHT6ywAUGduBDab5Z06I7y+XNe5FikZrpe84jrTVdDWpIXjQ7eLBAC21q4rwYJKxt8CtJrOGk5ChKubZ/Ei1xpgDKRJo901jlA2H8XqsQ4GgY0v75bajCDxbuw29o6ZbHJkCeiToICUI7z8DR6GGtWeQmstrbfdKUxAAD4guF+rTqWz96mQgJbPO40ZwlU4ZlHs1q1U8PMT5AwwuLHfOqPNgYeA4LbnOyEou1R7LE81elXf+co8nvkgYV6GVOyN+yJ/ADlLsVM6YVVZf8QnJ5aMqXtz3BErKyTAqMLq9jNOTTnlExKDFgZQXMNK7kgXqspjff4763f6CcOv6P5mbk3FIaJkSLLm5u7nvcx+jkO7LAzjvaL63Eg1Mbkwap0Uiq0dWj/1+8uWpqvc9DofFUnCfU/QGTAnQU0RfHPBgnRu8cUSeWpWx+7+aAAmAl86VexkbOnBYcSvnCWODnkym5iYRFz4aOiebYcfBUwf+UlHaVYQva8a6kNoc039UfX+9Z5Dnu9v2lAqNxxQfcKjlF6hW3a2vmbpSo8bPNN7xJ/cZVZFDNPVx5xfurTGlVkgrEULieI6z368vhY6L7PpLdoLJUW06V0oYBPFijUVXTlquEGVszp54mnKTfCwRtGHHq/ItM5DXQGxJMSbZfSA7E67wvaRHbc8tBO0eiLUkEThqk758K+cCIrOEPyfjLFP6ULtjgbe2pk8RxUmSA+CZzde/DjzlGAIt350laON+dcmZ2ibo+KG5d4rOlYBQnpkjgKckEOidfotGPvOhA4sU1ynHhigs9Kz+m18lk/InqIDTA7fh54ZmDQgDNO9+xnW2PWXQ7Of2cPd2ZDZ2vQLQz3ds7qoBC4KxuxTlFSABXvU4OHpUUBBLfxLynzhGb+BLpdhSc5D6WIKPP3z2I1CDJLi0BmCY8z9Wr1FQ69klQhscK6AXX38NMKZZC8SltmDHdVVaRcLxnmGM5vtfqcZJ2CovOqtrItnj9Ii/cGSzx5Jbx2ZTeXZwIezPc196vJW1Jq0VOwtLCMxWpRU/UNHHpLj1mNFIFQy6KY7+QjSHIuMQIAI69R1BkDHQdUFEdjAVIhB/0NsljtQTrFjnSCTdDFLGhIpQ8I62jq4Zl199+oUyWwH0Mp7HjOZEnmPgZQpxIvmmghM6yWeiIdqqm6sxJ7ClhiuaBbCqU2z2q9eFRCR1yf0IIOWU2rDi3ChquDsJa9HMO6CeH5v24JgJ0j1eld6Dp8Qau9ETLinK6e9nBB79PwUD43we5iJvDHoxEoUKv8pgYaSfPuJzYSh5+QqaOSjr/xfg4lObzxEOqW3KvKdFzbwkRdIfWfdLFx6yO5dbqT34qVQUnihPOEu1YigR/+Q23SNlcImjl5yMNlmdWtY0h3XX243Y1VQEHMzs6sA/BBQg1MKbzZojWA0Ml5am6jerkbJxQvdK+BzvjdPAbLnfUr3qQyVj1E5inrE3qgLv8lqcJ7ECZkVOvERUUxc4DrGRh1Gxo9WJRMA66Hi+DqAhLL7nbIppaUo21E1KioxyEPSaka7gik7WhXalEJMbyWPcgdvPlhsz4juF619wDAdQGFtyF0FXcVnt5F1zbdGK++V0A3dTnaVLNLSy/WNFWiilIAFnTv2Y3/QSYOtNevTiuuCc1VlyMc6U3eb5qo3XgJz3Y/6vckvXSWAk+0nVwOqk+xoSYJOwFMcZ9zzINymUKsjWhOtqb2HhsnyYaRxV1aGWAb8AwMFVMIMXJZCfKTcvdN3WUau57vYic2/m7ks4x+ZYM0urOw0rn2+IgSG2wwOCMJmfM7vaF1t3GBDW+bg9+/F207bDbHi8sb89RpdHdu0AnqmrbO8THI+S//yu+OA8kZ2atp4oyZ9qVq49Oh+vKxseWd83rc2v9URc7UrajaeJy2iRgvjUtgsXHHvDW0vmdNG2q7EbtpAegoWVcfeNbQqvE/0VOVaFWR4y2nZZEqpogZ8D9PCGTsDsC3AuESpwIXkaePa7laRXrDTkPEyXhUxRxU6mgVWXuTn0RcDjrWGueDSUpAudYnTe9tGUlUhTUfAHgINhdlVA0wUG4oJOBFYVOu+vlM2Bmm3OeHZ8JRwniQ3kN+vSbWr8jNQaaT7Goyx3LkUamCbVfIurosGUzMF+4+6sRA1VZ+RqXtEBcBFTEdDEAjfC4BrXtaNi+vJJhZe8aw+phLVLmlIskAc5kZHdb/qDGI+cXAkhNZ1nfJ+ZMVOaa4Nt2kSwTvmUkWhDoWXsEG+vzlMq6AYD62WtOCWBWNUtx7iuVBRVFVDgRleLOoiIMzmdzU+J9joVpI77gJxkRDKDbXAtL5cCnYy+SILMc1oSLOuTty7sgAuMHIPaC2WMhBkQ9DxanYVRqVtoosvoErM3jdlSHL4+CAj/IZFZkQL7B5UQG/TuV2YjmozkO72govC9pkOcfnZQUo/7eyrvS6Gw2Sr1QydyXf3J7YBGoA6vyBlwgbL75Hr1ZH8V/Ov+fm9MtWZ+oEEZKAatIG2BFOulM2cQklnKthSPxGFWsxVgiAhnhxN5GYrYBUD/XfoMie6BgwGbj5HLfHp+3w34Wc52Xj7ee0dA+QN2nmJZzOkTw2BbjEQUsOjMSKP0+Wl8+C7DfIXQ1PYQ/d04glXed9bOfiqOaG4241n8VdhIMKQ5jfDt5a9AkizDWa2rnKnVoGDgYweE4GWvUr2I2hzfsTFw5BC+ytn0N9ihmulg1AsP8cA/2p0qQrQqhM0HwxY4JoeniLMrmw11zlnUony88qg/qtnLcnffiRtGadmdiumhisDPy1TngwihI4sukE4nF28CF2gE4nIbjB/fpWS346AToiSpXQ9JEEl9LzlDEqO/3P8cOzu5SPSTqQjH/qQpVQuZUQbvp7kpe1YMstSLmrNTbXqa1wHG5tF0E6uEOX8wZ0HPk4DngBI/2gBENO78MEjjqv9NHbh5l+tUAGqJtEneNAhl/8L+fY0khp7GULHanLdxBCd82TsZ78LrIC4/SYFQz6s29n3ir+DV41IF77ebFhn7J8yq9wU2Uye8S223pjal1QuqmMJCkJa/4vSnLHLgvEp8yudM5HbNikMZLhVkUyqIk36RLFt3xvX/PcdNN71gRQ4mrorQ2UShjbprWPA9oZ5R9um+F72pVgS4FyI9nyINDAdzmrBnrYGNRitjXBTlmsiv5PHGr3MaPyefyKHBsLwlEwqhKRQEx4ugtxQHxg22Ocg9YpWal+3uqRxny8ID3OjwtNbbTzJx+A+rtlyfJwcXG0vVzNOudABXLGXR0EGjJPxDJyqTnbC+Ra0Zm9MOsozYj3+iFFt9wEoB1+OxNhfALI+NS2zoOpsPUcCDdur1CgTQ9S29me7onQApXOsQi8hr0Tbu6kgXc0lOAjH+Aahz61JAfgXwu0MGSUFZYxnA1ZBBXAaYt/AiVSJIfAWKjOP6V/eJFUuffLEsQuXFUY/ZvTrgSzuGYgcpPn/mbIHyMAvDihDKvKtQdDiHg5mZxZClGw4CRrHIUuSY9B8cQeaqLAhNun5aBU9MfnfIKjVkinWGW64Y5o/k5GdWzKhKV0e1U7BnEC5KBWxrQppWMFwm/YjbhmKwRrG8Ijj49F1xSKcjiAdzCeWgT30JKYhv4e+9SW/nQPoZ2EAyue2IyL5Vd6wNd6E8FaCl4FIYVvEvtc4+ykBIVIbfZeEoLqyyQcqfXJRb+MqU2kb2Oj+SpexnZ4Wt+zdV2WEHO4FNZ3KdLp0Rahay9f2s413Wfwuqwn9kkRVqFPfA1l9FrwoMirBq9J1NnJGIa7J+gvB+Pf9OqIL9QKuUGBfffJk6BcuPqraSVG6YGAQ+Nf8PyUxEO0vH1zXaUH3WvvYBhi1sPvDZljehPh67ZVHHwdwgpVg0UUwV3U/cY2u+LbETmbkgD7GYOLOjfLCxC1nFT7ycwNT9Z5HAOuFhVNXIwh8dOhqSmWYfVc+w2pz2aAGKMtqEDJ1gyaohTZuUcfFjOVoGgvTF7fb4CaTDPd3bsRwdvgBNpeXtS9woBsqS/25qhzKxmeDWB1pNSRe/aspy27u5s3j/eYu7TE6lMxN2TtmA95zSWyQgQE6TXlYjliPrX6Sb9HuZRwoXhoOEOVDfsXJZt2w6pvfe/V0ZftVtymG8iZh2W4y+V1/dqDgaBRtb0Daca/YCkKRGwp/8uL/8QN4FJJ+Lq2jHUc+8wZoPl/sD6XP+ZXu3UQdZe3n9G5mZPXIU1dv1JXdqO9/Ojb5bu0zW+Emitz72eZ5u9MTwPsUR1zQTy3OchinvTbarDsudDa86EWTB9Mst8BEiuo8Zp8Ctw7IGxZ4fU6lOR6Xa4TDVAahgoztO01pk7Sa7wbUjkrlB/NxFReZwNer3uC684IQNrXVg7CpdhIA3uATKM4pKGtTDpvMscD0jfikYl8ZaCFRegRlvb82Mik0mvv24eUTunLl++laYtttEW/aJP5zS69x+4VTinUXXHwoeVJLznwvSMbC9y6OLMluOIJ7pH1c7J4UZJcQRUc/X1EEXTVIpSVeaxUOKkuxL4rIg3KkcksdsNMdKyJ9EftKo6DaM58okq6AFRcaP8ALw7kthaNZt98wL3Nm248lJftLLZVAPBRoNbXX/V9SehC+9IcvHGzqdSRefjKkX1i5R+SzEHowOeF3Bw2O6EhFYFqvLUQoDqHK4ukRkqr2nmQViF+dXd3ehQCPbTPNwRNEU8t0ddKaRmCoFJHdXhx21jNBSLuJ/JvongEEILsoppFRRXA3KTGy2A1Fys8CMWxh/YLZVzinz/aoEfLtZbCmop021zAqQupE4fZpGYDuyEgLpO4EFnBIfcY5aaWr5meuk3Ojel6EAynnvPi5RUN3+Q1b6Uz/iU4BAdSJm7PJtcn97fnG8l94A1dAtLQFl9COjSM0XDDJW7YVSnqQxt0Kb+5BcCok1uGeQAsbpziAIfRxxtJqFWWl6kcSRNxuQvw5VbmYBM9q20dbSWVbMVDJWEupRKTPAGDrCeoFRoHEHq3Ly6lM4keXBL7mjEnMgtH741+iD9bLGNTYexlY+CRUU5RVqvAp6F0BYCpSKETXjY8/Y4Ku1cNs74LjE9F5HQ3OUn49rUAN834uvcuwClkK2rPaE+rUOz4biFZ9rki8OnL7Dsgm9/Q5pOkninYDAQ0G0DqXizm8ULobrIEVF5GSVhdc/ZsxPiHz85vxe/QYRuA/tMp56MgF8ReoH2/uAbE6DSY+8fRXo4gdewt0V3SCGiT2PUTYmatKkAf5Qyqxdgy6XVAfNi73WR/rDYewPaEiJsDUk7xkGUtZwmwZ9v7/+T5GpDCGqVaWlT8X97jxVUec2OhKuPJ4A5vY3gRBeISTpH6pFxtA5eXWx3M7y0nQUFym8fev5afptaXph9pEoGZ5AjwgFvISXndxMnqr0+881wX7+bKvqdmqABCDBK5jrCznFgkbTs+yuHMP/uePvtjqTky/CPKlbUilwXJEVAcb9rqQqasBCwgBqTQQI7tlml/RiIo0k00yrwphsoaIn13eJ1TMJX2YA34rfaP+ywbuzTUvUKWOYDB55Z4245f8yMAGfVB+f7eUKqeuxYSSTWJr1SCK9a7i9hB2w5q0ZvEA6vOY7SXwxZHxn3jjbzUOkG5Wb4nwHhT7qc5EE0xABJDVcxsv2IVmkkhDw0tRsW0orXRP8wJDqpEKmenp8pU0dMPPAsQ0f+Tdu7HgEmObWCuKlHz40AzBYexFrAFby9q2nLPvA1zpGAQ4LFJ3/1DvBsS6gnb2o5LnmAoNm3fPAyHwC6kGXHMMCiPeuI1gaOU3y9J2O53fuY8T6fpzT2b7XQr1s/EItBYAdup7IaeTMyU2mE1QwOJcNl/smlJzTKGvfbE2yBmhWacx1DjxnarxWU8mWGGp+iFGeNVrdC5FN+R9q9WOnBJqDRl0gw0mHnMDhZaKf4GZQ6F7NagFr2VUs1E1hvDpY4pgJPFtAMnj9RX17/cReI2znPutL5VyGypmltlQPHh8x+Aoo30PcuCnOZp7wpNKE21UytuQuEjzVUhoyfbfxC4fvbPFBrYHhsF2qXtWSwVeEgF1+18H+HFY+5jSmcNIsdU17kOfXyzAdtWC9wophrIxC0M9Avg+DcbjHd6lr3X5QDDZdMJ6GitbjRM5AbOT2Yvs0Z9EkclnWEtPkuYCDPYU+PIbiP4nQlIOdu7F7/RhGzS08S1vGs87aonnxkzPFq+7VF8hh8tGf1FMDIB9QLKI036A5SA0gI2Y2ZmJoh+o3NaPh3ldXD2Ysg87iSBEoTGblP9FHjn2yDwu18uBYx/pWHdMUq6rr3L/uZZaxIwWfkUByNW9IhQUqsB0S5kUxYZ4afpmT6p8VVOgpNa+5gG1wYD+2hE0a7ulNaOR6Dwxf2Fsl2smb5uRpnMZLihHQRN6JfjIeiDZTEn1/xL6snhj8Hryfmkvy0G5cs4pHegwq7HYgEHMcyz3DhBBD7xTwXyxeietTHeqPcRlDmkeMRn9YKsEyLNg5R4nkg5ATGboKzXclj59pXmg+LC7PeTSlaTzL9lRmi938/sP03PHEGfUzK3039eh/LyKYnJ2kphUyr39tP6ZiID8TsHwjje74nq0xCfAMmtgjI32KSxB1WPyXTVE1WrLYUFCkfbv24JFcfDBAiYjYpgtiFEe6qi6eBmzudWOjqNyNUAj91pnP7XYknytjsEQPlG96laWfHBU6Iqs5FuBUAVThHRi1YU5ibJ7u2jq0CClt+nmofXyYM5o0Hrg0GmbkhbWsYL9rApQpXxnesDVpoXYdc3BxAMcKRVCi4jq6nz1NtLmrsUE5xqt18o/KABEDGUMT+bOaB+tHIzWAmhwSgJTaBivL8rVRux/7pT9SpX0rfEu/nds/f2q5m8LNyRY4WNcyalK3DOuCj2AOIhPNMyof/unE6mOjzif2OLncH9htvS/2Ec0wwECRbgQzSj8tDm9OL5MLQYbICqppBmfLToNCIaYPz1xmZsAmyvYx2fEBeT84B3L11jyom7rCZJh51N9iZz/L22m0R2/l6Hb8W6ezU8r+dq6lMXmNMLa9zRruG6pPiu1vaXsS+rHooYrIkJ6o6DOl6AHIskBvM4hhPxjc/WwDq8TDKmHDFFxNhDlFLSBME7bIgIdISuYtYPuUTNmEijuWcDRD6SCN5vFWfp4cBc+QlblQ73EhLU7pDuT2FSak/3VbfJSJZ6RAREfeOKu9vdCZeMJsy6Rk7u8bxDXUKjNw2D3KeiN7Lg4tqtkjWYJEylKzF1fgtFbKYpgQfEbqPl8U8O7CgTqTvZX+5mwFKRluiYpOb/t3E3FLHsbViyaxyvZEqX3PcZlR19Pf/qro/Iml04LTd2Juhcr6GSUhK4OM4AyHKwbk43YQSpa6oeJwjf6gr5rgOQcAKzq1VNfNvaLj3ELK52drINc3gTeDel7lDjDii8oEeVFN9hxHcycB8GjugkFcejTUxkdl34796rShiWbh9GgpqJsKk0QmLISv08o/KbeidrjKI30ayJLe3vIxh1sGCN1JLQ4/vlhNzt3qHmcYHup3PjyWcuavGFC8bihQhEcwEi4orwjxBnVRyXORbQvI4b/QdinrzNldiNPqdNjhaKVHLkOyv2sPZvJbwHF3+MiQKl4gcaPSONa9CZryvDgXu9NLCtiDCn1PAARWsqWDh5pM91hHlamTeTAj2JRRjJTR+p3UeLmwM6v50tY/4PfLosXGmCTxEbyE9DNytRj2+KdvixH/jS1wa0T9P+HLyQCFID5Jjh/DyM47AXOgGJjItGbUZDk3FbO3UxmVQBYFzEjAsc7CvuvcjONT3J0tMQxju4MDUKjJzqZQhlUj+SIF0XkHk/tgovf7KV3taPAqTHW9LniNi4TaSv2Bg+cXT72qxE31Ds/dRpLDYYBsX7G9AuI7suUK1C+wztSm5WeUnHpBsJRYKJl0jn08bAupcxVmYK//MH7OAoPuvySHPZ20S3Mx9q1K7wg6SacHf/jOM1jeg5gJygBpHj5druR91qmVSfXYbXLMB3r0XeObGXbCeo9z6yHD8ykMuE6LVISvzHKODgBwmtoF1SduSEXJsKZ0FSknWyD+/d6sGwdrJCN16JlFEdvHGQBmGGqDs/Qigj4vLUS/3qeszn+A0YjrCTEPS7tmMOh+VV0QDc1T2Kwcrpni3JKEjM6ABye09kJxnneVycmSlQkI9OArtT5CBYHv66MqRM6plo2iFCHHMW+hrfR/VtlKTBlsX38MU9tocspikXjx9skNK867aWxr4I6ra3VB6+ra8eBgeIED1MlwTrgXN3dkqhDS14sY7k+50oARB5taAIo0oZKS04yfl17cZ+Bxug2O+DDQYdZZw/vC4amSqk2mV7nQ1PYA0VbNFsliDK/bkvbA7Tp2+6Z3qgVCLExtN9kbl2SHInZrKDEbCnJGuIp7x4VP+9OVLJGP7E/jqxbns9pun3xoBQJlcp5P/l0MTZ1Y1Eb2umUT4UiQdOOVrfdLC8w76dfZie0fNaFNFzHrDsml0+NEgwFLqfP97kIaiDy5no60bBxaB20U2kLfsyRmaieJkQPGiZ/P/sywkd5hedE+Nd4lrJf2YrmJQHYHXX7WTm+X9EsU+10kwF7k5pOpU9E+j9ALyCvSnw/OrFryDrC/F5KwhwWJQ8qg4u9P4Dl9Z7ZAdAFd7jkyTP5OB1cCCq++B/N8Ir3Fu1nSyWALJA/cwUsh7ar0S4umqv2ECUhc9zX84+yDOqEKSyXwLFdafbk7CgHHF+mLhxLMF+RJQ9CZ4vNzlRby3grl8Kr/pzuAgJi6BAyMAQn7oIaoueFzUPjRpRAaPN4kvhUdidp2t/JCUjZ5hI/EIsEJuebF/LAYPIjeAePzVpDCkvv9ICUCKJqtRA9sT6xRhSA2wiGsRD4u3WtkSjGVdy9PU/amrlWBDAc+c4u/tRXlfTCccxRHTaKYPCxSuIxnroQsDoO+A4e8q+nvyPkuaHAD4i6kezt+ZI6llt/JlCqtwadGFUrCU/M3Oya/7IlvmQ+L24fjyqLbed96n9i+njtaxm7uj5DN5YV6ZXn+1XtDOiVpH84iJ703azhjzMR9YCEyrRJO2ZJPwCVJ7RnN95JvRADjeuCh9euuEDWPWRxDqe7jOVjXDNv1OfLcFLLDttvTityuHtf9V2cRO9ZyeXhibNX/ZdA3GZDC4MbKErUPytUaloXWlRImjC1tzqogcfo3Egkcw1/aXII5EDiG7n4+SYUKw2eVclyrcCx19WGVlCa2UuUn07T1az9haTxBXLoNdnrw6QvGbnLVMkQBWRlE6Nkf8NkIjtEvuSGNxCcwRB96tAwBCJh8TpWvcNvq8z9QNaV/W81LBJxDIeoSqEvNQM/tncT8/OAgQn1OWZE+u4KMMAnTGj6XD5Kkp7OLfgm/MNiB3bR9GTjVkiI537QqGe6h9Oa2PTt9SkdLPGHAsnGD5l7LpLIY6DRmhEI6KBk5B+WfWc+mz305wbOi6rzapo976IFYjse+XEncTYlFyJeA6XqdpNGwtw8kye9e5slx9ZS4XNTWcAHLBAJxOBDJp84Z1K5ERmkc4eEmlB0+fah2TUOPafOcFNy9TkFNE3OYIDXZnuUNoDw67a4AZnmlg5uyJjQctSvkG3tB+s4sgVQNpmBGCfntIA/aRVZPWSUsrKfXvrYgNZjJMZBcxd3r/XnIrZNkqO8Drgm+QTelik9aGqrx4IFCMO9lu4TXljpUZuzt5CA/L0qsubTQAXOiNh985w==</Value></TokenEntry></Values></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[16]"><TokenEntry><Name>SessionKey</Name><Value>rkQz25sGTW2NKkNNm6ceR6sMaXp7n40dHz4lpL7gZRGa12VrxyTWTW/bf0vzbJkFTlykpJMmHp1N7NFxsPD15hWKRJWzprPRt2UF6V1RBSYAVZ6PxLEw3dpE0ocZVV/7PVab3zPnImjRRMOCDMp7EXOPzZk0bDZDiXKghq7z0hHYYimQ0/6Ljx0h/NCpyIlqmTuJok1KEVtfhK2TX71JhoyO1UkJa3Ajqg3fROzKEuaLvvgfGuBTdPVPgsLDLC9058BZxxASM7/8wZTS5TorNrS33PAvPHFAy78CcssaCVY5scu2nwjZG7j3K9m60EFhLNwv7D9hnTNEdAAoaBNTNA==</Value></TokenEntry><TokenEntry><Name>BindingType</Name><Value>7taK4kC+a7sowB/t5XAKwJnx4z36Or5ug6y5cRYaSjM=</Value></TokenEntry><TokenEntry><Name>Binding</Name><Value>U6Rb0HTj5Kz60O9TKbhYDbJngmnxhJ/WFeQ/KxPeDyYvSd3xjnNgkw7sF20KXGBLoK06dskPioc5j3+uxv9ezLbdOtVEz8BkqMrjMHHBO5g=</Value></TokenEntry><TokenEntry><Name>ProductKey</Name><Value>8qghlT8KB3MDwRmjSIj82Wr4TQ4Sx5nABKbjbcqdTOM=</Value></TokenEntry><TokenEntry><Name>ProductKeyType</Name><Value>7taK4kC+a7sowB/t5XAKwBijx96+8XTkhNzFMYa6oc8=</Value></TokenEntry><TokenEntry><Name>ProductKeyActConfigId</Name><Value>fQ1oLCrYjhLI69D2aVM2GkMT/ZJuTYqE+Zx8DHOurSFgxKJoCzYVUGzvKrNW/U67+waL575I3G3fe+7ZubYPNTYnXZW92KXnn3QV2y0ZNd4=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.licenseCategory</Name><Value>yueuAML9YH9MsoWKCoreOPmSjcytushHqeqJV2jfZ3I=</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.licenseCategory</Name><Value>yueuAML9YH9MsoWKCoreOHEX6oW7Qma89J0/gxrJki4=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.sysprepAction</Name><Value>nKu0YCX0zS6uBKQk7uAw3g==</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.sysprepAction</Name><Value>nKu0YCX0zS6uBKQk7uAw3g==</Value></TokenEntry><TokenEntry><Name>ClientInformation</Name><Value>QV37qkZVk15xL7UOUZ2/ASsPnDB0xPUZCzBRQdoi6oolm9m7ShI2lgbMjaX114XyWDIZJp5kJColhsYgN5I5rw==</Value></TokenEntry><TokenEntry><Name>ReferralInformation</Name><Value>87Soi5HHVfI3BMeOAXqvegZ5Dl3CJv+bHHtSbqBzZoxTgZcsrHk+ZB8DqCmdrrWAWrkUSDBfcWIWniLWDqc7Pg==</Value></TokenEntry><TokenEntry><Name>ClientSystemTime</Name><Value>tWj8V7odqUZ5JcuGd9VpjZwS19RpjRnpa8YpsxugoKo=</Value></TokenEntry><TokenEntry><Name>ClientSystemTimeUtc</Name><Value>tWj8V7odqUZ5JcuGd9VpjZwS19RpjRnpa8YpsxugoKo=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.secureStoreId</Name><Value>RRLz7H7IeUAfmSY50KaMYuoEgjMhP6+EndUeiDxQi0/hqK6EIL9luKuURq5TBzY7</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.secureStoreId</Name><Value>RRLz7H7IeUAfmSY50KaMYuoEgjMhP6+EndUeiDxQi0/hqK6EIL9luKuURq5TBzY7</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EE7, 16:18:22:360 - <NULL>)
00010003(0x80072EE7, 16:18:22:360)
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 3795.53 MB
Available physical RAM: 2809.25 MB
Total Pagefile: 7251.54 MB
Available Pagefile: 5858.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:439.18 GB) (Free:394.46 GB) NTFS (Disk=0 Partition=4)
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
02.06.2013, 15:54
| #6 |
| /// the machine /// TB-Ausbilder | Google-Meldung ungewöhnlicher Datenverkehr Rechner ist sauber, ich hab das Captcha auch hin und wieder, vor allem bei youtube.
__________________ --> Google-Meldung ungewöhnlicher Datenverkehr |
|
02.06.2013, 17:06
| #7 |
| | Google-Meldung ungewöhnlicher Datenverkehr OK super, vielen Dank!!! Der Fund beim TDSS-Killer stellt kein Problem dar? |
|
02.06.2013, 18:25
| #8 |
| /// the machine /// TB-Ausbilder | Google-Meldung ungewöhnlicher Datenverkehr Nee das ist ein Fehlalarm  Die Reihenfolge ist hier entscheidend.
Falls Du Lob/Kritik loswerden möchtest: http://www.trojaner-board.de/lob-kritik-wuensche/ Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.06.2013, 10:39
| #9 |
| | Google-Meldung ungewöhnlicher Datenverkehr Ok danke, ich bin fertig soweit, danke nochmal!! |
|
03.06.2013, 11:12
| #10 |
| /// the machine /// TB-Ausbilder | Google-Meldung ungewöhnlicher Datenverkehr Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Google-Meldung ungewöhnlicher Datenverkehr |
| bho, browser, computer, down, ebanking, error, excel, fehler 0x8007045b, firefox, flash player, frage, homepage, iexplore.exe, install.exe, internet security 2013, kaspersky, kaspersky internet security 2013, klelam.sys, logfile, mozilla, msvcrt, nvpciflt.sys, problem, prozess, realtek, registry, robot, scan, secunia psi, security, software, suchverlauf, svchost.exe, tastatur, trustedinstaller, ungewöhnlicher datenverkehr, windows |
