Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.04.2015, 19:46   #1
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Hallo!

Habe eine E-Mail mit einer seltsamen .js-Datei im Anhang gefunden (siehe Anhang im Post). Dummerweise habe ich die Datei bereits ausgeführt (wollte eigentlich mit dem Editor öffnen). Kann mir jemand sagen, was die Datei in etwa macht?

Vielen Dank im Voraus!

Alt 07.04.2015, 20:08   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



hi,

https://www.virustotal.com/de/file/6...is/1428433511/
TrojanDownloader:JS/Nemucod.H

Dann schauen wir mal:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.04.2015, 20:16   #3
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



FIRST.txt und Addition.txt im Anhang.
__________________
Angehängte Dateien
Dateityp: txt FRST.txt (84,4 KB, 131x aufgerufen)
Dateityp: txt Addition.txt (88,5 KB, 332x aufgerufen)

Alt 08.04.2015, 11:04   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.04.2015, 11:14   #5
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



FRST Logfile:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Verses (administrator) on NOTEBOOK-Verses on 07-04-2015 21:10:12
Running from D:\Software\Farbar Recovery Scan Tool
Loaded Profiles: Verses (Available profiles: Verses & openpgsvc)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Acronis) C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe
() C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apache Software Foundation) C:\Program Files\Apache Foundation\Apache2.4\bin\ApacheMonitor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Sonix) C:\Program Files (x86)\Common Files\SNP2UVC\vsnp2uvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
() C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\PowerDVDCox10.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-30] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [801408 2012-03-30] (Atheros Commnucations)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-17] (Alcor Micro Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395744 2012-10-31] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-07-15] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-06-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-21] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-22] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-01-30] (ASUS)
HKLM-x32\...\Run: [BlackArmorBackupMonitor.exe] => C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe [5584616 2012-10-31] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [snp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [331064 2013-07-30] (Sonix Technology Co., Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe [132096 2009-12-02] ()
HKLM-x32\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-01-15] (cyberlink)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe [771584 2013-11-25] (Oracle Corporation)
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-06] (SeriousBit)
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2611808 2014-03-16] ()
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [6886752 2015-01-07] (Binary Fortress Software)
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Apache Monitor.lnk
ShortcutTarget: Apache Monitor.lnk -> C:\Program Files\Apache Foundation\Apache2.4\bin\ApacheMonitor.exe (Apache Software Foundation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP94&ocid=UP94DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2629921762-3918403595-844649534-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2629921762-3918403595-844649534-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-27] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-27] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-04-22] (DVDVideoSoft Ltd.)
BHO-x32: QuickStores-Toolbar -> {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-30] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-05-14] (DVDVideoSoft Ltd.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-2629921762-3918403595-844649534-1001 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn-gm.fh-koeln.de/CACHE/stc/1/binaries/vpnweb.cab
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\..\Interfaces\{595C5572-E3A1-4257-9E0A-25E6708F169A}: [NameServer] 192.168.0.250

FireFox:
========
FF ProfilePath: D:\Verses\Firefox\Versesneu.profile
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-22] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-22] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @worldwinner.com/Launcher2,version=1.10.0.25 -> C:\Program Files (x86)\WorldWinner.com, Inc\WorldWinner Games\npwwload.dll [2011-03-17] (WorldWinner.com, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2629921762-3918403595-844649534-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Verses\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2629921762-3918403595-844649534-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF user.js: detected! => C:\Users\Verses\AppData\Roaming\Mozilla\Firefox\Profiles\jo2pa2im.default\user.js [2014-05-18]
FF user.js: detected! => D:\Mozilla\Firefox\Verses (alt)\user.js [2013-10-30]
FF SearchPlugin: D:\Verses\Firefox\Verses.profile\searchplugins\trovi-search.xml [2014-07-29]
FF SearchPlugin: D:\Mozilla\Firefox\Verses (alt)\searchplugins\babylon.xml [2013-06-28]
FF Extension: Flash Video Downloader - YouTube Full HD Download - D:\Verses\Firefox\Verses.profile\Extensions\artur.dubovoy@gmail.com [2014-08-01]
FF Extension: Speed Dial [FVD] - New Tab Page, Sync... - D:\Verses\Firefox\Verses.profile\Extensions\pavel.sherbakov@gmail.com [2014-08-21]
FF Extension: TooManyTabs - D:\Verses\Firefox\Verses.profile\Extensions\TooManyTabs@visibotech.com [2014-05-10]
FF Extension: iMacros for Firefox - D:\Verses\Firefox\Verses.profile\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-05-25]
FF Extension: WOT - D:\Verses\Firefox\Verses.profile\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-02-01]
FF Extension: Firebug - D:\Verses\Firefox\Verses.profile\Extensions\firebug@software.joehewitt.com.xpi [2014-02-01]
FF Extension: NoScript - D:\Verses\Firefox\Verses.profile\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-01]
FF Extension: FireFTP - D:\Verses\Firefox\Verses.profile\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2014-02-07]
FF Extension: Web Developer - D:\Verses\Firefox\Verses.profile\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-04-01]
FF Extension: Adblock Plus - D:\Verses\Firefox\Verses.profile\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-01]
FF Extension: DownThemAll! - D:\Verses\Firefox\Verses.profile\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-01]
FF Extension: Greasemonkey - D:\Verses\Firefox\Verses.profile\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-01]
FF Extension: TelevisionFanatic - D:\Mozilla\Firefox\Verses (alt)\Extensions\64ffxtbr@TelevisionFanatic.com [2014-01-31]
FF Extension: Roomy Bookmarks Toolbar - D:\Mozilla\Firefox\Verses (alt)\Extensions\ALone-live@ya.ru [2014-01-31]
FF Extension: DownloadHelper - D:\Mozilla\Firefox\Verses (alt)\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-31]
FF Extension: Session Manager - D:\Mozilla\Firefox\Verses (alt)\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-01-31]
FF Extension: FireFTP - D:\Mozilla\Firefox\Verses (alt)\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2014-01-31]
FF Extension: Web Developer - D:\Mozilla\Firefox\Verses (alt)\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-01-31]
FF Extension: Adblock Plus - D:\Mozilla\Firefox\Verses (alt)\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-31]
FF Extension: FireFTP - D:\Verses\Firefox\Versesneu.profile\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-03-22]
FF Extension: Flash and Video Download - D:\Verses\Firefox\Versesneu.profile\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-31]
FF Extension: Download Status Bar - D:\Verses\Firefox\Versesneu.profile\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-10-04]
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-04-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2015-04-04]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-04-04]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-04]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-08-26]
FF HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2015-03-21]

Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07]
CHR Extension: (Google Drive) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (YouTube) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]
CHR Extension: (Google Search) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]
CHR Extension: (Google Wallet) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]
CHR Extension: (Citavi Picker) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-09-16]
CHR Extension: (Gmail) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]
CHR HKU\S-1-5-21-2629921762-3918403595-844649534-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apache2.4; C:\Program Files\Apache Foundation\Apache2.4\bin\httpd.exe [24576 2013-11-21] (Apache Software Foundation) [File not signed]
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [107648 2012-03-30] (Atheros Commnucations) [File not signed]
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-01-15] (CyberLink)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [3169648 2015-01-07] (Binary Fortress Software)
S3 EyelineService; C:\Program Files (x86)\NCH Software\Eyeline\eyeline.exe [1639504 2014-09-05] (NCH Software)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1074984 2015-02-14] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2015-02-14] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [573736 2015-02-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S3 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14297 2014-02-22] () [File not signed]
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [129896 2015-04-06] (SeriousBit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 openerp-server-7.0; C:\Program Files (x86)\OpenERP\Server\service\OpenERPServerService.exe [24064 2014-02-11] () [File not signed]
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
S3 PostgreSQL_For_OpenERP; C:\Program Files (x86)\OpenERP\PostgreSQL\bin\pg_ctl.exe [79872 2012-12-04] (PostgreSQL Global Development Group) [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2899968 2014-08-16] (Microsoft Corporation) [File not signed]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [508464 2013-07-01] (Samsung Electronics Co., Ltd.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe [72344 2008-01-29] (SiSoftware) [File not signed]
R2 sfcdpsrv; C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [3246040 2014-01-30] (Acronis)
R2 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1114688 2012-10-31] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5447952 2015-03-25] (TeamViewer GmbH)
R2 UI Assistant Service; C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe [246272 2009-12-02] () [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-03-30] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-12] (Windows (R) Win 7 DDK provider)
S3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
S3 CXPLRCAP; C:\Windows\System32\drivers\elvidcap.sys [150896 2012-08-20] (Elgato Systems GmbH)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-17] (REALiX(tm))
S3 jlink; C:\Windows\System32\DRIVERS\jlinkx64.sys [32984 2012-04-11] (SEGGER Microcontroller Systeme GmbH)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [121032 2013-07-16] (Qualcomm Atheros Co., Ltd.)
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [41392 2013-11-25] (SeriousBit)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-03-13] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                           )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3604480 2013-07-30] (Sonix Co. Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33496 2015-01-16] (VMware, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-07 21:09 - 2015-04-07 21:10 - 00000000 ____D () C:\FRST
2015-04-07 19:58 - 2015-04-07 19:58 - 00000000 ___RD () C:\Users\Verses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-04-06 09:21 - 2015-04-06 09:21 - 00000930 _____ () C:\Users\Public\Desktop\NetBalancer Tray.lnk
2015-04-06 09:21 - 2015-04-06 09:21 - 00000920 _____ () C:\Users\Public\Desktop\NetBalancer.lnk
2015-04-06 09:21 - 2015-04-06 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer
2015-04-04 16:29 - 2015-04-04 16:29 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 16:29 - 2015-04-04 16:29 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 10:09 - 2015-04-04 10:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 12:02 - 2015-04-03 23:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-04-03 09:14 - 2014-03-25 15:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-03-28 19:32 - 2015-03-28 19:32 - 00000000 ____D () C:\Users\Verses\AppData\Local\TeamViewer
2015-03-28 19:30 - 2015-03-28 19:30 - 00001045 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-03-28 19:30 - 2015-03-28 19:30 - 00001033 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-03-28 19:30 - 2015-03-28 19:30 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-03-28 14:06 - 2015-03-28 14:06 - 00000000 ____D () C:\Windows\SysWOW64\Hotspot Shield
2015-03-25 10:18 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 10:18 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 10:18 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 10:18 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 10:18 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 10:18 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 10:18 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 10:18 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-23 16:05 - 2015-03-23 16:05 - 00000000 ____D () C:\Users\Verses\AppData\Roaming\CADSoftTools
2015-03-23 15:52 - 2015-03-23 15:52 - 00002207 _____ () C:\Users\Public\Desktop\DWG TrueView 2016 - English.lnk
2015-03-23 15:52 - 2015-03-23 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-23 15:50 - 2015-03-23 15:52 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-03-23 15:50 - 2015-03-23 15:50 - 00000000 ____D () C:\Users\Verses\AppData\Local\Autodesk
2015-03-23 15:50 - 2015-03-23 15:50 - 00000000 ____D () C:\Program Files\Autodesk
2015-03-23 15:49 - 2015-03-23 15:52 - 00000000 ____D () C:\Users\Verses\AppData\Roaming\Autodesk
2015-03-23 15:49 - 2015-03-23 15:51 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-23 15:48 - 2015-03-23 15:48 - 00001021 _____ () C:\Users\Public\Desktop\STP Viewer.lnk
2015-03-23 15:48 - 2015-03-23 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STPViewer
2015-03-23 15:48 - 2015-03-23 15:48 - 00000000 ____D () C:\Program Files (x86)\STPViewer
2015-03-23 15:48 - 2015-03-23 15:48 - 00000000 ____D () C:\Autodesk
2015-03-23 15:43 - 2015-03-23 15:43 - 00003158 _____ () C:\Windows\System32\Tasks\{EECED4D4-585D-47A6-9A16-91B89EDBF004}
2015-03-21 15:58 - 2015-03-21 15:58 - 00001534 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-03-21 15:58 - 2015-03-21 15:58 - 00001241 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-03-21 15:58 - 2015-03-21 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-03-21 15:57 - 2015-03-21 15:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-03-18 12:48 - 2015-03-18 12:48 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-03-18 12:48 - 2015-03-18 12:48 - 00000000 ____D () C:\Windows\system32\NV
2015-03-18 12:48 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-18 12:47 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-18 12:47 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00299664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2015-03-18 12:47 - 2015-03-13 21:41 - 00032456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-03-11 10:48 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 10:48 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 10:48 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 10:48 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 10:48 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 10:48 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 10:48 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 10:48 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 10:48 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 10:48 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 10:48 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 10:48 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 10:48 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 10:48 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 10:48 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 10:48 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 10:48 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 10:48 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 10:48 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 10:48 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 10:48 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 10:48 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 10:48 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 10:48 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 10:48 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 10:48 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 10:48 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 10:48 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 10:48 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 10:48 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 10:48 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 10:48 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 10:48 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 10:48 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 10:48 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 10:48 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 10:48 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 10:48 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 10:48 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 10:48 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 10:48 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 10:48 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 10:48 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 10:48 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 10:48 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 10:48 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 10:48 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 10:48 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 10:48 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 10:48 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 10:48 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 10:48 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 10:48 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 10:48 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 10:48 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 10:48 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 10:48 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 10:48 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 10:48 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 10:48 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 10:48 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 10:48 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 10:48 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 10:48 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 10:48 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 10:48 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 10:47 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:47 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 10:47 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 10:47 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 10:47 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 10:47 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 10:47 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 10:47 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 10:47 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 10:47 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 10:47 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 10:47 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 10:47 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 10:47 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 10:47 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 10:47 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 10:47 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 10:47 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 10:47 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 10:47 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 10:47 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 10:47 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 10:47 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 10:47 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 10:47 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 10:47 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 10:47 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 10:46 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 10:46 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 10:46 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 10:46 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 10:46 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 10:46 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 10:46 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 10:46 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 10:46 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 10:46 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 10:46 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 10:46 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 10:46 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 10:46 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 10:46 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 10:46 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:46 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 10:46 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 10:46 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 10:46 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 10:46 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 10:46 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 10:41 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 10:36 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:36 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-09 13:12 - 2015-03-09 13:12 - 00000000 ____D () C:\Users\Verses\AppData\Local\VBS2
2015-03-09 13:11 - 2015-03-09 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-03-09 13:10 - 2015-03-09 13:10 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-03-09 13:10 - 2015-03-09 13:10 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-03-09 13:10 - 2015-03-09 13:10 - 00133632 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-03-09 13:10 - 2015-03-09 13:10 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-03-09 13:10 - 2015-03-09 13:10 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-03-09 13:09 - 2015-03-09 13:09 - 00000000 ____D () C:\Program Files (x86)\Bohemia Interactive
2015-03-08 12:06 - 2015-03-08 12:06 - 00000000 ____D () C:\Users\Verses\AppData\Local\Packages

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-07 21:03 - 2012-06-28 00:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-07 20:17 - 2014-02-03 01:16 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-07 20:04 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-07 20:04 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-07 20:03 - 2011-02-19 06:24 - 00702856 _____ () C:\Windows\system32\perfh007.dat
2015-04-07 20:03 - 2011-02-19 06:24 - 00151200 _____ () C:\Windows\system32\perfc007.dat
2015-04-07 20:03 - 2009-07-14 07:13 - 01630500 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-07 20:00 - 2014-01-30 21:49 - 01523399 _____ () C:\Windows\WindowsUpdate.log
2015-04-07 19:58 - 2015-01-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-07 19:58 - 2014-09-29 13:13 - 00000000 ____D () C:\Users\Verses\.rainlendar2
2015-04-07 19:58 - 2014-01-30 13:18 - 00000380 _____ () C:\Users\Verses\AppData\Roaming\sp_data.sys
2015-04-07 19:57 - 2014-02-03 01:16 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-07 19:57 - 2014-01-30 21:51 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-04-07 19:56 - 2014-02-08 12:32 - 00000000 ____D () C:\ProgramData\VMware
2015-04-07 19:56 - 2014-01-30 21:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-07 19:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-07 19:56 - 2009-07-14 06:51 - 00198316 _____ () C:\Windows\setupact.log
2015-04-07 19:30 - 2014-01-30 21:53 - 00000000 ____D () C:\Users\Verses\AppData\Local\CrashDumps
2015-04-07 15:25 - 2014-01-30 21:51 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-04-07 15:01 - 2014-12-09 23:55 - 00000000 ____D () C:\Users\Verses\AppData\Local\DisplayFusion
2015-04-06 09:21 - 2014-03-12 20:20 - 00000000 ____D () C:\Program Files\NetBalancer
2015-04-04 16:23 - 2014-01-30 20:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-01 19:19 - 2014-04-07 11:34 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-30 19:31 - 2014-01-30 18:28 - 00001379 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-29 09:14 - 2009-07-14 06:45 - 00702968 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-28 19:34 - 2014-01-30 13:16 - 00211600 _____ () C:\Users\Verses\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-28 05:44 - 2014-06-03 09:36 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-01-30 18:25 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-06-03 09:36 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-01-30 18:25 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-27 12:27 - 2014-01-30 23:12 - 00005724 _____ () C:\Users\Verses\sanct.log
2015-03-27 12:27 - 2014-01-30 23:08 - 00000000 ____D () C:\ProgramData\CodeGear
2015-03-26 09:57 - 2014-12-11 02:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 09:57 - 2014-05-01 01:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-24 09:43 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-23 15:50 - 2012-06-28 00:32 - 00330153 _____ () C:\Windows\DirectX.log
2015-03-23 08:53 - 2014-02-28 20:30 - 00000000 ____D () C:\Users\Verses\AppData\Local\Unity
2015-03-22 18:08 - 2014-08-18 16:43 - 00000000 ____D () C:\Users\Verses\AppData\Local\Adobe
2015-03-22 18:08 - 2012-06-28 00:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-22 18:08 - 2012-06-28 00:27 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-22 18:08 - 2012-06-28 00:27 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-22 18:00 - 2014-02-28 20:35 - 00000000 ____D () C:\Users\Verses\AppData\Roaming\Unity
2015-03-21 18:39 - 2012-06-27 23:32 - 00620516 _____ () C:\Windows\PFRO.log
2015-03-21 16:03 - 2014-05-24 13:53 - 00000000 ____D () C:\Users\Verses\AppData\Roaming\DVDVideoSoft
2015-03-21 11:52 - 2014-02-20 19:35 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-03-18 12:48 - 2014-08-26 22:44 - 00000000 ____D () C:\Temp
2015-03-18 12:48 - 2014-01-30 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-18 12:48 - 2014-01-30 21:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-14 10:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\spool
2015-03-13 21:41 - 2014-01-30 21:54 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 18:16 - 2014-01-30 21:54 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 18:16 - 2014-01-30 21:54 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-12 10:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 09:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 09:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 23:47 - 2014-01-30 20:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 23:47 - 2009-07-14 04:34 - 00000568 _____ () C:\Windows\win.ini
2015-03-11 23:45 - 2014-04-05 13:38 - 00000039 _____ () C:\Windows\vbaddin.ini
2015-03-11 23:43 - 2014-02-02 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 23:37 - 2014-02-02 11:41 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 15:10 - 2014-01-30 21:54 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-08 12:06 - 2014-01-30 21:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 12:02 - 2014-01-30 22:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-03-08 12:02 - 2014-01-30 22:04 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-03-08 12:02 - 2014-01-30 22:04 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2015-03-08 12:02 - 2014-01-30 22:01 - 00000000 ____D () C:\ProgramData\Temp

==================== Files in the root of some directories =======

2014-09-14 16:59 - 2014-09-14 22:14 - 0009004 _____ () C:\Users\Verses\AppData\Roaming\.freeciv-client-rc-2.4
2014-03-13 19:46 - 2014-03-13 19:46 - 0000341 _____ () C:\Users\Verses\AppData\Roaming\dpdhl.versandhelfer_state.xml
2014-04-26 11:54 - 2014-04-27 10:18 - 0000945 _____ () C:\Users\Verses\AppData\Roaming\FastReportFMX.config
2014-10-16 13:38 - 2014-10-16 13:38 - 0000000 _____ () C:\Users\Verses\AppData\Roaming\gdfw.log
2014-10-16 13:38 - 2014-10-16 16:23 - 0002337 _____ () C:\Users\Verses\AppData\Roaming\gdscan.log
2014-02-05 18:07 - 2014-02-07 01:55 - 0000347 _____ () C:\Users\Verses\AppData\Roaming\glade-3.conf
2014-02-17 17:38 - 2014-01-17 02:08 - 14041088 _____ () C:\Users\Verses\AppData\Roaming\Sandra.mdb
2014-01-30 13:18 - 2015-04-07 19:58 - 0000380 _____ () C:\Users\Verses\AppData\Roaming\sp_data.sys
2014-10-22 17:45 - 2014-10-22 17:45 - 0008372 _____ () C:\Users\Verses\AppData\Roaming\unins000.dat
2014-10-22 17:45 - 2014-10-22 17:45 - 0709568 _____ () C:\Users\Verses\AppData\Roaming\unins000.exe
2014-10-22 17:45 - 2014-10-22 17:45 - 0012782 _____ () C:\Users\Verses\AppData\Roaming\unins000.msg
2014-03-09 00:09 - 2014-11-05 19:13 - 0007168 _____ () C:\Users\Verses\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-31 13:03 - 2015-02-16 22:11 - 0000600 _____ () C:\Users\Verses\AppData\Local\PUTTY.RND
2015-02-25 16:33 - 2015-02-25 16:33 - 0017950 _____ () C:\Users\Verses\AppData\Local\recently-used.xbel
2014-02-09 23:09 - 2014-02-09 23:09 - 0000017 _____ () C:\Users\Verses\AppData\Local\resmon.resmoncfg
2014-08-09 11:27 - 2014-08-09 11:27 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_82981457068.xls
2014-08-09 11:31 - 2014-08-09 11:31 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_85013995558.xls
2014-08-09 11:37 - 2014-08-09 11:37 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_88972055423.xls
2014-08-09 11:39 - 2014-08-09 11:39 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_8983957335.xls
2014-08-09 11:39 - 2014-08-09 11:39 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_90050951455.xls
2014-11-12 20:23 - 2014-11-12 20:23 - 0263443 _____ () C:\ProgramData\1415816491.bdinstall.bin
2012-06-28 00:44 - 2010-10-06 18:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2014-01-30 22:05 - 2014-01-30 22:07 - 0000110 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2014-01-30 22:07 - 2014-01-30 22:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-01-30 22:06 - 2014-01-30 22:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-01-30 22:02 - 2014-01-30 22:04 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2014-01-30 22:04 - 2014-01-30 22:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2014-01-30 22:01 - 2014-01-30 22:02 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

Some content of TEMP:
====================
C:\Users\Verses\AppData\Local\Temp\AcDeltree.exe
C:\Users\Verses\AppData\Local\Temp\NetBalancerSetup.exe
C:\Users\Verses\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Verses\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Verses\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Verses\AppData\Local\Temp\nvStInst.exe
C:\Users\Verses\AppData\Local\Temp\tmp4F20.exe
C:\Users\Verses\AppData\Local\Temp\tmp776.exe
C:\Users\Verses\AppData\Local\Temp\tmp9F32.tmp.exe
C:\Users\Verses\AppData\Local\Temp\Updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 09:44

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Alt 08.04.2015, 11:15   #6
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Addition Logfile:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Verses at 2015-04-07 21:10:51
Running from D:\Software\Farbar Recovery Scan Tool
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Internet Security 2015 (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Internet Security 2015 (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Enabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
0.2 (HKLM-x32\...\Decision Oven_is1) (Version: 0.2 - Dataland Software)
7-PDF Printer 10.0.0.1840 (HKLM\...\7-PDF Printer_is1) (Version: 10.0.0.1840 - 7-PDF, Germany - Th. Hodes)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
ActivePresenter (HKLM-x32\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 4.0.1 - Atomi Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advantage Data Access Components for Delphi 8 and Greater v8.1 (HKLM-x32\...\{D09EE73F-87DA-4D14-86B9-9D63013E5303}) (Version: 8.10.0015 - Extended Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0142.68441 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0142.68441 - Alcor Micro Corp.) Hidden
Amazon Kindle (HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Amazon Kindle) (Version:  - Amazon)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Music Maker (HKLM-x32\...\MAGIX_MSI_mm17_silver_asus) (Version: 17.0.2.22 - MAGIX AG)
ASUS Music Maker (x32 Version: 17.0.2.22 - MAGIX AG) Hidden
ASUS N Series Demo (HKLM-x32\...\{246B4AFF-6540-4B72-93E8-B9EB86D37589}) (Version: 1.0.0001 - ASUS)
ASUS Photo Designer (HKLM-x32\...\MAGIX_{2B962F32-78E6-4585-AF24-073AD36B6590}) (Version: 7.0.1.2 - MAGIX AG)
ASUS Photo Designer (x32 Version: 7.0.1.2 - MAGIX AG) Hidden
ASUS Photo Manager (HKLM-x32\...\MAGIX_{2A3A883D-B2AB-427D-B094-27D6241E0944}) (Version: 8.0.3.217 - MAGIX AG)
ASUS Photo Manager (x32 Version: 8.0.3.217 - MAGIX AG) Hidden
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4711 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4711 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.2.97 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
AsusScr_N6 Series_ENG (HKLM-x32\...\AsusScr_N6 Series_ENG) (Version: 1.0.0003 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.130 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audio Master (HKLM-x32\...\{D3D9FCE1-6F6C-4B21-A0F4-1254755C6DDF}_is1) (Version: Audio Master - FRANZIS GmbH)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Basis Sync 1.7.2 (HKLM-x32\...\Basis Sync) (Version: 1.7.2 - Basis)
BB FlashBack Express 5 (HKLM-x32\...\BB FlashBack Express 5) (Version: 5.0.0.3327 - Blueberry)
BDE_ENT (x32 Version: 5.1.1 - Borland Software Corp.) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.34 - )
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
Black Mirror III (HKLM-x32\...\{9E52139F-617B-4D01-B88E-CAB61346CB36}_is1) (Version:  - Nordic Games GmbH)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BRAINYOO (HKLM-x32\...\BRAINYOO) (Version:  - BRAINYOO Ltd.)
Bubbletown (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}) (Version:  - Oberon Media)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
calibre (HKLM-x32\...\{A66F2101-9BFC-4FB6-9277-7F59EF88BCC2}) (Version: 1.38.0 - Kovid Goyal)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.5.2014 - Georgy Berdyshev)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
ClipGrab 3.3.0.4 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
CMake 2.8, a cross-platform, open-source build system (HKLM-x32\...\CMake 2.8.12.2) (Version: 2.8.12.2 - Kitware)
ContextEdit (PC Magazine) (HKLM-x32\...\ContextEdit_is1) (Version: 1.2 - Ziff Davis Media, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.2715_43927 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4702a - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dalenryder Password Generator Version 1.8 (HKLM-x32\...\{35D1F853-4D59-4141-8417-B2EC1DA7DFE1}_is1) (Version: 1.8 - Dalenryder Media)
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version:  - Oberon Media)
Debut Videorekorder (HKLM-x32\...\Debut) (Version: 1.95 - NCH Software)
DelphiZip TZipMaster (HKLM-x32\...\{49BEF1D4-8E4F-4565-87D0-18E5258A3994}}_is1) (Version: 1.9.1.0010 - DelphiZip)
Devart MyDAC 7.5.10 for Delphi 2007 for Win32 (HKLM-x32\...\MyDAC Delphi 11_is1) (Version:  - Devart)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
DisplayFusion 7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.1.0.0 - Binary Fortress Software)
Docear (HKLM\...\Docear) (Version: 1.1.1.0_beta_build239 - Docear)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version:  - Oberon Media)
DWG TrueView 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
Dycodoc 2.2 (HKLM-x32\...\{08B72F8F-1620-4E7A-BB05-DC55BF6169EA}) (Version: 2.2.0.0 - IDEAL Software GmbH)
EC Software Help Suite 1.80 (HKLM-x32\...\EC Software Help Suite_is1) (Version:  - EC Software)
Elgato Video Capture (HKLM-x32\...\{E9B9D812-A593-4427-AE3B-531565A97E8C}) (Version: 1.13.6.116 - Elgato Systems GmbH)
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ETDWare PS/2-X64 11.5.11.3_WHQL (HKLM\...\Elantech) (Version: 11.5.11.3 - ELAN Microelectronic Corp.)
Eveditor Free 1.4.1 (HKLM\...\{7204F877-027F-400D-B80A-58BD5BFF3143}_is1) (Version: 1.4.1 - Pragmatic Solutions)
Eyeline Video Surveillance System (HKLM-x32\...\Eyeline) (Version: 1.30 - NCH Software)
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version:  - Oberon Media)
FastReport 5 (HKLM-x32\...\{776FBCE9-94FF-4D39-B2D7-6530A970E27F}) (Version: Standard - FastReports)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version:  - )
FileRestorePlus™ 3.0.5.313 (HKLM-x32\...\FileRestorePlus™_is1) (Version:  - Copyright © 2010 eSupport.com • All Rights Reserved)
FileZilla Client 3.10.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FlashDevelop 4.5.2 (HKLM-x32\...\FlashDevelop) (Version: 4.5.2 - FlashDevelop.org)
Folder Size 3.4.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
Forex Learn to Trade ver 1.0 (HKLM-x32\...\Forex_Learn_to_Trade_is1) (Version: 1.0 - Media Contact LLC)
Free YouTube to MP3 Converter version 3.12.35.514 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.35.514 - DVDVideoSoft Ltd.)
Freeciv 2.4.3 (GTK+2 client) (HKLM-x32\...\Freeciv-2.4.3-gtk2) (Version:  - )
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
FreeOCR v5.0 (HKLM-x32\...\freeocr_is1) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.3 (x32 Version: 1.3.21014.1603 - Microsoft Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Git version 1.9.4-preview20140929 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140929 - The Git Development Community)
Glade 3.6.1 (HKLM-x32\...\Glade) (Version: 3.6.1 - The GNOME Foundation)
GNU Octave 3.6.4 (HKLM-x32\...\GNU Octave - 3.6.4) (Version: 3.6.4 - )
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version:  - Oberon Media)
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
gtkmm Development Environment 2.22 (HKLM-x32\...\gtkmm) (Version: 2.22.0-1 - The gtkmm developers)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Hotspot Shield 4.12 (HKLM-x32\...\HotspotShield) (Version: 4.12 - AnchorFree Inc.)
HUE HD Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.60000.104 - Sonix)
HWiNFO64 Version 4.32 (HKLM\...\HWiNFO64_is1) (Version: 4.32 - Martin Malík - REALiX)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
ImageMagick 6.8.8-5 Q16 (64-bit) (2014-03-01) (HKLM\...\ImageMagick 6.8.8 Q16 (64-bit)_is1) (Version: 6.8.8 - ImageMagick Studio LLC)
InfoPower Studio 2007 for Delphi 2007 (HKLM-x32\...\InfoPower Studio 2007 for Delphi 2007) (Version:  - )
Inkscape 0.48 (HKLM-x32\...\Inkscape) (Version: 0.48 - Partha Bagchi)
InstallAware 6 (HKLM-x32\...\InstallAware 6) (Version:  - InstallAware Software Corporation)
InstallAware 6 (x32 Version: 6.41.3797.2007 - InstallAware Software Corporation) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.2 - ASUS)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iSpy (64 bit) (HKLM\...\{0829DD27-4EF9-4F3B-84D1-C35684563E4D}) (Version: 6.2.5 - iSpy)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JLink OB CDC Driver Package (HKLM\...\{85153CE3-6356-407F-A672-C1FA085FB031}) (Version: 1.2.2 - SEGGER)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kinovea (HKLM-x32\...\Kinovea) (Version: 0.8.15 - Kinovea)
Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
MagiWOL 3.30 (HKLM\...\JosipMedved_MagiWOL_is1) (Version: 3.30 - Josip Medved)
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version:  - Oberon Media)
Master Control Panel (HKLM-x32\...\{A5145982-80D4-4B06-AADC-5F303DEC6055}) (Version: 3.5.0.8226 - Nordic Semiconductor ASA)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Mendeley Desktop 1.11 (HKLM-x32\...\Mendeley Desktop) (Version: 1.11 - Mendeley Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 2.0 SDK (x64) - DEU (HKLM\...\Microsoft .NET Framework 2.0 SDK (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 mit Update 4 (HKLM-x32\...\{6de54277-e86d-4dae-bfa4-2019f9596032}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Partner Manager (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
mp3splt (HKLM-x32\...\mp3splt) (Version:  - )
mp3splt-gtk (HKLM-x32\...\mp3splt-gtk) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myBitCast 1.0.0.4 (HKLM\...\myBitCast) (Version: 1.0.0.4 - ASUS Cloud Corporation)
MySQL Connector C++ 1.1.3 (HKLM\...\{5C7A1ED6-DC5F-4017-B363-3E80644B4BD0}) (Version: 1.1.3 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{5FF7BC8C-92D4-4B95-9FF1-E3722DFA9292}) (Version: 5.1.29 - Oracle Corporation)
MySQL Connector Net 6.8.3 (HKLM-x32\...\{38157422-F952-42F7-88AA-CC16A63CD109}) (Version: 6.8.3 - Oracle)
MySQL Connector Python v1.1.5 for Python v2.7 (HKLM-x32\...\{B68B3870-6511-4D36-97BD-189A761A2728}) (Version: 1.1.5 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{BDD417A0-EBEC-46E4-8879-426B9C617C53}) (Version: 6.1.3 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM-x32\...\{5CB5015E-B265-49C1-8E5D-CF00A276CB59}) (Version: 5.3.2 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{A87652F5-F5E8-4D2C-8D39-C33A9C4260DC}) (Version: 5.6.16 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{70F2F2A0-897B-4A0D-82EB-B658130E5D01}) (Version: 5.6.16 - Oracle Corporation)
MySQL Installer (HKLM-x32\...\{1F946DA5-5922-4222-A7E3-A3C1F07DBE3D}) (Version: 1.3.5.0 - Oracle Corporation)
MySQL Notifier 1.1.5 (HKLM-x32\...\{DB02F4B3-3FC4-4FED-B2A2-7CDCF88D87D3}) (Version: 1.1.5 - Oracle)
MySQL Server 5.6 (HKLM\...\{AB691153-97AE-462B-AE70-3CA06D7B2571}) (Version: 5.6.16 - Oracle Corporation)
MySQL Utilities (HKLM-x32\...\{E967FF67-DE28-4BB0-857C-87A825CCF003}) (Version: 1.3.6 - Oracle)
MySQL Workbench 6.0 CE (HKLM-x32\...\{43CCD58C-FCC8-45AB-9909-37347969DDD1}) (Version: 6.0.9 - Oracle Corporation)
NetBalancer (HKLM\...\NetBalancer_is1) (Version:  - SeriousBit)
Nettalk 6.7 (HKLM-x32\...\Nettalk_is1) (Version:  - Nicolas Kruse)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Notepad++ 'Edit with .. as Admin' Contextmenu-ShortCut (Uninstall only) (HKLM\...\Notepad++AsAdmin) (Version: 1.0 - )
nRFgo Studio (HKLM-x32\...\{DAB5F4FE-3A72-4CE1-954F-9023D09DDA7F}) (Version: 1.16.1 - Nordic Semiconductor)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ontrack Easy Recovery 10 (HKLM-x32\...\Ontrack Easy Recovery 10) (Version: 10 - eSportsKosova)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenERP 7.0 (HKLM-x32\...\OpenERP 7.0) (Version: 7.0 - OpenERP S.A.)
OpenERP Server 7.0-20140211-001956 (HKLM-x32\...\OpenERP Server 7.0-20140211-001956) (Version: 7.0-20140211-001956 - OpenERP S.A.)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Internet Security 2015 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.04.0000 - Panda Security)
Panda Internet Security 2015 (Version: 7.23.00.0000 - Panda Security) Hidden
Patrizier II Gold (HKLM-x32\...\Patrizier II Gold_is1) (Version:  - )
PDF Repair Free 1.0 (HKLM-x32\...\PDF Repair Free_is1) (Version:  - Recovery Toolbox, Inc.)
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.4 - Andrea Vacondio)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pencil (HKLM-x32\...\Pencil) (Version:  - Evolus Co., Ltd.)
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version:  - Oberon Media)
PostgreSQL 9.2  (x86) (HKLM-x32\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group)
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PPspliT (HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\PPspliT) (Version: 1.11 - )
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Puran File Recovery 1.2 (HKLM\...\Puran File Recovery_is1) (Version:  - Puran Software)
Putty Toolkit (remove only) (HKLM-x32\...\Putty Toolkit) (Version:  - )
Python 2.7 bzr-2.5.1 (HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\bzr-py2.7) (Version:  - )
Python 2.7 PIL-1.1.7 (HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\PIL-py2.7) (Version:  - )
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
Python Tools - Umleitungsvorlage (x32 Version: 1.3 - Microsoft Corporation) Hidden
Qiqqa (HKLM-x32\...\{99AF0582-482B-4E5E-BB11-675354BF5E77}_is1) (Version: 65 - Quantisle Ltd.)
Qt 5.4.1 (HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Qt 5.4.1) (Version: 5.4.1 - Digia Plc)
Qt5 Visual Studio Add-in 1.2.4 (HKLM-x32\...\Qt5 Visual Studio Add-in 1.2.4 - C:_Program Files (x86)_Digia_Qt5VSAddin) (Version: 1.2.4 - Digia Plc)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
QuickStores-Toolbar 1.1.0 (HKLM-x32\...\QuickStores-Toolbar_is1) (Version: 1.1.0 - AB-Tools.com) <==== ATTENTION
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RAD Studio (HKLM-x32\...\RAD Studio) (Version:  - CodeGear)
RAD Studio (x32 Version: 5.0 - CodeGear) Hidden
Rad Studio Help System (HKLM-x32\...\Rad Studio Help System) (Version:  - CodeGear)
Rad Studio Help System (x32 Version: 5.0 - CodeGear) Hidden
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
ReMouse Standard (HKLM-x32\...\ReMouse Standard_is1) (Version: Standard V3.4.4 - AutomaticSolution Software)
RE-Tools 2.0 (HKLM-x32\...\{8A41BC45-5E8A-4FC6-AADA-2A5011946F33}) (Version: 2.0.0 -  )
Robomongo (HKLM-x32\...\Robomongo) (Version: 0.8.4 - Paralect)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.78 (28.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.49.00(28.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.38.0 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.01 (11.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.10.11 (01.07.2013) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.00.12 (04.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.01.08.00 - Samsung Electronics Co., Ltd.) Hidden
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Seagate BlackArmor Backup 2011 (HKLM-x32\...\{5607090E-B8B1-4E1E-ADA2-426522CED33C}) (Version: 14.0.4076 - Seagate)
Seagate NAS Discovery (HKLM-x32\...\{58053C71-35D9-4F16-9E5A-50C97504B2D0}) (Version: 1.00.0020 - Seagate)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 4 - Beyond the Sword (HKLM-x32\...\{32E4F0D2-C135-475E-A841-1D59A0D22989}) (Version: 3.19 - Firaxis Games)
Sid Meier's Civilization 4 Complete (HKLM-x32\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SiSoftware Sandra Lite 2014.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.18.2014.2 - SiSoftware)
SketchUp 2015 (HKLM\...\{319CD380-1AAB-4CAD-BE1D-59189A780FA6}) (Version: 15.2.685 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SourceTree (HKLM-x32\...\SourceTree 1.6.12) (Version: 1.6.12 - Atlassian)
SourceTree (x32 Version: 1.6.12 - Atlassian) Hidden
StarUML 5.0.2.1570 (HKLM-x32\...\StarUML_is1) (Version:  - Plastic Software, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
Stencyl (HKLM-x32\...\Stencyl) (Version: 1.1.1 - Stencyl, LLC)
STP Viewer 2.3 (HKLM-x32\...\{CECCF8B1-F595-4845-9AA6-1EC57B9BECBA}_is1) (Version:  - IdeaMK)
SVG Explorer Extension 0.1.1 (HKLM\...\{4CA20D9A-98AC-4DD6-9C16-7449F29AC08A}_is1) (Version: 0.1.1 - Dotz Softwares)
Sweet Home 3D version 4.5 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40642 - TeamViewer)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Tropico 5 (HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Tropico5) (Version: 1.08 - Kalypso Media)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
TuxGuitar 1.2 (HKLM-x32\...\TuxGuitar_0) (Version:  - )
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
UltraFileSearch (HKLM-x32\...\UltraFileSearch) (Version:  - Stegisoft)
UltraFileSearch (x32 Version: 3.4.0.13329 - Stegisoft) Hidden
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.1.9.6 - uvnc bvba)
UML Lab (HKLM\...\UML Lab) (Version: 1.7.1 - Yatta Solutions GmbH)
Unity Web Player (HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Use Case Maker 2 (HKLM-x32\...\{A5D9D74E-321A-4CE9-B1D1-64B35B9B5B60}) (Version: 2.0.0 - none)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer) (Version: 1.4.1 - Deutsche Post AG)
Versandhelfer (x32 Version: 1.4.1 - Deutsche Post AG) Hidden
Video Capture v5.09.1202.00 (HKLM-x32\...\Video Capture v5.09.1202.00) (Version: 5.09.1202.00 - Elgato Systems)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
Vim 7.4 (self-installing) (HKLM\...\Vim 7.4) (Version:  - )
Virtual Print Engine SDK v6.10 Community Edition 32-Bit (HKLM-x32\...\Virtual Print Engine SDK v6.10 Community Edition 32-Bit) (Version:  - IDEAL Software GmbH, Neuss, Germany)
Virtual Print Engine SDK v6.10 Interactive Edition 32-Bit (HKLM-x32\...\Virtual Print Engine SDK v6.10 Interactive Edition 32-Bit) (Version:  - IDEAL Software GmbH, Neuss, Germany)
Virtual Print Engine v6.10 Community Edition .NET Components (HKLM-x32\...\{3AA1821F-2AAC-4C06-AA36-2A457E253A9B}) (Version: 6.10.0000 - IDEAL Software GmbH, Neuss, Germany)
Virtual Print Engine v6.10 Interactive Edition .NET Components (HKLM-x32\...\{2540B15A-E8CE-4D9D-B86E-A69B73DB69BF}) (Version: 6.10.0000 - IDEAL Software GmbH, Neuss, Germany)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.5 - VMware, Inc)
VMware Player (Version: 6.0.5 - VMware, Inc.) Hidden
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WikidPad 2.2 (HKLM-x32\...\{22A83C29-58A8-4CAB-8EDC-918D74F8429E}_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - libusb 1.0 (WinUSB) libusb (WinUSB) devices  (01/08/2010 ) (HKLM\...\0FC2B10DD3A300B1FD3B60E4F1443A5D8D131C65) (Version: 01/08/2010  - libusb 1.0)
Windows-Treiberpaket - libusb 1.0 (WinUSB) libusb (WinUSB) devices  (01/08/2010 ) (HKLM\...\61AE7CEC58E349D728EE22D3D8839F9ACFE64438) (Version: 01/08/2010  - libusb 1.0)
Windows-Treiberpaket - libusb 1.0 (WinUSB) libusb (WinUSB) devices  (01/08/2010 ) (HKLM\...\916FDF428A710B3FA77186D8A43BF2C51EA68859) (Version: 01/08/2010  - libusb 1.0)
Windows-Treiberpaket - Nordic Semiconductor CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\85617F5576AE74AF8AD8FDBA212589A2CB06A3C7) (Version: 01/18/2013 2.08.28 - Nordic Semiconductor)
Windows-Treiberpaket - Nordic Semiconductor CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\97D2838FA902A1E58FB8B706946B5E412E09F995) (Version: 01/18/2013 2.08.28 - Nordic Semiconductor)
Windows-Treiberpaket - NORDICSEMI CDM Driver Package (01/28/2013 2.08.15) (HKLM\...\FB76691504A4D33013A032216AE7C8428247E2C2) (Version: 01/28/2013 2.08.15 - NORDICSEMI)
Windows-Treiberpaket - Segger (jlink) USB  (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)
Windows-Treiberpaket - SEGGER (usbser) Ports  (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
winKeyLock version 1.0.1.3 (HKLM-x32\...\winKeyLock_is1) (Version: 1.0.1 - winKeyLock)
WireframeSketcher (HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\WireframeSketcher Studio) (Version: 4.4.2 - WireframeSketcher.com)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
Word-to-LaTeX (HKLM-x32\...\{BEC6995D-905B-484A-AA1D-2AD55F046F4A}) (Version: 2.53 - Word-to-LaTeX (Michal Kebrt))
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version:  - Oberon Media)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
WorldWinner Games (HKLM-x32\...\{2A82EBFC-89AB-41EA-80E8-A07C73C752A0}) (Version: 1.10.0.25 - WorldWinner.com, Inc.)
wPDF V2.94 (HKLM-x32\...\wPDF V2.94) (Version:  - )
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2629921762-3918403595-844649534-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2629921762-3918403595-844649534-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2629921762-3918403595-844649534-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2629921762-3918403595-844649534-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2629921762-3918403595-844649534-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

10-03-2015 09:36:16 Windows Update
10-03-2015 17:48:47 Windows Update
11-03-2015 23:35:42 Windows Update
17-03-2015 09:25:32 Windows Update
20-03-2015 09:25:46 Windows Update
21-03-2015 11:51:41 Removed Cisco AnyConnect Secure Mobility Client
21-03-2015 11:52:03 Removed Cisco AnyConnect Diagnostics and Reporting Tool
23-03-2015 15:50:08 DirectX wurde installiert
24-03-2015 09:51:12 Windows Update
25-03-2015 23:38:24 Windows Update
31-03-2015 09:24:21 Windows Update
04-04-2015 16:29:31 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-06-10 16:28 - 00000892 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03C62A6F-24C7-47FB-85B9-03F92F47FB3F} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {09737EC5-3A41-4800-A470-E32B087FC62B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {193FF28D-6D52-4C03-A38C-CD58E033A7C3} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe [2013-11-25] (Oracle Corporation)
Task: {1E2F4F00-06C9-4E86-A6AD-0296064FE7DA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {20A88699-EFE1-491B-B63A-4C9FC55BA5F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03] (Google Inc.)
Task: {264D22EA-D549-4B66-906D-23D42C046E6D} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {30AAD532-8F24-4CE1-BC81-FAECAEC0677E} - System32\Tasks\{EECED4D4-585D-47A6-9A16-91B89EDBF004} => pcalua.exe -a D:\Software\IrfanView\irfanview_plugins_438_setup.exe -d D:\Software\IrfanView
Task: {35C19A23-D588-4F71-B911-8E719878319D} - System32\Tasks\{66C20809-6891-4714-9A4F-E56DC1CBE022} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsBing
Task: {406DB7E2-5FA5-4061-8503-22D25C1BE661} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-12] (ASUSTeK Computer Inc.)
Task: {44E7051E-01FD-43CC-899A-508DEB7C083F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-17] (ASUSTek Computer Inc.)
Task: {47DCD114-92DD-45AE-90FA-FE79C6DF4F75} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS)
Task: {4FE1D696-C6A6-4A25-84EB-BEB3B5DB41B5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {570996B5-363C-4FDF-BFA3-DE28E079E545} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {5F4EC599-21EF-495B-9DE4-12F80F38217E} - System32\Tasks\{597749EB-B949-4C81-B7E0-89E17C1A81EB} => pcalua.exe -a D:\Software\OpenLaszlo\openlaszlo-4.9.0-windows-dev-install.exe -d D:\Software\OpenLaszlo
Task: {60AAE6C0-CE95-4233-AEB9-6863449780C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03] (Google Inc.)
Task: {71B1C92E-5F38-4FEA-8C41-B0488DFA60CD} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-12] (ASUSTeK Computer Inc.)
Task: {7C7172DD-BFAD-4A31-A1AC-2CC1D7F26CDD} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {7CCAFF54-0960-415E-96B2-6A05A506901A} - System32\Tasks\{65D67546-7A91-46FD-A7AE-26006076AF70} => pcalua.exe -a "D:\Drivers\ASUS N56VZ\LAN\Original-Hersteller-Treiber\AR813x_AR815x_AR816x_v2.1.0.21_WHQL\setup.exe" -d "D:\Drivers\ASUS N56VZ\LAN\Original-Hersteller-Treiber\AR813x_AR815x_AR816x_v2.1.0.21_WHQL"
Task: {83F105A8-D554-4231-BD5E-24D00145D8A8} - System32\Tasks\{52C7A912-4698-42D3-B911-88F90B4FF4A6} => pcalua.exe -a D:\Software\MozillaBuild\MozillaBuildSetup-Latest.exe -d D:\Software\MozillaBuild
Task: {88C1F5CD-AC28-4BEF-99E6-F6671D13D929} - System32\Tasks\pic
Task: {8F48527D-3838-4A70-A8DF-4B41B03FE687} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-22] (Adobe Systems Incorporated)
Task: {A02BBE96-68DA-4BCD-A6A1-1642AB5A8A02} - System32\Tasks\{E4D8FF78-CDA6-4074-8BE3-73DF84EDA851} => pcalua.exe -a "D:\Software\Microsoft Windows SDK for Windows 7 and .NET Framework 4\winsdk_web.exe" -d "D:\Software\Microsoft Windows SDK for Windows 7 and .NET Framework 4"
Task: {AADDCA79-E678-4A90-87C6-FF5DA9C05EAE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {CC46C741-41C0-4B3B-9CE6-ECA5124F59B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CEA78C9B-047E-4C67-AFE6-60DB36BD9D3E} - System32\Tasks\{494CF0F7-8123-40DD-A619-F5BDAA3B67E3} => pcalua.exe -a "D:\Software\Delphi RxLibrary\rxinst.exe" -d "D:\Software\Delphi RxLibrary"
Task: {CEFEBDC8-1627-4DE6-AFF2-71D394959335} - System32\Tasks\{713DD1C8-8D8E-4F6D-A2B4-214B67666949} => C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\AION\NCLauncher.exe
Task: {CF8FCE66-639F-4FAB-BDC4-B74CE8DFDFB7} - System32\Tasks\{A4D2B4DB-4105-45F0-8DFB-ABF3CBE247A9} => pcalua.exe -a "C:\Program Files (x86)\Delphi Components\RBuilder\Help\RBHelpInstaller.exe" -d "C:\Program Files (x86)\Delphi Components\RBuilder\Help"
Task: {D00C0D8E-170E-40CA-B187-DB594DB078AA} - System32\Tasks\{736B95F8-A909-4673-8001-40937C00288F} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.10.0.116&amp;LastError=404
Task: {F41E7433-C9A0-42E3-B83D-B9111D23EB4F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (whitelisted) ==============

2014-01-30 21:54 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-30 21:54 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-02 14:52 - 2014-12-02 14:52 - 00029184 _____ () C:\Windows\System32\ssm4mlm.dll
2015-02-14 01:07 - 2015-02-14 01:07 - 00573736 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-01-30 21:51 - 2012-02-21 22:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2015-02-13 10:17 - 2015-04-06 09:01 - 00115712 _____ () C:\Program Files\NetBalancer\Events.dll
2015-04-06 09:21 - 2015-04-06 09:21 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-02-13 10:17 - 2015-04-06 09:02 - 00218472 _____ () C:\Program Files\NetBalancer\PacketDotNet.dll
2015-02-13 10:17 - 2015-04-06 09:02 - 00031744 _____ () C:\Program Files\NetBalancer\BugReporting.dll
2012-10-31 21:47 - 2012-10-31 21:47 - 01114688 _____ () C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
2014-01-30 21:50 - 2013-02-22 14:29 - 00365568 _____ () C:\Windows\system32\SaMinDrv.dll
2013-07-10 15:52 - 2013-07-10 15:52 - 00091136 _____ () C:\Windows\system32\ssdevm64.dll
2015-01-01 14:58 - 2009-12-02 19:09 - 00246272 _____ () C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
2010-07-14 17:11 - 2010-07-14 17:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-03-11 13:07 - 2013-12-04 18:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-12-08 12:10 - 2014-12-08 12:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-10-31 21:48 - 2012-10-31 21:48 - 00139656 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\x64\versions_page.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-01-30 23:42 - 2012-01-20 15:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2014-11-28 13:03 - 2014-09-30 01:15 - 00737986 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2014-01-30 23:42 - 2012-01-29 17:55 - 00657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2012-10-31 21:47 - 2012-10-31 21:47 - 01246768 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\tishell64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-10-31 21:46 - 2012-10-31 21:46 - 00395744 _____ () C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
2012-05-08 10:24 - 2012-04-02 10:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 02611808 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2012-10-31 21:46 - 2012-10-31 21:46 - 05584616 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
2015-01-01 14:58 - 2009-12-02 19:08 - 00132096 _____ () C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe
2015-02-14 01:02 - 2015-02-14 01:02 - 00960808 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2015-02-14 01:30 - 2015-02-14 01:30 - 00594728 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.4.12.dll
2015-02-14 00:39 - 2015-02-14 00:39 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 22:02 - 2009-03-27 22:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 22:02 - 2009-03-27 22:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-01-16 19:15 - 2015-01-16 19:15 - 01301720 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-01-30 21:54 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-30 19:31 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-05-16 21:01 - 2012-05-16 21:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2014-03-14 12:11 - 2014-03-14 12:11 - 00250368 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 00060512 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2014-03-14 12:11 - 2014-03-14 12:11 - 00065024 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll
2012-06-17 15:22 - 2012-06-17 15:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2014-11-11 11:47 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-01 17:29 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-01 17:29 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-01 17:29 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-01-23 15:34 - 2015-03-24 06:22 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-01 14:31 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-01 14:31 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-01 14:31 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-01 14:31 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-01 14:31 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-23 15:33 - 2015-03-24 06:22 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-01-31 19:25 - 2012-01-31 19:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-02-22 00:49 - 2012-02-22 00:49 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2012-10-31 21:46 - 2012-10-31 21:46 - 11423112 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\Common\ti_managers.dll
2012-10-31 21:46 - 2012-10-31 21:46 - 00054152 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\Common\rpc_client.dll
2012-05-24 21:19 - 2012-05-24 21:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 19:57 - 2010-08-20 19:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-01-15 16:42 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-04-03 12:02 - 2015-04-03 12:02 - 03348592 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-04-03 12:02 - 2015-04-03 12:02 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-04-03 12:02 - 2015-04-03 12:02 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-01-31 15:53 - 2015-01-31 15:53 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-03-22 17:46 - 2015-03-22 18:08 - 16858288 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
2013-02-01 15:56 - 2013-02-01 15:56 - 13773160 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\Skins\BlackSatin.dll
2013-01-15 15:10 - 2013-01-15 15:10 - 00697304 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\2cMovie.dll
2013-01-15 15:10 - 2013-01-15 15:10 - 00160728 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\CLVistaAudioMixer.dll
2013-01-15 15:11 - 2013-01-15 15:11 - 00160728 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\AudioFilter\CLVistaAudioMixer.dll
2013-01-15 15:10 - 2013-01-15 15:10 - 01420424 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\fdtr.dll
2012-08-22 18:55 - 2012-08-22 18:55 - 00065536 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cox\koan\zlib.pyd
2012-08-22 18:55 - 2012-08-22 18:55 - 00692224 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cox\koan\_bsddb.pyd
2012-08-22 18:55 - 2012-08-22 18:55 - 00006656 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cox\koan\winsound.pyd
2012-08-22 18:55 - 2012-08-22 18:55 - 00135168 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cox\koan\pyexpat.pyd
2012-08-22 18:55 - 2012-08-22 18:55 - 00049152 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cox\koan\_socket.pyd
2012-08-22 18:55 - 2012-08-22 18:55 - 00479232 ____N () C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cox\koan\_ssl.pyd
2014-01-30 21:51 - 2012-02-21 22:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-07-18 23:07 - 2011-07-18 23:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2014-01-07 01:42 - 2015-02-27 01:07 - 02748416 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\69640539.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2629921762-3918403595-844649534-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Verses\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.250

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: RichVideo => 2
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe /S
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: EEDSpeedLauncher => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Accounts: =============================

Administrator (S-1-5-21-2629921762-3918403595-844649534-500 - Administrator - Disabled)
Gast (S-1-5-21-2629921762-3918403595-844649534-501 - Limited - Disabled)
openpgsvc (S-1-5-21-2629921762-3918403595-844649534-1005 - Limited - Enabled) => C:\Users\openpgsvc
Verses (S-1-5-21-2629921762-3918403595-844649534-1001 - Administrator - Enabled) => C:\Users\Verses

==================== Faulty Device Manager Devices =============

Name: ASUSVirtual Enumerator01
Description: ASUSVirtual Enumerator01
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2015 07:57:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Name des fehlerhaften Moduls: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004e920f
ID des fehlerhaften Prozesses: 0x10f0
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3

Error: (04/07/2015 07:56:57 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/07/2015 07:30:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.1.5570, Zeitstempel: 0x551e23ee
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.1.5570, Zeitstempel: 0x551e1536
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x2228
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (04/07/2015 07:33:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Name des fehlerhaften Moduls: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004e920f
ID des fehlerhaften Prozesses: 0x11e8
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3

Error: (04/07/2015 07:33:00 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/06/2015 09:20:59 AM) (Source: NetBalancer 8.6.1 150402.1006) (EventID: 0) (User: )
Description: System.Runtime.Remoting.RemotingException: Fehler beim Verbinden mit einem IPC-Port: Das System kann die angegebene Datei nicht finden.
 

Server stack trace: 
   bei System.Runtime.Remoting.Channels.Ipc.IpcPort.Connect(String portName, Boolean secure, TokenImpersonationLevel impersonationLevel, Int32 timeout)
   bei System.Runtime.Remoting.Channels.Ipc.ConnectionCache.GetConnection(String portName, Boolean secure, TokenImpersonationLevel level, Int32 timeout)
   bei System.Runtime.Remoting.Channels.Ipc.IpcClientTransportSink.ProcessMessage(IMessage msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders& responseHeaders, Stream& responseStream)
   bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)

Exception rethrown at [0]: 
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   bei cr.a(NetworkAdapter a, TimeUnit A, Int32 b)
   bei GI.a(UInt64 a, UInt64 A)

Error: (04/06/2015 09:20:58 AM) (Source: NetBalancer 8.6.1 150402.1006) (EventID: 0) (User: )
Description: System.Runtime.Remoting.RemotingException: Fehler beim Schreiben auf einen IPC-Port: Die Pipe wird gerade geschlossen.


Server stack trace: 
   bei System.Runtime.Remoting.Channels.Ipc.IpcPort.Write(Byte[] data, Int32 offset, Int32 size)
   bei System.Runtime.Remoting.Channels.ChunkedMemoryStream.WriteTo(Stream stream)
   bei System.Runtime.Remoting.Channels.Ipc.IpcClientHandler.SendRequest(IMessage msg, ITransportHeaders headers, Stream contentStream)
   bei System.Runtime.Remoting.Channels.Ipc.IpcClientTransportSink.ProcessMessage(IMessage msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders& responseHeaders, Stream& responseStream)
   bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)

Exception rethrown at [0]: 
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   bei cr.a(NetworkAdapter a, TimeUnit A, Int32 b)
   bei GI.a(UInt64 a, UInt64 A)

Error: (04/06/2015 09:18:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Name des fehlerhaften Moduls: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004e920f
ID des fehlerhaften Prozesses: 0x1178
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3

Error: (04/06/2015 09:18:34 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/05/2015 02:04:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Name des fehlerhaften Moduls: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004e920f
ID des fehlerhaften Prozesses: 0x1174
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3


System errors:
=============
Error: (04/07/2015 07:56:58 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/07/2015 07:56:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (04/07/2015 02:03:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (04/07/2015 07:33:01 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/07/2015 07:33:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (04/06/2015 09:18:35 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/06/2015 09:18:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (04/05/2015 02:04:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/05/2015 02:04:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (04/05/2015 09:51:52 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


Microsoft Office Sessions:
=========================
Error: (04/07/2015 07:57:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f10f001d0715c3d780da4C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe80d5dfaf-dd4f-11e4-a88e-fe85de16c069

Error: (04/07/2015 07:56:57 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/07/2015 07:30:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa1222801d070fdf30cbddaC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc464a1f7-dd4b-11e4-af1d-dc85de184709

Error: (04/07/2015 07:33:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f11e801d070f44ff918a5C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe9340f1ab-dce7-11e4-af1d-dc85de184709

Error: (04/07/2015 07:33:00 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/06/2015 09:20:59 AM) (Source: NetBalancer 8.6.1 150402.1006) (EventID: 0) (User: )
Description: System.Runtime.Remoting.RemotingException: Fehler beim Verbinden mit einem IPC-Port: Das System kann die angegebene Datei nicht finden.
 

Server stack trace: 
   bei System.Runtime.Remoting.Channels.Ipc.IpcPort.Connect(String portName, Boolean secure, TokenImpersonationLevel impersonationLevel, Int32 timeout)
   bei System.Runtime.Remoting.Channels.Ipc.ConnectionCache.GetConnection(String portName, Boolean secure, TokenImpersonationLevel level, Int32 timeout)
   bei System.Runtime.Remoting.Channels.Ipc.IpcClientTransportSink.ProcessMessage(IMessage msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders& responseHeaders, Stream& responseStream)
   bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)

Exception rethrown at [0]: 
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   bei cr.a(NetworkAdapter a, TimeUnit A, Int32 b)
   bei GI.a(UInt64 a, UInt64 A)

Error: (04/06/2015 09:20:58 AM) (Source: NetBalancer 8.6.1 150402.1006) (EventID: 0) (User: )
Description: System.Runtime.Remoting.RemotingException: Fehler beim Schreiben auf einen IPC-Port: Die Pipe wird gerade geschlossen.


Server stack trace: 
   bei System.Runtime.Remoting.Channels.Ipc.IpcPort.Write(Byte[] data, Int32 offset, Int32 size)
   bei System.Runtime.Remoting.Channels.ChunkedMemoryStream.WriteTo(Stream stream)
   bei System.Runtime.Remoting.Channels.Ipc.IpcClientHandler.SendRequest(IMessage msg, ITransportHeaders headers, Stream contentStream)
   bei System.Runtime.Remoting.Channels.Ipc.IpcClientTransportSink.ProcessMessage(IMessage msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders& responseHeaders, Stream& responseStream)
   bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)

Exception rethrown at [0]: 
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   bei cr.a(NetworkAdapter a, TimeUnit A, Int32 b)
   bei GI.a(UInt64 a, UInt64 A)

Error: (04/06/2015 09:18:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f117801d07039e4f28dbbC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe2850119f-dc2d-11e4-a755-dc85de184709

Error: (04/06/2015 09:18:34 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/05/2015 02:04:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f117401d06f98ab822f78C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeeed21ecc-db8b-11e4-8374-dc85de184709


CodeIntegrity Errors:
===================================
  Date: 2015-01-30 15:15:42.819
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-30 15:15:42.772
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-30 15:15:18.153
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-30 15:15:18.090
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-11 09:16:30.203
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-11 09:16:30.203
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-11 09:16:30.203
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-11 09:16:30.203
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-11 09:13:03.050
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-11 09:13:02.957
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 59%
Total physical RAM: 8077.6 MB
Available physical RAM: 3258.99 MB
Total Pagefile: 16153.38 MB
Available Pagefile: 10085.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:195.31 GB) (Free:36.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:390.62 GB) (Free:87.49 GB) NTFS
Drive e: (SHERLOCK HOLMES) (CDROM) (Total:4.28 GB) (Free:0 GB) UDF
Drive f: (AWN) (Fixed) (Total:78.12 GB) (Free:54.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 39CB2BD2)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 08.04.2015, 17:54   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Ist das irgendwie ein Firmenrechner?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.04.2015, 19:28   #8
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Zitat:
Zitat von schrauber Beitrag anzeigen
Ist das irgendwie ein Firmenrechner?
Nein, aber ich habe die E-Mail von einem Firmenrechner weitergeleitet bekommen.

Alt 09.04.2015, 09:39   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    QuickStores-Toolbar 1.1.0



  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.04.2015, 10:20   #10
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Malwarebytes hat nichts gefunden:

Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17691

Java version: 1.6.0_45

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 8469975040, free: 3778203648

Downloaded database version: v2015.04.09.03
Downloaded database version: v2015.03.31.01
Downloaded database version: v2015.04.06.02
=======================================
Initializing...
------------ Kernel report ------------
     04/09/2015 10:51:07
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\vmci.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vsock.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\timntr.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tdrpm273.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\nbdrv.sys
\SystemRoot\system32\DRIVERS\hssdrv6.sys
\SystemRoot\system32\DRIVERS\NNSNAHSL.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\psinknc.sys
\SystemRoot\system32\DRIVERS\nvkflt.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\NNSTlsc.sys
\SystemRoot\system32\DRIVERS\NNSStrm.sys
\SystemRoot\system32\DRIVERS\NNSSmtp.sys
\SystemRoot\system32\DRIVERS\NNSPrv.sys
\SystemRoot\system32\DRIVERS\NNSProt.sys
\SystemRoot\system32\DRIVERS\NNSPop3.sys
\SystemRoot\system32\DRIVERS\NNSPihsw.sys
\SystemRoot\system32\DRIVERS\NNSPicc.sys
\SystemRoot\system32\DRIVERS\NNSIds.sys
\SystemRoot\system32\DRIVERS\NNSHttps.sys
\SystemRoot\system32\DRIVERS\NNSHttp.sys
\SystemRoot\system32\DRIVERS\NNSAlpc.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\C:\Windows\system32\drivers\HWiNFO64A.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\L1C60x64.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\??\C:\Windows\system32\drivers\VMkbd.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\taphss6.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\DRIVERS\AsusVBus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\vmnetadapter.sys
\SystemRoot\system32\DRIVERS\VMNET.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\PSINAflt.sys
\SystemRoot\system32\DRIVERS\PSINProt.sys
\SystemRoot\system32\DRIVERS\PSINFile.sys
\SystemRoot\system32\DRIVERS\PSINProc.sys
\SystemRoot\system32\DRIVERS\PSINReg.sys
\SystemRoot\system32\DRIVERS\vmnetbridge.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\hcmon.sys
\??\C:\Windows\system32\drivers\vmx86.sys
\??\C:\Windows\system32\drivers\acedrv11.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
\??\C:\Windows\system32\Drivers\rikvm_38F51D56.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\??\C:\Windows\system32\Drivers\SSPORT.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Windows\system32\drivers\vmnetuserif.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\afcdp.sys
\SystemRoot\System32\DRIVERS\PSKMAD.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.04.09.03
  rootkit: v2015.03.31.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80072d2790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80071fb910, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xfffffa80071fa980, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xfffffa80071fab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80072d2560, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xfffffa80072d2790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8006dc1550, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8006dc4050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 39CB2BD2

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 1953525167

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2411404545
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid c9989eb7-5aa9-4474-a07d-bd12ae2ff5a
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2411404545
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid c9989eb7-5aa9-4474-a07d-bd12ae2ff5a
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID c3168533-c6f7-4f96-97d8-379f75629035
    FirstLBA 2048  Last LBA 411647
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID f7e6b82-84c8-480b-a888-557825e6d9d7
    FirstLBA 411648  Last LBA 673791
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 2 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 7b768ee3-9f31-4e99-b160-a868d3cb72ed
    FirstLBA 673792  Last LBA 410273791
    Attributes 0
    Partition Name                 Basic data partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID c92e836a-5a28-40d7-8c14-c8d425c67d6f
    FirstLBA 410273792  Last LBA 1229473791
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 94d70f50-d205-43ad-979-f08e5356d42
    FirstLBA 1229473792  Last LBA 1281902591
    Attributes 1
    Partition Name                 Basic data partition

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID b4797de4-98e5-4f0f-82db-81c244d25ffb
    FirstLBA 1281902592  Last LBA 1445742591
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type 657fd6d-a4ab-43c4-84e5-933c84b4f4f
    Partition ID 3d3f5b75-ccb0-4782-8d29-3e94121c6fb
    FirstLBA 1445742592  Last LBA 1476462591
    Attributes 0
    Partition Name                                     

    Partition 7 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID d652e6e2-76fb-42d2-ae29-f928db41e1f
    FirstLBA 1476462592  Last LBA 1537902591
    Attributes 0
    Partition Name                                     

    Partition 8 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 7ef97de0-5ddb-4cac-915a-bb82a9e9de36
    FirstLBA 1537902592  Last LBA 1599342591
    Attributes 0
    Partition Name                                     

    Partition 9 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID d0178b4d-c4ce-4654-ac73-a51bf228c50
    FirstLBA 1599342592  Last LBA 1701742591
    Attributes 0
    Partition Name                                     

    Partition 10 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 3072a44a-ee1a-479e-b3cf-57d6b3128
    FirstLBA 1701742592  Last LBA 1742702591
    Attributes 0
    Partition Name                                     

    Partition 11 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID c3738318-1af5-4c2a-bdf2-f7d8ad9087e1
    FirstLBA 1742702592  Last LBA 1742907391
    Attributes 0
    Partition Name                                     

    GPT Partition 11 is bootable
Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
<<<2>>>
<<<3>>>
Volume: D:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17691

Java version: 1.6.0_45

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 8469975040, free: 3848880128

=======================================
         
Kaspersky hat auch nichts gefunden:

Code:
ATTFilter
11:05:48.0576 0x19b4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:05:48.0576 0x19b4  UEFI system
11:05:53.0226 0x19b4  ============================================================
11:05:53.0226 0x19b4  Current date / time: 2015/04/09 11:05:53.0226
11:05:53.0226 0x19b4  SystemInfo:
11:05:53.0226 0x19b4  
11:05:53.0226 0x19b4  OS Version: 6.1.7601 ServicePack: 1.0
11:05:53.0226 0x19b4  Product type: Workstation
11:05:53.0226 0x19b4  ComputerName: NOTEBOOK-VERSES
11:05:53.0226 0x19b4  UserName: Verses
11:05:53.0226 0x19b4  Windows directory: C:\Windows
11:05:53.0227 0x19b4  System windows directory: C:\Windows
11:05:53.0227 0x19b4  Running under WOW64
11:05:53.0227 0x19b4  Processor architecture: Intel x64
11:05:53.0227 0x19b4  Number of processors: 8
11:05:53.0227 0x19b4  Page size: 0x1000
11:05:53.0227 0x19b4  Boot type: Normal boot
11:05:53.0227 0x19b4  ============================================================
11:05:53.0269 0x19b4  KLMD registered as C:\Windows\system32\drivers\09328390.sys
11:05:53.0347 0x19b4  System UUID: {492B9CC5-F259-CF2D-2454-075FD906C23C}
11:05:53.0644 0x19b4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:05:53.0648 0x19b4  ============================================================
11:05:53.0648 0x19b4  \Device\Harddisk0\DR0:
11:05:53.0648 0x19b4  GPT partitions:
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C3168533-C6F7-4F96-97D8-379F75629035}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x64000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0F7E6B82-84C8-480B-A888-557825E6D9D7}, Name: Microsoft reserved partition, StartLBA 0x64800, BlocksNum 0x40000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7B768EE3-9F31-4E99-B160-A868D3CB72ED}, Name: Basic data partition, StartLBA 0xA4800, BlocksNum 0x186A0000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C92E836A-5A28-40D7-8C14-C8D425C67D6F}, Name: Basic data partition, StartLBA 0x18744800, BlocksNum 0x30D40000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {94D70F50-D205-43AD-9709-F08E53056D42}, Name: Basic data partition, StartLBA 0x49484800, BlocksNum 0x3200000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B4797DE4-98E5-4F0F-82DB-81C244D25FFB}, Name: Basic data partition, StartLBA 0x4C684800, BlocksNum 0x9C40000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {0657FD6D-A4AB-43C4-84E5-0933C84B4F4F}, UniqueGUID: {3D3F5B75-CCB0-4782-8D29-03E94121C6FB}, Name: , StartLBA 0x562C4800, BlocksNum 0x1D4C000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D652E6E2-76FB-42D2-AE29-0F928DB41E1F}, Name: , StartLBA 0x58010800, BlocksNum 0x3A98000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition9: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7EF97DE0-5DDB-4CAC-915A-BB82A9E9DE36}, Name: , StartLBA 0x5BAA8800, BlocksNum 0x3A98000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition10: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D0178B4D-C4CE-4654-AC73-A51BF228C500}, Name: , StartLBA 0x5F540800, BlocksNum 0x61A8000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition11: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3072A44A-EE1A-479E-B3CF-0507D60B3128}, Name: , StartLBA 0x656E8800, BlocksNum 0x2710000
11:05:53.0649 0x19b4  \Device\Harddisk0\DR0\Partition12: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C3738318-1AF5-4C2A-BDF2-F7D8AD9087E1}, Name: , StartLBA 0x67DF8800, BlocksNum 0x32000
11:05:53.0649 0x19b4  MBR partitions:
11:05:53.0649 0x19b4  ============================================================
11:05:53.0650 0x19b4  C: <-> \Device\Harddisk0\DR0\Partition3
11:05:53.0651 0x19b4  D: <-> \Device\Harddisk0\DR0\Partition4
11:05:53.0653 0x19b4  F: <-> \Device\Harddisk0\DR0\Partition6
11:05:53.0653 0x19b4  ============================================================
11:05:53.0653 0x19b4  Initialize success
11:05:53.0653 0x19b4  ============================================================
11:06:21.0131 0x1f34  ============================================================
11:06:21.0131 0x1f34  Scan started
11:06:21.0131 0x1f34  Mode: Manual; 
11:06:21.0131 0x1f34  ============================================================
11:06:21.0131 0x1f34  KSN ping started
11:06:23.0892 0x1f34  KSN ping finished: true
11:06:24.0245 0x1f34  ================ Scan system memory ========================
11:06:24.0245 0x1f34  Scan was interrupted by user!
11:06:24.0266 0x1f34  AV detected via SS2: Panda Internet Security 2015, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x71000 ( enabled : updated )
11:06:24.0267 0x1f34  FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x71010 ( enabled )
11:06:27.0024 0x1f34  ============================================================
11:06:27.0024 0x1f34  Scan finished
11:06:27.0024 0x1f34  ============================================================
11:06:27.0029 0x1888  Detected object count: 0
11:06:27.0029 0x1888  Actual detected object count: 0
11:06:35.0886 0x109c  ============================================================
11:06:35.0886 0x109c  Scan started
11:06:35.0886 0x109c  Mode: Manual; SigCheck; TDLFS; 
11:06:35.0886 0x109c  ============================================================
11:06:35.0886 0x109c  KSN ping started
11:06:43.0140 0x109c  KSN ping finished: true
11:06:43.0363 0x109c  ================ Scan system memory ========================
11:06:43.0363 0x109c  System memory - ok
11:06:43.0363 0x109c  ================ Scan services =============================
11:06:43.0393 0x109c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:06:43.0429 0x109c  1394ohci - ok
11:06:43.0437 0x109c  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
11:06:43.0451 0x109c  acedrv11 - ok
11:06:43.0462 0x109c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:06:43.0477 0x109c  ACPI - ok
11:06:43.0481 0x109c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:06:43.0503 0x109c  AcpiPmi - ok
11:06:43.0510 0x109c  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:06:43.0517 0x109c  AdobeARMservice - ok
11:06:43.0534 0x109c  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:06:43.0545 0x109c  AdobeFlashPlayerUpdateSvc - ok
11:06:43.0559 0x109c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:06:43.0578 0x109c  adp94xx - ok
11:06:43.0590 0x109c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:06:43.0611 0x109c  adpahci - ok
11:06:43.0617 0x109c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:06:43.0628 0x109c  adpu320 - ok
11:06:43.0633 0x109c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:06:43.0695 0x109c  AeLookupSvc - ok
11:06:43.0704 0x109c  [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
11:06:43.0717 0x109c  afcdp - ok
11:06:43.0736 0x109c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
11:06:43.0758 0x109c  AFD - ok
11:06:43.0788 0x109c  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
11:06:43.0828 0x109c  AgereSoftModem - ok
11:06:43.0832 0x109c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:06:43.0840 0x109c  agp440 - ok
11:06:43.0843 0x109c  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
11:06:43.0850 0x109c  AiCharger - ok
11:06:43.0855 0x109c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:06:43.0871 0x109c  ALG - ok
11:06:43.0874 0x109c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:06:43.0882 0x109c  aliide - ok
11:06:43.0886 0x109c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:06:43.0894 0x109c  amdide - ok
11:06:43.0898 0x109c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:06:43.0912 0x109c  AmdK8 - ok
11:06:43.0916 0x109c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:06:43.0926 0x109c  AmdPPM - ok
11:06:43.0932 0x109c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:06:43.0942 0x109c  amdsata - ok
11:06:43.0950 0x109c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:06:43.0961 0x109c  amdsbs - ok
11:06:43.0965 0x109c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:06:43.0972 0x109c  amdxata - ok
11:06:43.0976 0x109c  [ 92A848F962DA91C631147D566414BB7E, 8F3161A7C1930610819DA3529635B1D28C27E37BE75B2552402C97C78CA33477 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
11:06:43.0983 0x109c  AmUStor - ok
11:06:43.0988 0x109c  [ 0268BD93692BBF23F0B19B695C4A46C7, F1503B32E0BD7DCAD0EA8AB40B53D7C52D432B5CE4B946153E425316727255B5 ] Apache2.4       C:\Program Files\Apache Foundation\Apache2.4\bin\httpd.exe
11:06:43.0992 0x109c  Apache2.4 - detected UnsignedFile.Multi.Generic ( 1 )
11:06:47.0349 0x109c  Detect skipped due to KSN trusted
11:06:47.0349 0x109c  Apache2.4 - ok
11:06:47.0354 0x109c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
11:06:47.0365 0x109c  AppID - ok
11:06:47.0369 0x109c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:06:47.0378 0x109c  AppIDSvc - ok
11:06:47.0382 0x109c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
11:06:47.0394 0x109c  Appinfo - ok
11:06:47.0399 0x109c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:06:47.0408 0x109c  arc - ok
11:06:47.0414 0x109c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:06:47.0424 0x109c  arcsas - ok
11:06:47.0430 0x109c  [ A3626C6D3F2DC95497F3F61842D7FD89, BB95BAFD3BE22136595D889DADAD67C68ACE6A6EAB02B026C254D97C9E9F2E62 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:06:47.0437 0x109c  ASLDRService - ok
11:06:47.0440 0x109c  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:06:47.0446 0x109c  ASMMAP64 - ok
11:06:47.0454 0x109c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:06:47.0464 0x109c  aspnet_state - ok
11:06:47.0474 0x109c  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
11:06:47.0484 0x109c  ASUS InstantOn - ok
11:06:47.0489 0x109c  [ 48C1470F7D119FE1ABAB72BABD8281BB, C0A70D6CC83FF61B7F8BD2BFE8A4E12A063886C1A60F90095C74097FB30C40D0 ] ASUSProcObsrv   C:\eSupport\eDriver\I386\AsPrOb64.sys
11:06:47.0497 0x109c  ASUSProcObsrv - ok
11:06:47.0501 0x109c  [ CBF4C9263F35A9E80E4AD5CBBAE6049C, 5C0871C95DB9E6FF3D1CBDCB1B76BB3CE20ADA23B6C2C8435D7BCE7E71C43346 ] AsusVBus        C:\Windows\system32\DRIVERS\AsusVBus.sys
11:06:47.0507 0x109c  AsusVBus - ok
11:06:47.0511 0x109c  [ C951F6F1D909E1AAD7160D9EE860A3F1, D8E3DDD6EB4516CE3D3C4DBA2AE9B77EBFEDDE817035B40447F63CF3DCF1275D ] AsusVTouch      C:\Windows\system32\DRIVERS\AsusVTouch.sys
11:06:47.0518 0x109c  AsusVTouch - ok
11:06:47.0521 0x109c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:06:47.0544 0x109c  AsyncMac - ok
11:06:47.0548 0x109c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:06:47.0555 0x109c  atapi - ok
11:06:47.0559 0x109c  [ 78B183A794A08978EA0A8D017054352B, 5C9BEF59619F235BB1F81A9BD88A39D7C7D594443F198B68B5373F20001937C3 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
11:06:47.0571 0x109c  AthBTPort - ok
11:06:47.0579 0x109c  [ 7A1F47FFF813F141E5ADEBB4FD97E14F, 84605F9FBA52A9554DAAB23C39309E17AB9D0142E0676199F0A025EF2F24D879 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:06:47.0585 0x109c  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:06:50.0359 0x109c  Detect skipped due to KSN trusted
11:06:50.0359 0x109c  AtherosSvc - ok
11:06:50.0427 0x109c  [ 0B034E43E0B4A33BB5624C28EFE3C6ED, 5C727562C79E487B5D85F59B9496273FD56E502CED399EE613FAB0A50E12EE16 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
11:06:50.0503 0x109c  athr - ok
11:06:50.0510 0x109c  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:06:50.0517 0x109c  ATKGFNEXSrv - ok
11:06:50.0520 0x109c  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:06:50.0526 0x109c  ATKWMIACPIIO - ok
11:06:50.0540 0x109c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:06:50.0561 0x109c  AudioEndpointBuilder - ok
11:06:50.0574 0x109c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:06:50.0593 0x109c  AudioSrv - ok
11:06:50.0601 0x109c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:06:50.0628 0x109c  AxInstSV - ok
11:06:50.0641 0x109c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:06:50.0661 0x109c  b06bdrv - ok
11:06:50.0671 0x109c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:06:50.0688 0x109c  b57nd60a - ok
11:06:50.0697 0x109c  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
11:06:50.0709 0x109c  BBSvc - ok
11:06:50.0718 0x109c  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
11:06:50.0729 0x109c  BBUpdate - ok
11:06:50.0734 0x109c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:06:50.0745 0x109c  BDESVC - ok
11:06:50.0749 0x109c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:06:50.0772 0x109c  Beep - ok
11:06:50.0791 0x109c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:06:50.0817 0x109c  BFE - ok
11:06:50.0825 0x109c  [ D1668FA23D26CC97AEBF0EBAE1A015B7, 22215FC6F4292C1F5C24248CF8B455A488C2C63B29D35D6159423F1B5297F66F ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
11:06:50.0836 0x109c  BingDesktopUpdate - ok
11:06:50.0856 0x109c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:06:50.0952 0x109c  BITS - ok
11:06:50.0956 0x109c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:06:50.0965 0x109c  blbdrive - ok
11:06:50.0969 0x109c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:06:50.0980 0x109c  bowser - ok
11:06:50.0983 0x109c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:06:51.0005 0x109c  BrFiltLo - ok
11:06:51.0008 0x109c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:06:51.0018 0x109c  BrFiltUp - ok
11:06:51.0024 0x109c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:06:51.0037 0x109c  Browser - ok
11:06:51.0045 0x109c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:06:51.0061 0x109c  Brserid - ok
11:06:51.0065 0x109c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:06:51.0076 0x109c  BrSerWdm - ok
11:06:51.0079 0x109c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:06:51.0089 0x109c  BrUsbMdm - ok
11:06:51.0092 0x109c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:06:51.0102 0x109c  BrUsbSer - ok
11:06:51.0113 0x109c  [ 9FD1D36A81C0B13DA1EAA0C8ABB4DC65, EC73BBB82E38BF320E5D4D1597B4170CBDB51E08CF533773E1B9C1209115679A ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
11:06:51.0126 0x109c  BstHdAndroidSvc - ok
11:06:51.0132 0x109c  [ B0CEC6040ABA5510B8D36E3066AF718D, EDA306270655A7D6849BEB8E1C7F9A3D5D55C04896A3994AC884D762022AE8D1 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
11:06:51.0140 0x109c  BstHdDrv - ok
11:06:51.0151 0x109c  [ 4015287649DBA0336CB27A2757C7E5E6, 359C4419836CA61D8CFAC5C6B4555B6694B47E0D22C59588A8A61ED59DA01194 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
11:06:51.0163 0x109c  BstHdLogRotatorSvc - ok
11:06:51.0179 0x109c  [ 2A7A71452CE6106E1F50BE759C369E66, D169D2038287F25F10772E66EED469969D616930FF38401D1F30B2D35A6B23F5 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
11:06:51.0197 0x109c  BstHdUpdaterSvc - ok
11:06:51.0209 0x109c  [ B1ED56C4A0FD343E9DCB42ED44329028, 6718AC741DD519570EA0ED60BAE2D2091D1F1247F8955F42C0491684E5C87D17 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
11:06:51.0228 0x109c  BTATH_A2DP - ok
11:06:51.0232 0x109c  [ 869F3519010BB4D5F9C95F2DD005C34F, 2D08C00BA3164242863442EA1BC9ABD59C4B78E65FD9D0F8A8D916B98C70B071 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
11:06:51.0242 0x109c  btath_avdt - ok
11:06:51.0245 0x109c  [ D438A33D568C76C24E8D7394981F42DC, E5884C20E55B8EDC8E19C55DDFBE4A8FDFBE2327ACE94BFC2BFD3BCEE6EBC2AD ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
11:06:51.0254 0x109c  BTATH_BUS - ok
11:06:51.0260 0x109c  [ 6EFA8C93009E0BE0886C2422C7D20BC5, 55717C459893B533C9F21FAA997004001646F43629F4DA9D8464408E20575F02 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
11:06:51.0272 0x109c  BTATH_HCRP - ok
11:06:51.0276 0x109c  [ 168506D0F0C8DF588F8A7E25C58A2DE6, EF744D95797F66D8D7F79B3256AEB3255D161A61BCA9D39CDB3F3699079AC61B ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
11:06:51.0285 0x109c  BTATH_LWFLT - ok
11:06:51.0295 0x109c  [ 7C8FB1D73BD279DD914CCA6ED0F4F62B, 936492E05E760A65DF507651E18A7BB331FDEE9FBEF7ABC556389308F53726F0 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
11:06:51.0311 0x109c  BTATH_RCP - ok
11:06:51.0328 0x109c  [ F66BEA72E4061E35DFF0E0BCD6A0C4E2, C445DC3B51F3A822C27EBF84978FA98FEA5DFCD83F0FBD600BA8C4B8C57E1E09 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
11:06:51.0353 0x109c  BtFilter - ok
11:06:51.0358 0x109c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:06:51.0369 0x109c  BthEnum - ok
11:06:51.0373 0x109c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:06:51.0386 0x109c  BTHMODEM - ok
11:06:51.0392 0x109c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:06:51.0405 0x109c  BthPan - ok
11:06:51.0420 0x109c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:06:51.0441 0x109c  BTHPORT - ok
11:06:51.0447 0x109c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:06:51.0472 0x109c  bthserv - ok
11:06:51.0476 0x109c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:06:51.0488 0x109c  BTHUSB - ok
11:06:51.0517 0x109c  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
11:06:51.0546 0x109c  c2cautoupdatesvc - ok
11:06:51.0582 0x109c  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
11:06:51.0619 0x109c  c2cpnrsvc - ok
11:06:51.0622 0x109c  c2wts - ok
11:06:51.0628 0x109c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:06:51.0654 0x109c  cdfs - ok
11:06:51.0660 0x109c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:06:51.0671 0x109c  cdrom - ok
11:06:51.0675 0x109c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:06:51.0700 0x109c  CertPropSvc - ok
11:06:51.0704 0x109c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:06:51.0714 0x109c  circlass - ok
11:06:51.0726 0x109c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
11:06:51.0742 0x109c  CLFS - ok
11:06:51.0750 0x109c  [ 43A76111BFF11559CA1E6D13FFABF646, 4EDB91FF313AD94A284DE04446B13964916A9FE5496A9FF294F94DA140337150 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
11:06:51.0761 0x109c  CLKMSVC10_38F51D56 - ok
11:06:51.0767 0x109c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:06:51.0775 0x109c  clr_optimization_v2.0.50727_32 - ok
11:06:51.0781 0x109c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:06:51.0790 0x109c  clr_optimization_v2.0.50727_64 - ok
11:06:51.0797 0x109c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:06:51.0807 0x109c  clr_optimization_v4.0.30319_32 - ok
11:06:51.0811 0x109c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:06:51.0822 0x109c  clr_optimization_v4.0.30319_64 - ok
11:06:51.0825 0x109c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:06:51.0834 0x109c  CmBatt - ok
11:06:51.0837 0x109c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:06:51.0845 0x109c  cmdide - ok
11:06:51.0855 0x109c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
11:06:51.0875 0x109c  CNG - ok
11:06:51.0878 0x109c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:06:51.0886 0x109c  Compbatt - ok
11:06:51.0889 0x109c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:06:51.0901 0x109c  CompositeBus - ok
11:06:51.0904 0x109c  COMSysApp - ok
11:06:51.0921 0x109c  [ F08C6020E57F5E5BF2FD034DB10BEDFB, 288EA64A57057EAD135685F2C46CA53BA0319EA28B7B7A2ECBE29E50ED807FCA ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:06:51.0934 0x109c  cphs - ok
11:06:51.0938 0x109c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:06:51.0945 0x109c  crcdisk - ok
11:06:51.0952 0x109c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:06:51.0964 0x109c  CryptSvc - ok
11:06:51.0970 0x109c  [ 03B89F9B7B2E33E0CEFAFB7AE7315759, 5387243AA043A7D413B83130E43B6103805259B16A54C9E1A316EDE88D9E57DE ] CXPLRCAP        C:\Windows\system32\drivers\elvidcap.sys
11:06:51.0980 0x109c  CXPLRCAP - ok
11:06:51.0995 0x109c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:06:52.0029 0x109c  DcomLaunch - ok
11:06:52.0039 0x109c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:06:52.0069 0x109c  defragsvc - ok
11:06:52.0074 0x109c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:06:52.0097 0x109c  DfsC - ok
11:06:52.0103 0x109c  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
11:06:52.0112 0x109c  dg_ssudbus - ok
11:06:52.0122 0x109c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:06:52.0140 0x109c  Dhcp - ok
11:06:52.0144 0x109c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:06:52.0167 0x109c  discache - ok
11:06:52.0172 0x109c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:06:52.0182 0x109c  Disk - ok
11:06:52.0241 0x109c  [ 94E99DB4BC81C00FFAB5701C1E5A09AB, A203047EAE1FCEFD23AF9D0431D112AF0C83D712E7FFFD67EBE9D8E7EB133FB2 ] DisplayFusionService C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
11:06:52.0298 0x109c  DisplayFusionService - ok
11:06:52.0308 0x109c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:06:52.0323 0x109c  Dnscache - ok
11:06:52.0331 0x109c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:06:52.0360 0x109c  dot3svc - ok
11:06:52.0366 0x109c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:06:52.0397 0x109c  DPS - ok
11:06:52.0400 0x109c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:06:52.0409 0x109c  drmkaud - ok
11:06:52.0434 0x109c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:06:52.0464 0x109c  DXGKrnl - ok
11:06:52.0471 0x109c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:06:52.0499 0x109c  EapHost - ok
11:06:52.0575 0x109c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:06:52.0660 0x109c  ebdrv - ok
11:06:52.0666 0x109c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
11:06:52.0675 0x109c  EFS - ok
11:06:52.0694 0x109c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:06:52.0721 0x109c  ehRecvr - ok
11:06:52.0727 0x109c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:06:52.0742 0x109c  ehSched - ok
11:06:52.0757 0x109c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:06:52.0777 0x109c  elxstor - ok
11:06:52.0780 0x109c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:06:52.0788 0x109c  ErrDev - ok
11:06:52.0802 0x109c  [ 064EA9FB578DF50FE96AFF2CEB7E5E42, 0D0B7E545A13291615984878103FD76DC6DBDDF449C34EBD013C051FF2FB971F ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
11:06:52.0818 0x109c  ETD - ok
11:06:52.0833 0x109c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:06:52.0867 0x109c  EventSystem - ok
11:06:52.0875 0x109c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:06:52.0903 0x109c  exfat - ok
11:06:52.0933 0x109c  [ ABD86929AFE7DFCE6FD87A52392E312B, 9B60FEF5F41794186294EA09905D7EE3B66F567ECBE2AECC73E8A33F6DB01FE2 ] EyelineService  C:\Program Files (x86)\NCH Software\Eyeline\eyeline.exe
11:06:52.0973 0x109c  EyelineService - ok
11:06:52.0978 0x109c  Fabs - ok
11:06:52.0985 0x109c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:06:53.0013 0x109c  fastfat - ok
11:06:53.0032 0x109c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:06:53.0060 0x109c  Fax - ok
11:06:53.0064 0x109c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:06:53.0073 0x109c  fdc - ok
11:06:53.0076 0x109c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:06:53.0099 0x109c  fdPHost - ok
11:06:53.0103 0x109c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:06:53.0130 0x109c  FDResPub - ok
11:06:53.0136 0x109c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:06:53.0145 0x109c  FileInfo - ok
11:06:53.0150 0x109c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:06:53.0175 0x109c  Filetrace - ok
11:06:53.0236 0x109c  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:06:53.0306 0x109c  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
11:06:56.0266 0x109c  Detect skipped due to KSN trusted
11:06:56.0266 0x109c  FirebirdServerMAGIXInstance - ok
11:06:56.0270 0x109c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:06:56.0279 0x109c  flpydisk - ok
11:06:56.0288 0x109c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:06:56.0303 0x109c  FltMgr - ok
11:06:56.0331 0x109c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
11:06:56.0370 0x109c  FontCache - ok
11:06:56.0375 0x109c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:06:56.0383 0x109c  FontCache3.0.0.0 - ok
11:06:56.0387 0x109c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:06:56.0397 0x109c  FsDepends - ok
11:06:56.0401 0x109c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:06:56.0410 0x109c  Fs_Rec - ok
11:06:56.0416 0x109c  [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc          C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
11:06:56.0424 0x109c  fussvc - detected UnsignedFile.Multi.Generic ( 1 )
11:06:59.0537 0x109c  Detect skipped due to KSN trusted
11:06:59.0537 0x109c  fussvc - ok
11:06:59.0548 0x109c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:06:59.0564 0x109c  fvevol - ok
11:06:59.0568 0x109c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:06:59.0577 0x109c  gagp30kx - ok
11:06:59.0599 0x109c  [ EBF714703106C1D5BC3E7B4C389A5828, D09472BCF71B58CF8F463131AD778F4D2E189047EE6B9AF088BCDE7B25398682 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:06:59.0624 0x109c  GfExperienceService - ok
11:06:59.0646 0x109c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:06:59.0688 0x109c  gpsvc - ok
11:06:59.0695 0x109c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:06:59.0704 0x109c  gupdate - ok
11:06:59.0710 0x109c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:06:59.0717 0x109c  gupdatem - ok
11:06:59.0720 0x109c  [ 9932E254656DF50C514B8AE61EF12CCC, 502C06A9FE869CF65508155ABCD29640D5A0097FBF199DF0D61D9193D98C978B ] hcmon           C:\Windows\system32\drivers\hcmon.sys
11:06:59.0728 0x109c  hcmon - ok
11:06:59.0732 0x109c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:06:59.0742 0x109c  hcw85cir - ok
11:06:59.0755 0x109c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:06:59.0774 0x109c  HdAudAddService - ok
11:06:59.0779 0x109c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:06:59.0792 0x109c  HDAudBus - ok
11:06:59.0795 0x109c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:06:59.0804 0x109c  HidBatt - ok
11:06:59.0808 0x109c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:06:59.0820 0x109c  HidBth - ok
11:06:59.0824 0x109c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:06:59.0836 0x109c  HidIr - ok
11:06:59.0839 0x109c  [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
11:06:59.0846 0x109c  hidkmdf - ok
11:06:59.0849 0x109c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:06:59.0873 0x109c  hidserv - ok
11:06:59.0876 0x109c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:06:59.0886 0x109c  HidUsb - ok
11:06:59.0890 0x109c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:06:59.0915 0x109c  hkmsvc - ok
11:06:59.0923 0x109c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:06:59.0937 0x109c  HomeGroupListener - ok
11:06:59.0943 0x109c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:06:59.0956 0x109c  HomeGroupProvider - ok
11:06:59.0960 0x109c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:06:59.0968 0x109c  HpSAMD - ok
11:06:59.0988 0x109c  [ 648A5F271BD357A7449093ED3550E395, A3177E8B79FC6F39ACAA696ED5A988BA6B9D6CABD039F8A291A10C65505115FF ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
11:07:00.0011 0x109c  hshld - ok
11:07:00.0017 0x109c  [ 0063ACEBB5BBE8C563A6ADB09155E644, BC7C9AFB83F5345065BB070A5D992DCE13CB35027D8FE402B338D775C896317B ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
11:07:00.0023 0x109c  HssDRV6 - ok
11:07:00.0027 0x109c  [ AA9A34E25BBDC87662DE03CC0E2B3B07, 35B534E27EE24E734978F192B05870EF6B71F01143301A74AF0E947C67DBF0CF ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
11:07:00.0034 0x109c  HssTrayService - ok
11:07:00.0046 0x109c  [ 112384A00DF498B76570802B03C9CBA6, EBAB8691B066207D89BF05043D996E2983761440362255F70FD9832D57B1B3F6 ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
11:07:00.0060 0x109c  HssWd - ok
11:07:00.0080 0x109c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:07:00.0120 0x109c  HTTP - ok
11:07:00.0124 0x109c  [ D7E0591E2BA1289C875A9D948377441E, 9FDBC10A4FBCE2E9521DF84E177A08530DF6FBF1F830B3D3788367DF8F8ED327 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
11:07:00.0131 0x109c  HWiNFO32 - ok
11:07:00.0135 0x109c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:07:00.0143 0x109c  hwpolicy - ok
11:07:00.0147 0x109c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:07:00.0159 0x109c  i8042prt - ok
11:07:00.0176 0x109c  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:07:00.0190 0x109c  iaStor - ok
11:07:00.0205 0x109c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:07:00.0222 0x109c  iaStorV - ok
11:07:00.0242 0x109c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:07:00.0268 0x109c  idsvc - ok
11:07:00.0272 0x109c  IEEtwCollectorService - ok
11:07:00.0624 0x109c  [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:07:01.0056 0x109c  igfx - ok
11:07:01.0071 0x109c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:07:01.0080 0x109c  iirsp - ok
11:07:01.0103 0x109c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:07:01.0132 0x109c  IKEEXT - ok
11:07:01.0221 0x109c  [ 02674201AD9FE19AC3376705077882C6, 9AA800AA77EBA488FA537FF47D361F6B09E8063A99CCBF5AE2F754A6A648DF84 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:07:01.0318 0x109c  IntcAzAudAddService - ok
11:07:01.0337 0x109c  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:07:01.0354 0x109c  Intel(R) Capability Licensing Service Interface - ok
11:07:01.0361 0x109c  [ 896AA2F1D79662B17D5DBBE588E24E30, 834257B3C247ECA0130A55FB8E5F906F54B94A124FBB842DB7D679C030BD439B ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:07:01.0368 0x109c  Intel(R) ME Service - ok
11:07:01.0373 0x109c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:07:01.0380 0x109c  intelide - ok
11:07:01.0384 0x109c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:07:01.0394 0x109c  intelppm - ok
11:07:01.0400 0x109c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:07:01.0426 0x109c  IPBusEnum - ok
11:07:01.0431 0x109c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:07:01.0454 0x109c  IpFilterDriver - ok
11:07:01.0468 0x109c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:07:01.0491 0x109c  iphlpsvc - ok
11:07:01.0495 0x109c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:07:01.0506 0x109c  IPMIDRV - ok
11:07:01.0511 0x109c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:07:01.0537 0x109c  IPNAT - ok
11:07:01.0541 0x109c  [ 944A6D2E1D971806EFFE4BBABF0DBDC7, 394FC1137D2F5CAE0076229EBFEA940584A15AE4D382006507292A94441AF442 ] IpOverUsbSvc    C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
11:07:01.0548 0x109c  IpOverUsbSvc - ok
11:07:01.0553 0x109c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:07:01.0572 0x109c  IRENUM - ok
11:07:01.0575 0x109c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:07:01.0582 0x109c  isapnp - ok
11:07:01.0592 0x109c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:07:01.0606 0x109c  iScsiPrt - ok
11:07:01.0610 0x109c  [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
11:07:01.0617 0x109c  iusb3hcs - ok
11:07:01.0629 0x109c  [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
11:07:01.0645 0x109c  iusb3hub - ok
11:07:01.0665 0x109c  [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:07:01.0690 0x109c  iusb3xhc - ok
11:07:01.0697 0x109c  [ 3C6630473DD42FFC57D9F5564F533127, 1B2BBB8CF7AD5BF3F99565DA49F51B1E15D4B35698C105C0597DDBEB2DA61A83 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:07:01.0705 0x109c  jhi_service - ok
11:07:01.0710 0x109c  [ 891C7BB464834EE9AA62F5B547373E5B, 5CBB3C60B0AA65F7C89124FEC7B5AB420A725C38CD147D3C54CF05C993C2594F ] jlink           C:\Windows\system32\DRIVERS\jlinkx64.sys
11:07:01.0717 0x109c  jlink - ok
11:07:01.0722 0x109c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:07:01.0731 0x109c  kbdclass - ok
11:07:01.0734 0x109c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:07:01.0743 0x109c  kbdhid - ok
11:07:01.0747 0x109c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
11:07:01.0756 0x109c  KeyIso - ok
11:07:01.0761 0x109c  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:07:01.0770 0x109c  KSecDD - ok
11:07:01.0775 0x109c  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:07:01.0785 0x109c  KSecPkg - ok
11:07:01.0788 0x109c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:07:01.0811 0x109c  ksthunk - ok
11:07:01.0825 0x109c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:07:01.0859 0x109c  KtmRm - ok
11:07:01.0866 0x109c  [ 1FB00F2A2C81FFC5EC621FFE00E56317, 2BBD000E512095B19D94D08885E439413269F0580A28DC91B483DF120588669B ] L1C             C:\Windows\system32\DRIVERS\L1C60x64.sys
11:07:01.0876 0x109c  L1C - ok
11:07:01.0885 0x109c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:07:01.0923 0x109c  LanmanServer - ok
11:07:01.0928 0x109c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:07:01.0954 0x109c  LanmanWorkstation - ok
11:07:01.0960 0x109c  [ 015BABFCD2E911C505204257DAB5ADC5, 94239919E967ABA12394D445E2D126447B5B7FB042DB95B1CCB280AF02D93833 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
11:07:01.0968 0x109c  LEqdUsb - ok
11:07:01.0971 0x109c  [ 20A23B8863AAA8A23EEB9E2919F529FD, 5DD7C780346DA6A36AB55B38109167B3BE138713C5A7C913BFED2B61F34E8BA1 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
11:07:01.0977 0x109c  LHidEqd - ok
11:07:01.0981 0x109c  [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:07:01.0988 0x109c  LHidFilt - ok
11:07:01.0992 0x109c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:07:02.0016 0x109c  lltdio - ok
11:07:02.0026 0x109c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:07:02.0056 0x109c  lltdsvc - ok
11:07:02.0059 0x109c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:07:02.0083 0x109c  lmhosts - ok
11:07:02.0086 0x109c  [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:07:02.0093 0x109c  LMouFilt - ok
11:07:02.0103 0x109c  [ 2B23FAA39D8F949ED5EEE03ECA50BCD5, 7CEF2455D21A355542B290F4F18EDBC444F3704A31E569652D96A0A3E6799826 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:07:02.0113 0x109c  LMS - ok
11:07:02.0120 0x109c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:07:02.0131 0x109c  LSI_FC - ok
11:07:02.0135 0x109c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:07:02.0146 0x109c  LSI_SAS - ok
11:07:02.0150 0x109c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:07:02.0159 0x109c  LSI_SAS2 - ok
11:07:02.0164 0x109c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:07:02.0174 0x109c  LSI_SCSI - ok
11:07:02.0179 0x109c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:07:02.0203 0x109c  luafv - ok
11:07:02.0207 0x109c  [ 97355D9AAC9EC42A7DFC9664F81FC699, B96E483271F326135F2CB7797A7EEFFCA275761FE75134849DCAA812E26523B8 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
11:07:02.0214 0x109c  LUsbFilt - ok
11:07:02.0217 0x109c  [ 23488767CB18FC3FF39E3AF1DB3FB02C, F526B80EDA5309162239741CF1C77957E2F9EDEB223AB3DB6FF0DEA3D473590B ] massfilter      C:\Windows\system32\drivers\massfilter.sys
11:07:02.0226 0x109c  massfilter - ok
11:07:02.0230 0x109c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:07:02.0241 0x109c  Mcx2Svc - ok
11:07:02.0245 0x109c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:07:02.0253 0x109c  megasas - ok
11:07:02.0264 0x109c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:07:02.0279 0x109c  MegaSR - ok
11:07:02.0284 0x109c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:07:02.0292 0x109c  MEIx64 - ok
11:07:02.0296 0x109c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:07:02.0320 0x109c  MMCSS - ok
11:07:02.0324 0x109c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:07:02.0348 0x109c  Modem - ok
11:07:02.0352 0x109c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:07:02.0363 0x109c  monitor - ok
11:07:02.0367 0x109c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:07:02.0377 0x109c  mouclass - ok
11:07:02.0380 0x109c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:07:02.0390 0x109c  mouhid - ok
11:07:02.0394 0x109c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:07:02.0403 0x109c  mountmgr - ok
11:07:02.0409 0x109c  [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:07:02.0419 0x109c  MozillaMaintenance - ok
11:07:02.0426 0x109c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:07:02.0436 0x109c  mpio - ok
11:07:02.0441 0x109c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:07:02.0466 0x109c  mpsdrv - ok
11:07:02.0488 0x109c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:07:02.0532 0x109c  MpsSvc - ok
11:07:02.0538 0x109c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:07:02.0549 0x109c  MRxDAV - ok
11:07:02.0556 0x109c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:07:02.0568 0x109c  mrxsmb - ok
11:07:02.0578 0x109c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:07:02.0593 0x109c  mrxsmb10 - ok
11:07:02.0598 0x109c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:07:02.0609 0x109c  mrxsmb20 - ok
11:07:02.0613 0x109c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:07:02.0622 0x109c  msahci - ok
11:07:02.0629 0x109c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:07:02.0639 0x109c  msdsm - ok
11:07:02.0646 0x109c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:07:02.0659 0x109c  MSDTC - ok
11:07:02.0664 0x109c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:07:02.0688 0x109c  Msfs - ok
11:07:02.0690 0x109c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:07:02.0714 0x109c  mshidkmdf - ok
11:07:02.0717 0x109c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:07:02.0724 0x109c  msisadrv - ok
11:07:02.0731 0x109c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:07:02.0760 0x109c  MSiSCSI - ok
11:07:02.0763 0x109c  msiserver - ok
11:07:02.0766 0x109c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:07:02.0790 0x109c  MSKSSRV - ok
11:07:02.0793 0x109c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:07:02.0816 0x109c  MSPCLOCK - ok
11:07:02.0819 0x109c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:07:02.0842 0x109c  MSPQM - ok
11:07:02.0853 0x109c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:07:02.0870 0x109c  MsRPC - ok
11:07:02.0875 0x109c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:07:02.0883 0x109c  mssmbios - ok
11:07:02.0885 0x109c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:07:02.0909 0x109c  MSTEE - ok
11:07:02.0913 0x109c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:07:02.0922 0x109c  MTConfig - ok
11:07:02.0926 0x109c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:07:02.0934 0x109c  Mup - ok
11:07:02.0939 0x109c  MySQL56 - ok
11:07:02.0945 0x109c  [ 684D9033C3DF1727DD36C6464533176D, BD0EE7F922A493528FC705CE30BF59B1E0743A913A05D811FFA6590DD356718E ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
11:07:02.0953 0x109c  NanoServiceMain - ok
11:07:02.0967 0x109c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:07:03.0000 0x109c  napagent - ok
11:07:03.0012 0x109c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:07:03.0032 0x109c  NativeWifiP - ok
11:07:03.0036 0x109c  [ 64899EA9F8E9D23CE990AB86E7C3DB1D, 84F7F58CD01155C1B37CEFFC5E76087718FA9113A0C8778B5E531784848E8D73 ] nbdrv           C:\Windows\system32\DRIVERS\nbdrv.sys
11:07:03.0044 0x109c  nbdrv - ok
11:07:03.0068 0x109c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:07:03.0099 0x109c  NDIS - ok
11:07:03.0103 0x109c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:07:03.0127 0x109c  NdisCap - ok
11:07:03.0131 0x109c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:07:03.0156 0x109c  NdisTapi - ok
11:07:03.0159 0x109c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:07:03.0182 0x109c  Ndisuio - ok
11:07:03.0188 0x109c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:07:03.0214 0x109c  NdisWan - ok
11:07:03.0218 0x109c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:07:03.0241 0x109c  NDProxy - ok
11:07:03.0246 0x109c  [ FF69C6B0A635D6B6C1EB55FA453B50AA, 577722F1DE4B65B3F9242417148126672E2E3660BBE868C3130504FB1CE5E750 ] NetBalancerService C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
11:07:03.0255 0x109c  NetBalancerService - ok
11:07:03.0260 0x109c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:07:03.0284 0x109c  NetBIOS - ok
11:07:03.0295 0x109c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:07:03.0325 0x109c  NetBT - ok
11:07:03.0328 0x109c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
11:07:03.0336 0x109c  Netlogon - ok
11:07:03.0348 0x109c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:07:03.0381 0x109c  Netman - ok
11:07:03.0388 0x109c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:03.0399 0x109c  NetMsmqActivator - ok
11:07:03.0403 0x109c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:03.0414 0x109c  NetPipeActivator - ok
11:07:03.0427 0x109c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:07:03.0464 0x109c  netprofm - ok
11:07:03.0469 0x109c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:03.0478 0x109c  NetTcpActivator - ok
11:07:03.0483 0x109c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:03.0493 0x109c  NetTcpPortSharing - ok
11:07:03.0498 0x109c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:07:03.0509 0x109c  nfrd960 - ok
11:07:03.0519 0x109c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:07:03.0534 0x109c  NlaSvc - ok
11:07:03.0539 0x109c  [ 49187521F6CD3719898F22D32BF6FE14, A248D75B3C8DE2C90C408B82FCBBE0D5623CAC9526A188EE9A4CE44C191BE308 ] NNSALPC         C:\Windows\system32\DRIVERS\NNSAlpc.sys
11:07:03.0549 0x109c  NNSALPC - ok
11:07:03.0557 0x109c  [ 944E0EB604FDC54C14FDEC74EB394BD2, 8CF7D61FE5E27504CAE75EE1F0FF9EC3D2161F48DD2FFC0823FC1B512CE463CD ] NNSHTTP         C:\Windows\system32\DRIVERS\NNSHttp.sys
11:07:03.0567 0x109c  NNSHTTP - ok
11:07:03.0572 0x109c  [ 66A53D468BD466DF2FC43E02655341AF, 1CA0DE465414B5E0F1774C79226FCBD984FCA91074E4195FA97244A2882E5F6F ] NNSHTTPS        C:\Windows\system32\DRIVERS\NNSHttps.sys
11:07:03.0581 0x109c  NNSHTTPS - ok
11:07:03.0586 0x109c  [ 58208570B63593A511BAA7C54040862F, 43DA12D2312C24F00C5D38BF85A774B8DD8E149AD0085017374D29BD8379189D ] NNSIDS          C:\Windows\system32\DRIVERS\NNSIds.sys
11:07:03.0595 0x109c  NNSIDS - ok
11:07:03.0599 0x109c  [ 0AC9C8BDB128F55CC7D2257B94282035, BEE7471E1DF320B940926B2E00D7B71AB1438F207FB8EA186B8E756A1569349C ] NNSNAHSL        C:\Windows\system32\DRIVERS\NNSNAHSL.sys
11:07:03.0606 0x109c  NNSNAHSL - ok
11:07:03.0611 0x109c  [ 99697751DE64A3D7CA4306120D6CC87A, C623ADF8BFD6D278B1065B8CA999A336A52ED4BBBE261B7EC0C6D382C25F73B7 ] NNSPICC         C:\Windows\system32\DRIVERS\NNSPicc.sys
11:07:03.0619 0x109c  NNSPICC - ok
11:07:03.0624 0x109c  [ 7F640E0EA360A3F6EE86F74813FEFC24, 12D09A9229AF484F23FFC7DAFD4BC44EC421B13F694E98B57CD3015BD0CD8A60 ] NNSPIHSW        C:\Windows\system32\DRIVERS\NNSPihsw.sys
11:07:03.0631 0x109c  NNSPIHSW - ok
11:07:03.0636 0x109c  [ 163E56A6A4D85F8AD744C69C1C9E73BB, 36BAE9773D3608D246A033E1050492BE4B95DD3D4E983679B4C2208F83FE5772 ] NNSPOP3         C:\Windows\system32\DRIVERS\NNSPop3.sys
11:07:03.0645 0x109c  NNSPOP3 - ok
11:07:03.0653 0x109c  [ 879B319D73A7D590978A7221FF718A7E, 8128000477720E37ADFC39B548342CEE794930416F874CC4B80F68D68C64CFEE ] NNSPROT         C:\Windows\system32\DRIVERS\NNSProt.sys
11:07:03.0666 0x109c  NNSPROT - ok
11:07:03.0672 0x109c  [ 71B34C94305109929814D5B272562279, D4F71523D5A716B94F0FBCD70FD8C53692129A463646992364CDFB9C22BD6BFE ] NNSPRV          C:\Windows\system32\DRIVERS\NNSPrv.sys
11:07:03.0682 0x109c  NNSPRV - ok
11:07:03.0687 0x109c  [ F7C11C9BFE13CCEE4C96760D437AD7AE, A66FD750B16DBF29757805B9168C4BBC1ED0E6C75A04A8F7BD8EDFB86084F575 ] NNSSMTP         C:\Windows\system32\DRIVERS\NNSSmtp.sys
11:07:03.0696 0x109c  NNSSMTP - ok
11:07:03.0703 0x109c  [ 73932C39B0117344CC9AEED5B8653F36, E135BD6D6D98D4B0FF540170403233155A3C0F4A08A694E33EAF8EF1E61627B9 ] NNSSTRM         C:\Windows\system32\DRIVERS\NNSStrm.sys
11:07:03.0715 0x109c  NNSSTRM - ok
11:07:03.0720 0x109c  [ D5F2661EB8D3027070EB630D3CA2DD86, 8999955CF5C16703BF2606DB4B8028F35429761E5FACE16E31C4FC9189FCAFBB ] NNSTLSC         C:\Windows\system32\DRIVERS\NNSTlsc.sys
11:07:03.0728 0x109c  NNSTLSC - ok
11:07:03.0731 0x109c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:07:03.0755 0x109c  Npfs - ok
11:07:03.0758 0x109c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:07:03.0783 0x109c  nsi - ok
11:07:03.0787 0x109c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:07:03.0811 0x109c  nsiproxy - ok
11:07:03.0848 0x109c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:07:03.0890 0x109c  Ntfs - ok
11:07:03.0895 0x109c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:07:03.0919 0x109c  Null - ok
11:07:03.0926 0x109c  [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:07:03.0937 0x109c  NVHDA - ok
11:07:03.0944 0x109c  [ 0922F1A55D8DBFDF2E15C5E11007473E, D49D000335DE3CD6B9C46F763184B1D63CDAEE295A2B91B8F1CE608E2AE9DE8E ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
11:07:03.0957 0x109c  nvkflt - ok
11:07:04.0116 0x109c  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:07:04.0312 0x109c  nvlddmkm - ok
11:07:04.0355 0x109c  [ F758A5752CA282925CE3324FDBBADBED, E9DE21AE4509BC401FE7BD717E1585BDEAF2E016A4DC8BB829DD43F54101923F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:07:04.0391 0x109c  NvNetworkService - ok
11:07:04.0397 0x109c  [ F54C556FB7BE00CA0CC2E5C11194D2C5, 9956F5B3F37C545A20C005282F774D264CDBA3546AFFB942E69BDB24EDA1F6CD ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
11:07:04.0404 0x109c  nvpciflt - ok
11:07:04.0411 0x109c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:07:04.0422 0x109c  nvraid - ok
11:07:04.0429 0x109c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:07:04.0440 0x109c  nvstor - ok
11:07:04.0443 0x109c  [ 0772513BF441995A61A6C6F87BE12174, 308203FACAAFC87AA18765F0F358ADF5F99D0CAA9ADE51C14C43416FAB68FA18 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:07:04.0449 0x109c  NvStreamKms - ok
11:07:04.0452 0x109c  NvStreamSvc - ok
11:07:04.0471 0x109c  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:07:04.0494 0x109c  nvsvc - ok
11:07:04.0498 0x109c  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
11:07:04.0506 0x109c  nvvad_WaveExtensible - ok
11:07:04.0512 0x109c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:07:04.0522 0x109c  nv_agp - ok
11:07:04.0527 0x109c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:07:04.0537 0x109c  ohci1394 - ok
11:07:04.0542 0x109c  [ B070AA6364AC42D7B0118E24E1E1D3A6, 7C23172ACD54CFFC8B40A2C29F8A67EFC1F4D94A10EFD40345773B51B73A4651 ] openerp-server-7.0 C:\Program Files (x86)\OpenERP\Server\service\OpenERPServerService.exe
11:07:04.0547 0x109c  openerp-server-7.0 - detected UnsignedFile.Multi.Generic ( 1 )
11:07:07.0486 0x109c  Detect skipped due to KSN trusted
11:07:07.0486 0x109c  openerp-server-7.0 - ok
11:07:07.0492 0x109c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:07:07.0502 0x109c  ose - ok
11:07:07.0609 0x109c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:07:07.0732 0x109c  osppsvc - ok
11:07:07.0748 0x109c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:07:07.0766 0x109c  p2pimsvc - ok
11:07:07.0780 0x109c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:07:07.0800 0x109c  p2psvc - ok
11:07:07.0804 0x109c  [ 742FC7886B2F155317723F1D6B045F94, BCB0DC50A64423973694DD35A270C6C9F4BB5A0A0819ECA0287B8BB9458DB137 ] PandaAgent      C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
11:07:07.0812 0x109c  PandaAgent - ok
11:07:07.0817 0x109c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:07:07.0828 0x109c  Parport - ok
11:07:07.0832 0x109c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:07:07.0840 0x109c  partmgr - ok
11:07:07.0846 0x109c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:07:07.0859 0x109c  PcaSvc - ok
11:07:07.0867 0x109c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:07:07.0879 0x109c  pci - ok
11:07:07.0882 0x109c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:07:07.0889 0x109c  pciide - ok
11:07:07.0897 0x109c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:07:07.0910 0x109c  pcmcia - ok
11:07:07.0914 0x109c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:07:07.0923 0x109c  pcw - ok
11:07:07.0936 0x109c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:07:07.0956 0x109c  PEAUTH - ok
11:07:07.0975 0x109c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:07:07.0985 0x109c  PerfHost - ok
11:07:08.0020 0x109c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:07:08.0076 0x109c  pla - ok
11:07:08.0090 0x109c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:07:08.0110 0x109c  PlugPlay - ok
11:07:08.0116 0x109c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:07:08.0125 0x109c  PNRPAutoReg - ok
11:07:08.0135 0x109c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:07:08.0149 0x109c  PNRPsvc - ok
11:07:08.0164 0x109c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:07:08.0199 0x109c  PolicyAgent - ok
11:07:08.0205 0x109c  PostgreSQL_For_OpenERP - ok
11:07:08.0211 0x109c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:07:08.0238 0x109c  Power - ok
11:07:08.0244 0x109c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:07:08.0269 0x109c  PptpMiniport - ok
11:07:08.0331 0x109c  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:07:08.0403 0x109c  PrintNotify - detected UnsignedFile.Multi.Generic ( 1 )
11:07:11.0182 0x109c  Detect skipped due to KSN trusted
11:07:11.0182 0x109c  PrintNotify - ok
11:07:11.0189 0x109c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:07:11.0201 0x109c  Processor - ok
11:07:11.0209 0x109c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:07:11.0223 0x109c  ProfSvc - ok
11:07:11.0226 0x109c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:07:11.0235 0x109c  ProtectedStorage - ok
11:07:11.0240 0x109c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:07:11.0266 0x109c  Psched - ok
11:07:11.0273 0x109c  [ 7634AD77547B9B3E6C772956CBCF15CF, DBE1A1637BD737443DB090E6401594941E328C5E831DA2005921504596D10944 ] PSINAflt        C:\Windows\system32\DRIVERS\PSINAflt.sys
11:07:11.0283 0x109c  PSINAflt - ok
11:07:11.0288 0x109c  [ 7D2D3E766EEB6F234931D46B99BDBF75, 38285365D350FBD3CF6C7A277FFEC9B2322E0BD25460A535802E84703115D1A4 ] PSINFile        C:\Windows\system32\DRIVERS\PSINFile.sys
11:07:11.0297 0x109c  PSINFile - ok
11:07:11.0304 0x109c  [ DB31C96C3A95E42366F9C4552F262A9C, E441505B70004376903BE7F41D7A84D79EFD6D6B7259F38A810B0EFD4065A068 ] PSINKNC         C:\Windows\system32\DRIVERS\psinknc.sys
11:07:11.0315 0x109c  PSINKNC - ok
11:07:11.0320 0x109c  [ 4A8D1170BB6ED097CAC6802CF6D8BB96, DF925F89E05E7CF19ADCF1909CCDE220285286D7BD5836F19DDFF4937DCF9263 ] PSINProc        C:\Windows\system32\DRIVERS\PSINProc.sys
11:07:11.0330 0x109c  PSINProc - ok
11:07:11.0336 0x109c  [ DC0689626D73EDDBF2C5C9EE3FD5F43D, 805900441A405DED77B00A2A5EA7ACDCD7F0842C8C21DA721B375B710811D98F ] PSINProt        C:\Windows\system32\DRIVERS\PSINProt.sys
11:07:11.0346 0x109c  PSINProt - ok
11:07:11.0352 0x109c  [ 8654C41241D78E82A7ED06CB93979578, 2AA77192D47B26092CAA7D97A37831CF131B4EF31F2928595DEA5C04C4B3F534 ] PSINReg         C:\Windows\system32\DRIVERS\PSINReg.sys
11:07:11.0361 0x109c  PSINReg - ok
11:07:11.0366 0x109c  [ F29E7E36F8A8A7BAC112327E842FF0B5, 41045499589E59C6448F09D162286A3EF7EA7600F0FE98CB560FAC95187C7E9C ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
11:07:11.0374 0x109c  PSKMAD - ok
11:07:11.0379 0x109c  [ EC01F4C59EEA2DDB6090F200FA493985, C93B8D80A2B401DAA75C13645F657451CE1D5899011A9CD1BD92E00570D1D035 ] PSUAService     C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
11:07:11.0385 0x109c  PSUAService - ok
11:07:11.0424 0x109c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:07:11.0470 0x109c  ql2300 - ok
11:07:11.0477 0x109c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:07:11.0488 0x109c  ql40xx - ok
11:07:11.0496 0x109c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:07:11.0514 0x109c  QWAVE - ok
11:07:11.0517 0x109c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:07:11.0530 0x109c  QWAVEdrv - ok
11:07:11.0532 0x109c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:07:11.0556 0x109c  RasAcd - ok
11:07:11.0560 0x109c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:07:11.0586 0x109c  RasAgileVpn - ok
11:07:11.0591 0x109c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:07:11.0617 0x109c  RasAuto - ok
11:07:11.0622 0x109c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:07:11.0647 0x109c  Rasl2tp - ok
11:07:11.0658 0x109c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:07:11.0691 0x109c  RasMan - ok
11:07:11.0697 0x109c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:07:11.0722 0x109c  RasPppoe - ok
11:07:11.0726 0x109c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:07:11.0752 0x109c  RasSstp - ok
11:07:11.0762 0x109c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:07:11.0791 0x109c  rdbss - ok
11:07:11.0794 0x109c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:07:11.0805 0x109c  rdpbus - ok
11:07:11.0807 0x109c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:07:11.0830 0x109c  RDPCDD - ok
11:07:11.0835 0x109c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:07:11.0858 0x109c  RDPENCDD - ok
11:07:11.0862 0x109c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:07:11.0885 0x109c  RDPREFMP - ok
11:07:11.0890 0x109c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:07:11.0899 0x109c  RdpVideoMiniport - ok
11:07:11.0907 0x109c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:07:11.0920 0x109c  RDPWD - ok
11:07:11.0927 0x109c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:07:11.0939 0x109c  rdyboost - ok
11:07:11.0944 0x109c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:07:11.0970 0x109c  RemoteAccess - ok
11:07:11.0976 0x109c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:07:12.0004 0x109c  RemoteRegistry - ok
11:07:12.0010 0x109c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:07:12.0024 0x109c  RFCOMM - ok
11:07:12.0033 0x109c  [ 616F6E52CAE254727A886BA8EDA1BEEA, 537EE7A8959E4CBCD243C66A54AF64E5D48F9780893D8450A07645FC3DA61C0B ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:07:12.0044 0x109c  RichVideo - ok
11:07:12.0049 0x109c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:07:12.0075 0x109c  RpcEptMapper - ok
11:07:12.0078 0x109c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:07:12.0087 0x109c  RpcLocator - ok
11:07:12.0099 0x109c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:07:12.0130 0x109c  RpcSs - ok
11:07:12.0134 0x109c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:07:12.0159 0x109c  rspndr - ok
11:07:12.0173 0x109c  [ A4F7F9BB5576BF1D3A57F785C5DBEDB7, 5CE149DB0E418EBE63414E6353C26428B6853C4E5624DBE70057492BE075707C ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
11:07:12.0192 0x109c  RTL8192cu - ok
11:07:12.0196 0x109c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
11:07:12.0205 0x109c  SamSs - ok
11:07:12.0221 0x109c  [ 3DDB778E3E4F7FC9C03D5E50CD41C437, 153C31E06204D0D5FF8CCE90EACB8AF4F09C262354B9F5E08EB66BA61554E67D ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
11:07:12.0235 0x109c  Samsung Network Fax Server - ok
11:07:12.0242 0x109c  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\WNt500x64\Sandra.sys
11:07:12.0248 0x109c  SANDRA - ok
         

Alt 09.04.2015, 10:21   #11
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Rest vom Kaspersky Log:

Code:
ATTFilter
11:07:12.0253 0x109c  [ A1C506FDBC18E5B2B836C203CBA632F7, 3D7FE686BC778DC98CABB2981F7DF819D32872D26612A5BFCF070CD7EE5AEAAA ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe
11:07:12.0260 0x109c  SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
11:07:22.0205 0x109c  Detect skipped due to KSN trusted
11:07:22.0205 0x109c  SandraAgentSrv - ok
11:07:22.0211 0x109c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:07:22.0221 0x109c  sbp2port - ok
11:07:22.0230 0x109c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:07:22.0260 0x109c  SCardSvr - ok
11:07:22.0265 0x109c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:07:22.0288 0x109c  scfilter - ok
11:07:22.0313 0x109c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:07:22.0363 0x109c  Schedule - ok
11:07:22.0369 0x109c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:07:22.0393 0x109c  SCPolicySvc - ok
11:07:22.0400 0x109c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:07:22.0415 0x109c  SDRSVC - ok
11:07:22.0419 0x109c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:07:22.0442 0x109c  secdrv - ok
11:07:22.0446 0x109c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:07:22.0471 0x109c  seclogon - ok
11:07:22.0475 0x109c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:07:22.0500 0x109c  SENS - ok
11:07:22.0504 0x109c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:07:22.0515 0x109c  SensrSvc - ok
11:07:22.0518 0x109c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:07:22.0528 0x109c  Serenum - ok
11:07:22.0534 0x109c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
11:07:22.0545 0x109c  Serial - ok
11:07:22.0548 0x109c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:07:22.0557 0x109c  sermouse - ok
11:07:22.0566 0x109c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:07:22.0592 0x109c  SessionEnv - ok
11:07:22.0666 0x109c  [ 86A4C2600B5E78448E1512FBB908B515, 834F63F55F2F9311BC7FA9BDE514DBFF9F7028F2ABF04CAB7172409B273B8371 ] sfcdpsrv        C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe
11:07:22.0725 0x109c  sfcdpsrv - ok
11:07:22.0732 0x109c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:07:22.0742 0x109c  sffdisk - ok
11:07:22.0746 0x109c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:07:22.0758 0x109c  sffp_mmc - ok
11:07:22.0761 0x109c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:07:22.0772 0x109c  sffp_sd - ok
11:07:22.0775 0x109c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:07:22.0783 0x109c  sfloppy - ok
11:07:22.0809 0x109c  [ E22AA03ED81C1DB7251D3A2EA334E0E1, 672E3C6BBBE88DF74EF52FA91C7FE7AA635016108BB5A914CA2E0ADBFB131FDA ] SgtSch2Svc      C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
11:07:22.0833 0x109c  SgtSch2Svc - ok
11:07:22.0845 0x109c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:07:22.0875 0x109c  SharedAccess - ok
11:07:22.0885 0x109c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:07:22.0918 0x109c  ShellHWDetection - ok
11:07:22.0922 0x109c  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
11:07:22.0932 0x109c  SiSGbeLH - ok
11:07:22.0936 0x109c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:07:22.0944 0x109c  SiSRaid2 - ok
11:07:22.0948 0x109c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:07:22.0956 0x109c  SiSRaid4 - ok
11:07:22.0962 0x109c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:07:22.0974 0x109c  SkypeUpdate - ok
11:07:22.0981 0x109c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:07:23.0007 0x109c  Smb - ok
11:07:23.0021 0x109c  [ 10450F432811D7FDA60A97FCC674D7B2, FD6245B06DD81C6E287DA47173D622357D86D84E3A5444CD34645973FE2E8BF5 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
11:07:23.0035 0x109c  snapman - ok
11:07:23.0039 0x109c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:07:23.0049 0x109c  SNMPTRAP - ok
11:07:23.0115 0x109c  [ DB2B82F4150E9D5C9A491561CCEB9194, 54FF8235BEB8FBE916C0EEFFFEAE6CF041DDD94F1C61CFC70D469E337B2CDB6E ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
11:07:23.0198 0x109c  SNP2UVC - ok
11:07:23.0204 0x109c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:07:23.0212 0x109c  spldr - ok
11:07:23.0227 0x109c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:07:23.0248 0x109c  Spooler - ok
11:07:23.0325 0x109c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:07:23.0426 0x109c  sppsvc - ok
11:07:23.0433 0x109c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:07:23.0458 0x109c  sppuinotify - ok
11:07:23.0463 0x109c  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:07:23.0473 0x109c  SQLWriter - ok
11:07:23.0488 0x109c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:07:23.0512 0x109c  srv - ok
11:07:23.0524 0x109c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:07:23.0542 0x109c  srv2 - ok
11:07:23.0548 0x109c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:07:23.0560 0x109c  srvnet - ok
11:07:23.0569 0x109c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:07:23.0598 0x109c  SSDPSRV - ok
11:07:23.0601 0x109c  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
11:07:23.0608 0x109c  SSPORT - ok
11:07:23.0612 0x109c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:07:23.0639 0x109c  SstpSvc - ok
11:07:23.0647 0x109c  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
11:07:23.0658 0x109c  ssudmdm - ok
11:07:23.0675 0x109c  [ 5317D001B40EAF91ECA71644F1B984C6, 43F2D5E025527EE19483D0FCA1C8559740556B8F60EE1B4D6AC4BFB826F4162D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:07:23.0694 0x109c  Steam Client Service - ok
11:07:23.0705 0x109c  [ 6213F20854FB987119503F9F91C70B9F, E1683753D192B154DBFE1FD03625A2A56F8576CE2A7619B41159B1C718C73B88 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:07:23.0718 0x109c  Stereo Service - ok
11:07:23.0722 0x109c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:07:23.0729 0x109c  stexstor - ok
11:07:23.0748 0x109c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:07:23.0777 0x109c  stisvc - ok
11:07:23.0780 0x109c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:07:23.0787 0x109c  swenum - ok
11:07:23.0803 0x109c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:07:23.0838 0x109c  swprv - ok
11:07:23.0880 0x109c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:07:23.0934 0x109c  SysMain - ok
11:07:23.0940 0x109c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:07:23.0956 0x109c  TabletInputService - ok
11:07:23.0960 0x109c  [ BCF5E78E87D258088346E399E406E501, FD75AC5A7085E08AB00A2D0CE01970873598E381B6542DC5EBAC240D727AF6D7 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
11:07:23.0967 0x109c  taphss6 - ok
11:07:23.0977 0x109c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:07:24.0007 0x109c  TapiSrv - ok
11:07:24.0011 0x109c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:07:24.0037 0x109c  TBS - ok
11:07:24.0089 0x109c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:07:24.0147 0x109c  Tcpip - ok
11:07:24.0197 0x109c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:07:24.0235 0x109c  TCPIP6 - ok
11:07:24.0241 0x109c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:07:24.0251 0x109c  tcpipreg - ok
11:07:24.0256 0x109c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:07:24.0266 0x109c  TDPIPE - ok
11:07:24.0298 0x109c  [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273      C:\Windows\system32\DRIVERS\tdrpm273.sys
11:07:24.0333 0x109c  tdrpman273 - ok
11:07:24.0337 0x109c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:07:24.0346 0x109c  TDTCP - ok
11:07:24.0352 0x109c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:07:24.0363 0x109c  tdx - ok
11:07:24.0369 0x109c  [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service      C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
11:07:24.0377 0x109c  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
11:07:28.0619 0x109c  Detect skipped due to KSN trusted
11:07:28.0619 0x109c  Te.Service - ok
11:07:28.0714 0x109c  [ 58DBA76429D9DB665C751F5E34A1B6FE, 896B58713FFE2810C4A7D32C420E0C0A991E3ACD1E7852833B6BC5CF11819FCC ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
11:07:28.0809 0x109c  TeamViewer - ok
11:07:28.0819 0x109c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:07:28.0828 0x109c  TermDD - ok
11:07:28.0843 0x109c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:07:28.0865 0x109c  TermService - ok
11:07:28.0870 0x109c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:07:28.0884 0x109c  Themes - ok
11:07:28.0889 0x109c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:07:28.0913 0x109c  THREADORDER - ok
11:07:28.0941 0x109c  [ EBBAEA02F0095A798000C7E06B16D41B, CBEAC6CBF0F8D5B72ACCBADA6BD1DF1EB31F84B0D973DA955337991D4DBBDF7E ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
11:07:28.0972 0x109c  timounter - ok
11:07:28.0977 0x109c  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
11:07:28.0986 0x109c  TPM - ok
11:07:28.0992 0x109c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:07:29.0019 0x109c  TrkWks - ok
11:07:29.0026 0x109c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:07:29.0053 0x109c  TrustedInstaller - ok
11:07:29.0059 0x109c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:07:29.0068 0x109c  tssecsrv - ok
11:07:29.0073 0x109c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:07:29.0085 0x109c  TsUsbFlt - ok
11:07:29.0089 0x109c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:07:29.0100 0x109c  TsUsbGD - ok
11:07:29.0106 0x109c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:07:29.0131 0x109c  tunnel - ok
11:07:29.0136 0x109c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:07:29.0145 0x109c  uagp35 - ok
11:07:29.0157 0x109c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:07:29.0188 0x109c  udfs - ok
11:07:29.0197 0x109c  [ EC23505F255D0DA9230A3237EF5839AD, 09375B65454E67272065E49C597C50D7C60679B4F06D940240F3BE10A004FD25 ] UI Assistant Service C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
11:07:29.0206 0x109c  UI Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
11:07:34.0957 0x109c  Detect skipped due to KSN trusted
11:07:34.0957 0x109c  UI Assistant Service - ok
11:07:34.0962 0x109c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:07:34.0973 0x109c  UI0Detect - ok
11:07:34.0978 0x109c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:07:34.0987 0x109c  uliagpkx - ok
11:07:34.0990 0x109c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:07:35.0000 0x109c  umbus - ok
11:07:35.0003 0x109c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:07:35.0014 0x109c  UmPass - ok
11:07:35.0017 0x109c  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
11:07:35.0024 0x109c  UnlockerDriver5 - ok
11:07:35.0038 0x109c  [ 3C5405EF78576E8E4D791EB18F6856A8, 18FD6A5C0ACD045B324F46C7C596D537D52F43B7F2896F0D54CEBEFF4886CAEC ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:07:35.0049 0x109c  UNS - ok
11:07:35.0061 0x109c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:07:35.0093 0x109c  upnphost - ok
11:07:35.0098 0x109c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:07:35.0108 0x109c  usbaudio - ok
11:07:35.0115 0x109c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:07:35.0128 0x109c  usbccgp - ok
11:07:35.0133 0x109c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:07:35.0144 0x109c  usbcir - ok
11:07:35.0147 0x109c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:07:35.0156 0x109c  usbehci - ok
11:07:35.0167 0x109c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:07:35.0185 0x109c  usbhub - ok
11:07:35.0188 0x109c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:07:35.0197 0x109c  usbohci - ok
11:07:35.0201 0x109c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:07:35.0212 0x109c  usbprint - ok
11:07:35.0215 0x109c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:07:35.0224 0x109c  usbscan - ok
11:07:35.0228 0x109c  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
11:07:35.0238 0x109c  usbser - ok
11:07:35.0243 0x109c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:07:35.0253 0x109c  USBSTOR - ok
11:07:35.0257 0x109c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:07:35.0265 0x109c  usbuhci - ok
11:07:35.0273 0x109c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:07:35.0285 0x109c  usbvideo - ok
11:07:35.0289 0x109c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:07:35.0314 0x109c  UxSms - ok
11:07:35.0317 0x109c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
11:07:35.0326 0x109c  VaultSvc - ok
11:07:35.0329 0x109c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:07:35.0337 0x109c  vdrvroot - ok
11:07:35.0352 0x109c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:07:35.0389 0x109c  vds - ok
11:07:35.0394 0x109c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:07:35.0405 0x109c  vga - ok
11:07:35.0409 0x109c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:07:35.0434 0x109c  VgaSave - ok
11:07:35.0444 0x109c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:07:35.0458 0x109c  vhdmp - ok
11:07:35.0462 0x109c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:07:35.0470 0x109c  viaide - ok
11:07:35.0475 0x109c  [ 8F840F58C3C93CBB9F6326DE242BE254, 3B886561BE69014F345665530BB43A083052FD26C431F5EADDB3AFF92499E554 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
11:07:35.0482 0x109c  VMAuthdService - ok
11:07:35.0487 0x109c  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
11:07:35.0495 0x109c  vmci - ok
11:07:35.0499 0x109c  [ A56E3B4E27492019F59A27C21D674564, 6BE225804C0A2AB2215D4B094F61BB058CAD485409EE774E432297D48A56D58C ] vmkbd2          C:\Windows\system32\drivers\VMkbd.sys
11:07:35.0506 0x109c  vmkbd2 - ok
11:07:35.0509 0x109c  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:07:35.0515 0x109c  VMnetAdapter - ok
11:07:35.0519 0x109c  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:07:35.0526 0x109c  VMnetBridge - ok
11:07:35.0529 0x109c  VMnetDHCP - ok
11:07:35.0533 0x109c  [ FFA68AEC24B382A77185CEAAA2A33CAF, 03B1C0CFD58D9C6B8ABADA878528120BF313E247EA05F89400FF668283944EDC ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
11:07:35.0540 0x109c  VMnetuserif - ok
11:07:35.0557 0x109c  [ 9D88591D3B97D30234F5B965B8E0ABD6, 42ECDD6D789645242E4640F10C1FB91BF0C2B37CDE3CF864B8175EE3E05DB2DB ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:07:35.0577 0x109c  VMUSBArbService - ok
11:07:35.0582 0x109c  VMware NAT Service - ok
11:07:35.0586 0x109c  [ DDE3CECDC1BD30EA3485C9BED4B95669, 52ADD9B536255FB4367389BEDD3925EC6B5189BC91EE850CCF765846350D8DFE ] vmx86           C:\Windows\system32\drivers\vmx86.sys
11:07:35.0593 0x109c  vmx86 - ok
11:07:35.0598 0x109c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:07:35.0607 0x109c  volmgr - ok
11:07:35.0619 0x109c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:07:35.0635 0x109c  volmgrx - ok
11:07:35.0645 0x109c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:07:35.0659 0x109c  volsnap - ok
11:07:35.0663 0x109c  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
11:07:35.0671 0x109c  vpnva - ok
11:07:35.0675 0x109c  [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
11:07:35.0684 0x109c  VsEtwService120 - ok
11:07:35.0693 0x109c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:07:35.0705 0x109c  vsmraid - ok
11:07:35.0709 0x109c  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\Windows\system32\drivers\vsock.sys
11:07:35.0716 0x109c  vsock - ok
11:07:35.0756 0x109c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:07:35.0819 0x109c  VSS - ok
11:07:35.0825 0x109c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:07:35.0835 0x109c  vwifibus - ok
11:07:35.0838 0x109c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:07:35.0850 0x109c  vwififlt - ok
11:07:35.0855 0x109c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:07:35.0867 0x109c  vwifimp - ok
11:07:35.0880 0x109c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:07:35.0914 0x109c  W32Time - ok
11:07:35.0922 0x109c  [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
11:07:35.0930 0x109c  WacHidRouter - ok
11:07:35.0933 0x109c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:07:35.0943 0x109c  WacomPen - ok
11:07:35.0946 0x109c  [ 1042B08B4336EF3CE34E09435BB33A4A, A42B447B4A9B364BAE329F75D36A906999E8CB754F1B10DE322B6611FF9764F7 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
11:07:35.0952 0x109c  wacomrouterfilter - ok
11:07:35.0959 0x109c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:07:35.0984 0x109c  WANARP - ok
11:07:35.0989 0x109c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:07:36.0012 0x109c  Wanarpv6 - ok
11:07:36.0037 0x109c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:07:36.0068 0x109c  WatAdminSvc - ok
11:07:36.0106 0x109c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:07:36.0152 0x109c  wbengine - ok
11:07:36.0160 0x109c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:07:36.0178 0x109c  WbioSrvc - ok
11:07:36.0190 0x109c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:07:36.0214 0x109c  wcncsvc - ok
11:07:36.0217 0x109c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:07:36.0228 0x109c  WcsPlugInService - ok
11:07:36.0231 0x109c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:07:36.0239 0x109c  Wd - ok
11:07:36.0259 0x109c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:07:36.0285 0x109c  Wdf01000 - ok
11:07:36.0290 0x109c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:07:36.0301 0x109c  WdiServiceHost - ok
11:07:36.0305 0x109c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:07:36.0315 0x109c  WdiSystemHost - ok
11:07:36.0323 0x109c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
11:07:36.0338 0x109c  WebClient - ok
11:07:36.0345 0x109c  [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:07:36.0359 0x109c  Wecsvc - ok
11:07:36.0364 0x109c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:07:36.0390 0x109c  wercplsupport - ok
11:07:36.0396 0x109c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:07:36.0423 0x109c  WerSvc - ok
11:07:36.0426 0x109c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:07:36.0448 0x109c  WfpLwf - ok
11:07:36.0454 0x109c  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
11:07:36.0466 0x109c  WimFltr - ok
11:07:36.0469 0x109c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:07:36.0477 0x109c  WIMMount - ok
11:07:36.0479 0x109c  WinDefend - ok
11:07:36.0484 0x109c  WinHttpAutoProxySvc - ok
11:07:36.0495 0x109c  [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:07:36.0511 0x109c  Winmgmt - ok
11:07:36.0578 0x109c  [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:07:36.0656 0x109c  WinRM - ok
11:07:36.0664 0x109c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUSB.sys
11:07:36.0676 0x109c  WinUsb - ok
11:07:36.0697 0x109c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:07:36.0728 0x109c  Wlansvc - ok
11:07:36.0733 0x109c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:07:36.0741 0x109c  wlcrasvc - ok
11:07:36.0802 0x109c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:07:36.0845 0x109c  wlidsvc - ok
11:07:36.0851 0x109c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:07:36.0860 0x109c  WmiAcpi - ok
11:07:36.0871 0x109c  [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:07:36.0885 0x109c  wmiApSrv - ok
11:07:36.0887 0x109c  WMPNetworkSvc - ok
11:07:36.0891 0x109c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:07:36.0901 0x109c  WPCSvc - ok
11:07:36.0907 0x109c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:07:36.0926 0x109c  WPDBusEnum - ok
11:07:36.0929 0x109c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:07:36.0952 0x109c  ws2ifsl - ok
11:07:36.0958 0x109c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:07:36.0973 0x109c  wscsvc - ok
11:07:36.0976 0x109c  WSearch - ok
11:07:36.0995 0x109c  [ B3730C83E305A8D5E195EC5CAF508D06, 616116565252E866E429250C4131A0B0F86C43BE58B97A7B34DCED6CCC2DFD93 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
11:07:37.0011 0x109c  WTabletServicePro - ok
11:07:37.0061 0x109c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:07:37.0123 0x109c  wuauserv - ok
11:07:37.0130 0x109c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:07:37.0142 0x109c  WudfPf - ok
11:07:37.0150 0x109c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:07:37.0163 0x109c  WUDFRd - ok
11:07:37.0168 0x109c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:07:37.0179 0x109c  wudfsvc - ok
11:07:37.0188 0x109c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:07:37.0204 0x109c  WwanSvc - ok
11:07:37.0212 0x109c  [ D65B42FBF19C676AA01AE95EC62F7764, 20536DEE96A2F00456AF14A8893AABA6801132EBDA8E4F600FEE85DC0903F77F ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:07:37.0219 0x109c  ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
11:07:39.0918 0x109c  Detect skipped due to KSN trusted
11:07:39.0918 0x109c  ZAtheros Bt&Wlan Coex Agent - ok
11:07:39.0924 0x109c  [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
11:07:39.0934 0x109c  ZTEusbmdm6k - ok
11:07:39.0939 0x109c  [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
11:07:39.0949 0x109c  ZTEusbnmea - ok
11:07:39.0955 0x109c  [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
11:07:39.0965 0x109c  ZTEusbser6k - ok
11:07:39.0977 0x109c  ================ Scan global ===============================
11:07:39.0981 0x109c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:07:39.0990 0x109c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:07:40.0001 0x109c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:07:40.0008 0x109c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:07:40.0021 0x109c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
11:07:40.0035 0x109c  [ Global ] - ok
11:07:40.0036 0x109c  ================ Scan MBR ==================================
11:07:40.0042 0x109c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:07:40.0122 0x109c  \Device\Harddisk0\DR0 - ok
11:07:40.0122 0x109c  ================ Scan VBR ==================================
11:07:40.0124 0x109c  [ 4F34ED95404E214BE0490CCE3331210B ] \Device\Harddisk0\DR0\Partition1
11:07:40.0127 0x109c  \Device\Harddisk0\DR0\Partition1 - ok
11:07:40.0129 0x109c  [ 6F76B5753CCC88DCF0D49B2E0F398672 ] \Device\Harddisk0\DR0\Partition2
11:07:40.0129 0x109c  \Device\Harddisk0\DR0\Partition2 - ok
11:07:40.0131 0x109c  [ 0D71E95B1100E2636F664EE744926A10 ] \Device\Harddisk0\DR0\Partition3
11:07:40.0142 0x109c  \Device\Harddisk0\DR0\Partition3 - ok
11:07:40.0176 0x109c  [ 8303F418D08BD5427D6C7D6CDAF0DED6 ] \Device\Harddisk0\DR0\Partition4
11:07:40.0199 0x109c  \Device\Harddisk0\DR0\Partition4 - ok
11:07:40.0211 0x109c  [ 312A793FC550008E6575DCF1A156BFB4 ] \Device\Harddisk0\DR0\Partition5
11:07:40.0232 0x109c  \Device\Harddisk0\DR0\Partition5 - ok
11:07:40.0235 0x109c  [ 739E374DA38F8632704CCE063B767DD6 ] \Device\Harddisk0\DR0\Partition6
11:07:40.0255 0x109c  \Device\Harddisk0\DR0\Partition6 - ok
11:07:40.0280 0x109c  [ 97CE968B99C1341F0D9FDFA8A9500F58 ] \Device\Harddisk0\DR0\Partition7
11:07:40.0281 0x109c  \Device\Harddisk0\DR0\Partition7 - ok
11:07:40.0286 0x109c  [ C5585B069CF480913ED28CE34AC9FC1E ] \Device\Harddisk0\DR0\Partition8
11:07:40.0286 0x109c  \Device\Harddisk0\DR0\Partition8 - ok
11:07:40.0300 0x109c  [ 3E99BC13C5F0EC6DDDA6D229FFAB0662 ] \Device\Harddisk0\DR0\Partition9
11:07:40.0300 0x109c  \Device\Harddisk0\DR0\Partition9 - ok
11:07:40.0314 0x109c  [ 5246056D052DE90D12C6869DC17A5D20 ] \Device\Harddisk0\DR0\Partition10
11:07:40.0314 0x109c  \Device\Harddisk0\DR0\Partition10 - ok
11:07:40.0320 0x109c  [ 036C4CF8BB9BDB9E1318553ABDD6ECB9 ] \Device\Harddisk0\DR0\Partition11
11:07:40.0321 0x109c  \Device\Harddisk0\DR0\Partition11 - ok
11:07:40.0341 0x109c  [ C500F0FDA06BD04F5ACC856D7D869A1B ] \Device\Harddisk0\DR0\Partition12
11:07:40.0342 0x109c  \Device\Harddisk0\DR0\Partition12 - ok
11:07:40.0342 0x109c  ================ Scan generic autorun ======================
11:07:41.0146 0x109c  [ BF5ECAC9B15AF1424EC4E7B3280537EB, B39FD921978EB1929F016B81498DA962BB3D597A593B2E5D992490A74CCBF62D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:07:41.0351 0x109c  RTHDVCPL - ok
11:07:41.0388 0x109c  [ 813EE7316A9B44303D97DDE00626A527, 745F361D9EE969FC836D3D8B909BC9216471351AE828D2B3B6406245854FE01A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:07:41.0411 0x109c  RtHDVBg - ok
11:07:41.0435 0x109c  [ 4582C41A726C9D24C4272BA0227B791F, ED11A9963EF2874D7102BAB83B8DAD9A54B97141C4434FA6FD255493ADB94A15 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
11:07:41.0460 0x109c  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
11:07:44.0947 0x109c  Detect skipped due to KSN trusted
11:07:44.0947 0x109c  AtherosBtStack - ok
11:07:44.0967 0x109c  [ E5EDD9CC50FC97892C1BB08A9D59D456, CEF1BCDA72D0735FCB587A57F416A78DC2949036ACBAD5E7C7B736FD54A322FB ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
11:07:44.0987 0x109c  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
11:07:47.0753 0x109c  Detect skipped due to KSN trusted
11:07:47.0753 0x109c  AthBtTray - ok
11:07:47.0765 0x109c  [ 4490896F4491FD5F1BE601BA9C8245BD, 53709493AFDDE795A08F5E54FCF210479304B998522A06054AA9FAF514C8F1C6 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
11:07:47.0777 0x109c  AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
11:07:50.0549 0x109c  Detect skipped due to KSN trusted
11:07:50.0549 0x109c  AmIcoSinglun64 - ok
11:07:50.0597 0x109c  [ 638644168D9B5B5093AD84C9C162B550, BDBAB13BA6D369B7F87F721518F7EBD4B14D85B80BCC1E37FA929BB77200401B ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:07:50.0646 0x109c  NvBackend - ok
11:07:50.0652 0x109c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
11:07:50.0663 0x109c  ShadowPlay - ok
11:07:50.0676 0x109c  [ 822CC8973D7538093EE386FCDFE8B9B7, 2C14BA543048BC884CCD9D5A8B27658B589C99F562B5EDEDC2BCCC182429E97C ] C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
11:07:50.0687 0x109c  Seagate Scheduler2 Service - ok
11:07:50.0692 0x109c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
11:07:50.0701 0x109c  Logitech Download Assistant - ok
11:07:50.0702 0x109c  ETDCtrl - ok
11:07:50.0711 0x109c  [ ABAEEE966953092F013902849495E588, C1760F10AFCDF9F510A35508DD7DFB52FAE4BEB1C2F422C714E2587917CB8312 ] C:\Windows\system32\igfxtray.exe
11:07:50.0720 0x109c  IgfxTray - ok
11:07:50.0733 0x109c  [ 6200A37004340CBC2BA7BD585285513D, 44102F31F0223DA8633A9E44C4C15780D0CFDD9FD7D33F23F128C523087AB330 ] C:\Windows\system32\hkcmd.exe
11:07:50.0745 0x109c  HotKeysCmds - ok
11:07:50.0758 0x109c  [ C0798E90F54A10E37001CE26E51D3793, 58FCA9D3562138CF177E000DB1839FAF479F3A40139ABD366F4328F8D51FB917 ] C:\Windows\system32\igfxpers.exe
11:07:50.0771 0x109c  Persistence - ok
11:07:50.0849 0x109c  [ 86D3BEA2B995DCEA877D25725D77DC5E, 5C91AD24E7473D5E665A68A7CF52BDD8A795E63E864246577C6F7D4C82F1E5C1 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
11:07:50.0945 0x109c  ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
11:07:53.0637 0x109c  Detect skipped due to KSN trusted
11:07:53.0637 0x109c  ASUSPRP - ok
11:07:53.0640 0x109c  [ E3BA072F4070EA2A8BD511266B4CE4E7, D09618CB1E68DF808CA8B89C171CA8424826FAAEED025766359F1BA33AB2C692 ] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
11:07:53.0646 0x109c  ASUS InstantKey - detected UnsignedFile.Multi.Generic ( 1 )
11:07:56.0343 0x109c  Detect skipped due to KSN trusted
11:07:56.0343 0x109c  ASUS InstantKey - ok
11:07:56.0401 0x109c  [ B9BF29CC884BDD499803C3ED1F97FA41, 0432039F03F8708746FEB2BD4D045DDA9DE9E3DD737023676DEA1EDADDD9B1F3 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
11:07:56.0446 0x109c  Wireless Console 3 - ok
11:07:56.0453 0x109c  [ 64A7C84C0A8C79B22033F92D43919062, 487B41B759DF605C0BA1A4404C878FAE998E1EE3850ECF1A2B907DB86143ABD0 ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
11:07:56.0460 0x109c  ACMON - ok
11:07:56.0533 0x109c  [ 37DEB76A2CF005841C4E45DE2B94D84F, BB8F7BC57A4144A4489DB1DD7F2121346A2235EC478CE8F93CEB7E1773025FCA ] C:\Windows\AsScrPro.exe
11:07:56.0587 0x109c  ASUS Screen Saver Protector - ok
11:07:56.0711 0x109c  [ 1F84EBB0CB615730C9E3048B38A0C5B4, 84EF103CD4E48407BFB49E047AEE2FE2B9CC506F8CBA41A4018745A23C270721 ] C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
11:07:56.0807 0x109c  BlackArmorBackupMonitor.exe - ok
11:07:56.0823 0x109c  [ BA48CCEC781FD10B6C869F7C45CAA23E, DB3493CD84698C76B100815BCD048FEE16017615B42A2A7A02AF4C3856EAF7EB ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
11:07:56.0833 0x109c  ATKOSD2 - ok
11:07:56.0839 0x109c  [ 5041D28614C0278A089BEF977C501439, 50ACA3732812039E1B43C22B917EA57A68822EDD658494854662204C7EE1AC9C ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
11:07:56.0848 0x109c  ATKMEDIA - ok
11:07:56.0853 0x109c  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
11:07:56.0860 0x109c  HControlUser - ok
11:07:56.0908 0x109c  [ 6F85F3875C387BEEA08A3A7D60B06036, 38C89B281B2453D2D8D7D9E908C2601A9B063BF106450BB53AB5711AEFB14B0A ] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
11:07:56.0964 0x109c  BingDesktop - ok
11:07:56.0971 0x109c  [ 70BC8374217BFC5C24D4504C2459FEB6, EDFCE91A3A2475AF3396E543B5C7421650D764C03ACF84AC1815431E77983B9A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
11:07:56.0979 0x109c  CLMLServer - ok
11:07:56.0996 0x109c  [ 0892837BF89C842D518AC3A323992B47, 5E314AD8FCB7837C415E18B7619B1220239DDF44431145800F11FA7DE4AEFB2A ] C:\Program Files (x86)\Common Files\SNP2UVC\vsnp2uvc.exe
11:07:57.0021 0x109c  snp2uvc - ok
11:07:57.0030 0x109c  [ C5F75F89292D0955DC763599B5BC35EB, 39C478DCD1679FB67C2C145B3DB17ED09B3D31BF201D537659E46020D72F1FE6 ] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
11:07:57.0042 0x109c  tsnp2uvc - ok
11:07:57.0047 0x109c  [ C5FC34FBB956771DD80C023EB65BA31F, DA94A2CAED122CCAA74E65FED67473B20FB038F47B18C47819A1D1AD7035F3E7 ] C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe
11:07:57.0053 0x109c  UIExec - detected UnsignedFile.Multi.Generic ( 1 )
11:07:59.0842 0x109c  Detect skipped due to KSN trusted
11:07:59.0842 0x109c  UIExec - ok
11:07:59.0844 0x109c  InstallerLauncher - ok
11:07:59.0849 0x109c  [ 62B3275EF6852544924A7AB4D474F4BC, 48F46145C0F59438C6A837B4AC6CE7EF8D8BE0FF65C6F7455EA3F0C6F011D495 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
11:07:59.0858 0x109c  BDRegion - ok
11:07:59.0863 0x109c  [ 99A8E89C5D93E067DDFEBE6F0CB837CE, AE15EF3BF6307870040CA48D6F96E3179BA222C6255C002FA853441484C8FE28 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
11:07:59.0870 0x109c  PSUAMain - ok
11:07:59.0898 0x109c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:07:59.0939 0x109c  Sidebar - ok
11:07:59.0945 0x109c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:07:59.0959 0x109c  mctadmin - ok
11:07:59.0987 0x109c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:08:00.0013 0x109c  Sidebar - ok
11:08:00.0019 0x109c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:08:00.0032 0x109c  mctadmin - ok
11:08:00.0068 0x109c  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
11:08:00.0113 0x109c  Sidebar - ok
11:08:00.0132 0x109c  [ DE6928F6623EEAD69AFFF62E26676C85, D42B6164158AE5B57DE2E26CEA9BD581E9E59FA1BE30A93772AE1951857CACCE ] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe
11:08:00.0154 0x109c  MySQL Notifier - detected UnsignedFile.Multi.Generic ( 1 )
11:08:02.0850 0x109c  Detect skipped due to KSN trusted
11:08:02.0850 0x109c  MySQL Notifier - ok
11:08:02.0883 0x109c  [ BE2E68864D90E297725267AFD62B47C0, 7F040C99D51A805E568239BA95233679FEB5BD3BBC9D721B31AE3ECCB8D87AC8 ] C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
11:08:02.0918 0x109c  NetBalancer - ok
11:08:02.0920 0x109c  EEDSpeedLauncher - ok
11:08:02.0977 0x109c  [ 79B931F21AC3C9501DE7A9EFCF64D82A, F7768AAD896A6F03C52697732B13746DA9751A1507B923012BFA30DD7307D0B4 ] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
11:08:03.0025 0x109c  Rainlendar2 - ok
11:08:03.0143 0x109c  [ 82DBE87C6461C6A9E8556ADF1762DDB9, B540059C8D90EA351B49F8417DDE3FD8A21909D50019C2B48312CDBCE89F1D19 ] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
11:08:03.0256 0x109c  DisplayFusion - ok
11:08:03.0312 0x109c  [ 32E6162E6DD6D25EEA08F926151F22F6, 0160C1738C79DAC3D7C3C72B5B00D08570B3D6051E171C9978EA8D55A528CE5E ] C:\Program Files (x86)\Steam\Steam.exe
11:08:03.0364 0x109c  Steam - ok
11:08:03.0393 0x109c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:08:03.0421 0x109c  Sidebar - ok
11:08:03.0426 0x109c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:08:03.0438 0x109c  mctadmin - ok
11:08:03.0439 0x109c  Waiting for KSN requests completion. In queue: 13
11:08:04.0439 0x109c  Waiting for KSN requests completion. In queue: 13
11:08:05.0439 0x109c  Waiting for KSN requests completion. In queue: 13
11:08:06.0442 0x109c  AV detected via SS2: Panda Internet Security 2015, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x71000 ( enabled : updated )
11:08:06.0443 0x109c  FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x71010 ( enabled )
11:08:09.0111 0x109c  ============================================================
11:08:09.0111 0x109c  Scan finished
11:08:09.0111 0x109c  ============================================================
11:08:09.0116 0x1fb8  Detected object count: 0
11:08:09.0116 0x1fb8  Actual detected object count: 0
         

Alt 09.04.2015, 17:50   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



hi,


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.04.2015, 18:48   #13
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Combofix Log:

Code:
ATTFilter
ComboFix 15-04-09.01 - Verses 09.04.2015  19:08:03.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8078.3525 [GMT 2:00]
ausgeführt von:: d:\software\Combofix\ComboFix.exe
AV: Panda Internet Security 2015 *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Panda Firewall *Enabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Internet Security 2015 *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\1415816491.bdinstall.bin
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\programdata\windows
c:\programdata\windows\Word\wtoldata1.bin
c:\users\Verses\AppData\Roaming\Microsoft\AddIns\PPspliT\ppsplit-uninstall.exe
c:\users\Verses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\windows\msvcr71.dll
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-03-09 bis 2015-04-09  ))))))))))))))))))))))))))))))
.
.
2015-04-09 17:23 . 2015-04-09 17:23	--------	d-----w-	c:\users\openpgsvc\AppData\Local\temp
2015-04-09 17:23 . 2015-04-09 17:23	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-09 08:51 . 2015-04-09 08:51	--------	d-----w-	c:\programdata\Malwarebytes
2015-04-09 08:51 . 2015-04-09 09:00	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-04-09 08:51 . 2015-04-09 08:51	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-09 08:50 . 2015-04-09 09:04	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-04-08 07:08 . 2015-03-14 10:02	12002392	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{529ECBA6-20CB-4444-B272-2D999F35ED65}\mpengine.dll
2015-04-07 19:25 . 2015-04-07 19:25	--------	d-----w-	c:\windows\SysWow64\GroupPolicy
2015-04-07 19:09 . 2015-04-07 19:11	--------	d-----w-	C:\FRST
2015-04-04 14:29 . 2015-04-04 14:29	--------	d-s---w-	c:\windows\SysWow64\GWX
2015-04-04 14:29 . 2015-04-04 14:29	--------	d-s---w-	c:\windows\system32\GWX
2015-04-03 10:02 . 2015-04-03 21:31	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2015-04-03 07:14 . 2015-01-29 17:21	61712	----a-w-	c:\windows\system32\drivers\PSKMAD.sys
2015-03-28 17:32 . 2015-03-28 17:32	--------	d-----w-	c:\users\Verses\AppData\Local\TeamViewer
2015-03-28 17:30 . 2015-03-28 17:30	--------	d-----w-	c:\program files (x86)\TeamViewer
2015-03-28 12:06 . 2015-03-28 12:06	--------	d-----w-	c:\windows\SysWow64\Hotspot Shield
2015-03-25 08:18 . 2015-03-11 04:06	677888	----a-w-	c:\windows\system32\generaltel.dll
2015-03-25 08:18 . 2015-03-11 04:06	760832	----a-w-	c:\windows\system32\invagent.dll
2015-03-25 08:18 . 2015-03-11 04:06	414720	----a-w-	c:\windows\system32\devinv.dll
2015-03-25 08:18 . 2015-03-11 04:06	943616	----a-w-	c:\windows\system32\appraiser.dll
2015-03-25 08:18 . 2015-03-11 04:05	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-25 08:18 . 2015-03-11 04:05	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-25 08:18 . 2015-03-11 04:05	192000	----a-w-	c:\windows\system32\aepic.dll
2015-03-25 08:18 . 2015-03-11 04:02	1107456	----a-w-	c:\windows\system32\aeinv.dll
2015-03-23 14:05 . 2015-03-23 14:05	--------	d-----w-	c:\users\Verses\AppData\Roaming\CADSoftTools
2015-03-23 13:52 . 2015-03-23 13:52	--------	d-----w-	c:\program files (x86)\Common Files\Autodesk Shared
2015-03-23 13:50 . 2015-03-23 13:52	--------	d-----w-	c:\program files\Common Files\Autodesk Shared
2015-03-23 13:50 . 2015-03-23 13:50	--------	d-----w-	c:\users\Verses\AppData\Local\Autodesk
2015-03-23 13:50 . 2015-03-23 13:50	--------	d-----w-	c:\program files\Autodesk
2015-03-23 13:49 . 2015-03-23 13:52	--------	d-----w-	c:\users\Verses\AppData\Roaming\Autodesk
2015-03-23 13:49 . 2015-03-23 13:51	--------	d-----w-	c:\programdata\Autodesk
2015-03-23 13:48 . 2015-03-23 13:48	--------	d-----w-	C:\Autodesk
2015-03-23 13:48 . 2015-03-23 13:48	--------	d-----w-	c:\program files (x86)\STPViewer
2015-03-21 13:57 . 2015-03-21 13:58	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2015-03-18 10:48 . 2015-03-13 15:38	622224	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-03-18 10:48 . 2015-03-18 10:48	--------	d-----w-	c:\windows\SysWow64\NV
2015-03-18 10:48 . 2015-03-18 10:48	--------	d-----w-	c:\windows\system32\NV
2015-03-11 08:47 . 2015-02-03 03:30	1202176	----a-w-	c:\windows\system32\drmv2clt.dll
2015-03-11 08:46 . 2015-02-03 03:31	215552	----a-w-	c:\windows\system32\ubpm.dll
2015-03-11 08:41 . 2015-02-26 03:25	3204096	----a-w-	c:\windows\system32\win32k.sys
2015-03-11 08:36 . 2015-02-04 03:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-03-11 08:36 . 2015-02-04 02:54	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-09 17:03 . 2014-01-30 11:18	380	----a-w-	c:\users\Verses\AppData\Roaming\sp_data.sys
2015-03-28 03:44 . 2014-06-03 07:36	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-03-28 03:44 . 2014-01-30 16:25	1316000	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-03-28 03:43 . 2014-06-03 07:36	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-03-28 03:43 . 2014-01-30 16:25	1570672	----a-w-	c:\windows\system32\nvspcap64.dll
2015-03-22 16:08 . 2012-06-27 22:27	778928	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-22 16:08 . 2012-06-27 22:27	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-13 19:41 . 2014-01-30 19:54	997856	----a-w-	c:\windows\system32\nvumdshimx.dll
2015-03-13 19:41 . 2014-01-30 19:54	878328	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2015-03-13 19:41 . 2014-01-30 19:54	3303448	----a-w-	c:\windows\system32\nvapi64.dll
2015-03-13 19:41 . 2014-01-30 19:54	2906928	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-03-13 19:41 . 2014-01-30 19:54	178512	----a-w-	c:\windows\system32\nvinitx.dll
2015-03-13 19:41 . 2014-01-30 19:54	164568	----a-w-	c:\windows\SysWow64\nvinit.dll
2015-03-13 19:41 . 2014-01-30 19:54	14121624	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-03-13 16:16 . 2014-01-30 19:54	6861968	----a-w-	c:\windows\system32\nvcpl.dll
2015-03-13 16:16 . 2014-01-30 19:54	3526856	----a-w-	c:\windows\system32\nvsvc64.dll
2015-03-13 16:16 . 2014-01-30 19:54	935056	----a-w-	c:\windows\system32\nvvsvc.exe
2015-03-13 16:16 . 2014-01-30 19:54	75976	----a-w-	c:\windows\system32\nv3dappshextr.dll
2015-03-13 16:16 . 2014-01-30 19:54	62608	----a-w-	c:\windows\system32\nvshext.dll
2015-03-13 16:16 . 2014-01-30 19:54	386248	----a-w-	c:\windows\system32\nvmctray.dll
2015-03-13 16:16 . 2014-01-30 19:54	2559808	----a-w-	c:\windows\system32\nvsvcr.dll
2015-03-13 16:16 . 2014-01-30 19:54	1099408	----a-w-	c:\windows\system32\nv3dappshext.dll
2015-03-11 21:37 . 2014-02-02 09:41	122905848	----a-w-	c:\windows\system32\MRT.exe
2015-03-11 13:10 . 2014-01-30 19:54	4246327	----a-w-	c:\windows\system32\nvcoproc.bin
2015-03-09 11:10 . 2015-03-09 11:10	419840	----a-w-	c:\windows\system32\wrap_oal.dll
2015-03-09 11:10 . 2015-03-09 11:10	413696	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2015-03-09 11:10 . 2015-03-09 11:10	133632	----a-w-	c:\windows\system32\OpenAL32.dll
2015-03-09 11:10 . 2015-03-09 11:10	110592	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2015-03-08 10:02 . 2014-01-30 20:04	499712	----a-w-	c:\windows\SysWow64\msvcp71.dll
2015-03-08 10:02 . 2014-01-30 20:04	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2015-03-08 10:02 . 2014-01-30 20:04	29480	----a-w-	c:\windows\SysWow64\msxml3a.dll
2015-02-25 19:03 . 2015-02-25 19:03	107792	----a-w-	c:\windows\system32\drivers\PSINReg.sys
2015-02-25 19:03 . 2015-02-25 19:03	197392	----a-w-	c:\windows\system32\drivers\PSINKNC.sys
2015-02-25 19:03 . 2015-02-25 19:03	133904	----a-w-	c:\windows\system32\drivers\PSINProt.sys
2015-02-25 19:03 . 2015-02-25 19:03	124176	----a-w-	c:\windows\system32\drivers\PSINProc.sys
2015-02-25 19:03 . 2015-02-25 19:03	163088	----a-w-	c:\windows\system32\drivers\PSINAflt.sys
2015-02-25 19:03 . 2015-02-25 19:03	121616	----a-w-	c:\windows\system32\drivers\PSINFile.sys
2015-02-24 03:17 . 2014-01-30 17:44	295552	------w-	c:\windows\system32\MpSigStub.exe
2015-02-17 14:26 . 2015-02-17 14:26	1217184	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-02-09 21:13 . 2015-02-09 21:13	106256	----a-w-	c:\windows\system32\drivers\NNStlsc.sys
2015-02-09 21:13 . 2015-02-09 21:13	257296	----a-w-	c:\windows\system32\drivers\NNSStrm.sys
2015-02-09 21:13 . 2015-02-09 21:13	113424	----a-w-	c:\windows\system32\drivers\NNSSmtp.sys
2015-02-09 21:13 . 2015-02-09 21:13	299792	----a-w-	c:\windows\system32\drivers\NNSProt.sys
2015-02-09 21:13 . 2015-02-09 21:13	166160	----a-w-	c:\windows\system32\drivers\NNSPrv.sys
2015-02-09 21:13 . 2015-02-09 21:13	69904	----a-w-	c:\windows\system32\drivers\NNSPihsw.sys
2015-02-09 21:13 . 2015-02-09 21:13	124176	----a-w-	c:\windows\system32\drivers\NNSPop3.sys
2015-02-09 21:13 . 2015-02-09 21:13	99600	----a-w-	c:\windows\system32\drivers\NNSpicc.sys
2015-02-09 21:13 . 2015-02-09 21:13	202000	----a-w-	c:\windows\system32\drivers\NNSHttp.sys
2015-02-09 21:13 . 2015-02-09 21:13	116496	----a-w-	c:\windows\system32\drivers\NNSIds.sys
2015-02-09 21:13 . 2015-02-09 21:13	110864	----a-w-	c:\windows\system32\drivers\NNSHttps.sys
2015-02-09 21:13 . 2015-02-09 21:13	93968	----a-w-	c:\windows\system32\drivers\NNSAlpc.sys
2015-02-06 04:49 . 2015-02-06 04:49	17704	----a-w-	c:\windows\system32\AcSignExtRes.dll
2015-02-06 04:49 . 2015-02-06 04:49	2692904	----a-w-	c:\windows\system32\styleman.cpl
2015-02-06 04:49 . 2015-02-06 04:49	2692904	----a-w-	c:\windows\system32\plotman.cpl
2015-02-06 04:46 . 2015-02-06 04:46	436520	----a-w-	c:\windows\system32\AcSignOpt.exe
2015-02-06 04:46 . 2015-02-06 04:46	36648	----a-w-	c:\windows\system32\AcSignExt.dll
2015-02-06 04:46 . 2015-02-06 04:46	47912	----a-w-	c:\windows\system32\AcSignIcon.dll
2015-01-27 23:36 . 2015-02-11 07:59	1239720	----a-w-	c:\windows\system32\aitstatic.exe
2015-01-16 17:15 . 2015-02-20 14:18	64728	----a-w-	c:\windows\system32\drivers\vmx86.sys
2015-01-16 17:15 . 2015-02-20 14:18	359128	----a-w-	c:\windows\SysWow64\vmnetdhcp.exe
2015-01-16 17:15 . 2015-02-20 14:18	31448	----a-w-	c:\windows\system32\drivers\vmnetuserif.sys
2015-01-16 17:15 . 2015-02-20 14:18	437976	----a-w-	c:\windows\SysWow64\vmnat.exe
2015-01-16 17:15 . 2015-02-20 14:18	931032	----a-w-	c:\windows\system32\vnetlib64.dll
2015-01-16 17:14 . 2015-01-16 17:14	80464	----a-w-	c:\windows\system32\vmnetbridge.dll
2015-01-16 17:14 . 2015-01-16 17:14	49232	----a-w-	c:\windows\system32\vnetinst.dll
2015-01-16 17:14 . 2015-01-16 17:14	46160	----a-w-	c:\windows\system32\drivers\vmnetbridge.sys
2015-01-16 17:14 . 2015-01-16 17:14	24656	----a-w-	c:\windows\system32\drivers\vmnet.sys
2015-01-16 17:14 . 2015-01-16 17:14	20560	----a-w-	c:\windows\system32\drivers\vmnetadapter.sys
2015-01-16 17:14 . 2015-02-20 14:18	33496	----a-w-	c:\windows\system32\drivers\VMkbd.sys
2015-01-10 08:07 . 2015-01-22 14:51	1895240	----a-w-	c:\windows\system32\nvdispco6434725.dll
2015-01-10 08:07 . 2015-01-22 14:51	1556808	----a-w-	c:\windows\system32\nvdispgenco6434725.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-05-14 16:35	297128	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"MySQL Notifier"="c:\program files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe" [2013-11-25 771584]
"NetBalancer"="c:\program files\NetBalancer\SeriousBit.NetBalancer.Tray.exe" [2015-04-06 1803112]
"Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2014-03-16 2611808]
"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2015-01-07 6886752]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-03-24 2888896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-06-27 3331312]
"ASUS InstantKey"="c:\program files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe" [2012-02-20 20456]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-03 2321072]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2014-01-30 3058304]
"BlackArmorBackupMonitor.exe"="c:\program files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe" [2012-10-31 5584616]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-11-01 2353880]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2012-05-24 111120]
"snp2uvc"="c:\program files (x86)\Common Files\SNP2UVC\vsnp2uvc.exe" [2009-08-12 662016]
"tsnp2uvc"="c:\program files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe" [2013-07-30 331064]
"UIExec"="c:\program files (x86)\Mobile Partner Manager\UIExec.exe" [2009-12-02 132096]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2013-01-15 181208]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" [2015-02-26 40184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Apache Monitor.lnk - c:\program files\Apache Foundation\Apache2.4\bin\ApacheMonitor.exe [2014-2-11 39936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
"MaxGPOScriptWait"= 600 (0x258)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
@="Service"
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 CLKMSVC10_38F51D56;CyberLink Product - 2015/03/08 11:06;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\Mobile Partner Manager\AssistantServices.exe;c:\program files (x86)\Mobile Partner Manager\AssistantServices.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 Apache2.4;Apache2.4;c:\program files\Apache Foundation\Apache2.4\bin\httpd.exe;c:\program files\Apache Foundation\Apache2.4\bin\httpd.exe [x]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;c:\esupport\eDriver\I386\AsPrOb64.sys;c:\esupport\eDriver\I386\AsPrOb64.sys [x]
R3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 CXPLRCAP;EVC2010;c:\windows\system32\drivers\elvidcap.sys;c:\windows\SYSNATIVE\drivers\elvidcap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EyelineService;Eyeline Video Surveillance System;c:\program files (x86)\NCH Software\Eyeline\eyeline.exe;c:\program files (x86)\NCH Software\Eyeline\eyeline.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jlink;J-Link driver;c:\windows\system32\DRIVERS\jlinkx64.sys;c:\windows\SYSNATIVE\DRIVERS\jlinkx64.sys [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MySQL56;MySQL56;c:\program files\MySQL\MySQL Server 5.6\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.6\my.ini MySQL56;c:\program files\MySQL\MySQL Server 5.6\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.6\my.ini MySQL56 [x]
R3 openerp-server-7.0;OpenERP Server 7.0;c:\program files (x86)\OpenERP\Server\service\OpenERPServerService.exe;c:\program files (x86)\OpenERP\Server\service\OpenERPServerService.exe [x]
R3 PostgreSQL_For_OpenERP;PostgreSQL_For_OpenERP;C:/Program Files (x86)/OpenERP/PostgreSQL/bin/pg_ctl.exe runservice -N PostgreSQL_For_OpenERP -D C:/Program Files (x86)/OpenERP/PostgreSQL/data -w;C:/Program Files (x86)/OpenERP/PostgreSQL/bin/pg_ctl.exe runservice -N PostgreSQL_For_OpenERP -D C:/Program Files (x86)/OpenERP/PostgreSQL/data -w [x]
R3 PrintNotify;Druckererweiterungen und -benachrichtigungen;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe;c:\program files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S1 nbdrv;NetBalancer LightWeight Filter;c:\windows\system32\DRIVERS\nbdrv.sys;c:\windows\SYSNATIVE\DRIVERS\nbdrv.sys [x]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSAlpc.sys [x]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttp.sys [x]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttps.sys [x]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys;c:\windows\SYSNATIVE\DRIVERS\NNSIds.sys [x]
S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys;c:\windows\SYSNATIVE\DRIVERS\NNSNAHSL.sys [x]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPicc.sys [x]
S1 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPihsw.sys [x]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPop3.sys [x]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys;c:\windows\SYSNATIVE\DRIVERS\NNSProt.sys [x]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPrv.sys [x]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSSmtp.sys [x]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys;c:\windows\SYSNATIVE\DRIVERS\NNSStrm.sys [x]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSTlsc.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys;c:\windows\SYSNATIVE\DRIVERS\psinknc.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DisplayFusionService;DisplayFusionService;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe  -product hss;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe  -product hss [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NanoServiceMain;Panda Protection Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [x]
S2 NetBalancerService;NetBalancerService;c:\program files\NetBalancer\SeriousBit.NetBalancer.Service.exe;c:\program files\NetBalancer\SeriousBit.NetBalancer.Service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PandaAgent;Panda Devices Agent;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [x]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys;c:\windows\SYSNATIVE\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProt.sys [x]
S2 PSINReg;PSINReg;c:\windows\system32\DRIVERS\PSINReg.sys;c:\windows\SYSNATIVE\DRIVERS\PSINReg.sys [x]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [x]
S2 Samsung Network Fax Server;Samsung Network Fax Server;c:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe;c:\windows\SYSNATIVE\spool\drivers\x64\3\NetFaxServer64.exe [x]
S2 sfcdpsrv;Seagate Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [x]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C60x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-01 17:18	1061704	----a-w-	c:\program files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 16:08]
.
2015-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-02 23:16]
.
2015-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-02 23:16]
.
2015-04-09 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 21:41]
.
2015-04-09 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 21:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-04-22 16:17	357432	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-03-13 09:23	1500672	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-03-13 09:23	1500672	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-13 09:23	1500672	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-24 12480616]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-03-09 1158248]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-03-30 1021056]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-03-30 801408]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-17 361984]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672]
"Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2012-10-31 395744]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-02 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-02 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-02 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Citavi Picker... - file://c:\program files (x86)\Internet Explorer\Citavi Picker\ShowContextMenu.html
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
LSP: %windir%\system32\vsocklib.dll
TCP: Interfaces\{595C5572-E3A1-4257-9E0A-25E6708F169A}: NameServer = 192.168.0.250
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://vpn-gm.fh-koeln.de/CACHE/stc/1/binaries/vpnweb.cab
FF - ProfilePath - c:\users\Verses\AppData\Roaming\Mozilla\Firefox\Profiles\jo2pa2im.default\
.
.
------- Dateityp-Verknüpfung -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-EEDSpeedLauncher - c:\windows\system32\eed_ec.dll
Wow6432Node-HKLM-Run-InstallerLauncher - c:\program files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe
Wow6432Node-HKU-Default-Run-EEDSpeedLauncher - c:\windows\system32\eed_ec.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
AddRemove-PPspliT - c:\users\Verses\AppData\Roaming\Microsoft\AddIns\PPspliT\ppsplit-uninstall.exe
AddRemove-UnityWebPlayer - c:\users\Verses\AppData\Local\Unity\WebPlayer\Uninstall.exe
AddRemove-WireframeSketcher Studio - c:\programme (x86)\WireframeSketcher\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PostgreSQL_For_OpenERP]
"ImagePath"="C:/Program Files (x86)/OpenERP/PostgreSQL/bin/pg_ctl.exe runservice -N \"PostgreSQL_For_OpenERP\" -D \"C:/Program Files (x86)/OpenERP/PostgreSQL/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL56]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.6\bin\mysqld\" --defaults-file=\"c:\programdata\MySQL\MySQL Server 5.6\my.ini\" MySQL56"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PostgreSQL_For_OpenERP]
"ImagePath"="C:/Program Files (x86)/OpenERP/PostgreSQL/bin/pg_ctl.exe runservice -N \"PostgreSQL_For_OpenERP\" -D \"C:/Program Files (x86)/OpenERP/PostgreSQL/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="PhotoManagerDeluxe.8.alb"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Hotspot Shield\bin\hsswd.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
c:\program files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\ASUS\FaceLogon\sensorsrv.exe
c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files\Tablet\Wacom\WacomHost.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\users\Verses\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-04-09  19:44:54 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-04-09 17:44
.
Vor Suchlauf: 24 Verzeichnis(se), 40.341.823.488 Bytes frei
Nach Suchlauf: 31 Verzeichnis(se), 45.702.684.672 Bytes frei
.
- - End Of File - - A63E557BF3CB60A124F8AED98CEDD4FF
         

Alt 10.04.2015, 07:59   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.04.2015, 10:50   #15
Verses
 
Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Standard

Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?



mbam.txt:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 10.04.2015
Suchlauf-Zeit: 11:22:54
Logdatei: mbam.log.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.10.02
Rootkit Datenbank: v2015.03.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Verses

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 598958
Verstrichene Zeit: 9 Min, 48 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 6
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, In Quarantäne, [b832b2b833573afc51bf69928e75ef11], 
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [8367afbb6f1b76c07ed16a80a360cf31], 
PUP.Optional.RRSavings.A, HKU\S-1-5-21-2629921762-3918403595-844649534-1001\SOFTWARE\APPDATALOW\SOFTWARE\rrsavings, In Quarantäne, [9555cc9ea5e5270fa271c437a261f907], 
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-2629921762-3918403595-844649534-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nikpibnbobmbdbheedjfogjlikpgpnhp, In Quarantäne, [d1195f0b741639fd671b8f4d000336ca], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2629921762-3918403595-844649534-1001\SOFTWARE\SEARCHPROTECTINT, In Quarantäne, [33b74f1b6d1d58de89a3c547c53f32ce], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-2629921762-3918403595-844649534-1001\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [edfd6109305a49ed4e00b03a5da611ef], 

Registrierungswerte: 1
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2629921762-3918403595-844649534-1001\SOFTWARE\SEARCHPROTECTINT|Install, 1, In Quarantäne, [33b74f1b6d1d58de89a3c547c53f32ce]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
AdwCleaner Log:

Code:
ATTFilter
# AdwCleaner v4.201 - Bericht erstellt 10/04/2015 um 11:37:49
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-08.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Verses - NOTEBOOK-Verses
# Gestarted von : D:\Software\AdwCleaner\AdwCleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : hshld

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Ordner Gelöscht : C:\Program Files (x86)\eSupport.com
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Ordner Gelöscht : C:\Program Files\002
Ordner Gelöscht : C:\Users\Verses\AppData\Roaming\pdfforge
Ordner Gelöscht : D:\Verses\Documents\Mobogenie
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Verses\daemonprocess.txt
Datei Gelöscht : C:\Users\Verses\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gelöscht : C:\Users\Verses\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gelöscht : D:\Verses\Desktop\QuickStores.url
Datei Gelöscht : C:\Users\Verses\AppData\Roaming\Mozilla\Firefox\Profiles\jo2pa2im.default\invalidprefs.js
Datei Gelöscht : C:\Users\Verses\AppData\Roaming\Mozilla\Firefox\Profiles\jo2pa2im.default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\eSupport.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\dll-files.com

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 de)


-\\ Google Chrome v41.0.2272.118

[C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3323885&octid=EB_ORIGINAL_CTID&ISID=M502E2EE0-532D-434C-A64E-372E132F483F&SearchSource=58&CUI=&UM=5&UP=SP80BB81D3-A5CE-43EA-AABF-09A2E56C8EB4&q={searchTerms}&SSPV=

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [5612 Bytes] - [10/04/2015 11:35:32]
AdwCleaner[S0].txt - [5243 Bytes] - [10/04/2015 11:37:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5302  Bytes] ##########
         
JRT Log:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 7 Home Premium x64
Ran by Verses on 10.04.2015 at 11:41:19,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\Public\Desktop\docear.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\docear"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\docear"
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{3AB31F74-E509-4F9B-B3C7-5CF62785EE7C}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{43C94027-BA96-49FC-B8EC-73F167F45BA6}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{47DE57A4-4068-4B83-BE8E-69A4B9068F78}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{487785E4-1977-49F1-A045-AB068333406A}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{610D4713-A008-4B79-98E2-B5D4044E9B88}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{63309035-71D2-46E7-93C5-A2306F877AA9}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{811AE655-4E93-4D71-8887-C0454EF04726}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{A301ADC7-FBA4-439E-A0C1-C439D875B54C}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{B1CE3CA4-52CA-4AE1-BE76-977DCDC19F02}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{C1DF3C21-BEC3-4548-A7FB-2A862DD17907}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{DEADA2D1-9C71-43CC-ABC4-53B2458506BE}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{E37EE148-4EDC-467C-B389-8DA17BBF85A8}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{F602E135-9B26-4557-B8F7-4248D563F952}
Successfully deleted: [Empty Folder] C:\Users\Verses\appdata\local\{FD84A70B-624C-47EC-99D8-FCF1FD064DF9}



~~~ FireFox

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.04.2015 at 11:45:04,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Log:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Verses (administrator) on NOTEBOOK-Verses on 10-04-2015 11:49:07
Running from D:\Software\Farbar Recovery Scan Tool
Loaded Profiles: Verses (Available profiles: Verses & openpgsvc)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
() C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-30] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [801408 2012-03-30] (Atheros Commnucations)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-17] (Alcor Micro Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395744 2012-10-31] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-07-15] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-06-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-21] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-22] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-01-30] (ASUS)
HKLM-x32\...\Run: [BlackArmorBackupMonitor.exe] => C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe [5584616 2012-10-31] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [snp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [331064 2013-07-30] (Sonix Technology Co., Ltd.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe [132096 2009-12-02] ()
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-01-15] (cyberlink)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe [771584 2013-11-25] (Oracle Corporation)
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-06] (SeriousBit)
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2611808 2014-03-16] ()
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [6886752 2015-01-07] (Binary Fortress Software)
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2889408 2015-04-09] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Apache Monitor.lnk
ShortcutTarget: Apache Monitor.lnk -> C:\Program Files\Apache Foundation\Apache2.4\bin\ApacheMonitor.exe (Apache Software Foundation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2629921762-3918403595-844649534-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2629921762-3918403595-844649534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP94&ocid=UP94DHP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-27] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-27] (Oracle Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-30] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-2629921762-3918403595-844649534-1001 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn-gm.fh-koeln.de/CACHE/stc/1/binaries/vpnweb.cab
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\..\Interfaces\{595C5572-E3A1-4257-9E0A-25E6708F169A}: [NameServer] 192.168.0.250

FireFox:
========
FF ProfilePath: D:\Verses\Firefox\Versesneu.profile
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-22] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-22] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @worldwinner.com/Launcher2,version=1.10.0.25 -> C:\Program Files (x86)\WorldWinner.com, Inc\WorldWinner Games\npwwload.dll [2011-03-17] (WorldWinner.com, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2629921762-3918403595-844649534-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Verses\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2629921762-3918403595-844649534-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF user.js: detected! => D:\Mozilla\Firefox\Verses (alt)\user.js [2013-10-30]
FF SearchPlugin: D:\Verses\Firefox\Verses.profile\searchplugins\trovi-search.xml [2014-07-29]
FF SearchPlugin: D:\Mozilla\Firefox\Verses (alt)\searchplugins\babylon.xml [2013-06-28]
FF Extension: Flash Video Downloader - YouTube Full HD Download - D:\Verses\Firefox\Verses.profile\Extensions\artur.dubovoy@gmail.com [2014-08-01]
FF Extension: Speed Dial [FVD] - New Tab Page, Sync... - D:\Verses\Firefox\Verses.profile\Extensions\pavel.sherbakov@gmail.com [2014-08-21]
FF Extension: TooManyTabs - D:\Verses\Firefox\Verses.profile\Extensions\TooManyTabs@visibotech.com [2014-05-10]
FF Extension: iMacros for Firefox - D:\Verses\Firefox\Verses.profile\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-05-25]
FF Extension: WOT - D:\Verses\Firefox\Verses.profile\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-02-01]
FF Extension: Firebug - D:\Verses\Firefox\Verses.profile\Extensions\firebug@software.joehewitt.com.xpi [2014-02-01]
FF Extension: NoScript - D:\Verses\Firefox\Verses.profile\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-01]
FF Extension: FireFTP - D:\Verses\Firefox\Verses.profile\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2014-02-07]
FF Extension: Web Developer - D:\Verses\Firefox\Verses.profile\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-04-01]
FF Extension: Adblock Plus - D:\Verses\Firefox\Verses.profile\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-01]
FF Extension: DownThemAll! - D:\Verses\Firefox\Verses.profile\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-01]
FF Extension: Greasemonkey - D:\Verses\Firefox\Verses.profile\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-01]
FF Extension: TelevisionFanatic - D:\Mozilla\Firefox\Verses (alt)\Extensions\64ffxtbr@TelevisionFanatic.com [2014-01-31]
FF Extension: Roomy Bookmarks Toolbar - D:\Mozilla\Firefox\Verses (alt)\Extensions\ALone-live@ya.ru [2014-01-31]
FF Extension: DownloadHelper - D:\Mozilla\Firefox\Verses (alt)\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-31]
FF Extension: Session Manager - D:\Mozilla\Firefox\Verses (alt)\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-01-31]
FF Extension: FireFTP - D:\Mozilla\Firefox\Verses (alt)\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2014-01-31]
FF Extension: Web Developer - D:\Mozilla\Firefox\Verses (alt)\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-01-31]
FF Extension: Adblock Plus - D:\Mozilla\Firefox\Verses (alt)\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-31]
FF Extension: FireFTP - D:\Verses\Firefox\Versesneu.profile\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-03-22]
FF Extension: Flash and Video Download - D:\Verses\Firefox\Versesneu.profile\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-31]
FF Extension: Download Status Bar - D:\Verses\Firefox\Versesneu.profile\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-10-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2015-04-04]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-04-04]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-04]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-08-26]
FF HKU\S-1-5-21-2629921762-3918403595-844649534-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2015-03-21]

Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07]
CHR Extension: (Google Drive) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (YouTube) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]
CHR Extension: (Google Search) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]
CHR Extension: (Google Wallet) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]
CHR Extension: (Citavi Picker) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-09-16]
CHR Extension: (Gmail) - C:\Users\Verses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apache2.4; C:\Program Files\Apache Foundation\Apache2.4\bin\httpd.exe [24576 2013-11-21] (Apache Software Foundation) [File not signed]
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [107648 2012-03-30] (Atheros Commnucations) [File not signed]
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-01-15] (CyberLink)
S2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [3169648 2015-01-07] (Binary Fortress Software)
S3 EyelineService; C:\Program Files (x86)\NCH Software\Eyeline\eyeline.exe [1639504 2014-09-05] (NCH Software)
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2015-02-14] ()
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [573736 2015-02-14] ()
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14297 2014-02-22] () [File not signed]
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [129896 2015-04-06] (SeriousBit)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 openerp-server-7.0; C:\Program Files (x86)\OpenERP\Server\service\OpenERPServerService.exe [24064 2014-02-11] () [File not signed]
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
S3 PostgreSQL_For_OpenERP; C:\Program Files (x86)\OpenERP\PostgreSQL\bin\pg_ctl.exe [79872 2012-12-04] (PostgreSQL Global Development Group) [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2899968 2014-08-16] (Microsoft Corporation) [File not signed]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [508464 2013-07-01] (Samsung Electronics Co., Ltd.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe [72344 2008-01-29] (SiSoftware) [File not signed]
S2 sfcdpsrv; C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [3246040 2014-01-30] (Acronis)
S2 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1114688 2012-10-31] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5447952 2015-03-25] (TeamViewer GmbH)
R2 UI Assistant Service; C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe [246272 2009-12-02] () [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
S2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-03-30] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-12] (Windows (R) Win 7 DDK provider)
S3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
S3 CXPLRCAP; C:\Windows\System32\drivers\elvidcap.sys [150896 2012-08-20] (Elgato Systems GmbH)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-17] (REALiX(tm))
S3 jlink; C:\Windows\System32\DRIVERS\jlinkx64.sys [32984 2012-04-11] (SEGGER Microcontroller Systeme GmbH)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [121032 2013-07-16] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-10] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [41392 2013-11-25] (SeriousBit)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [48400 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-03-13] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-25] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                           )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3604480 2013-07-30] (Sonix Co. Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33496 2015-01-16] (VMware, Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 11:45 - 2015-04-10 11:45 - 00002589 _____ () C:\Users\Verses\Desktop\JRT.txt
2015-04-10 11:41 - 2015-04-10 11:41 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NOTEBOOK-Verses-Windows-7-Home-Premium-(64-bit).dat
2015-04-10 11:41 - 2015-04-10 11:41 - 00000000 ____D () C:\RegBackup
2015-04-10 11:39 - 2015-04-10 11:39 - 00000000 ___RD () C:\Users\Verses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-04-10 11:35 - 2015-04-10 11:37 - 00000000 ____D () C:\AdwCleaner
2015-04-10 11:33 - 2015-04-10 11:33 - 00002216 _____ () C:\mbam.txt
2015-04-10 11:21 - 2015-04-10 11:21 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-10 11:21 - 2015-04-10 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-10 11:21 - 2015-04-10 11:21 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-10 11:21 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-10 11:21 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-09 19:45 - 2015-04-09 19:45 - 00050194 _____ () C:\ComboFix.txt
2015-04-09 19:06 - 2015-04-09 19:45 - 00000000 ____D () C:\Qoobox
2015-04-09 19:06 - 2015-04-09 19:39 - 00000000 ____D () C:\Windows\erdnt
2015-04-09 19:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-09 19:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-09 19:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-09 19:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-09 19:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-09 19:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-09 19:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-09 19:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-09 10:51 - 2015-04-10 11:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-09 10:51 - 2015-04-10 11:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-09 10:51 - 2015-04-09 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-09 10:50 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-07 21:37 - 2015-04-07 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Internet Security 2015
2015-04-07 21:25 - 2015-04-07 21:25 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-04-07 21:09 - 2015-04-10 11:49 - 00000000 ____D () C:\FRST
2015-04-06 09:21 - 2015-04-06 09:21 - 00000930 _____ () C:\Users\Public\Desktop\NetBalancer Tray.lnk
2015-04-06 09:21 - 2015-04-06 09:21 - 00000920 _____ () C:\Users\Public\Desktop\NetBalancer.lnk
2015-04-06 09:21 - 2015-04-06 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer
2015-04-04 16:29 - 2015-04-04 16:29 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 16:29 - 2015-04-04 16:29 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 10:09 - 2015-04-04 10:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 12:02 - 2015-04-03 23:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-04-03 09:14 - 2015-01-29 19:21 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-03-28 19:32 - 2015-03-28 19:32 - 00000000 ____D () C:\Users\Verses\AppData\Local\TeamViewer
2015-03-28 19:30 - 2015-03-28 19:30 - 00001045 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-03-28 19:30 - 2015-03-28 19:30 - 00001033 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-03-28 19:30 - 2015-03-28 19:30 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-03-28 14:06 - 2015-03-28 14:06 - 00000000 ____D () C:\Windows\SysWOW64\Hotspot Shield
2015-03-25 10:18 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 10:18 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 10:18 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 10:18 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 10:18 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 10:18 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 10:18 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 10:18 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-23 16:05 - 2015-03-23 16:05 - 00000000 ____D () C:\Users\Verses\AppData\Roaming\CADSoftTools
2015-03-23 15:52 - 2015-03-23 15:52 - 00002207 _____ () C:\Users\Public\Desktop\DWG TrueView 2016 - English.lnk
2015-03-23 15:52 - 2015-03-23 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-23 15:50 - 2015-03-23 15:52 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-03-23 15:50 - 2015-03-23 15:50 - 00000000 ____D () C:\Users\Verses\AppData\Local\Autodesk
2015-03-23 15:50 - 2015-03-23 15:50 - 00000000 ____D () C:\Program Files\Autodesk
2015-03-23 15:49 - 2015-03-23 15:52 - 00000000 ____D () C:\Users\Verses\AppData\Roaming\Autodesk
2015-03-23 15:49 - 2015-03-23 15:51 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-23 15:48 - 2015-03-23 15:48 - 00001021 _____ () C:\Users\Public\Desktop\STP Viewer.lnk
2015-03-23 15:48 - 2015-03-23 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STPViewer
2015-03-23 15:48 - 2015-03-23 15:48 - 00000000 ____D () C:\Program Files (x86)\STPViewer
2015-03-23 15:48 - 2015-03-23 15:48 - 00000000 ____D () C:\Autodesk
2015-03-23 15:43 - 2015-03-23 15:43 - 00003158 _____ () C:\Windows\System32\Tasks\{EECED4D4-585D-47A6-9A16-91B89EDBF004}
2015-03-21 15:58 - 2015-03-21 15:58 - 00001534 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-03-21 15:58 - 2015-03-21 15:58 - 00001241 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-03-21 15:58 - 2015-03-21 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-03-21 15:57 - 2015-03-21 15:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-03-18 12:48 - 2015-03-18 12:48 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-03-18 12:48 - 2015-03-18 12:48 - 00000000 ____D () C:\Windows\system32\NV
2015-03-18 12:48 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-18 12:47 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-18 12:47 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-18 12:47 - 2015-03-13 21:41 - 00299664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2015-03-18 12:47 - 2015-03-13 21:41 - 00032456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-03-11 10:48 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 10:48 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 10:48 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 10:48 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 10:48 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 10:48 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 10:48 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 10:48 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 10:48 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 10:48 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 10:48 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 10:48 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 10:48 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 10:48 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 10:48 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 10:48 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 10:48 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 10:48 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 10:48 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 10:48 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 10:48 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 10:48 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 10:48 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 10:48 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 10:48 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 10:48 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 10:48 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 10:48 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 10:48 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 10:48 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 10:48 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 10:48 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 10:48 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 10:48 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 10:48 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 10:48 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 10:48 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 10:48 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 10:48 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 10:48 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 10:48 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 10:48 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 10:48 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 10:48 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 10:48 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 10:48 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 10:48 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 10:48 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 10:48 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 10:48 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 10:48 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 10:48 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 10:48 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 10:48 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 10:48 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 10:48 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 10:48 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 10:48 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 10:48 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 10:48 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 10:48 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 10:48 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 10:48 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 10:48 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 10:48 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 10:48 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 10:47 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:47 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 10:47 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 10:47 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 10:47 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 10:47 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 10:47 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 10:47 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 10:47 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 10:47 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 10:47 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 10:47 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 10:47 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 10:47 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 10:47 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 10:47 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 10:47 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 10:47 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 10:47 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 10:47 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 10:47 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 10:47 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 10:47 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 10:47 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 10:47 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 10:47 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 10:47 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 10:47 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 10:47 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 10:47 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 10:47 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 10:46 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 10:46 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 10:46 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 10:46 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 10:46 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 10:46 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 10:46 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 10:46 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 10:46 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 10:46 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 10:46 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 10:46 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 10:46 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 10:46 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 10:46 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 10:46 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 10:46 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 10:46 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:46 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 10:46 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 10:46 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 10:46 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 10:46 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 10:46 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 10:41 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 10:36 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:36 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 11:48 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-10 11:48 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-10 11:45 - 2011-02-19 06:24 - 00702856 _____ () C:\Windows\system32\perfh007.dat
2015-04-10 11:45 - 2011-02-19 06:24 - 00151200 _____ () C:\Windows\system32\perfc007.dat
2015-04-10 11:45 - 2009-07-14 07:13 - 01630500 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-10 11:42 - 2014-01-30 21:53 - 00000000 ____D () C:\Users\Verses\AppData\Local\CrashDumps
2015-04-10 11:39 - 2015-01-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-10 11:39 - 2014-09-29 13:13 - 00000000 ____D () C:\Users\Verses\.rainlendar2
2015-04-10 11:39 - 2014-01-30 13:18 - 00000380 _____ () C:\Users\Verses\AppData\Roaming\sp_data.sys
2015-04-10 11:38 - 2014-02-08 12:32 - 00000000 ____D () C:\ProgramData\VMware
2015-04-10 11:38 - 2014-02-03 01:16 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-10 11:38 - 2014-01-30 21:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-10 11:38 - 2014-01-30 21:51 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-04-10 11:38 - 2012-06-27 23:32 - 00621904 _____ () C:\Windows\PFRO.log
2015-04-10 11:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-10 11:38 - 2009-07-14 06:51 - 00199772 _____ () C:\Windows\setupact.log
2015-04-10 11:37 - 2014-01-30 21:49 - 01731318 _____ () C:\Windows\WindowsUpdate.log
2015-04-10 11:37 - 2014-01-30 13:16 - 00000000 ____D () C:\Users\Verses
2015-04-10 11:17 - 2014-02-03 01:16 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-10 11:03 - 2012-06-28 00:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-09 21:49 - 2014-12-09 23:55 - 00000000 ____D () C:\Users\Verses\AppData\Local\DisplayFusion
2015-04-09 19:27 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-09 19:25 - 2009-07-14 04:34 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-04-09 19:25 - 2009-07-14 04:34 - 178520064 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-04-09 19:25 - 2009-07-14 04:34 - 05505024 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-04-09 19:25 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-04-09 19:25 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-04-09 15:25 - 2014-01-30 21:51 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-04-08 09:05 - 2014-01-30 13:16 - 00211600 _____ () C:\Users\Verses\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-08 09:03 - 2009-07-14 06:45 - 00703304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-06 09:21 - 2014-03-12 20:20 - 00000000 ____D () C:\Program Files\NetBalancer
2015-04-04 16:23 - 2014-01-30 20:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-01 19:19 - 2014-04-07 11:34 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-30 19:31 - 2014-01-30 18:28 - 00001379 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-28 05:44 - 2014-06-03 09:36 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-01-30 18:25 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-06-03 09:36 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-01-30 18:25 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-27 12:27 - 2014-01-30 23:12 - 00005724 _____ () C:\Users\Verses\sanct.log
2015-03-27 12:27 - 2014-01-30 23:08 - 00000000 ____D () C:\ProgramData\CodeGear
2015-03-26 09:57 - 2014-12-11 02:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 09:57 - 2014-05-01 01:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-24 09:43 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-23 15:50 - 2012-06-28 00:32 - 00330153 _____ () C:\Windows\DirectX.log
2015-03-23 08:53 - 2014-02-28 20:30 - 00000000 ____D () C:\Users\Verses\AppData\Local\Unity
2015-03-22 18:08 - 2014-08-18 16:43 - 00000000 ____D () C:\Users\Verses\AppData\Local\Adobe
2015-03-22 18:08 - 2012-06-28 00:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-22 18:08 - 2012-06-28 00:27 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-22 18:08 - 2012-06-28 00:27 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-22 18:00 - 2014-02-28 20:35 - 00000000 ____D () C:\Users\Verses\AppData\Roaming\Unity
2015-03-21 16:03 - 2014-05-24 13:53 - 00000000 ____D () C:\Users\Verses\AppData\Roaming\DVDVideoSoft
2015-03-21 11:52 - 2014-02-20 19:35 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-03-18 12:48 - 2014-08-26 22:44 - 00000000 ____D () C:\Temp
2015-03-18 12:48 - 2014-01-30 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-18 12:48 - 2014-01-30 21:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-14 10:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\spool
2015-03-13 21:41 - 2014-01-30 21:54 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-13 21:41 - 2014-01-30 21:54 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 18:16 - 2014-01-30 21:54 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 18:16 - 2014-01-30 21:54 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-03-13 18:16 - 2014-01-30 21:54 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-12 10:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 09:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 09:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 23:47 - 2014-01-30 20:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 23:47 - 2009-07-14 04:34 - 00000568 _____ () C:\Windows\win.ini
2015-03-11 23:45 - 2014-04-05 13:38 - 00000039 _____ () C:\Windows\vbaddin.ini
2015-03-11 23:43 - 2014-02-02 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 23:37 - 2014-02-02 11:41 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 15:10 - 2014-01-30 21:54 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2014-09-14 16:59 - 2014-09-14 22:14 - 0009004 _____ () C:\Users\Verses\AppData\Roaming\.freeciv-client-rc-2.4
2014-03-13 19:46 - 2014-03-13 19:46 - 0000341 _____ () C:\Users\Verses\AppData\Roaming\dpdhl.versandhelfer_state.xml
2014-04-26 11:54 - 2014-04-27 10:18 - 0000945 _____ () C:\Users\Verses\AppData\Roaming\FastReportFMX.config
2014-10-16 13:38 - 2014-10-16 13:38 - 0000000 _____ () C:\Users\Verses\AppData\Roaming\gdfw.log
2014-10-16 13:38 - 2014-10-16 16:23 - 0002337 _____ () C:\Users\Verses\AppData\Roaming\gdscan.log
2014-02-05 18:07 - 2014-02-07 01:55 - 0000347 _____ () C:\Users\Verses\AppData\Roaming\glade-3.conf
2014-02-17 17:38 - 2014-01-17 02:08 - 14041088 _____ () C:\Users\Verses\AppData\Roaming\Sandra.mdb
2014-01-30 13:18 - 2015-04-10 11:39 - 0000380 _____ () C:\Users\Verses\AppData\Roaming\sp_data.sys
2014-10-22 17:45 - 2014-10-22 17:45 - 0008372 _____ () C:\Users\Verses\AppData\Roaming\unins000.dat
2014-10-22 17:45 - 2014-10-22 17:45 - 0709568 _____ () C:\Users\Verses\AppData\Roaming\unins000.exe
2014-10-22 17:45 - 2014-10-22 17:45 - 0012782 _____ () C:\Users\Verses\AppData\Roaming\unins000.msg
2014-03-09 00:09 - 2014-11-05 19:13 - 0007168 _____ () C:\Users\Verses\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-31 13:03 - 2015-02-16 22:11 - 0000600 _____ () C:\Users\Verses\AppData\Local\PUTTY.RND
2015-02-25 16:33 - 2015-02-25 16:33 - 0017950 _____ () C:\Users\Verses\AppData\Local\recently-used.xbel
2014-02-09 23:09 - 2014-02-09 23:09 - 0000017 _____ () C:\Users\Verses\AppData\Local\resmon.resmoncfg
2014-08-09 11:27 - 2014-08-09 11:27 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_82981457068.xls
2014-08-09 11:31 - 2014-08-09 11:31 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_85013995558.xls
2014-08-09 11:37 - 2014-08-09 11:37 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_88972055423.xls
2014-08-09 11:39 - 2014-08-09 11:39 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_8983957335.xls
2014-08-09 11:39 - 2014-08-09 11:39 - 0025475 _____ () C:\Users\Verses\AppData\Local\xlrpt_90050951455.xls
2012-06-28 00:44 - 2010-10-06 18:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2014-01-30 22:05 - 2014-01-30 22:07 - 0000110 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2014-01-30 22:07 - 2014-01-30 22:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-01-30 22:06 - 2014-01-30 22:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-01-30 22:02 - 2014-01-30 22:04 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2014-01-30 22:04 - 2014-01-30 22:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2014-01-30 22:01 - 2014-01-30 22:02 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

Some content of TEMP:
====================
C:\Users\Verses\AppData\Local\Temp\Quarantine.exe
C:\Users\Verses\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 09:44

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Antwort

Themen zu Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?
anhang, ausgeführt, bereits, e-mail, editor, fehlercode 0x0, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 28, gefunde, mobogenie, mobogenie entfernen, ominöse, pup.optional.dvdvideosofttb.a, pup.optional.rrsavings.a, pup.optional.searchprotect.a, pup.optional.systemspeedup, quickstores-toolbar 1.1.0 entfernen, seltsame, seltsamen, trojandownloader:js/nemucod.h, öffnen



Ähnliche Themen: Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?


  1. DHL Phishing Mail Anhang (PDF) geöffnet
    Plagegeister aller Art und deren Bekämpfung - 08.06.2015 (11)
  2. DHL-Mail Anhang geöffnet
    Log-Analyse und Auswertung - 02.06.2015 (9)
  3. UPS-Mail anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 10.03.2015 (9)
  4. Rechtsanwaltsrechnung - Anhang mit zip-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 25.11.2014 (13)
  5. .scr Datei leider doch geöffnet - was kann ich tun ?
    Plagegeister aller Art und deren Bekämpfung - 02.10.2014 (6)
  6. Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (16)
  7. Schadhaften E-Mail-Anhang geöffnet (.zip-Datei)
    Log-Analyse und Auswertung - 10.07.2014 (9)
  8. zip-Datei Virus-Anhang in vermeintlicher PayPal-Mail via Handy geöffnet
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (3)
  9. E-Mail von Media Center GmbH - Abo 39€ - E-Mail, nicht Anhang geöffnet, Antivirenprogramm meldet sich.
    Plagegeister aller Art und deren Bekämpfung - 24.04.2014 (5)
  10. E-Mail Paypalrechnung von Anwaltskanzlei mit zip-Datei im Anhang geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 21.03.2014 (7)
  11. PDF Anhang aus Phishing mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.11.2013 (11)
  12. verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (48)
  13. E-mail Mahnung die .zip Datei mit MS-Dos anwendung enthält (leider geöffnet)
    Log-Analyse und Auswertung - 21.08.2013 (9)
  14. Anhang von Spam Mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 01.07.2013 (3)
  15. Mail mit ZIP-Datei im Anhang geöffnet - Trojaner?
    Log-Analyse und Auswertung - 14.05.2013 (9)
  16. Zip-Datei im E-Mail-Anhang von "Bestellung bei Amazon Buyvip" geöffnet
    Log-Analyse und Auswertung - 05.04.2013 (9)
  17. Trojaner im Anhang leider geöffnet
    Plagegeister aller Art und deren Bekämpfung - 13.02.2013 (28)

Zum Thema Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? - Hallo! Habe eine E-Mail mit einer seltsamen .js-Datei im Anhang gefunden (siehe Anhang im Post). Dummerweise habe ich die Datei bereits ausgeführt (wollte eigentlich mit dem Editor öffnen). Kann mir - Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?...
Archiv
Du betrachtest: Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.