| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Taskmanager blockiert, consent.exe 6x offenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.07.2015, 13:49
| #1 |
 |  Taskmanager blockiert, consent.exe 6x offen Hallo liebes Trojanerboard Team, ich habe seit heute ein komisches Problem... Und zwar kann ich irgendwie den Taskmanager nicht mehr per Tastendruck starten, (hab ihn mit taskmgr.exe) gestartet, und da war consent.exe 6x offen. Ich konnte den Dateipfad nicht öffnen und schließen konnte ich es auch nicht. Kann das irgendwie damit zu tun haben, dass ich seit gestern einen zweiten Bildschirm habe? Ich kann auch manche Fenster nicht schließen, Malwarebytes-Anti Malware lädt zwar, startet aber nicht, und auf herunterfahren klicken geht auch nicht. Bitte um Hilfe! //Da fällt mir noch was ein: Avast findet bei mir immer ein Browserplugin namens "Compete" was ich entferne, es kommt aber immer wieder! ///Dieses consent.exe öffnet sich immer wieder, ist schon 8x offen jetzt... |
|
01.07.2015, 14:26
| #2 |
| /// the machine /// TB-Ausbilder    | Taskmanager blockiert, consent.exe 6x offen hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
01.07.2015, 14:54
| #3 |
| | Taskmanager blockiert, consent.exe 6x offen FRST.txt
__________________Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01 Ran by Adrian (administrator) on ADRIAN on 01-07-2015 15:44:50 Running from C:\Users\Adrian\Desktop Loaded Profiles: Adrian (Available Profiles: Adrian & Roland & Julia) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (NVIDIA Corporation) C:\Users\Adrian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Spotify Ltd) C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe (Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TeamSpeak Systems GmbH) C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Farbar) C:\Users\Adrian\Desktop\FRST64(1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard ) HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation) HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-17] (Avast Software s.r.o.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.) HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2013-12-13] (Hewlett-Packard) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation) HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Spotify Web Helper] => C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2015-06-26] (Spotify Ltd) HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.) HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd) HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation) HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Spotify] => C:\Users\Adrian\AppData\Roaming\Spotify\Spotify.exe [7415864 2015-06-26] (Spotify Ltd) HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.) HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\MountPoints2: F - F:\0data\cbs.exe HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\MountPoints2: {1fbf2697-26af-11e3-b9f3-80c16ee1eaf7} - F:\Setup.exe Startup: C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-27] ShortcutTarget: Dropbox.lnk -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-17] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://g.uk.msn.com/HPCON/13 HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01 SearchScopes: HKLM -> {939B14F3-B461-4624-9A18-471F61BFA534} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms} SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> {939B14F3-B461-4624-9A18-471F61BFA534} URL = SearchScopes: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-21] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-17] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-21] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-01] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-17] (Avast Software s.r.o.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-21] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Hosts: 10.0.0.1 activate.adobe.com Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{4D90CE45-67A0-49AB-B5B4-C64A4C422721}: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{8B69EE98-7CCE-4594-BF68-254040775923}: [DhcpNameServer] 10.0.0.138 FireFox: ======== FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-01] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-01] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-09] () FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\donottrackplus@abine.com [2015-05-29] FF Extension: ColorZilla - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-05-29] FF Extension: WOT - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29] FF Extension: Ghostery - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\firefox@ghostery.com.xpi [2015-05-09] FF Extension: Adblock Edge - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-05] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19] CHR Extension: (Google Docs) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19] CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19] CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19] CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19] CHR Extension: (MaskMe) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2015-06-04] CHR Extension: (Blur) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-06-04] CHR Extension: (Google Sheets) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19] CHR Extension: (Chrome Remote Desktop) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-06-04] CHR Extension: (AdBlock) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-04] CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-19] CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19] CHR Extension: (No Name) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh [2015-07-01] CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-17] (Avast Software s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-06] () R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed] R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648 2015-03-08] (Google Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-03-18] (Microsoft Corporation) R2 ezSharedSvc; C:\windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) S3 npggsvc; C:\windows\SysWOW64\GameMon.des [4276136 2013-04-03] (INCA Internet Co., Ltd.) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1996144 2015-05-21] (Electronic Arts) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-04-04] (PDF Complete Inc) R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2014-10-02] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed] S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-17] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-17] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-17] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-17] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-17] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-17] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-17] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-02] () S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-08-02] (Echobit, LLC) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-14] () R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation) S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org) S3 netr28ux; system32\DRIVERS\netr28ux.sys [X] S3 X6va011; \??\C:\windows\SysWOW64\Drivers\X6va011 [X] S3 X6va012; \??\C:\windows\SysWOW64\Drivers\X6va012 [X] S3 X6va015; \??\C:\windows\SysWOW64\Drivers\X6va015 [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-01 15:44 - 2015-07-01 15:47 - 00032311 _____ C:\Users\Adrian\Desktop\FRST.txt 2015-07-01 15:43 - 2015-07-01 15:43 - 02112512 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64(1).exe 2015-07-01 15:36 - 2015-07-01 15:37 - 00095283 _____ C:\Users\Adrian\Downloads\FRST.txt 2015-07-01 15:36 - 2015-07-01 15:36 - 02112512 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe 2015-07-01 15:33 - 2015-07-01 15:46 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-01 15:33 - 2015-07-01 15:33 - 00001068 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-07-01 15:33 - 2015-07-01 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-07-01 15:33 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-07-01 15:33 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-07-01 15:33 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-07-01 15:32 - 2015-07-01 15:34 - 00003880 _____ C:\Users\Adrian\Desktop\AdwCleaner[R4].txt 2015-07-01 15:32 - 2015-07-01 15:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.1.8.1057.exe 2015-07-01 15:31 - 2015-07-01 15:32 - 02244096 _____ C:\Users\Adrian\Downloads\adwcleaner_4.207(1).exe 2015-07-01 14:57 - 2015-07-01 14:57 - 02244096 _____ C:\Users\Adrian\Downloads\AdwCleaner_4.207.exe 2015-06-30 21:03 - 2015-06-30 21:03 - 00000000 ____D C:\Users\Adrian\Desktop\Bauserver 2015-06-30 18:54 - 2015-06-30 18:54 - 00000278 _____ C:\Users\Adrian\Desktop\How to use the new things added in 1.4.6 (no NBT) Bukkit Forums.URL 2015-06-29 16:39 - 2015-06-29 16:39 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.atlauncher 2015-06-28 16:15 - 2015-06-28 16:15 - 00990670 _____ C:\Users\Adrian\Downloads\Essentials(1).zip 2015-06-28 16:08 - 2015-06-28 16:08 - 00279917 _____ C:\Users\Adrian\Downloads\nbteditor-1.2.zip 2015-06-23 18:22 - 2015-06-23 18:22 - 00001343 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-06-23 18:21 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe 2015-06-23 18:12 - 2015-06-17 11:10 - 42729104 _____ C:\windows\system32\nvcompiler.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 37748880 _____ C:\windows\SysWOW64\nvcompiler.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys 2015-06-23 18:12 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6435330.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6435330.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys 2015-06-23 18:12 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll 2015-06-23 18:12 - 2015-06-17 11:10 - 00030966 _____ C:\windows\system32\nvinfo.pb 2015-06-23 18:06 - 2015-06-23 18:06 - 00000000 ____D C:\NVIDIA 2015-06-23 17:48 - 2015-06-23 17:48 - 00158823 _____ C:\Users\Adrian\Downloads\2c36ac-Play GTA V.rar 2015-06-23 17:42 - 2015-06-23 17:42 - 00060476 _____ C:\Users\Adrian\Downloads\16420b-OpenAllInteriors.rar 2015-06-23 17:41 - 2015-06-23 17:41 - 00139690 _____ C:\Users\Adrian\Downloads\3137dd-the_red_house.zip 2015-06-23 17:41 - 2015-06-23 17:41 - 00130877 _____ C:\Users\Adrian\Downloads\7d5fc4-Bodyguard Menu 1.7.zip 2015-06-23 17:39 - 2015-06-23 17:39 - 00766494 _____ C:\Users\Adrian\Downloads\f72d70-RealPoliceOffenses.rar 2015-06-23 17:38 - 2015-06-23 17:38 - 00393765 _____ C:\Users\Adrian\Downloads\ScriptHookV_1.0.372.2.zip 2015-06-23 17:34 - 2015-06-23 17:42 - 292264080 _____ (NVIDIA Corporation) C:\Users\Adrian\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe 2015-06-23 17:29 - 2015-06-23 17:29 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-06-23 17:29 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys 2015-06-23 17:29 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll 2015-06-21 16:11 - 2015-06-21 16:12 - 00024799 _____ C:\Users\Adrian\Downloads\TurretsStarterPackRAW.rar 2015-06-21 16:09 - 2015-06-21 16:09 - 01399043 _____ C:\Users\Adrian\Desktop\DieUberwaffe_Tigerlily_HF50.sment 2015-06-21 09:54 - 2015-06-21 09:54 - 00000257 _____ C:\Users\Adrian\Desktop\Rockstar Games Social Club - Crew Squad Lemonators.URL 2015-06-20 17:03 - 2015-06-20 17:03 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2013 2015-06-20 17:03 - 2015-06-20 17:03 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2013 2015-06-20 11:54 - 2015-06-20 11:54 - 00005618 _____ C:\Users\Adrian\Desktop\Mein Radio.application 2015-06-20 11:54 - 2015-06-20 11:54 - 00000000 ____D C:\Users\Adrian\Desktop\Application Files 2015-06-20 11:54 - 2015-06-20 11:54 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company 2015-06-20 11:53 - 2015-06-20 11:53 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft FxCop 2015-06-20 11:32 - 2015-05-06 15:07 - 00319584 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2015-06-20 11:32 - 2015-05-06 15:07 - 00206944 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2015-06-20 11:32 - 2015-05-06 15:07 - 00206432 _____ (Oracle Corporation) C:\windows\system32\java.exe 2015-06-20 11:15 - 2015-06-20 11:28 - 146861984 _____ (Oracle Corporation) C:\Users\Adrian\Downloads\jdk-7u79-windows-x64.exe 2015-06-19 17:53 - 2015-06-19 17:53 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\NuGet 2015-06-19 17:24 - 2015-06-19 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2015-06-19 17:24 - 2015-06-19 17:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2015-06-19 17:20 - 2015-06-19 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1 2015-06-19 17:20 - 2015-06-19 17:20 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits 2015-06-19 17:16 - 2015-06-19 18:55 - 00000000 ____D C:\Users\Adrian\Documents\Visual Studio 2013 2015-06-19 17:16 - 2015-06-19 17:16 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE 2015-06-19 17:08 - 2015-06-19 17:08 - 00000000 ____D C:\Program Files (x86)\AppInsights 2015-06-19 17:02 - 2015-06-19 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK 2015-06-19 16:55 - 2015-06-19 17:10 - 00000000 ____D C:\ProgramData\Windows App Certification Kit 2015-06-19 16:55 - 2015-06-19 16:55 - 00000000 ____D C:\Program Files\Application Verifier 2015-06-19 16:55 - 2015-06-19 16:55 - 00000000 ____D C:\Program Files (x86)\Application Verifier 2015-06-19 16:51 - 2015-06-19 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2015-06-19 16:45 - 2015-06-19 16:45 - 00000000 ____D C:\ProgramData\PreEmptive Solutions 2015-06-19 16:39 - 2015-06-19 16:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2015-06-19 16:38 - 2015-06-19 17:09 - 00000000 ____D C:\Program Files\IIS Express 2015-06-19 16:38 - 2015-06-19 17:09 - 00000000 ____D C:\Program Files (x86)\IIS Express 2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\ProgramData\NuGet 2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files\IIS 2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\NuGet 2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services 2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\IIS 2015-06-19 16:34 - 2015-06-19 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2015-06-19 16:25 - 2015-06-19 16:31 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2015-06-19 16:25 - 2015-06-19 16:25 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits 2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\windows\symbols 2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop 2015-06-19 16:20 - 2015-06-19 17:36 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2015-06-19 16:20 - 2015-06-19 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 2015-06-19 16:20 - 2015-06-19 16:29 - 00000000 ____D C:\windows\SysWOW64\1033 2015-06-19 16:08 - 2015-06-19 16:08 - 00000000 ____D C:\Users\Adrian\.tooling 2015-06-19 16:07 - 2015-06-19 17:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2015-06-19 16:07 - 2015-06-19 16:22 - 00000000 ____D C:\windows\system32\1033 2015-06-19 16:07 - 2015-06-19 16:07 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0 2015-06-19 15:47 - 2015-06-19 15:47 - 01240624 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\vs_community.exe 2015-06-19 15:46 - 2015-06-19 15:46 - 01198368 _____ C:\Users\Adrian\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe 2015-06-19 15:39 - 2015-06-19 15:40 - 00000000 ____D C:\Users\Adrian\SpongeAPI 2015-06-19 15:38 - 2015-06-19 15:39 - 03709881 _____ C:\Users\Adrian\Downloads\forge-1.8-11.14.3.1468-installer-win.exe 2015-06-19 15:37 - 2015-06-19 15:38 - 14131704 _____ C:\Users\Adrian\Downloads\sponge-1.8-1446-2.1DEV-490.jar 2015-06-18 14:12 - 2015-06-18 14:12 - 00054619 _____ C:\Users\Adrian\Downloads\ts18.nitrado.net-11200-2981-BU181829.dat 2015-06-17 16:59 - 2015-06-17 16:59 - 04832017 _____ C:\Users\Adrian\Downloads\WM01-demo.zip 2015-06-17 16:34 - 2015-06-17 16:34 - 00025510 _____ C:\Users\Adrian\Desktop\freakey.pdn 2015-06-15 16:18 - 2015-06-15 16:18 - 00000000 ____D C:\Users\Adrian\Desktop\icons 2015-06-11 18:12 - 2015-06-11 18:13 - 02210768 _____ C:\Users\Adrian\Downloads\StarMade-starter(1).exe 2015-06-11 11:27 - 2015-06-11 11:27 - 00000000 ____D C:\Users\Adrian\Desktop\Minecraft Server 2015-06-11 11:21 - 2015-06-11 11:21 - 00004010 _____ C:\Users\Adrian\AppData\Local\recently-used.xbel 2015-06-11 10:16 - 2015-06-11 10:16 - 21553694 _____ C:\Users\Adrian\Desktop\spigot-1.8.7-R0.1-SNAPSHOT.jar 2015-06-11 10:16 - 2015-06-11 10:16 - 21553694 _____ C:\Users\Adrian\Desktop\spigot-1.8.7.jar 2015-06-10 19:33 - 2015-06-10 19:33 - 00080153 _____ C:\Users\Adrian\Downloads\Orebfuscator.jar 2015-06-10 17:40 - 2015-06-10 17:40 - 00045721 _____ C:\Users\Adrian\Downloads\PvPTimer.jar 2015-06-10 17:32 - 2015-06-10 17:32 - 00020799 _____ C:\Users\Adrian\Downloads\PVPLeveling.jar 2015-06-10 17:18 - 2015-06-10 17:18 - 00295492 _____ C:\Users\Adrian\Downloads\Vault(1).jar 2015-06-10 15:41 - 2015-06-10 15:41 - 00203534 _____ C:\Users\Adrian\Downloads\BossShop.jar 2015-06-10 13:29 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll 2015-06-10 13:29 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll 2015-06-10 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx 2015-06-10 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll 2015-06-10 13:29 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL 2015-06-10 13:29 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll 2015-06-10 13:29 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll 2015-06-10 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx 2015-06-10 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll 2015-06-10 13:29 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL 2015-06-10 13:28 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-06-10 13:28 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-06-10 13:28 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-06-10 13:28 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-06-10 13:28 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2015-06-10 13:28 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-06-10 13:28 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2015-06-10 13:28 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2015-06-10 13:28 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-06-10 13:28 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-06-10 13:28 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-06-10 13:28 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-06-10 13:28 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2015-06-10 13:28 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-06-10 13:28 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-06-10 13:28 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-06-10 13:28 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2015-06-10 13:28 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-06-10 13:28 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-10 13:28 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-06-10 13:28 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-06-10 13:28 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-06-10 13:28 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-06-10 13:28 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-06-10 13:28 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-06-10 13:28 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2015-06-10 13:28 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-06-10 13:28 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-06-10 13:28 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-06-10 13:28 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-06-10 13:28 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-06-10 13:28 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-06-10 13:28 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-06-10 13:28 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-06-10 13:28 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-06-10 13:28 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-06-10 13:28 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-06-10 13:28 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-06-10 13:28 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-06-10 13:28 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-06-10 13:28 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-06-10 13:28 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-06-10 13:28 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-06-10 13:28 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-06-10 13:28 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-06-10 13:28 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-06-10 13:28 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-06-10 13:28 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-06-10 13:28 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 13:28 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-06-10 13:28 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-06-10 13:28 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-06-10 13:28 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-06-10 13:28 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-06-10 13:28 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-06-10 13:28 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-06-10 13:28 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-06-10 13:28 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-06-10 13:28 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-06-10 13:28 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-06-10 13:28 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-06-10 13:28 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-06-10 13:28 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-06-10 13:28 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-06-10 13:28 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-06-10 13:28 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-06-10 13:28 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-06-10 13:28 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2015-06-10 13:27 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-06-10 13:27 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-06-10 13:27 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-06-10 13:27 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2015-06-10 13:27 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-06-10 13:27 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2015-06-10 13:27 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-06-10 13:27 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-06-10 13:27 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-06-10 13:27 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe 2015-06-10 13:27 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-06-10 13:27 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-06-10 13:27 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-06-10 13:27 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2015-06-10 13:27 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2015-06-10 13:27 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe 2015-06-10 13:27 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe 2015-06-10 13:27 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2015-06-10 13:27 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe 2015-06-10 13:27 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe 2015-06-10 13:27 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2015-06-10 13:27 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe 2015-06-10 13:27 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2015-06-10 13:27 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2015-06-10 13:27 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2015-06-10 13:27 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2015-06-10 13:27 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2015-06-10 13:27 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll 2015-06-10 13:27 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2015-06-10 13:27 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2015-06-10 13:27 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 13:27 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-10 13:26 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-06-10 13:26 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll 2015-06-10 13:26 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll 2015-06-10 13:26 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys 2015-06-09 20:59 - 2015-06-09 20:59 - 00097426 _____ C:\Users\Adrian\Downloads\SimpleAlias_1.6.0.jar 2015-06-09 20:44 - 2015-06-09 20:44 - 00242829 _____ C:\Users\Adrian\Downloads\SimpleClans.jar 2015-06-09 20:41 - 2015-06-09 20:41 - 00088581 _____ C:\Users\Adrian\Downloads\FactionChat.jar 2015-06-09 20:36 - 2015-06-09 20:36 - 01353976 _____ C:\Users\Adrian\Downloads\MassiveCore.jar 2015-06-09 20:35 - 2015-06-09 20:35 - 01492385 _____ C:\Users\Adrian\Downloads\Factions-2.7.5.zip 2015-06-09 20:28 - 2015-06-09 20:28 - 00464200 _____ C:\Users\Adrian\Downloads\LWC.jar 2015-06-09 19:27 - 2015-06-09 19:27 - 06477032 _____ (Tim Kosse) C:\Users\Adrian\Downloads\FileZilla_3.11.0.2_win64-setup.exe 2015-06-09 19:26 - 2015-06-09 19:26 - 00352171 _____ C:\Users\Adrian\Downloads\BVotifier[1].jar 2015-06-08 16:14 - 2015-06-08 16:14 - 00002580 _____ C:\windows\DPINST.LOG 2015-06-08 16:14 - 2015-06-08 16:14 - 00000000 ____D C:\Users\Adrian\hpremote 2015-06-07 12:24 - 2015-06-07 12:24 - 02803105 _____ C:\Users\Adrian\Downloads\craftconomy3-3.2.1(1).jar 2015-06-06 16:52 - 2015-06-07 11:01 - 00036984 _____ C:\windows\DirectX.log 2015-06-06 16:18 - 2015-06-27 13:09 - 00000000 ____D C:\Users\Adrian\Downloads\StarMade 2015-06-06 16:17 - 2015-06-11 18:22 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.StarMade 2015-06-06 16:17 - 2015-06-06 16:17 - 02210768 _____ C:\Users\Adrian\Downloads\StarMade-starter.exe 2015-06-04 09:48 - 2015-06-04 09:49 - 00087894 _____ C:\Users\Adrian\Downloads\BAT-WebInterface1.6(1).zip 2015-06-04 08:39 - 2015-06-04 08:39 - 00000000 ____D C:\ProgramData\Google 2015-06-04 08:35 - 2015-06-04 08:36 - 08180736 _____ C:\Users\Adrian\Downloads\chromeremotedesktophost.msi 2015-06-04 08:31 - 2015-06-04 08:31 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-04 07:27 - 2015-06-04 07:27 - 01822832 _____ (Pushbullet Inc ) C:\Users\Adrian\Downloads\pushbullet_installer.exe 2015-06-04 07:02 - 2015-06-04 07:02 - 00000233 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url 2015-06-02 20:48 - 2015-06-02 20:48 - 00395020 _____ C:\Users\Adrian\Downloads\CommunityBridge.jar 2015-06-02 20:32 - 2015-06-02 20:32 - 00237144 _____ C:\Users\Adrian\Downloads\BungeeTabListPlus.zip 2015-06-02 20:32 - 2015-06-02 20:32 - 00082663 _____ C:\Users\Adrian\Downloads\PingUtilsBungee-2.1.1-SNAPSHOT.jar 2015-06-01 18:02 - 2015-06-01 18:02 - 00000000 ____D C:\Users\Adrian\.ssh 2015-06-01 18:00 - 2015-06-01 18:45 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\GitHub 2015-06-01 18:00 - 2015-06-01 18:45 - 00000000 ____D C:\Users\Adrian\AppData\Local\GitHub 2015-06-01 18:00 - 2015-06-01 18:00 - 00002185 _____ C:\Users\Adrian\Desktop\Git Shell.lnk 2015-06-01 18:00 - 2015-06-01 18:00 - 00000308 _____ C:\Users\Adrian\Desktop\GitHub.appref-ms 2015-06-01 18:00 - 2015-06-01 18:00 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2015-06-01 17:57 - 2015-06-01 17:57 - 00677168 _____ () C:\Users\Adrian\Downloads\GitHubSetup.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-01 15:45 - 2015-02-24 14:54 - 00000000 ____D C:\FRST 2015-07-01 15:45 - 2013-03-15 02:51 - 01112308 _____ C:\windows\WindowsUpdate.log 2015-07-01 15:43 - 2014-05-18 07:56 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Spotify 2015-07-01 15:43 - 2013-03-14 19:02 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Skype 2015-07-01 15:42 - 2014-05-18 07:57 - 00000000 ____D C:\Users\Adrian\AppData\Local\Spotify 2015-07-01 15:42 - 2013-05-18 19:37 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\TS3Client 2015-07-01 15:41 - 2013-09-02 11:16 - 00000000 ____D C:\Users\Adrian\AppData\Local\LogMeIn Hamachi 2015-07-01 15:41 - 2013-03-16 08:15 - 00000000 ____D C:\Program Files (x86)\Steam 2015-07-01 15:40 - 2012-06-15 02:18 - 00000000 ____D C:\ProgramData\PDFC 2015-07-01 15:39 - 2015-05-18 16:26 - 00017389 _____ C:\windows\setupact.log 2015-07-01 15:39 - 2012-06-15 01:58 - 00000000 ____D C:\ProgramData\NVIDIA 2015-07-01 15:39 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-07-01 15:38 - 2015-05-18 16:26 - 00067662 _____ C:\windows\PFRO.log 2015-07-01 15:38 - 2014-12-07 08:50 - 00000000 ____D C:\AdwCleaner 2015-07-01 15:37 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-01 15:37 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-01 15:33 - 2014-07-07 15:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-07-01 15:26 - 2013-09-13 19:07 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-07-01 14:47 - 2013-09-13 19:07 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-07-01 14:47 - 2012-06-15 02:12 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-07-01 14:47 - 2012-06-15 02:12 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-01 14:21 - 2015-02-09 12:26 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.minecraft 2015-07-01 14:16 - 2014-11-08 11:14 - 00000000 ____D C:\Users\Adrian\AppData\Local\Eclipse 2015-07-01 02:00 - 2013-06-22 18:56 - 00000000 ____D C:\Users\Adrian\AppData\Local\Adobe 2015-06-30 17:45 - 2015-04-14 15:52 - 00000080 _____ C:\Users\Adrian\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2015-06-29 18:34 - 2013-05-11 09:31 - 00000000 ____D C:\Users\Adrian\workspace 2015-06-29 16:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-06-29 13:47 - 2012-06-15 02:18 - 00000000 ____D C:\ProgramData\Skype 2015-06-29 13:45 - 2014-05-05 19:31 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update 2015-06-27 08:54 - 2014-05-05 19:31 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswsp.sys 2015-06-24 20:03 - 2014-11-04 09:40 - 00000000 ____D C:\Users\Adrian\Documents\Action! 2015-06-23 18:22 - 2013-08-05 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-06-23 18:22 - 2012-06-15 01:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-06-23 18:19 - 2012-06-15 01:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-06-20 20:32 - 2014-04-01 19:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Deployment 2015-06-20 17:02 - 2014-08-25 14:15 - 00000000 ____D C:\ProgramData\Package Cache 2015-06-20 11:29 - 2013-03-23 14:22 - 00000000 ____D C:\Program Files\Java 2015-06-20 08:48 - 2013-09-28 08:31 - 05259320 _____ C:\windows\system32\FNTCACHE.DAT 2015-06-19 17:39 - 2014-06-09 08:16 - 00143352 _____ C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT 2015-06-19 17:35 - 2014-04-14 07:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2015-06-19 17:16 - 2014-04-14 07:25 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2015-06-19 17:00 - 2014-04-14 07:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2015-06-19 17:00 - 2013-08-10 19:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-06-19 17:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-06-19 16:43 - 2014-10-15 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET 2015-06-19 16:08 - 2013-03-14 18:59 - 00000000 ____D C:\Users\Adrian 2015-06-19 16:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-06-17 16:38 - 2015-03-27 11:52 - 00000000 ___RD C:\Users\Adrian\Desktop\Meine Dateien 2015-06-17 16:34 - 2013-05-28 20:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Paint.NET 2015-06-17 16:29 - 2013-03-26 12:03 - 00000000 ____D C:\Users\Adrian\.gimp-2.8 2015-06-17 11:10 - 2015-04-13 16:48 - 17724600 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll 2015-06-17 11:10 - 2014-09-02 09:36 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll 2015-06-17 11:10 - 2014-09-02 09:36 - 01316000 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll 2015-06-17 11:10 - 2014-09-02 09:32 - 01567576 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll 2015-06-17 11:10 - 2013-11-13 12:22 - 01571696 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll 2015-06-17 11:10 - 2013-11-13 12:22 - 01320304 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll 2015-06-17 11:10 - 2013-04-10 15:47 - 15224784 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll 2015-06-17 11:10 - 2013-02-26 00:32 - 02997544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll 2015-06-17 11:10 - 2012-03-15 06:59 - 12855416 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll 2015-06-17 11:10 - 2012-03-15 06:59 - 03395648 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll 2015-06-17 08:48 - 2012-06-15 01:58 - 06873232 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll 2015-06-17 08:48 - 2012-06-15 01:58 - 03492168 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll 2015-06-17 08:48 - 2012-06-15 01:58 - 02558792 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll 2015-06-17 08:48 - 2012-06-15 01:58 - 00937616 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe 2015-06-17 08:48 - 2012-06-15 01:58 - 00385168 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll 2015-06-17 08:48 - 2012-06-15 01:58 - 00062792 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll 2015-06-12 12:48 - 2015-05-06 17:23 - 00000600 _____ C:\Users\Adrian\AppData\Local\PUTTY.RND 2015-06-12 12:48 - 2013-04-15 17:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\FileZilla 2015-06-11 15:15 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD 2015-06-11 14:40 - 2015-01-07 15:14 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieBrowserModeList 2015-06-11 14:40 - 2014-05-05 19:25 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieUserList 2015-06-11 14:40 - 2014-05-05 19:25 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieSiteList 2015-06-11 13:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache 2015-06-11 11:21 - 2015-04-07 15:53 - 00000000 ____D C:\Users\Adrian\AppData\Local\gtk-2.0 2015-06-11 10:17 - 2013-05-25 21:54 - 00000000 ____D C:\Users\Adrian\Documents\Bandicam 2015-06-11 09:56 - 2015-03-31 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git 2015-06-11 09:56 - 2013-03-16 09:10 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Audacity 2015-06-11 08:28 - 2012-06-15 01:44 - 00700336 _____ C:\windows\system32\perfh007.dat 2015-06-11 08:28 - 2012-06-15 01:44 - 00149928 _____ C:\windows\system32\perfc007.dat 2015-06-11 08:28 - 2009-07-14 07:13 - 01623774 _____ C:\windows\system32\PerfStringBackup.INI 2015-06-11 08:22 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT 2015-06-11 08:19 - 2014-12-11 19:20 - 00000000 ____D C:\windows\system32\appraiser 2015-06-11 08:19 - 2014-05-06 12:21 - 00000000 ___SD C:\windows\system32\CompatTel 2015-06-11 08:19 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions 2015-06-10 20:48 - 2013-08-15 16:39 - 00000000 ____D C:\windows\system32\MRT 2015-06-10 20:41 - 2013-04-11 12:47 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-06-10 17:21 - 2013-04-15 17:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-06-10 17:21 - 2013-04-15 17:25 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2015-06-10 16:32 - 2015-04-14 15:52 - 00000000 ____D C:\Program Files\Rockstar Games 2015-06-10 16:32 - 2015-04-14 15:52 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-06-08 16:17 - 2013-06-09 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-06-08 16:17 - 2013-06-09 20:40 - 00000000 ____D C:\Program Files (x86)\Nero 2015-06-08 16:15 - 2012-06-15 02:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2015-06-08 16:15 - 2012-06-15 02:04 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-06-08 16:14 - 2012-06-15 02:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-06-08 16:00 - 2015-04-21 14:10 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\soundcloud-musicaudio-515e62acb4534adf9d67bd67c3aef5e8 2015-06-06 16:53 - 2013-05-11 11:56 - 00000000 ____D C:\Users\Adrian\Documents\My Games 2015-06-04 08:38 - 2013-04-01 10:00 - 00000000 ____D C:\Program Files (x86)\Google 2015-06-02 16:11 - 2012-06-15 01:58 - 04421614 _____ C:\windows\system32\nvcoproc.bin ==================== Files in the root of some directories ======= 2013-11-14 15:51 - 2015-02-03 17:15 - 0000132 _____ () C:\Users\Adrian\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen 2013-05-20 07:19 - 2013-06-11 19:23 - 0000096 _____ () C:\Users\Adrian\AppData\Roaming\Camdata.ini 2013-05-20 07:19 - 2013-06-11 19:23 - 0000408 _____ () C:\Users\Adrian\AppData\Roaming\CamLayout.ini 2013-05-20 07:19 - 2013-06-11 19:23 - 0000408 _____ () C:\Users\Adrian\AppData\Roaming\CamShapes.ini 2013-05-20 07:13 - 2013-05-26 07:46 - 0004508 _____ () C:\Users\Adrian\AppData\Roaming\CamStudio.cfg 2015-05-13 11:21 - 2015-05-13 11:21 - 0000000 _____ () C:\Users\Adrian\AppData\Roaming\gdfw.log 2015-05-13 11:21 - 2015-05-13 11:21 - 0000779 _____ () C:\Users\Adrian\AppData\Roaming\gdscan.log 2014-10-13 18:59 - 2014-10-13 18:59 - 0001456 _____ () C:\Users\Adrian\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2013-04-06 19:11 - 2013-04-11 15:39 - 0003584 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-05-06 17:23 - 2015-06-12 12:48 - 0000600 _____ () C:\Users\Adrian\AppData\Local\PUTTY.RND 2015-06-11 11:21 - 2015-06-11 11:21 - 0004010 _____ () C:\Users\Adrian\AppData\Local\recently-used.xbel 2014-05-22 16:45 - 2014-05-22 16:45 - 0000003 _____ () C:\Users\Adrian\AppData\Local\updater.log 2014-05-22 16:45 - 2014-05-22 16:45 - 0000442 _____ () C:\Users\Adrian\AppData\Local\UserProducts.xml Files to move or delete: ==================== C:\Users\Adrian\Quiz.bat C:\Users\Adrian\worldpainter_64_1.10.3.exe C:\Users\Adrian\worldpainter_64_1.9.0.exe Some files in TEMP: ==================== C:\Users\Adrian\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Adrian\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Adrian\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.2-18-ga04b586-b3107jnks.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-4827540028675145902.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-8726357250486247984.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-18-ga04b586-b3107jnks.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-1640976560113121343.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-1748178027778397222.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-1847612319792099815.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-2409685624733947850.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-2646838854747436420.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-2888182658571649898.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-3519014705264938437.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-3554134589459573298.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-4301284263848438752.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5387255101928983509.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5566886607779853474.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5608421060872803437.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5631155823920546649.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5958460647030896234.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-596465670919884920.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6267333285519270813.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6279743994193730101.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6839923837052692343.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6899761752886796276.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6956307459441802697.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7122909713967347229.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-726200272793483059.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7454451492279311364.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7642448563796266877.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7754896276059582178.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7763889817463776677.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-8116101558523784844.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-8172442734647130134.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-8450085905217606293.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-8570957578103409483.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-1710614257447263786.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-2062049329647924177.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-2135401149620072559.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-2686272343921035731.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-3231143034059786007.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-4987107921528917091.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-5309891713955189797.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-8134318838681551854.dll C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-8744518777938921859.dll C:\Users\Adrian\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Adrian\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Adrian\AppData\Local\Temp\nvSCPAPISvr.exe C:\Users\Adrian\AppData\Local\Temp\nvStInst.exe C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe C:\Users\Adrian\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Adrian\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Adrian\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll C:\Users\Adrian\AppData\Local\Temp\xmlUpdater.exe C:\Users\Roland\AppData\Local\Temp\AskSLib.dll C:\Users\Roland\AppData\Local\Temp\burnsetup.exe C:\Users\Roland\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf4wiiv.dll C:\Users\Roland\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Roland\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Roland\AppData\Local\Temp\ffmpeg17.exe C:\Users\Roland\AppData\Local\Temp\ffmpeg18.exe C:\Users\Roland\AppData\Local\Temp\ICReinstall_syncios_CB-DL-Manager.exe C:\Users\Roland\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-75-g7f25632-b2717jnks.dll C:\Users\Roland\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Roland\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Roland\AppData\Local\Temp\SDShelEx-x64.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2013-12-21 15:41 ==================== End of log ============================ |
|
01.07.2015, 17:57
| #4 |
| | Taskmanager blockiert, consent.exe 6x offen Addition.txt [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Adrian at 2015-07-01 15:50:57
Running from C:\Users\Adrian\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1501557853-1401194567-1476615106-500 - Administrator - Disabled)
Adrian (S-1-5-21-1501557853-1401194567-1476615106-1000 - Administrator - Enabled) => C:\Users\Adrian
Gast (S-1-5-21-1501557853-1401194567-1476615106-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1501557853-1401194567-1476615106-1005 - Limited - Enabled)
Julia (S-1-5-21-1501557853-1401194567-1476615106-1008 - Limited - Enabled) => C:\Users\Julia
Roland (S-1-5-21-1501557853-1401194567-1476615106-1002 - Administrator - Enabled) => C:\Users\Roland
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - Akamai Technologies, Inc)
Alarm für Cobra 11 - Das Syndikat - DEMO (HKLM-x32\...\Alarm für Cobra 11 - Das Syndikat - DEMO_is1) (Version: - dtp)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft)
Assassin's Creed(R) III v1.02 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.02 - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoHotkey 1.1.22.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.22.00 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Play4Free (Adrian) (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
Battlefield Play4Free (Adrian) (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Blockland (HKLM-x32\...\Steam App 250340) (Version: - Eric Hartman)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
Bridge Constructor (HKLM-x32\...\Steam App 250460) (Version: - )
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version: - Rockstar New England)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)
Chrome Remote Desktop Host (HKLM-x32\...\{A1A724F3-F1A6-479C-AE98-208946717E2B}) (Version: 42.0.2311.39 - Google Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Cobra 11 - Burning Wheels (remove only) (HKLM-x32\...\BurningWheels) (Version: - )
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DC Universe Online PSG (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online PSG (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Dropbox (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.7.0.0 - Electronic Arts)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FileZilla Client 3.11.0.2 (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
FileZilla Client 3.11.0.2 (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.11.827 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
GitHub (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)
Harry Potter und die Heiligtümer des Todes(TM) - Teil 2 (HKLM-x32\...\{F0C9E8E9-C54B-48C1-9192-F5D49633AB5D}) (Version: 1.0.0.0 - Electronic Arts)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{750E9D0F-B188-4A7E-ADD2-84B7ED7D32F6}) (Version: 5.1.4281.27332 - Hewlett-Packard)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 6.0.0.0 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 7 Update 79 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
King Arthur's Gold (HKLM-x32\...\{643B056F-61C1-4489-9797-4D846D101A7A}) (Version: 0.95.428.0 - THD)
Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LCPD First Response (HKLM-x32\...\LCPD First Response) (Version: 1.0.0.0d - G17 Media)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.1.2 (HKLM-x32\...\{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}) (Version: 4.0.1.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MC-RP Setup (HKLM-x32\...\{0115E035-5A7B-4972-BC55-E639EE7E0749}) (Version: 2.1.0 - mc-rp)
Mein Radio (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\4d13c7785a7a8b30) (Version: 1.0.0.0 - Hewlett-Packard Company)
Mein Radio (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\4d13c7785a7a8b30) (Version: 1.0.0.0 - Hewlett-Packard Company)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4711.1002 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Note Block Studio version 3.2.1 (HKLM-x32\...\{84077DA9-3075-4AE5-BC82-345202B8CD4F}_is1) (Version: 3.2.1 - David Norgren)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Mod-MC (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Mod-MC) (Version: - )
Mod-MC (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mod-MC) (Version: - )
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MySQL Connector J (HKLM-x32\...\{5E91E205-AC15-4FA2-8A73-3CB5EC0E04A5}) (Version: 5.1.35 - Oracle Corporation)
MySQL Connector Net 6.9.6 (HKLM-x32\...\{71458704-E552-4A3E-8BFA-4F61C1F70724}) (Version: 6.9.6 - Oracle)
MySQL Documents 5.6 (HKLM-x32\...\{277FCB89-B03D-4A74-B9E6-97A4B07F691E}) (Version: 5.6.24 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{AC5A7E5E-629D-4A20-90D1-0FC2D426D7BF}) (Version: 5.6.24 - Oracle Corporation)
MySQL Fabric 1.6.1 & MySQL Utilities 1.6.1 (HKLM-x32\...\{5E11C144-6B3A-42A0-9646-7A80D565ECFF}) (Version: 1.6.1 - Oracle Corporation)
MySQL For Excel 1.3.4 (HKLM-x32\...\{A0352E65-6E78-48B3-B6D6-B3208E663249}) (Version: 1.3.4 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{7F30C2D9-2CEF-44FD-A2BA-C39DA3F7AD93}) (Version: 1.4.5.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero Burning ROM 2014 (HKLM-x32\...\{C9F54777-001E-41F6-83F8-B99A19EA5083}) (Version: 15.0.05600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PBO Manager v.1.4 beta (HKLM-x32\...\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}) (Version: 1.4.0 - )
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.95 - PDF Complete, Inc)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version: - )
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version: - Prism Studios)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.6207 - CyberLink Corp.) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 2.7 pygame-1.9.1 (HKLM-x32\...\{5D13804A-67B7-49DA-9B15-65B70A83B9C3}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 2.7.7 (64-bit) (HKLM\...\{049CA433-77A0-4e48-AC76-180A282C4E11}) (Version: 2.7.7150 - Python Software Foundation)
Python 3.3.2 (HKLM-x32\...\{92389DE9-939E-341B-A076-1D52D7DBCA71}) (Version: 3.3.2150 - Python Software Foundation)
Python 3.3.3 (64-bit) (HKLM\...\{E9D90870-AB19-32A8-AA93-F8348BA21D05}) (Version: 3.3.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samplitude Pro X Silver (HKLM-x32\...\MAGIX_{86460AB2-75D3-400D-B9A8-232EC729192E}) (Version: 12.0.2.115 - MAGIX AG)
Samplitude Pro X Silver (Version: 12.0.2.115 - MAGIX AG) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{1AEEC74F-4B4B-46E5-A124-A728EC02DF7F}) (Version: 1.47.1.11067 - ReSoft Ltd.) <==== ATTENTION
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Spotify (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version: - sparsevector)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Escapists (HKLM-x32\...\Steam App 298630) (Version: - Mouldy Toof Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version: - Redlynx Ltd)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EEB9EFDE-ED91-11E2-91A8-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
x64 Components v4.1.6 (HKLM\...\Advanced x64Components_is1) (Version: 4.1.6 - Shark007)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2013-11-09 08:22 - 00000856 ____A C:\windows\system32\Drivers\etc\hosts
10.0.0.1 activate.adobe.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {041AC71C-2E83-41A3-9554-505E9BC16A5E} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {06DC07AE-E4AD-43C7-A24E-36F63BF63935} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Adrian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {0ADC71B8-807C-4136-A3A1-A2C3E0D084BC} - System32\Tasks\HPCeeScheduleForAdrian => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1B2201A4-4B21-4025-B055-C91AB2D0B29E} - System32\Tasks\{2B544749-C5E0-4CB9-A076-C8F05F2E49BF} => pcalua.exe -a C:\Users\Adrian\Desktop\Setup.exe -d C:\Users\Adrian\Desktop
Task: {1F1D4F11-089A-4AF6-810E-480C83C2DFEE} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {26C3BDE7-D28F-40C5-AD50-122105E7002A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {27FC4DFF-9139-46D8-9BF7-CE891B4C2E1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {334F62A1-14D5-4AD7-9D9D-185FAF306C5E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {337E307F-1DDD-4EF0-8D40-F5EFCEB32DBA} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {3642C4C0-3B98-4160-A064-39ED0869F341} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {4DADD9CC-035A-406B-A423-6B9555ACE9A8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {55DC6AA8-CFC9-4392-891B-F9C3B1BD7EA3} - System32\Tasks\SERVER
Task: {5B077394-0B98-480C-87C3-0C240709CD75} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {5DE5203F-8628-4E1A-AF35-4C4678BB1EF7} - System32\Tasks\{E6EA3E45-7165-40A4-9FC3-83B36A2E9B84} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {61F768E0-7D8A-450F-AFD5-00F08BB5DCC2} - System32\Tasks\PaysafeCard in Portal2 Hülle!!!
Task: {631DD178-9898-4117-A534-A74C057FEA18} - System32\Tasks\MySQL\Installer\ManifestUpdate => c:\program files (x86)\mysql\mysql installer for windows\mysqlinstallerconsole.exe [2015-03-29] (Oracle Corporation)
Task: {698904AF-BD7C-43A6-A791-A640E6913B5D} - System32\Tasks\avastBCLRestartS-1-5-21-1501557853-1401194567-1476615106-1000 => Firefox.exe
Task: {6B2959FE-F5FF-41E9-A669-AF05D5320A10} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {6D1AFA16-BF1F-4D69-B875-95745F2DF63C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-21] (Microsoft Corporation)
Task: {81CD89CF-09B7-4ED3-BFB9-4B8EB8437EB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {8230EFE9-711B-4354-98E1-57115D150942} - System32\Tasks\NCH Software\PrismSevenDays => C:\Program Files (x86)\NCH Software\Prism\Prism.exe
Task: {82B4103C-9A1A-4AEC-90A3-BE60C56A9082} - System32\Tasks\GAMIANO GEWINNSPIEL!
Task: {8604EB66-6E7D-4936-A784-64AC3EA48886} - System32\Tasks\WICHTIG
Task: {8EA51C4D-D3C9-439C-AB09-F5AE20B1157E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9101B909-7E8B-4996-8107-7247FB2E333F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)
Task: {91DC1A61-7372-4CF2-B2D9-E0A5648D2343} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)
Task: {931A1AD6-0FAC-45BC-AC61-21C7DD92229E} - System32\Tasks\NCH Software\ExpressBurnSevenDays => C:\Program Files (x86)\NCH Software\ExpressBurn\ExpressBurn.exe
Task: {94E9226C-97F0-4AF1-9274-A581A54DCC1B} - System32\Tasks\update-S-1-5-21-1501557853-1401194567-1476615106-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {9AAA1E7E-ACAA-43FD-889C-C7A16220C851} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9B36A057-A3D2-4345-A3B2-53106925BC34} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {9B867FDC-FEEE-4B88-9456-EB8F2D6B0363} - System32\Tasks\Start => C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
Task: {A459918B-B947-46D1-BFBF-D9D579DE4512} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Roland => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {A61FD028-E47B-4D5E-A476-9E9BE7E65B2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {B21DCAB4-B6D3-44F3-ABDC-B9637ABD7E00} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B5B4D891-6588-4B0A-92E5-365D3BCE4B0C} - System32\Tasks\DUC => C:\Program Files (x86)\No-IP\DUC40.exe
Task: {B83B0121-745B-4DE4-8C17-CBA638E82C2D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-02-17] ()
Task: {B972E0F9-134A-471C-BF1E-EBC4F7E86496} - System32\Tasks\{E89F20C8-6676-4864-9408-C01E0C2755AF} => pcalua.exe -a "C:\Program Files (x86)\GTA IV Vehicle Mod Installer\v1.5\gtaivvmi.exe" -d "C:\Program Files (x86)\GTA IV Vehicle Mod Installer\v1.5"
Task: {BB9F7843-A597-4CE1-9E5E-2E77079141D1} - System32\Tasks\{E043DE6B-9827-4807-9472-69EDE4CEDB0E} => C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe [2014-01-07] (Ubisoft Entertainment.)
Task: {CF789FA9-E7EC-4217-9CD3-296B9552F25E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E366872B-3E2A-4C8E-B1CB-7BE3E0101987} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01] (Adobe Systems Incorporated)
Task: {EFF15A10-9722-4D58-AD11-9C48EE1F8A62} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {F1E040D6-34C6-40D7-866E-286F0C380210} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForAdrian.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2012-06-15 01:58 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-02 17:18 - 2015-06-02 17:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-09-15 10:59 - 2012-08-01 15:44 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll
2015-03-31 09:53 - 2015-03-19 23:33 - 00736962 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-04-21 17:04 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-04-05 13:49 - 2014-10-02 16:24 - 00076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 15:07 - 2014-09-21 09:06 - 00102344 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 15:07 - 2014-09-21 09:06 - 00108488 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 15:10 - 2014-09-21 09:06 - 00563656 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 15:10 - 2014-09-21 09:06 - 00579016 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2015-05-17 20:24 - 2015-05-17 20:24 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-17 20:24 - 2015-05-17 20:24 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-01 13:36 - 2015-07-01 13:36 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15070100\algo.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-13 16:52 - 2015-06-17 11:10 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 14:41 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 14:41 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 14:41 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 14:59 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-25 08:39 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-06-02 17:18 - 2015-06-02 17:18 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-03-19 15:23 - 2015-03-19 15:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-18 14:08 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-18 14:08 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2013-02-19 12:48 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\Users\Adrian\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Adrian\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Adrian\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Adrian\AppData\Roaming:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1501557853-1401194567-1476615106-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7725DE89-E83F-4BAB-B960-3184D07C10D3}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [{C56BE747-D7D9-405F-B6DC-1F2B8FB170B9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{B805765A-3445-44AB-B66A-E99526A6EFD1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{74B8F962-14AF-47E3-B4F5-9EE44DC56893}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8E2387B-6CE2-43D0-84F8-94B85C41BAF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4E346773-872D-491B-B087-6C5FE3CC2ED1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5767F5B3-ECEE-46BB-BCAA-F38BF9050775}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E0FC6BB-7068-4B6F-B65B-FC6F549E2D01}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C5F7B186-2702-4B3A-AA96-D7E1C085739E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2DEF6007-2AD3-44DB-B3DD-5E8BCF11F774}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{AE19D90D-8E24-4F00-9C5A-EF2F4664A12A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{41BD13B0-6E06-411E-95E8-A6A5C1FC10F6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{EC382866-8441-4B7B-8B16-C153BC1646A4}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{69A3602A-D727-4FC1-A7E2-61569D006923}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{E3655670-0721-46B5-A6B7-D70F3A983568}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{0938812A-7DED-41BC-8358-86939A56B552}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{34EF15B3-95BB-4515-B44F-BACE39D9B957}] => (Allow) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{C47DA7AC-02E6-4A35-B4AD-9629C4228DD9}] => (Allow) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{AB40C52B-B1DD-4556-8D32-6FCE4AAEC1F2}] => (Allow) C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6B63423E-6CFF-4398-9185-EDC135215FC8}] => (Allow) C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{CAD9D6D8-793C-4210-9153-20123064028D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{637F538C-A56C-42B9-B6A1-4DCE6CC6ECA9}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{998CD0DC-C563-4D14-AA37-A73A1D2419FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{5342D3C2-D9D1-4BDC-8CF7-AE1FB9037D3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{5F9887C1-4E6A-4C22-8E08-C118EC71E1AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{FCEE714A-FB37-454C-8B3A-C4C80AB56157}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{32505978-7C0F-4ADF-8FC5-10706CAD98BF}] => (Allow) C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7CA689AD-2342-4865-A892-106015C8F4F8}] => (Allow) C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AF51A93D-60E6-400F-88D7-CDA2FC66FBA9}C:\users\adrian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adrian\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8533760E-43EB-4492-9865-36330F82EB81}C:\users\adrian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adrian\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8F3EED5C-288A-457D-98BA-B39C02BE7EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{396285FC-4B7A-472F-A666-F71691BDBE41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4E948EEB-1484-49FA-A012-4801BA30788D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{79AEE65C-DA83-49CC-B8F4-9DDBEB66BD00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E963F82B-07D0-4AEA-AFBC-C7F30B0B59A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4106D859-3300-42CE-A9F9-93A55B3CD1E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1CF0E882-6F4B-44BD-8C84-77C6396C1D37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E2241544-C2BE-48C3-8F36-6C64E4070B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B4D9AC2F-C060-4ACD-BA82-E3AE61110F3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{AF4304B8-C7D5-4DAF-B3F9-3FE10A8C9E85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{AB658D72-0EAD-415E-9F96-3326478009BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{3D00E488-ADB4-4A83-B8BA-42F227465435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{33499D7C-59E6-489F-899C-21336D4475DC}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{AAADD60B-1110-47A3-8D4E-CEFBE5B28989}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{C15D3FC8-C272-4E47-90AE-0490A274B949}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{5560E43F-05F7-49AD-954F-EB5B178D82E8}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{139662F9-FC74-485F-A2A3-1FE8C4F93DBD}] => (Allow) LPort=5353
FirewallRules: [{57F05CF8-97F3-47EB-8F19-33D03EC86641}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{7B8041C9-7199-4D08-9BEE-F632AE8337DC}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{D19D4D27-657A-466A-AEAD-FA7ED3ECF410}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{F332566E-4F8F-4D59-905E-758A95D4FA91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DA340EC9-1D6E-425E-A991-63068AB0B1A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9CA84589-D26E-4252-B259-3FE3ED612479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E66F7C9C-F737-4BA5-A2AA-68BCE9583622}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9E2B167-FFAD-4E31-8396-08412ED67084}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{173906CC-5AF9-425A-BC0B-0A068C2E77EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E713AFAB-7A23-43E3-AD25-3228A9D1264F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6399EF50-8D00-4BBC-A0A1-1D08F3348C8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{C260E583-E366-41A5-AE3D-AC2100C9E1E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C78F265E-8FBF-4B69-BBE9-042AA2F9B88D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{7BFBB678-C0DC-42DA-937C-6E2817EF0B5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{10665EEA-0E26-47FE-AB5C-4940F8D391B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{476CA168-75E4-41E4-B26F-01F046718385}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4BE04311-EB97-45C6-B699-70499B211DCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{6AA415F3-8C11-496E-A5F1-FE20E2914E0F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{394F1F83-D77A-4232-AF37-DDDE3F06EFC8}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B0DF2AB0-70DA-4C53-BD08-D45D4A58938A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF11AAF-A126-4DAA-8817-024DC70F8C3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{87A957D0-58F1-4271-82EB-D4C6E1B6CC14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7672E71B-F416-450E-8305-77BE503FAD68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9A2E237D-AB79-4747-A42B-0A852FD360E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{FB1D3B69-EBBC-4849-AA00-AC9F7C1C2278}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{56C72EDB-DFB2-451D-8FF9-AC049E83551F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{8FCCB769-E062-4ECD-B8AE-5837031DAB1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{2AB5D71E-D662-4062-8D44-26F41ABFD0CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{C92760AB-A7CC-43ED-824B-542E321D53F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [TCP Query User{5C3296CA-31DD-4E8F-82CD-32F3463559F8}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [UDP Query User{29E77F18-289A-4947-97FA-F1818493880B}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [{22209C58-B94B-4536-B06C-AB5883FDF9F9}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{7E73E6E8-9EDD-472D-9642-7FAE4FC7761C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{C91119AE-F1BC-4D85-BC32-234CA157257B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{6B55690F-21AB-4D02-B25A-56694F67468B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [TCP Query User{189D7521-6549-45BA-A10C-229E77BD64AD}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{BA0903AA-3E21-4F14-AB46-DEFAA8F2F7B2}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{6DBEC91E-8637-4408-9994-0A1A37E6105D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{52F34E45-7D18-4111-AA05-963BF4E1479B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{8A6D7E74-EA75-4DDE-B544-41C4E659665D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{762E4113-F0DC-4779-9F2B-E0FAAABDF617}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{146919FF-1602-4DA7-B341-1C8C9D13684C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BridgeConstructor\BridgeConstructor.exe
FirewallRules: [{C94D4FF6-AD86-4BE0-B314-D81C18519E86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BridgeConstructor\BridgeConstructor.exe
FirewallRules: [{52A53501-046E-4372-84BF-A9B3A732A92B}] => (Allow) C:\Program Files (x86)\Brick-Force\BfLauncher.exe
FirewallRules: [{F3F06992-ED76-46F5-910A-8805CFB0B638}] => (Allow) C:\Program Files (x86)\Brick-Force\BrickForce.exe
FirewallRules: [{5BDA46F9-4D26-4F10-9620-AF8AF6D8CCB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A62D5167-2E1B-45E0-AEAB-A77A964D4892}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{70E8A62D-48AC-49F9-B354-06EAB06A765E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{26F8BD50-F655-4FC6-9D39-FA4CCD9AAC07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{FEAB6A70-00BE-40C9-BD70-82A3E5C9B188}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8C141BBD-58C9-467D-9848-8EAAF1FC0BB0}] => (Allow) LPort=2869
FirewallRules: [{719D9BB2-CB0D-49A9-B1C1-729C5474CC77}] => (Allow) LPort=1900
FirewallRules: [{CD2D6934-42CE-4D82-9D5E-5555CCD22B0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{2B2E2F5E-231B-4143-BD6F-C15B81CBA8A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{7DA7A065-F4E9-444E-9259-6620EF4ECDFB}C:\users\adrian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adrian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CA15F759-FEA4-46A6-A52C-A7085859165D}C:\users\adrian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adrian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3692B34A-1607-4AA1-81D7-554C028A445E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E5A71671-CB7F-4751-BDD9-603949C1A172}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{321D86F8-56EC-491C-A1FF-1349A525D509}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{3B6DB4E0-65A3-43CC-AF91-A980F62CBD07}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{5557BD66-2409-4F2C-A3E8-2EDF5BBBE279}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{34832F51-133E-4E40-9EF3-C738B3E43A16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{1F34037F-8B4C-460D-9A64-160B9B699E9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{3A849086-4E3A-4DEE-93CF-C5041AC28C28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{CB0A3944-4DB5-4D9E-9B42-CC841C92B03B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{BB361EB2-2517-44A8-BA69-BE283A829621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [TCP Query User{C50B81B0-F0CF-455E-A5FA-75C3C43FE778}C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{67CFD63B-6BF1-479E-8C7F-71042F420ABA}C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [{08665BE5-08B1-4FF5-8F78-A8AB2968D6C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{6639D13C-656E-4284-8A1B-8D4806EBD300}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{878D3DD1-336B-4145-A0D8-D0F237FBC43D}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{8811FA59-1250-4E07-82D2-8A07AC1876A5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{49180D1C-E43C-424D-9D93-958C0F28C43C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{724CE73C-6007-4C5A-9A6B-787F97FC7BEC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [TCP Query User{B37D49DA-7616-4B4E-BFDD-802C089B2ACE}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{57C7E261-C832-4846-AE6F-9B4E72018584}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{E377194F-6B8D-49A9-90EA-0D4A5A956421}C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe
FirewallRules: [UDP Query User{7978E998-2FA6-48E1-B199-31E8ED39F2FC}C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe
FirewallRules: [{B413F2FC-4698-4EA6-A374-745552BBC774}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{10DF6214-9844-4AD5-95D0-941BFC7D7E22}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{AA819EC6-3F82-4AAB-8176-FE09013BDAAA}C:\pylo\mcreator149\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator149\jdk\bin\java.exe
FirewallRules: [UDP Query User{2F723A8F-C93E-4C36-BD33-8B48A5889648}C:\pylo\mcreator149\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator149\jdk\bin\java.exe
FirewallRules: [{4CC77073-C5C2-49EF-8B37-4C1F79046576}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{50EC1D90-0FA1-4DA4-899E-E80E01201A94}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{2FAFE501-CB20-408F-9F26-ACAE1F6FE920}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{92142424-EC09-4349-8B98-41AE05C0E66C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3799D8FD-8437-4CB4-8473-58B20B5A850B}C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe
FirewallRules: [UDP Query User{69ADB191-09B6-4581-B9FA-308530A4BCCC}C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe
FirewallRules: [{69AA04D8-7B14-43BC-921E-47B1ED61854E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{83C53085-7214-4CEC-8B0B-04CE6E8A145E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{2FBE2A57-28AA-4A34-A80A-B4F77FF32EA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{3DAF6ECE-1BB5-4145-8825-A25ED441B212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{9F903F5B-3475-4D4F-ABC5-E7BE93F5873A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F0804D8E-D099-43B8-8D0A-DF2FC660F48D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3052E117-8836-4C8C-8179-F67D7A1968FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{42035716-DDBB-4E58-A34E-9F6C1F469E03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{94C26BC9-5E85-44B7-9854-4DD45A8A6D8D}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{52299794-2CE7-4B21-87CD-4DDB42C3272D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{93E7D721-2482-43FF-86CC-5728C5483BDC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C5BFE56-C37D-48CF-A38D-2FBF3EA2265E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4B624882-21EE-4935-9068-EB8A5E3D2579}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{000A36FD-FF4D-48AC-9CD2-C5E0D4E61376}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{A7D0850B-CAFA-4F2A-AE35-47DAD1E13033}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{7D6F8545-4D2D-422F-8952-0512FE9077D8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{4596D5DC-AB37-4592-8ECD-9D7770801E72}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{8C729E3E-4444-4B01-B928-A697EF2D793D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{9E7FF24A-44E7-4188-8424-A9B5B2E988D7}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{E132DFF6-7075-4DE8-BDB6-3D3310A446A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{DB7B89FD-B222-40ED-BC98-51022AD43AC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{F3A23186-2122-4E82-B6EA-6D7686EB28F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{C86045CB-B5A2-44A4-B589-C93124C89414}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{149585E9-5868-434D-8BF1-C70046E154CF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{129A03C7-1CD8-4B1D-81BD-98E07E3F3E9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{8739D6F5-C7F6-4F6C-BC1A-FCCD10DE8920}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{5F2FA9C8-F6EC-4AAB-BFFF-D97B23F5BC8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{F6FE675F-D33F-46D1-B4C9-223BD92ACBE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{B4FCCA00-E4C1-4A9E-8372-BC92F2DD7B28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [TCP Query User{EA6D42E3-F35B-467E-A3AA-55D9E8CAE726}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{A7DD2141-8A45-489B-AFFB-57A05229F3AD}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{F212B33B-31FA-4F06-91F4-ED042CA73673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B2854B13-4054-462B-8C5D-9E792D4F1763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{99BEBAFD-80BA-4E63-96AC-BA8ADDFB315D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{4BB0F19D-E19A-4A06-9DCC-C6AD08E1FBD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{C1144C6E-CDC3-48FE-A893-F2362900B24D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4AA7C2FC-6F54-47F7-A4B5-A1E1AE21A033}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4D7CA139-6DBE-4BF2-B0A9-F57972BA74B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2F232AE0-0C28-404F-8425-22610C051E5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AC180EF4-C0BF-4B73-95F2-2C7F679F840E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BC6983BB-E0AC-44FF-99A9-7DECBC999C53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{099D57FF-548F-482A-97C4-5D7D1D7DF301}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{030813A3-143C-429F-865C-592013D48B51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{2E2F7D48-E6C5-4AB8-A0DF-324420761B21}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F0941AF2-DD9F-4798-9F93-5FE5DFAAD340}] => (Allow) C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A56F683D-C3C5-4289-9628-D8E752BF8E66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{686FBA29-FF54-4CA1-916A-15F40238DAC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{72C34A5B-1EEC-4589-B760-4687C5C68B83}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{224E577A-3FDF-46BB-9230-35D35505A82B}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{5F5C282C-FE93-42DB-BB20-1CC29DF4957E}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2DEACC97-D40B-45E4-BD9E-D5FCFD100FAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{973ECF3D-9FB5-4413-BC6F-EE83F99E2F58}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{60CC3B70-2E81-461D-B372-84801A31B1C6}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{2CF76AFB-F847-42EE-ABC8-94316C6D89E1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{55C299BD-57DC-4764-995E-501BFAA0FAE3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{19641893-ADED-4838-8290-7FC5A4473A40}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{1404C65F-6854-43F6-A727-B3CD0376C895}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{E7AA8B43-40A2-4B2F-ACB7-1C37B424A521}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{EF888B35-708A-4731-A198-E0D0A376B784}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{952D2CF4-95A6-4E41-82FC-3CDAC45EA374}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{ED546795-7DB0-4A7C-913F-6E48102F59EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B8D97A83-009B-4717-8352-A864625E8710}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8E1A5031-0E76-484F-9AC0-7FAA14F41F85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{596F879B-2FB8-4296-9FC2-FC7C1EA2D8E2}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
FirewallRules: [{AF3621B2-AD70-461B-BB17-020DA0235F1B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{127475BA-12A2-43B3-B55E-FE8082B5A684}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{57F5CC14-9CD5-41A8-9B6D-ECEFF5DCB6F0}C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe] => (Allow) C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe
FirewallRules: [UDP Query User{BDB24747-9CE5-4AB2-94E9-69D842869416}C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe] => (Allow) C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe
FirewallRules: [{7E2F8A72-D0E5-4CCE-A0C5-EBB3657D5101}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FF62ABC-32B9-47F6-9A4F-928AFA3ED621}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{CB690175-4ABC-45F7-BB70-13D8404A683A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7D1D7A34-8E9D-4CB3-9A14-97CE04163F8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B03FD55B-6314-4B9C-B89B-E68B13634E9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{64184ECF-DAE3-4802-BBDE-FC23763E9227}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/01/2015 02:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 147c
Startzeit: 01d0b3f9bfb94b45
Endzeit: 4
Anwendungspfad: C:\Program Files (x86)\Steam\steam.exe
Berichts-ID: 361dc56a-1fed-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:29:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 738
Startzeit: 01d0b3f799d255de
Endzeit: 6
Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
Berichts-ID: d44138a6-1fec-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:15:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b48
Startzeit: 01d0b3f723b1ce43
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
Berichts-ID: d56ea64b-1fea-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:11:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17e0
Startzeit: 01d0b328f699ab83
Endzeit: 9
Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
Berichts-ID: 55cafba8-1fea-11e5-ba37-80c16ee1eaf7
Error: (06/29/2015 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 8.0.45.15, Zeitstempel: 0x554287ba
Name des fehlerhaften Moduls: awt.dll, Version: 8.0.45.15, Zeitstempel: 0x55428cbf
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000024a30
ID des fehlerhaften Prozesses: 0x2f4
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3
Error: (06/29/2015 05:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 8.0.45.15, Zeitstempel: 0x554287ba
Name des fehlerhaften Moduls: awt.dll, Version: 8.0.45.15, Zeitstempel: 0x55428cbf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000024a30
ID des fehlerhaften Prozesses: 0x2f4
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3
Error: (06/29/2015 05:16:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.45.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f7c
Startzeit: 01d0b27ad733b9f9
Endzeit: 37
Anwendungspfad: C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe
Berichts-ID: b919b117-1e71-11e5-a5e4-80c16ee1eaf7
Error: (06/29/2015 01:47:59 PM) (Source: ESENT) (EventID: 439) (User: )
Description: DllHost (5888) WebCacheLocal: Die Shadowkopfzeile für Datei C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk konnte nicht geschrieben werden. Fehler -1032.
Error: (06/29/2015 01:47:59 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (5888) WebCacheLocal: Versuch, Datei "C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (06/29/2015 01:46:31 PM) (Source: ESENT) (EventID: 439) (User: )
Description: DllHost (5888) WebCacheLocal: Die Shadowkopfzeile für Datei C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk konnte nicht geschrieben werden. Fehler -1032.
System errors:
=============
Error: (07/01/2015 03:41:31 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007041d
Error: (07/01/2015 03:41:30 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (07/01/2015 03:41:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/01/2015 03:41:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Modules Installer erreicht.
Error: (07/01/2015 03:39:17 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (07/01/2015 03:39:17 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (07/01/2015 03:39:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2147024894
Error: (07/01/2015 03:38:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (07/01/2015 03:38:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (07/01/2015 03:38:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office:
=========================
Error: (07/01/2015 02:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: steam.exe2.81.34.6147c01d0b3f9bfb94b454C:\Program Files (x86)\Steam\steam.exe361dc56a-1fed-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:29:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.673801d0b3f799d255de6C:\Program Files (x86)\Steam\Steam.exed44138a6-1fec-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:15:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.6b4801d0b3f723b1ce4315C:\Program Files (x86)\Steam\Steam.exed56ea64b-1fea-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:11:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.617e001d0b328f699ab839C:\Program Files (x86)\Steam\Steam.exe55cafba8-1fea-11e5-ba37-80c16ee1eaf7
Error: (06/29/2015 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe8.0.45.15554287baawt.dll8.0.45.1555428cbfc000041d0000000000024a302f401d0b281c47fd524C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeC:\Program Files\Java\jre1.8.0_45\bin\awt.dll10edd01d-1e75-11e5-a5e4-80c16ee1eaf7
Error: (06/29/2015 05:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe8.0.45.15554287baawt.dll8.0.45.1555428cbfc00000050000000000024a302f401d0b281c47fd524C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeC:\Program Files\Java\jre1.8.0_45\bin\awt.dll04947803-1e75-11e5-a5e4-80c16ee1eaf7
Error: (06/29/2015 05:16:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.45.15f7c01d0b27ad733b9f937C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeb919b117-1e71-11e5-a5e4-80c16ee1eaf7
Error: (06/29/2015 01:47:59 PM) (Source: ESENT) (EventID: 439) (User: )
Description: DllHost5888WebCacheLocal: C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032
Error: (06/29/2015 01:47:59 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost5888WebCacheLocal: C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (06/29/2015 01:46:31 PM) (Source: ESENT) (EventID: 439) (User: )
Description: DllHost5888WebCacheLocal: C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032
CodeIntegrity Errors:
===================================
Date: 2014-09-12 21:39:01.968
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:39:01.898
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:53.081
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:53.009
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:47.742
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:47.612
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:33.071
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:32.991
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:26.396
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:26.326
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 48%
Total physical RAM: 8148.01 MB
Available physical RAM: 4223.8 MB
Total Pagefile: 16294.23 MB
Available Pagefile: 11576.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:287.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:16.88 GB) (Free:2.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5F651316)
Partition: GPT Partition Type.
==================== End of log ============================
Nachdem ich mbam am PC habe, hab ich es mal drüber laufen lassen: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.07.2015 Suchlaufzeit: 17:38 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.01.03 Rootkit-Datenbank: v2015.06.30.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Adrian Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 652793 Abgelaufene Zeit: 1 Std., 17 Min., 12 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1501557853-1401194567-1476615106-1002\SOFTWARE\AskPartnerNetwork, , [07903e9e167461d5d6e4f70332d118e8], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 3 PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh, , [286f9b41c9c149ed515af1f233d044bc], PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1, , [286f9b41c9c149ed515af1f233d044bc], PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata, , [286f9b41c9c149ed515af1f233d044bc], Dateien: 2 PUP.Optional.DownloadGuide.A, C:\Users\Roland\AppData\Local\Temp\ICReinstall_syncios_CB-DL-Manager.exe, , [583fdffd4d3d14220f1079ef3ec46c94], PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata\verified_contents.json, , [286f9b41c9c149ed515af1f233d044bc], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
02.07.2015, 13:41
| #5 |
| /// the machine /// TB-Ausbilder | Taskmanager blockiert, consent.exe 6x offen Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.07.2015, 17:09
| #6 |
| | Taskmanager blockiert, consent.exe 6x offenCode:
ATTFilter 18:07:00.0721 0x1ca8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:07:00.0721 0x1ca8 UEFI system
18:07:03.0350 0x1ca8 ============================================================
18:07:03.0350 0x1ca8 Current date / time: 2015/07/02 18:07:03.0350
18:07:03.0350 0x1ca8 SystemInfo:
18:07:03.0350 0x1ca8
18:07:03.0350 0x1ca8 OS Version: 6.1.7601 ServicePack: 1.0
18:07:03.0350 0x1ca8 Product type: Workstation
18:07:03.0350 0x1ca8 ComputerName: ADRIAN
18:07:03.0351 0x1ca8 UserName: Adrian
18:07:03.0351 0x1ca8 Windows directory: C:\windows
18:07:03.0351 0x1ca8 System windows directory: C:\windows
18:07:03.0351 0x1ca8 Running under WOW64
18:07:03.0351 0x1ca8 Processor architecture: Intel x64
18:07:03.0351 0x1ca8 Number of processors: 4
18:07:03.0351 0x1ca8 Page size: 0x1000
18:07:03.0351 0x1ca8 Boot type: Normal boot
18:07:03.0351 0x1ca8 ============================================================
18:07:06.0252 0x1ca8 KLMD registered as C:\windows\system32\drivers\03118030.sys
18:07:06.0740 0x1ca8 System UUID: {C5BBC012-E61A-6555-9D7F-54887ABD7C9B}
18:07:07.0389 0x1ca8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:07:07.0400 0x1ca8 ============================================================
18:07:07.0400 0x1ca8 \Device\Harddisk0\DR0:
18:07:07.0406 0x1ca8 GPT partitions:
18:07:07.0406 0x1ca8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E7078520-8C2A-4712-B801-B9078A46E65E}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
18:07:07.0406 0x1ca8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2751E180-4CEF-4361-8DD0-BA7513A96107}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
18:07:07.0406 0x1ca8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {ED9B8358-843B-4604-B799-E42CA27AFDEE}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x724D0800
18:07:07.0407 0x1ca8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DDB4A47B-E17A-459D-850B-3DC746F120F9}, Name: Basic data partition, StartLBA 0x72543000, BlocksNum 0x21C3800
18:07:07.0407 0x1ca8 MBR partitions:
18:07:07.0407 0x1ca8 ============================================================
18:07:07.0421 0x1ca8 C: <-> \Device\Harddisk0\DR0\Partition3
18:07:07.0469 0x1ca8 D: <-> \Device\Harddisk0\DR0\Partition4
18:07:07.0469 0x1ca8 ============================================================
18:07:07.0469 0x1ca8 Initialize success
18:07:07.0469 0x1ca8 ============================================================
18:07:15.0710 0x0f4c ============================================================
18:07:15.0710 0x0f4c Scan started
18:07:15.0710 0x0f4c Mode: Manual;
18:07:15.0710 0x0f4c ============================================================
18:07:15.0710 0x0f4c KSN ping started
18:07:38.0424 0x0f4c KSN ping finished: true
18:07:40.0132 0x0f4c ================ Scan system memory ========================
18:07:40.0132 0x0f4c System memory - ok
18:07:40.0132 0x0f4c ================ Scan services =============================
18:07:40.0241 0x0f4c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:07:40.0245 0x0f4c 1394ohci - ok
18:07:40.0277 0x0f4c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:07:40.0283 0x0f4c ACPI - ok
18:07:40.0292 0x0f4c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:07:40.0294 0x0f4c AcpiPmi - ok
18:07:40.0339 0x0f4c [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs C:\windows\system32\drivers\adfs.sys
18:07:40.0341 0x0f4c adfs - ok
18:07:40.0425 0x0f4c [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:07:40.0430 0x0f4c AdobeFlashPlayerUpdateSvc - ok
18:07:40.0505 0x0f4c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
18:07:40.0513 0x0f4c adp94xx - ok
18:07:40.0552 0x0f4c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
18:07:40.0558 0x0f4c adpahci - ok
18:07:40.0570 0x0f4c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
18:07:40.0573 0x0f4c adpu320 - ok
18:07:40.0605 0x0f4c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:07:40.0607 0x0f4c AeLookupSvc - ok
18:07:40.0639 0x0f4c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
18:07:40.0649 0x0f4c AFD - ok
18:07:40.0658 0x0f4c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
18:07:40.0660 0x0f4c agp440 - ok
18:07:40.0679 0x0f4c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
18:07:40.0681 0x0f4c ALG - ok
18:07:40.0711 0x0f4c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
18:07:40.0712 0x0f4c aliide - ok
18:07:40.0718 0x0f4c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
18:07:40.0719 0x0f4c amdide - ok
18:07:40.0736 0x0f4c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
18:07:40.0738 0x0f4c AmdK8 - ok
18:07:40.0752 0x0f4c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
18:07:40.0754 0x0f4c AmdPPM - ok
18:07:40.0781 0x0f4c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:07:40.0784 0x0f4c amdsata - ok
18:07:40.0801 0x0f4c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
18:07:40.0805 0x0f4c amdsbs - ok
18:07:40.0816 0x0f4c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
18:07:40.0818 0x0f4c amdxata - ok
18:07:40.0860 0x0f4c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\windows\system32\drivers\appid.sys
18:07:40.0862 0x0f4c AppID - ok
18:07:40.0885 0x0f4c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:07:40.0887 0x0f4c AppIDSvc - ok
18:07:40.0902 0x0f4c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
18:07:40.0904 0x0f4c Appinfo - ok
18:07:40.0943 0x0f4c [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:07:40.0945 0x0f4c Apple Mobile Device - ok
18:07:40.0974 0x0f4c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
18:07:40.0976 0x0f4c arc - ok
18:07:40.0988 0x0f4c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
18:07:40.0991 0x0f4c arcsas - ok
18:07:41.0056 0x0f4c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:07:41.0057 0x0f4c aspnet_state - ok
18:07:41.0088 0x0f4c [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid C:\windows\system32\drivers\aswHwid.sys
18:07:41.0090 0x0f4c aswHwid - ok
18:07:41.0118 0x0f4c [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
18:07:41.0120 0x0f4c aswMonFlt - ok
18:07:41.0153 0x0f4c [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
18:07:41.0155 0x0f4c aswRdr - ok
18:07:41.0200 0x0f4c [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
18:07:41.0202 0x0f4c aswRvrt - ok
18:07:41.0235 0x0f4c [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
18:07:41.0253 0x0f4c aswSnx - ok
18:07:41.0317 0x0f4c [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP C:\windows\system32\drivers\aswSP.sys
18:07:41.0324 0x0f4c aswSP - ok
18:07:41.0349 0x0f4c [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm C:\windows\system32\drivers\aswStm.sys
18:07:41.0352 0x0f4c aswStm - ok
18:07:41.0374 0x0f4c [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
18:07:41.0379 0x0f4c aswVmm - ok
18:07:41.0399 0x0f4c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:07:41.0400 0x0f4c AsyncMac - ok
18:07:41.0422 0x0f4c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
18:07:41.0423 0x0f4c atapi - ok
18:07:41.0452 0x0f4c [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt C:\windows\system32\DRIVERS\atksgt.sys
18:07:41.0455 0x0f4c atksgt - ok
18:07:41.0484 0x0f4c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:07:41.0496 0x0f4c AudioEndpointBuilder - ok
18:07:41.0516 0x0f4c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
18:07:41.0527 0x0f4c AudioSrv - ok
18:07:41.0588 0x0f4c [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:07:41.0595 0x0f4c avast! Antivirus - ok
18:07:41.0619 0x0f4c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
18:07:41.0622 0x0f4c AxInstSV - ok
18:07:41.0653 0x0f4c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
18:07:41.0662 0x0f4c b06bdrv - ok
18:07:41.0694 0x0f4c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
18:07:41.0699 0x0f4c b57nd60a - ok
18:07:41.0732 0x0f4c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
18:07:41.0734 0x0f4c BDESVC - ok
18:07:41.0745 0x0f4c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
18:07:41.0746 0x0f4c Beep - ok
18:07:41.0812 0x0f4c [ 9B6D239CE446D1B99122708F26714B21, 75508121470381BC9A81359B47B998C47893470E59D1135B4CCD5EE6396E04D8 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:07:41.0820 0x0f4c BEService - ok
18:07:41.0865 0x0f4c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
18:07:41.0877 0x0f4c BFE - ok
18:07:41.0917 0x0f4c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
18:07:41.0991 0x0f4c BITS - ok
18:07:42.0013 0x0f4c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
18:07:42.0015 0x0f4c blbdrive - ok
18:07:42.0067 0x0f4c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:07:42.0075 0x0f4c Bonjour Service - ok
18:07:42.0108 0x0f4c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:07:42.0110 0x0f4c bowser - ok
18:07:42.0134 0x0f4c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
18:07:42.0135 0x0f4c BrFiltLo - ok
18:07:42.0147 0x0f4c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
18:07:42.0148 0x0f4c BrFiltUp - ok
18:07:42.0166 0x0f4c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
18:07:42.0169 0x0f4c Browser - ok
18:07:42.0185 0x0f4c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:07:42.0190 0x0f4c Brserid - ok
18:07:42.0198 0x0f4c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:07:42.0199 0x0f4c BrSerWdm - ok
18:07:42.0202 0x0f4c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:07:42.0202 0x0f4c BrUsbMdm - ok
18:07:42.0205 0x0f4c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:07:42.0207 0x0f4c BrUsbSer - ok
18:07:42.0220 0x0f4c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
18:07:42.0221 0x0f4c BTHMODEM - ok
18:07:42.0252 0x0f4c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
18:07:42.0256 0x0f4c bthserv - ok
18:07:42.0323 0x0f4c [ A3AD13CA2747953DDD4C9AE4FB925BEC, 860FA3A04DE9DA0B19C625681E594713844F3401FEFD7C26A28C6C94BA6920C7 ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
18:07:42.0324 0x0f4c CalendarSynchService - ok
18:07:42.0349 0x0f4c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:07:42.0352 0x0f4c cdfs - ok
18:07:42.0384 0x0f4c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
18:07:42.0387 0x0f4c cdrom - ok
18:07:42.0401 0x0f4c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
18:07:42.0403 0x0f4c CertPropSvc - ok
18:07:42.0490 0x0f4c [ A2555605CD54DE880BDB6994B69DB617, D6827611C6AAA736DD5A1EC22D14A0E07BA33B59DE583DF1C3ACA00497FF6C6E ] chromoting C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
18:07:42.0492 0x0f4c chromoting - ok
18:07:42.0507 0x0f4c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
18:07:42.0508 0x0f4c circlass - ok
18:07:42.0541 0x0f4c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
18:07:42.0548 0x0f4c CLFS - ok
18:07:42.0648 0x0f4c [ DCB3A44B930C082B1AC3CED6EE535387, 705786D560554FEAF5702C00DF4E58C0BCE14DDD54F14A70D3AA95CFF5BC4AFF ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:07:42.0693 0x0f4c ClickToRunSvc - ok
18:07:42.0761 0x0f4c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:42.0763 0x0f4c clr_optimization_v2.0.50727_32 - ok
18:07:42.0801 0x0f4c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:07:42.0804 0x0f4c clr_optimization_v2.0.50727_64 - ok
18:07:42.0869 0x0f4c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:07:42.0872 0x0f4c clr_optimization_v4.0.30319_32 - ok
18:07:42.0881 0x0f4c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:07:42.0884 0x0f4c clr_optimization_v4.0.30319_64 - ok
18:07:42.0908 0x0f4c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\drivers\CmBatt.sys
18:07:42.0909 0x0f4c CmBatt - ok
18:07:42.0924 0x0f4c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
18:07:42.0925 0x0f4c cmdide - ok
18:07:42.0961 0x0f4c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
18:07:42.0970 0x0f4c CNG - ok
18:07:42.0985 0x0f4c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
18:07:42.0986 0x0f4c Compbatt - ok
18:07:43.0010 0x0f4c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
18:07:43.0011 0x0f4c CompositeBus - ok
18:07:43.0018 0x0f4c COMSysApp - ok
18:07:43.0022 0x0f4c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
18:07:43.0023 0x0f4c crcdisk - ok
18:07:43.0052 0x0f4c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\windows\system32\cryptsvc.dll
18:07:43.0056 0x0f4c CryptSvc - ok
18:07:43.0118 0x0f4c [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:07:43.0131 0x0f4c cvhsvc - ok
18:07:43.0161 0x0f4c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
18:07:43.0169 0x0f4c DcomLaunch - ok
18:07:43.0189 0x0f4c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
18:07:43.0195 0x0f4c defragsvc - ok
18:07:43.0211 0x0f4c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:07:43.0213 0x0f4c DfsC - ok
18:07:43.0243 0x0f4c [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
18:07:43.0246 0x0f4c dg_ssudbus - ok
18:07:43.0284 0x0f4c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
18:07:43.0290 0x0f4c Dhcp - ok
18:07:43.0359 0x0f4c [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\windows\system32\diagtrack.dll
18:07:43.0387 0x0f4c DiagTrack - ok
18:07:43.0404 0x0f4c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
18:07:43.0406 0x0f4c discache - ok
18:07:43.0437 0x0f4c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
18:07:43.0439 0x0f4c Disk - ok
18:07:43.0473 0x0f4c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:07:43.0477 0x0f4c Dnscache - ok
18:07:43.0495 0x0f4c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
18:07:43.0501 0x0f4c dot3svc - ok
18:07:43.0515 0x0f4c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
18:07:43.0519 0x0f4c DPS - ok
18:07:43.0545 0x0f4c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:07:43.0546 0x0f4c drmkaud - ok
18:07:43.0581 0x0f4c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:07:43.0598 0x0f4c DXGKrnl - ok
18:07:43.0629 0x0f4c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
18:07:43.0632 0x0f4c EapHost - ok
18:07:43.0706 0x0f4c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
18:07:43.0760 0x0f4c ebdrv - ok
18:07:43.0786 0x0f4c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\windows\System32\lsass.exe
18:07:43.0788 0x0f4c EFS - ok
18:07:43.0837 0x0f4c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:07:43.0849 0x0f4c ehRecvr - ok
18:07:43.0858 0x0f4c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
18:07:43.0861 0x0f4c ehSched - ok
18:07:43.0889 0x0f4c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
18:07:43.0898 0x0f4c elxstor - ok
18:07:43.0901 0x0f4c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
18:07:43.0902 0x0f4c ErrDev - ok
18:07:43.0941 0x0f4c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
18:07:43.0947 0x0f4c EventSystem - ok
18:07:43.0993 0x0f4c [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\windows\system32\DRIVERS\evolve.sys
18:07:43.0995 0x0f4c EvolveVirtualAdapter - ok
18:07:44.0012 0x0f4c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
18:07:44.0016 0x0f4c exfat - ok
18:07:44.0028 0x0f4c ezSharedSvc - ok
18:07:44.0048 0x0f4c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
18:07:44.0053 0x0f4c fastfat - ok
18:07:44.0086 0x0f4c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
18:07:44.0099 0x0f4c Fax - ok
18:07:44.0102 0x0f4c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
18:07:44.0103 0x0f4c fdc - ok
18:07:44.0131 0x0f4c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
18:07:44.0133 0x0f4c fdPHost - ok
18:07:44.0138 0x0f4c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
18:07:44.0140 0x0f4c FDResPub - ok
18:07:44.0147 0x0f4c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:07:44.0149 0x0f4c FileInfo - ok
18:07:44.0154 0x0f4c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:07:44.0155 0x0f4c Filetrace - ok
18:07:44.0228 0x0f4c [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:07:44.0240 0x0f4c FLEXnet Licensing Service - ok
18:07:44.0289 0x0f4c [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
18:07:44.0307 0x0f4c FLEXnet Licensing Service 64 - ok
18:07:44.0330 0x0f4c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
18:07:44.0332 0x0f4c flpydisk - ok
18:07:44.0346 0x0f4c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:07:44.0351 0x0f4c FltMgr - ok
18:07:44.0405 0x0f4c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\windows\system32\FntCache.dll
18:07:44.0425 0x0f4c FontCache - ok
18:07:44.0452 0x0f4c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:07:44.0453 0x0f4c FontCache3.0.0.0 - ok
18:07:44.0467 0x0f4c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:07:44.0474 0x0f4c FsDepends - ok
18:07:44.0491 0x0f4c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:07:44.0492 0x0f4c Fs_Rec - ok
18:07:44.0688 0x0f4c [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
18:07:44.0692 0x0f4c fussvc - ok
18:07:44.0750 0x0f4c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:07:44.0754 0x0f4c fvevol - ok
18:07:44.0773 0x0f4c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
18:07:44.0775 0x0f4c gagp30kx - ok
18:07:44.0796 0x0f4c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:07:44.0798 0x0f4c GEARAspiWDM - ok
18:07:44.0877 0x0f4c [ 55FC14B287C6FF306C32B42628CE0D8C, F22D7BA248D616A76AFAC5DA21A419FF13BC4346F402685F6FC6671B04528110 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:07:44.0896 0x0f4c GfExperienceService - ok
18:07:44.0928 0x0f4c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
18:07:44.0942 0x0f4c gpsvc - ok
18:07:45.0008 0x0f4c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:45.0011 0x0f4c gupdate - ok
18:07:45.0015 0x0f4c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:45.0017 0x0f4c gupdatem - ok
18:07:45.0058 0x0f4c [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
18:07:45.0060 0x0f4c hamachi - ok
18:07:45.0135 0x0f4c [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:07:45.0176 0x0f4c Hamachi2Svc - ok
18:07:45.0198 0x0f4c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:07:45.0200 0x0f4c hcw85cir - ok
18:07:45.0229 0x0f4c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:07:45.0236 0x0f4c HdAudAddService - ok
18:07:45.0265 0x0f4c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
18:07:45.0268 0x0f4c HDAudBus - ok
18:07:45.0279 0x0f4c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
18:07:45.0280 0x0f4c HidBatt - ok
18:07:45.0289 0x0f4c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
18:07:45.0291 0x0f4c HidBth - ok
18:07:45.0300 0x0f4c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
18:07:45.0302 0x0f4c HidIr - ok
18:07:45.0324 0x0f4c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
18:07:45.0326 0x0f4c hidserv - ok
18:07:45.0345 0x0f4c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
18:07:45.0347 0x0f4c HidUsb - ok
18:07:45.0359 0x0f4c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
18:07:45.0362 0x0f4c hkmsvc - ok
18:07:45.0379 0x0f4c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:07:45.0385 0x0f4c HomeGroupListener - ok
18:07:45.0412 0x0f4c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:07:45.0417 0x0f4c HomeGroupProvider - ok
18:07:45.0451 0x0f4c [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:07:45.0453 0x0f4c HP Support Assistant Service - ok
18:07:45.0524 0x0f4c [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:07:45.0541 0x0f4c hpqwmiex - ok
18:07:45.0575 0x0f4c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:07:45.0578 0x0f4c HpSAMD - ok
18:07:45.0609 0x0f4c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:07:45.0622 0x0f4c HTTP - ok
18:07:45.0631 0x0f4c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:07:45.0632 0x0f4c hwpolicy - ok
18:07:45.0655 0x0f4c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
18:07:45.0658 0x0f4c i8042prt - ok
18:07:45.0685 0x0f4c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:07:45.0693 0x0f4c iaStorV - ok
18:07:45.0751 0x0f4c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:07:45.0766 0x0f4c idsvc - ok
18:07:45.0805 0x0f4c IEEtwCollectorService - ok
18:07:45.0925 0x0f4c [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
18:07:46.0025 0x0f4c igfx - ok
18:07:46.0049 0x0f4c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
18:07:46.0050 0x0f4c iirsp - ok
18:07:46.0078 0x0f4c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
18:07:46.0094 0x0f4c IKEEXT - ok
18:07:46.0117 0x0f4c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
18:07:46.0118 0x0f4c intelide - ok
18:07:46.0140 0x0f4c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:07:46.0142 0x0f4c intelppm - ok
18:07:46.0168 0x0f4c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:07:46.0200 0x0f4c IPBusEnum - ok
18:07:46.0242 0x0f4c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:07:46.0247 0x0f4c IpFilterDriver - ok
18:07:46.0279 0x0f4c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:07:46.0290 0x0f4c iphlpsvc - ok
18:07:46.0305 0x0f4c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:07:46.0307 0x0f4c IPMIDRV - ok
18:07:46.0326 0x0f4c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:07:46.0329 0x0f4c IPNAT - ok
18:07:46.0387 0x0f4c [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:07:46.0398 0x0f4c iPod Service - ok
18:07:46.0440 0x0f4c [ 944A6D2E1D971806EFFE4BBABF0DBDC7, 394FC1137D2F5CAE0076229EBFEA940584A15AE4D382006507292A94441AF442 ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
18:07:46.0440 0x0f4c IpOverUsbSvc - ok
18:07:46.0455 0x0f4c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
18:07:46.0466 0x0f4c IRENUM - ok
18:07:46.0480 0x0f4c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:07:46.0481 0x0f4c isapnp - ok
18:07:46.0513 0x0f4c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:07:46.0518 0x0f4c iScsiPrt - ok
18:07:46.0538 0x0f4c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
18:07:46.0540 0x0f4c kbdclass - ok
18:07:46.0556 0x0f4c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
18:07:46.0558 0x0f4c kbdhid - ok
18:07:46.0577 0x0f4c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\windows\system32\lsass.exe
18:07:46.0579 0x0f4c KeyIso - ok
18:07:46.0601 0x0f4c [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:07:46.0604 0x0f4c KSecDD - ok
18:07:46.0617 0x0f4c [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:07:46.0620 0x0f4c KSecPkg - ok
18:07:46.0628 0x0f4c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
18:07:46.0629 0x0f4c ksthunk - ok
18:07:46.0660 0x0f4c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
18:07:46.0668 0x0f4c KtmRm - ok
18:07:46.0706 0x0f4c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
18:07:46.0712 0x0f4c LanmanServer - ok
18:07:46.0730 0x0f4c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:07:46.0754 0x0f4c LanmanWorkstation - ok
18:07:46.0792 0x0f4c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\windows\system32\DRIVERS\lirsgt.sys
18:07:46.0794 0x0f4c lirsgt - ok
18:07:46.0820 0x0f4c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:07:46.0822 0x0f4c lltdio - ok
18:07:46.0859 0x0f4c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
18:07:46.0865 0x0f4c lltdsvc - ok
18:07:46.0879 0x0f4c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
18:07:46.0881 0x0f4c lmhosts - ok
18:07:46.0920 0x0f4c [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
18:07:46.0928 0x0f4c LMIGuardianSvc - ok
18:07:46.0955 0x0f4c [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:07:46.0960 0x0f4c LMS - ok
18:07:46.0979 0x0f4c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
18:07:46.0982 0x0f4c LSI_FC - ok
18:07:47.0000 0x0f4c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
18:07:47.0003 0x0f4c LSI_SAS - ok
18:07:47.0009 0x0f4c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
18:07:47.0011 0x0f4c LSI_SAS2 - ok
18:07:47.0015 0x0f4c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
18:07:47.0017 0x0f4c LSI_SCSI - ok
18:07:47.0033 0x0f4c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
18:07:47.0036 0x0f4c luafv - ok
18:07:47.0056 0x0f4c [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\windows\system32\drivers\mbam.sys
18:07:47.0058 0x0f4c MBAMProtector - ok
18:07:47.0126 0x0f4c [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
18:07:47.0160 0x0f4c MBAMScheduler - ok
18:07:47.0262 0x0f4c [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:07:47.0293 0x0f4c MBAMService - ok
18:07:47.0347 0x0f4c [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\windows\system32\drivers\MBAMSwissArmy.sys
18:07:47.0349 0x0f4c MBAMSwissArmy - ok
18:07:47.0365 0x0f4c [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
18:07:47.0366 0x0f4c MBAMWebAccessControl - ok
18:07:47.0388 0x0f4c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:07:47.0391 0x0f4c Mcx2Svc - ok
18:07:47.0415 0x0f4c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
18:07:47.0417 0x0f4c megasas - ok
18:07:47.0448 0x0f4c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
18:07:47.0453 0x0f4c MegaSR - ok
18:07:47.0473 0x0f4c [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\windows\system32\drivers\HECIx64.sys
18:07:47.0474 0x0f4c MEIx64 - ok
18:07:47.0492 0x0f4c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
18:07:47.0495 0x0f4c MMCSS - ok
18:07:47.0510 0x0f4c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
18:07:47.0512 0x0f4c Modem - ok
18:07:47.0526 0x0f4c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:07:47.0527 0x0f4c monitor - ok
18:07:47.0538 0x0f4c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
18:07:47.0540 0x0f4c mouclass - ok
18:07:47.0553 0x0f4c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:07:47.0554 0x0f4c mouhid - ok
18:07:47.0570 0x0f4c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:07:47.0572 0x0f4c mountmgr - ok
18:07:47.0619 0x0f4c [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:07:47.0622 0x0f4c MozillaMaintenance - ok
18:07:47.0662 0x0f4c [ FC1D590039EF06A381768710E6C07E75, 2F8B4D5232C4848A423A4E647102F3EDFD9B3D55D0D14AC04FD6D60D9212106F ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
18:07:47.0667 0x0f4c MpFilter - ok
18:07:47.0685 0x0f4c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
18:07:47.0688 0x0f4c mpio - ok
18:07:47.0713 0x0f4c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:07:47.0715 0x0f4c mpsdrv - ok
18:07:47.0751 0x0f4c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
18:07:47.0767 0x0f4c MpsSvc - ok
18:07:47.0789 0x0f4c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:07:47.0792 0x0f4c MRxDAV - ok
18:07:47.0810 0x0f4c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:07:47.0813 0x0f4c mrxsmb - ok
18:07:47.0820 0x0f4c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:07:47.0826 0x0f4c mrxsmb10 - ok
18:07:47.0830 0x0f4c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:07:47.0833 0x0f4c mrxsmb20 - ok
18:07:47.0855 0x0f4c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
18:07:47.0857 0x0f4c msahci - ok
18:07:47.0879 0x0f4c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:07:47.0882 0x0f4c msdsm - ok
18:07:47.0899 0x0f4c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
18:07:47.0904 0x0f4c MSDTC - ok
18:07:47.0908 0x0f4c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
18:07:47.0910 0x0f4c Msfs - ok
18:07:47.0925 0x0f4c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:07:47.0926 0x0f4c mshidkmdf - ok
18:07:47.0928 0x0f4c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:07:47.0929 0x0f4c msisadrv - ok
18:07:47.0957 0x0f4c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:07:47.0961 0x0f4c MSiSCSI - ok
18:07:47.0963 0x0f4c msiserver - ok
18:07:47.0980 0x0f4c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:07:47.0981 0x0f4c MSKSSRV - ok
18:07:48.0026 0x0f4c [ FD909D744ACFCF61CAC3A77854F8B301, F9810A9A1D1DBF8EC5D7F48097039E78425EDA69A4EE5EAFB1FAB10AE9C1F385 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:07:48.0054 0x0f4c MsMpSvc - ok
18:07:48.0098 0x0f4c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:07:48.0120 0x0f4c MSPCLOCK - ok
18:07:48.0158 0x0f4c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:07:48.0161 0x0f4c MSPQM - ok
18:07:48.0283 0x0f4c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:07:48.0307 0x0f4c MsRPC - ok
18:07:48.0337 0x0f4c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
18:07:48.0339 0x0f4c mssmbios - ok
18:07:48.0389 0x0f4c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:07:48.0390 0x0f4c MSTEE - ok
18:07:48.0399 0x0f4c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
18:07:48.0400 0x0f4c MTConfig - ok
18:07:48.0410 0x0f4c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
18:07:48.0412 0x0f4c Mup - ok
18:07:48.0444 0x0f4c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
18:07:48.0452 0x0f4c napagent - ok
18:07:48.0485 0x0f4c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:07:48.0490 0x0f4c NativeWifiP - ok
18:07:48.0561 0x0f4c [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
18:07:48.0574 0x0f4c NAUpdate - ok
18:07:48.0627 0x0f4c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
18:07:48.0643 0x0f4c NDIS - ok
18:07:48.0661 0x0f4c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:07:48.0662 0x0f4c NdisCap - ok
18:07:48.0680 0x0f4c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:07:48.0681 0x0f4c NdisTapi - ok
18:07:48.0699 0x0f4c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:07:48.0700 0x0f4c Ndisuio - ok
18:07:48.0712 0x0f4c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:07:48.0716 0x0f4c NdisWan - ok
18:07:48.0720 0x0f4c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:07:48.0722 0x0f4c NDProxy - ok
18:07:48.0740 0x0f4c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:07:48.0741 0x0f4c NetBIOS - ok
18:07:48.0754 0x0f4c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:07:48.0759 0x0f4c NetBT - ok
18:07:48.0769 0x0f4c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\windows\system32\lsass.exe
18:07:48.0772 0x0f4c Netlogon - ok
18:07:48.0797 0x0f4c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
18:07:48.0805 0x0f4c Netman - ok
18:07:48.0837 0x0f4c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:48.0840 0x0f4c NetMsmqActivator - ok
18:07:48.0844 0x0f4c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:48.0847 0x0f4c NetPipeActivator - ok
18:07:48.0868 0x0f4c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
18:07:48.0877 0x0f4c netprofm - ok
18:07:48.0885 0x0f4c netr28ux - ok
18:07:48.0889 0x0f4c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:48.0892 0x0f4c NetTcpActivator - ok
18:07:48.0896 0x0f4c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:48.0898 0x0f4c NetTcpPortSharing - ok
18:07:48.0917 0x0f4c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
18:07:48.0919 0x0f4c nfrd960 - ok
18:07:48.0951 0x0f4c [ 8FB3C853E886E1E4D57271672486111C, 2D2954740BF2046FC4C0F1C00FBA9627C356792C0636A51078116876E4886FC6 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
18:07:48.0954 0x0f4c NisDrv - ok
18:07:49.0005 0x0f4c [ EC445A9F0FB52E5F467C156FFF6F6D93, F1BD9F18376834097E80F107CC556CB65889E34D22F18D055CB88DF61D235306 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:07:49.0012 0x0f4c NisSrv - ok
18:07:49.0061 0x0f4c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
18:07:49.0068 0x0f4c NlaSvc - ok
18:07:49.0160 0x0f4c [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:07:49.0206 0x0f4c NOBU - ok
18:07:49.0223 0x0f4c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
18:07:49.0225 0x0f4c Npfs - ok
18:07:49.0243 0x0f4c npggsvc - ok
18:07:49.0260 0x0f4c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
18:07:49.0263 0x0f4c nsi - ok
18:07:49.0270 0x0f4c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:07:49.0271 0x0f4c nsiproxy - ok
18:07:49.0318 0x0f4c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:07:49.0346 0x0f4c Ntfs - ok
18:07:49.0353 0x0f4c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
18:07:49.0354 0x0f4c Null - ok
18:07:49.0375 0x0f4c [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
18:07:49.0379 0x0f4c NVHDA - ok
18:07:49.0617 0x0f4c [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
18:07:49.0828 0x0f4c nvlddmkm - ok
18:07:49.0916 0x0f4c [ DCAA93D28D6FC75A4D80AE410008BA90, 7EDB69747C95FB68A4DF1932CF45E078DE94364D7A37D83A29952977A41D1FD7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:07:49.0947 0x0f4c NvNetworkService - ok
18:07:49.0977 0x0f4c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
18:07:49.0981 0x0f4c nvraid - ok
18:07:49.0998 0x0f4c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
18:07:50.0002 0x0f4c nvstor - ok
18:07:50.0056 0x0f4c [ 9408391358F3B9FD0F59E27151383C51, 777A41DE1D8D71833369D1335A083BA8F197317CB62D0E65EFFCC9760D84F2AB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:07:50.0058 0x0f4c NvStreamKms - ok
18:07:50.0073 0x0f4c NvStreamSvc - ok
18:07:50.0112 0x0f4c [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc C:\windows\system32\nvvsvc.exe
18:07:50.0129 0x0f4c nvsvc - ok
18:07:50.0166 0x0f4c [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\windows\system32\drivers\nvvad64v.sys
18:07:50.0168 0x0f4c nvvad_WaveExtensible - ok
18:07:50.0193 0x0f4c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:07:50.0196 0x0f4c nv_agp - ok
18:07:50.0208 0x0f4c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:07:50.0210 0x0f4c ohci1394 - ok
18:07:50.0300 0x0f4c [ 895F501CF51EB727E457B17BC8D9EA1B, 3839E99715620208248A2D34421113B5C02F46979A10D6CE1CA59F037AEF0561 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:07:50.0334 0x0f4c Origin Client Service - ok
18:07:50.0393 0x0f4c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:50.0396 0x0f4c ose - ok
18:07:50.0622 0x0f4c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:07:50.0717 0x0f4c osppsvc - ok
18:07:50.0746 0x0f4c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:07:50.0753 0x0f4c p2pimsvc - ok
18:07:50.0767 0x0f4c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
18:07:50.0776 0x0f4c p2psvc - ok
18:07:50.0813 0x0f4c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
18:07:50.0815 0x0f4c Parport - ok
18:07:50.0841 0x0f4c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
18:07:50.0843 0x0f4c partmgr - ok
18:07:50.0867 0x0f4c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
18:07:50.0872 0x0f4c PcaSvc - ok
18:07:50.0877 0x0f4c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
18:07:50.0881 0x0f4c pci - ok
18:07:50.0903 0x0f4c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
18:07:50.0904 0x0f4c pciide - ok
18:07:50.0920 0x0f4c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
18:07:50.0924 0x0f4c pcmcia - ok
18:07:50.0927 0x0f4c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
18:07:50.0929 0x0f4c pcw - ok
18:07:50.0948 0x0f4c pdfcDispatcher - ok
18:07:50.0973 0x0f4c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:07:50.0985 0x0f4c PEAUTH - ok
18:07:51.0031 0x0f4c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
18:07:51.0034 0x0f4c PerfHost - ok
18:07:51.0077 0x0f4c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
18:07:51.0102 0x0f4c pla - ok
18:07:51.0138 0x0f4c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:07:51.0147 0x0f4c PlugPlay - ok
18:07:51.0165 0x0f4c PnkBstrA - ok
18:07:51.0182 0x0f4c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:07:51.0185 0x0f4c PNRPAutoReg - ok
18:07:51.0196 0x0f4c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:07:51.0202 0x0f4c PNRPsvc - ok
18:07:51.0232 0x0f4c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:07:51.0242 0x0f4c PolicyAgent - ok
18:07:51.0262 0x0f4c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
18:07:51.0267 0x0f4c Power - ok
18:07:51.0287 0x0f4c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:07:51.0290 0x0f4c PptpMiniport - ok
18:07:51.0302 0x0f4c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
18:07:51.0304 0x0f4c Processor - ok
18:07:51.0332 0x0f4c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
18:07:51.0338 0x0f4c ProfSvc - ok
18:07:51.0343 0x0f4c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\windows\system32\lsass.exe
18:07:51.0346 0x0f4c ProtectedStorage - ok
18:07:51.0362 0x0f4c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:07:51.0364 0x0f4c Psched - ok
18:07:51.0411 0x0f4c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
18:07:51.0437 0x0f4c ql2300 - ok
18:07:51.0449 0x0f4c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
18:07:51.0452 0x0f4c ql40xx - ok
18:07:51.0475 0x0f4c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
18:07:51.0481 0x0f4c QWAVE - ok
18:07:51.0491 0x0f4c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:07:51.0493 0x0f4c QWAVEdrv - ok
18:07:51.0518 0x0f4c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:07:51.0519 0x0f4c RasAcd - ok
18:07:51.0551 0x0f4c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:07:51.0553 0x0f4c RasAgileVpn - ok
18:07:51.0560 0x0f4c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
18:07:51.0564 0x0f4c RasAuto - ok
18:07:51.0571 0x0f4c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:07:51.0574 0x0f4c Rasl2tp - ok
18:07:51.0588 0x0f4c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
18:07:51.0595 0x0f4c RasMan - ok
18:07:51.0600 0x0f4c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:07:51.0603 0x0f4c RasPppoe - ok
18:07:51.0606 0x0f4c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:07:51.0608 0x0f4c RasSstp - ok
18:07:51.0623 0x0f4c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:07:51.0630 0x0f4c rdbss - ok
18:07:51.0644 0x0f4c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
18:07:51.0646 0x0f4c rdpbus - ok
18:07:51.0654 0x0f4c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:07:51.0655 0x0f4c RDPCDD - ok
18:07:51.0672 0x0f4c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:07:51.0673 0x0f4c RDPENCDD - ok
18:07:51.0685 0x0f4c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:07:51.0686 0x0f4c RDPREFMP - ok
18:07:51.0738 0x0f4c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
18:07:51.0739 0x0f4c RdpVideoMiniport - ok
18:07:51.0765 0x0f4c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:07:51.0770 0x0f4c RDPWD - ok
18:07:51.0802 0x0f4c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:07:51.0807 0x0f4c rdyboost - ok
18:07:51.0833 0x0f4c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
18:07:51.0836 0x0f4c RemoteAccess - ok
18:07:51.0847 0x0f4c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:07:51.0852 0x0f4c RemoteRegistry - ok
18:07:51.0860 0x0f4c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:07:51.0863 0x0f4c RpcEptMapper - ok
18:07:51.0884 0x0f4c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
18:07:51.0886 0x0f4c RpcLocator - ok
18:07:51.0901 0x0f4c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
18:07:51.0910 0x0f4c RpcSs - ok
18:07:51.0922 0x0f4c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:07:51.0924 0x0f4c rspndr - ok
18:07:51.0966 0x0f4c [ 39A719875F572241C585A629EE62EB14, EE42DB11710374A2A97ED5B58A9DA0AECC8AB0DF4DEEAC5970F33046255CE2F9 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
18:07:51.0978 0x0f4c RTL8167 - ok
18:07:51.0985 0x0f4c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\windows\system32\lsass.exe
18:07:51.0987 0x0f4c SamSs - ok
18:07:52.0010 0x0f4c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:07:52.0012 0x0f4c sbp2port - ok
18:07:52.0047 0x0f4c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
18:07:52.0052 0x0f4c SCardSvr - ok
18:07:52.0059 0x0f4c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:07:52.0060 0x0f4c scfilter - ok
18:07:52.0086 0x0f4c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
18:07:52.0107 0x0f4c Schedule - ok
18:07:52.0125 0x0f4c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
18:07:52.0126 0x0f4c SCPolicySvc - ok
18:07:52.0131 0x0f4c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:07:52.0137 0x0f4c SDRSVC - ok
18:07:52.0160 0x0f4c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
18:07:52.0161 0x0f4c secdrv - ok
18:07:52.0172 0x0f4c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
18:07:52.0175 0x0f4c seclogon - ok
18:07:52.0192 0x0f4c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
18:07:52.0195 0x0f4c SENS - ok
18:07:52.0209 0x0f4c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
18:07:52.0212 0x0f4c SensrSvc - ok
18:07:52.0224 0x0f4c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
18:07:52.0225 0x0f4c Serenum - ok
18:07:52.0252 0x0f4c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
18:07:52.0254 0x0f4c Serial - ok
18:07:52.0265 0x0f4c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
18:07:52.0267 0x0f4c sermouse - ok
18:07:52.0287 0x0f4c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
18:07:52.0292 0x0f4c SessionEnv - ok
18:07:52.0303 0x0f4c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:07:52.0304 0x0f4c sffdisk - ok
18:07:52.0307 0x0f4c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:07:52.0308 0x0f4c sffp_mmc - ok
18:07:52.0310 0x0f4c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:07:52.0311 0x0f4c sffp_sd - ok
18:07:52.0326 0x0f4c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
18:07:52.0341 0x0f4c sfloppy - ok
18:07:52.0401 0x0f4c [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
18:07:52.0415 0x0f4c Sftfs - ok
18:07:52.0458 0x0f4c [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:07:52.0468 0x0f4c sftlist - ok
18:07:52.0480 0x0f4c [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
18:07:52.0486 0x0f4c Sftplay - ok
18:07:52.0496 0x0f4c [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
18:07:52.0497 0x0f4c Sftredir - ok
18:07:52.0499 0x0f4c [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
18:07:52.0501 0x0f4c Sftvol - ok
18:07:52.0516 0x0f4c [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:07:52.0520 0x0f4c sftvsa - ok
18:07:52.0549 0x0f4c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
18:07:52.0556 0x0f4c SharedAccess - ok
18:07:52.0586 0x0f4c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:07:52.0595 0x0f4c ShellHWDetection - ok
18:07:52.0612 0x0f4c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
18:07:52.0613 0x0f4c SiSRaid2 - ok
18:07:52.0631 0x0f4c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
18:07:52.0633 0x0f4c SiSRaid4 - ok
18:07:52.0697 0x0f4c [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:07:52.0702 0x0f4c SkypeUpdate - ok
18:07:52.0722 0x0f4c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:07:52.0724 0x0f4c Smb - ok
18:07:52.0759 0x0f4c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:07:52.0761 0x0f4c SNMPTRAP - ok
18:07:52.0784 0x0f4c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
18:07:52.0785 0x0f4c spldr - ok
18:07:52.0814 0x0f4c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
18:07:52.0826 0x0f4c Spooler - ok
18:07:52.0896 0x0f4c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
18:07:52.0955 0x0f4c sppsvc - ok
18:07:52.0965 0x0f4c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:07:52.0969 0x0f4c sppuinotify - ok
18:07:53.0034 0x0f4c [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:07:53.0037 0x0f4c SQLWriter - ok
18:07:53.0059 0x0f4c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
18:07:53.0067 0x0f4c srv - ok
18:07:53.0076 0x0f4c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:07:53.0084 0x0f4c srv2 - ok
18:07:53.0101 0x0f4c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:07:53.0105 0x0f4c srvnet - ok
18:07:53.0118 0x0f4c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:07:53.0124 0x0f4c SSDPSRV - ok
18:07:53.0137 0x0f4c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
18:07:53.0141 0x0f4c SstpSvc - ok
18:07:53.0190 0x0f4c [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
18:07:53.0194 0x0f4c ssudmdm - ok
18:07:53.0255 0x0f4c [ 605ECCCE95ACF7AF12CBCCDAB55B8DD0, 7B676B58C26D880320434066B93C7B8372421699C0006806D4E8E0E824124281 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:07:53.0262 0x0f4c STacSV - ok
18:07:53.0334 0x0f4c [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:07:53.0348 0x0f4c Steam Client Service - ok
18:07:53.0397 0x0f4c [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:07:53.0405 0x0f4c Stereo Service - ok
18:07:53.0421 0x0f4c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
18:07:53.0423 0x0f4c stexstor - ok
18:07:53.0446 0x0f4c [ 5709F6AEECC9C43AD9D550FB1D882209, CF4681AE1D6B15340F5A0787E0EFB682AA3CFA15D25741364D8455C040A5997B ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
18:07:53.0455 0x0f4c STHDA - ok
18:07:53.0493 0x0f4c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
18:07:53.0505 0x0f4c stisvc - ok
18:07:53.0525 0x0f4c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
18:07:53.0526 0x0f4c swenum - ok
18:07:53.0554 0x0f4c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
18:07:53.0563 0x0f4c swprv - ok
18:07:53.0607 0x0f4c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
18:07:53.0638 0x0f4c SysMain - ok
18:07:53.0651 0x0f4c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
18:07:53.0655 0x0f4c TabletInputService - ok
18:07:53.0686 0x0f4c [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\windows\system32\DRIVERS\tap0901.sys
18:07:53.0688 0x0f4c tap0901 - ok
18:07:53.0706 0x0f4c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
18:07:53.0713 0x0f4c TapiSrv - ok
18:07:53.0726 0x0f4c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
18:07:53.0730 0x0f4c TBS - ok
18:07:53.0788 0x0f4c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:07:53.0821 0x0f4c Tcpip - ok
18:07:53.0865 0x0f4c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:07:53.0890 0x0f4c TCPIP6 - ok
18:07:53.0908 0x0f4c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:07:53.0909 0x0f4c tcpipreg - ok
18:07:53.0928 0x0f4c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:07:53.0929 0x0f4c TDPIPE - ok
18:07:53.0953 0x0f4c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:07:53.0955 0x0f4c TDTCP - ok
18:07:53.0980 0x0f4c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:07:53.0983 0x0f4c tdx - ok
18:07:54.0084 0x0f4c [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
18:07:54.0087 0x0f4c Te.Service - ok
18:07:54.0112 0x0f4c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
18:07:54.0114 0x0f4c TermDD - ok
18:07:54.0139 0x0f4c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
18:07:54.0152 0x0f4c TermService - ok
18:07:54.0171 0x0f4c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
18:07:54.0196 0x0f4c Themes - ok
18:07:54.0233 0x0f4c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
18:07:54.0258 0x0f4c THREADORDER - ok
18:07:54.0318 0x0f4c [ BDFC55C2389D23C7E36A627BD580EE98, E25CF1C01CF90B348333A0CBAF26F8F5751AE725E6059C35C492E00479105B70 ] tihub3 C:\windows\system32\drivers\tihub3.sys
18:07:54.0321 0x0f4c tihub3 - ok
18:07:54.0594 0x0f4c [ EBEDBC08C2E5EB4EC8E3DA4BF3D827B1, FC465EAF5C2E44F279B54B13C88ACCE565B1C9C6DDEB8D87FD0CD6CD3AA1AABC ] tixhci C:\windows\system32\drivers\tixhci.sys
18:07:54.0602 0x0f4c tixhci - ok
18:07:54.0627 0x0f4c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
18:07:54.0632 0x0f4c TrkWks - ok
18:07:54.0673 0x0f4c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:07:54.0676 0x0f4c TrustedInstaller - ok
18:07:54.0691 0x0f4c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:07:54.0692 0x0f4c tssecsrv - ok
18:07:54.0717 0x0f4c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:07:54.0719 0x0f4c TsUsbFlt - ok
18:07:54.0743 0x0f4c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
18:07:54.0745 0x0f4c TsUsbGD - ok
18:07:54.0772 0x0f4c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:07:54.0775 0x0f4c tunnel - ok
18:07:54.0798 0x0f4c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
18:07:54.0800 0x0f4c uagp35 - ok
18:07:54.0813 0x0f4c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:07:54.0820 0x0f4c udfs - ok
18:07:54.0845 0x0f4c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
18:07:54.0848 0x0f4c UI0Detect - ok
18:07:54.0858 0x0f4c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:07:54.0860 0x0f4c uliagpkx - ok
18:07:54.0869 0x0f4c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
18:07:54.0871 0x0f4c umbus - ok
18:07:54.0873 0x0f4c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
18:07:54.0874 0x0f4c UmPass - ok
18:07:54.0893 0x0f4c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
18:07:54.0901 0x0f4c upnphost - ok
18:07:54.0937 0x0f4c [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
18:07:54.0939 0x0f4c USBAAPL64 - ok
18:07:55.0007 0x0f4c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
18:07:55.0009 0x0f4c usbaudio - ok
18:07:55.0026 0x0f4c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:07:55.0029 0x0f4c usbccgp - ok
18:07:55.0052 0x0f4c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
18:07:55.0054 0x0f4c usbcir - ok
18:07:55.0061 0x0f4c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
18:07:55.0063 0x0f4c usbehci - ok
18:07:55.0090 0x0f4c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:07:55.0096 0x0f4c usbhub - ok
18:07:55.0111 0x0f4c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
18:07:55.0113 0x0f4c usbohci - ok
18:07:55.0132 0x0f4c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:07:55.0134 0x0f4c usbprint - ok
18:07:55.0158 0x0f4c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\drivers\usbscan.sys
18:07:55.0160 0x0f4c usbscan - ok
18:07:55.0183 0x0f4c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:07:55.0189 0x0f4c USBSTOR - ok
18:07:55.0223 0x0f4c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:07:55.0224 0x0f4c usbuhci - ok
18:07:55.0245 0x0f4c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
18:07:55.0249 0x0f4c UxSms - ok
18:07:55.0268 0x0f4c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\windows\system32\lsass.exe
18:07:55.0270 0x0f4c VaultSvc - ok
18:07:55.0291 0x0f4c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:07:55.0292 0x0f4c vdrvroot - ok
18:07:55.0317 0x0f4c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
18:07:55.0329 0x0f4c vds - ok
18:07:55.0343 0x0f4c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:07:55.0344 0x0f4c vga - ok
18:07:55.0353 0x0f4c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
18:07:55.0354 0x0f4c VgaSave - ok
18:07:55.0377 0x0f4c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:07:55.0381 0x0f4c vhdmp - ok
18:07:55.0403 0x0f4c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
18:07:55.0405 0x0f4c viaide - ok
18:07:55.0408 0x0f4c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:07:55.0411 0x0f4c volmgr - ok
18:07:55.0419 0x0f4c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:07:55.0426 0x0f4c volmgrx - ok
18:07:55.0445 0x0f4c [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
18:07:55.0450 0x0f4c volsnap - ok
18:07:55.0525 0x0f4c [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
18:07:55.0528 0x0f4c VsEtwService120 - ok
18:07:55.0579 0x0f4c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
18:07:55.0583 0x0f4c vsmraid - ok
18:07:55.0626 0x0f4c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
18:07:55.0649 0x0f4c VSS - ok
18:07:55.0663 0x0f4c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:07:55.0665 0x0f4c vwifibus - ok
18:07:55.0677 0x0f4c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:07:55.0679 0x0f4c vwififlt - ok
18:07:55.0682 0x0f4c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
18:07:55.0684 0x0f4c vwifimp - ok
18:07:55.0700 0x0f4c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
18:07:55.0709 0x0f4c W32Time - ok
18:07:55.0735 0x0f4c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
18:07:55.0736 0x0f4c WacomPen - ok
18:07:55.0752 0x0f4c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:07:55.0755 0x0f4c WANARP - ok
18:07:55.0758 0x0f4c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:07:55.0760 0x0f4c Wanarpv6 - ok
18:07:55.0807 0x0f4c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:07:55.0828 0x0f4c WatAdminSvc - ok
18:07:55.0868 0x0f4c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
18:07:55.0895 0x0f4c wbengine - ok
18:07:55.0922 0x0f4c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:07:55.0928 0x0f4c WbioSrvc - ok
18:07:55.0946 0x0f4c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
18:07:55.0955 0x0f4c wcncsvc - ok
18:07:55.0965 0x0f4c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:07:55.0968 0x0f4c WcsPlugInService - ok
18:07:55.0992 0x0f4c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
18:07:55.0994 0x0f4c Wd - ok
18:07:56.0024 0x0f4c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:07:56.0038 0x0f4c Wdf01000 - ok
18:07:56.0068 0x0f4c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
18:07:56.0072 0x0f4c WdiServiceHost - ok
18:07:56.0076 0x0f4c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
18:07:56.0080 0x0f4c WdiSystemHost - ok
18:07:56.0103 0x0f4c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
18:07:56.0110 0x0f4c WebClient - ok
18:07:56.0127 0x0f4c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
18:07:56.0134 0x0f4c Wecsvc - ok
18:07:56.0143 0x0f4c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:07:56.0147 0x0f4c wercplsupport - ok
18:07:56.0160 0x0f4c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
18:07:56.0164 0x0f4c WerSvc - ok
18:07:56.0184 0x0f4c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:07:56.0185 0x0f4c WfpLwf - ok
18:07:56.0196 0x0f4c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:07:56.0197 0x0f4c WIMMount - ok
18:07:56.0213 0x0f4c WinDefend - ok
18:07:56.0222 0x0f4c WinHttpAutoProxySvc - ok
18:07:56.0258 0x0f4c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:07:56.0263 0x0f4c Winmgmt - ok
18:07:56.0305 0x0f4c [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
18:07:56.0307 0x0f4c WinRing0_1_2_0 - ok
18:07:56.0367 0x0f4c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
18:07:56.0410 0x0f4c WinRM - ok
18:07:56.0537 0x0f4c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\drivers\WinUsb.sys
18:07:56.0539 0x0f4c WinUsb - ok
18:07:56.0565 0x0f4c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
18:07:56.0582 0x0f4c Wlansvc - ok
18:07:56.0665 0x0f4c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:56.0704 0x0f4c wlidsvc - ok
18:07:56.0729 0x0f4c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:07:56.0730 0x0f4c WmiAcpi - ok
18:07:56.0760 0x0f4c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:07:56.0764 0x0f4c wmiApSrv - ok
18:07:56.0792 0x0f4c WMPNetworkSvc - ok
18:07:56.0815 0x0f4c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
18:07:56.0818 0x0f4c WPCSvc - ok
18:07:56.0832 0x0f4c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:07:56.0837 0x0f4c WPDBusEnum - ok
18:07:56.0840 0x0f4c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:07:56.0841 0x0f4c ws2ifsl - ok
18:07:56.0855 0x0f4c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
18:07:56.0860 0x0f4c wscsvc - ok
18:07:56.0862 0x0f4c WSearch - ok
18:07:56.0934 0x0f4c [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\windows\system32\wuaueng.dll
18:07:56.0978 0x0f4c wuauserv - ok
18:07:57.0000 0x0f4c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:07:57.0002 0x0f4c WudfPf - ok
18:07:57.0029 0x0f4c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\drivers\WUDFRd.sys
18:07:57.0033 0x0f4c WUDFRd - ok
18:07:57.0042 0x0f4c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:07:57.0051 0x0f4c wudfsvc - ok
18:07:57.0071 0x0f4c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
18:07:57.0078 0x0f4c WwanSvc - ok
18:07:57.0120 0x0f4c X6va011 - ok
18:07:57.0130 0x0f4c X6va012 - ok
18:07:57.0133 0x0f4c X6va015 - ok
18:07:57.0158 0x0f4c [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
18:07:57.0160 0x0f4c xusb21 - ok
18:07:57.0177 0x0f4c ================ Scan global ===============================
18:07:57.0190 0x0f4c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
18:07:57.0221 0x0f4c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
18:07:57.0232 0x0f4c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
18:07:57.0248 0x0f4c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
18:07:57.0288 0x0f4c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
18:07:57.0296 0x0f4c [ Global ] - ok
18:07:57.0296 0x0f4c ================ Scan MBR ==================================
18:07:57.0303 0x0f4c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:07:57.0397 0x0f4c \Device\Harddisk0\DR0 - ok
18:07:57.0398 0x0f4c ================ Scan VBR ==================================
18:07:57.0399 0x0f4c [ B87516E956EDEE674B2538F071843BB2 ] \Device\Harddisk0\DR0\Partition1
18:07:57.0444 0x0f4c \Device\Harddisk0\DR0\Partition1 - ok
18:07:57.0477 0x0f4c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
18:07:57.0477 0x0f4c \Device\Harddisk0\DR0\Partition2 - ok
18:07:57.0485 0x0f4c [ 0DAC1923C90D9324283A5B50EAFB40CC ] \Device\Harddisk0\DR0\Partition3
18:07:57.0542 0x0f4c \Device\Harddisk0\DR0\Partition3 - ok
18:07:57.0555 0x0f4c [ FC1DB9D4F07D1F784C5A8C506E463031 ] \Device\Harddisk0\DR0\Partition4
18:07:57.0555 0x0f4c \Device\Harddisk0\DR0\Partition4 - ok
18:07:57.0556 0x0f4c ================ Scan generic autorun ======================
18:07:57.0622 0x0f4c [ 0D997D69A624B2A04EED0B64F2092642, 67B34F6EDF0BA7C2C2BD11D6F8423FAB7AE6D7672220AACE31B632081EA25E35 ] C:\Program Files\IDT\WDM\beats64.exe
18:07:57.0623 0x0f4c BeatsOSDApp - ok
18:07:57.0656 0x0f4c [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
18:07:57.0658 0x0f4c HPSYSDRV - ok
18:07:57.0697 0x0f4c [ AD6C376374C21EC68DF33884613D0A05, 65E0668A2A24B9EF2BDABDE044D240F110AEC8B1EF838AB28084B7F899D2A75E ] C:\Program Files\IDT\WDM\sttray64.exe
18:07:57.0721 0x0f4c SysTrayApp - ok
18:07:57.0769 0x0f4c [ D9AA753B736FD63F397C59464DC6FE68, AB357D3FDBF47C127571EE3ABBCBD7FF607CDDA230191913B2B45B5374A9EE42 ] c:\Program Files\Microsoft Security Client\msseces.exe
18:07:57.0792 0x0f4c MSC - ok
18:07:57.0803 0x0f4c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\windows\system32\rundll32.exe
18:07:57.0806 0x0f4c ShadowPlay - ok
18:07:57.0851 0x0f4c [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
18:07:57.0865 0x0f4c XboxStat - ok
18:07:57.0942 0x0f4c [ D9133D4157664B1E2ACFC2CD56CCB599, 0B2B8EE7D45962026A30833D3D7F59FB1FB07085904C2E77A10714F38910E462 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:07:57.0986 0x0f4c NvBackend - ok
18:07:58.0031 0x0f4c [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
18:07:58.0033 0x0f4c NCPluginUpdater - ok
18:07:58.0092 0x0f4c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:07:58.0112 0x0f4c Sidebar - ok
18:07:58.0135 0x0f4c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:07:58.0138 0x0f4c mctadmin - ok
18:07:58.0159 0x0f4c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:07:58.0178 0x0f4c Sidebar - ok
18:07:58.0183 0x0f4c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:07:58.0185 0x0f4c mctadmin - ok
18:07:58.0285 0x0f4c [ 8DACA62F3E15E45EBAF7AE51A609CBC1, 5FACF0EA36572E7228EB2808731ED00DD08B481937569E71C3A537D7E65022AD ] C:\Program Files (x86)\Steam\steam.exe
18:07:58.0334 0x0f4c Steam - ok
18:07:58.0539 0x0f4c [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
18:07:58.0614 0x0f4c Akamai NetSession Interface - ok
18:07:58.0688 0x0f4c [ 9D199992DFADBA8720B9037C045657F2, 7FB89E0EED185341A85C4EE6F96BE26A840904CF6E25C032F489EB23D6242B4B ] C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:07:58.0721 0x0f4c Spotify Web Helper - ok
18:07:58.0748 0x0f4c Skype - ok
18:07:58.0944 0x0f4c [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
18:07:59.0065 0x0f4c CCleaner Monitoring - ok
18:07:59.0184 0x0f4c [ 981FE670A8D36E9F43A74FAE1218F080, 84EFCC024B5F6DE6554C40033462B21CA550A240C84E46B36EBB972799AA8A8B ] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
18:07:59.0197 0x0f4c MySQL Notifier - ok
18:07:59.0395 0x0f4c [ 89E0B29C7C2636C7F80679F616712B4A, 396B636A7D6E10876B53E768C6008089953F98387117856EA60B342B8AF3F38D ] C:\Users\Adrian\AppData\Roaming\Spotify\Spotify.exe
18:07:59.0515 0x0f4c Spotify - ok
18:07:59.0588 0x0f4c [ 4547360EB0D90804B3AD080CE1D1D814, 8814E26A8A4CE84CB17AF98A6AF551B75AF8F26A19DBA5225657DBF29853550A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:07:59.0602 0x0f4c GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E - ok
18:07:59.0620 0x0f4c FlashPlayerUpdate - ok
18:07:59.0651 0x0f4c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:07:59.0670 0x0f4c Sidebar - ok
18:07:59.0685 0x0f4c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:07:59.0688 0x0f4c mctadmin - ok
18:07:59.0723 0x0f4c [ A064A1D9CBD7F6959AAEAEAFF96DB2E9, F3DC0C0240FCE4FE7478093C415548297E49C349FE600D7F6CC1C655953C1D48 ] C:\windows\system32\osk.exe
18:07:59.0736 0x0f4c osk.exe - ok
18:07:59.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:00.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:01.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:02.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:03.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:04.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:05.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:06.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:07.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:08.0737 0x0f4c Waiting for KSN requests completion. In queue: 224
18:08:09.0787 0x0f4c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.3.216.0 ), 0x60000 ( disabled : updated )
18:08:09.0799 0x0f4c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
18:08:09.0800 0x0f4c FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x40010 ( disabled )
18:08:09.0872 0x0f4c Win FW state via NFP2: enabled
18:08:19.0550 0x0f4c ============================================================
18:08:19.0550 0x0f4c Scan finished
18:08:19.0550 0x0f4c ============================================================
18:08:19.0554 0x247c Detected object count: 0
18:08:19.0554 0x247c Actual detected object count: 0
18:09:13.0844 0x0c44 ============================================================
18:09:13.0844 0x0c44 Scan started
18:09:13.0844 0x0c44 Mode: Manual;
18:09:13.0844 0x0c44 ============================================================
18:09:13.0844 0x0c44 KSN ping started
|
|
03.07.2015, 06:22
| #7 |
| /// the machine /// TB-Ausbilder | Taskmanager blockiert, consent.exe 6x offen hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.07.2015, 07:07
| #8 |
| | Taskmanager blockiert, consent.exe 6x offenCode:
ATTFilter ComboFix 15-06-30.01 - Adrian 03.07.2015 8:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.8148.5426 [GMT 2:00]
ausgeführt von:: c:\users\Adrian\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Roland\AppData\Roaming\Origin
c:\users\Roland\AppData\Roaming\Origin\Cloud Saves\blacklist
c:\users\Roland\AppData\Roaming\Origin\local.xml
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-06-03 bis 2015-07-03 ))))))))))))))))))))))))))))))
.
.
2015-07-03 06:29 . 2015-07-03 06:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-07-03 06:29 . 2015-07-03 06:29 -------- d-----w- c:\users\Roland\AppData\Local\temp
2015-07-03 06:28 . 2015-07-03 06:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-01 14:01 . 2015-07-01 14:02 -------- d-----w- c:\users\Adrian\AppData\Local\PAYDAY 2
2015-07-01 14:01 . 2015-07-01 14:01 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2015-07-01 13:33 . 2015-07-03 05:50 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-01 13:33 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-01 13:33 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-01 13:33 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-29 14:39 . 2015-06-29 14:39 -------- d-----w- c:\users\Adrian\AppData\Roaming\.atlauncher
2015-06-23 16:21 . 2015-06-17 06:03 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-06-23 16:06 . 2015-06-23 16:06 -------- d-----w- C:\NVIDIA
2015-06-23 15:29 . 2015-06-23 15:29 -------- d-----w- c:\programdata\boost_interprocess
2015-06-23 15:29 . 2015-05-19 03:29 46768 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-06-23 15:29 . 2015-05-19 03:14 57520 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-06-20 09:53 . 2015-06-20 09:53 -------- d-----w- c:\users\Adrian\AppData\Roaming\Microsoft FxCop
2015-06-20 09:32 . 2015-05-06 13:07 319584 ----a-w- c:\windows\system32\javaws.exe
2015-06-20 09:32 . 2015-05-06 13:07 206944 ----a-w- c:\windows\system32\javaw.exe
2015-06-20 09:32 . 2015-05-06 13:07 206432 ----a-w- c:\windows\system32\java.exe
2015-06-19 15:53 . 2015-06-19 15:53 -------- d-----w- c:\users\Adrian\AppData\Roaming\NuGet
2015-06-19 15:24 . 2015-06-19 15:24 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 11.0
2015-06-19 15:20 . 2015-06-19 15:20 -------- d-----w- c:\program files (x86)\Windows Phone Silverlight Kits
2015-06-19 15:20 . 2015-06-20 16:51 2382112 ----a-w- c:\programdata\Microsoft\VisualStudio\12.0\1033\ResourceCache.dll
2015-06-19 15:16 . 2015-06-19 15:16 -------- d-----w- c:\program files (x86)\Microsoft XDE
2015-06-19 15:08 . 2015-06-19 15:08 -------- d-----w- c:\program files (x86)\AppInsights
2015-06-19 14:55 . 2015-06-19 14:55 -------- d-----w- c:\program files\Application Verifier
2015-06-19 14:55 . 2015-06-19 14:55 -------- d-----w- c:\program files (x86)\Application Verifier
2015-06-19 14:55 . 2015-06-19 15:10 -------- d-----w- c:\programdata\Windows App Certification Kit
2015-06-19 14:50 . 2015-06-19 14:50 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2015-06-19 14:45 . 2015-06-19 14:45 -------- d-----w- c:\programdata\PreEmptive Solutions
2015-06-19 14:39 . 2015-06-19 14:40 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
2015-06-19 14:38 . 2015-06-19 15:09 -------- d-----w- c:\program files\IIS Express
2015-06-19 14:38 . 2015-06-19 15:09 -------- d-----w- c:\program files (x86)\IIS Express
2015-06-19 14:37 . 2015-06-19 14:37 -------- d-----w- c:\programdata\NuGet
2015-06-19 14:37 . 2015-06-19 14:37 -------- d-----w- c:\program files (x86)\NuGet
2015-06-19 14:37 . 2015-06-19 14:37 -------- d-----w- c:\program files (x86)\Microsoft WCF Data Services
2015-06-19 14:37 . 2015-06-19 14:37 -------- d-----w- c:\program files\IIS
2015-06-19 14:37 . 2015-06-19 14:37 -------- d-----w- c:\program files (x86)\IIS
2015-06-19 14:25 . 2015-06-19 14:31 -------- d-----w- c:\program files (x86)\Windows Kits
2015-06-19 14:25 . 2015-06-19 14:25 -------- d-----w- c:\program files (x86)\Windows Phone Kits
2015-06-19 14:24 . 2015-06-19 14:24 -------- d-----w- c:\program files (x86)\HTML Help Workshop
2015-06-19 14:24 . 2015-06-19 14:24 -------- d-----w- c:\windows\symbols
2015-06-19 14:24 . 2015-06-19 14:24 -------- d-----w- c:\program files (x86)\Microsoft Help Viewer
2015-06-19 14:20 . 2015-06-19 14:29 -------- d-----w- c:\windows\SysWow64\1033
2015-06-19 14:20 . 2015-06-19 15:36 -------- d-----w- c:\program files\Microsoft SQL Server
2015-06-19 14:11 . 2015-06-19 15:29 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2015-06-19 14:08 . 2015-06-19 14:08 -------- d-----w- c:\users\Adrian\.tooling
2015-06-19 14:07 . 2015-06-19 15:03 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 12.0
2015-06-19 14:07 . 2015-06-19 14:22 -------- d-----w- c:\windows\system32\1033
2015-06-19 14:07 . 2015-06-19 14:07 -------- d-----w- c:\program files\Microsoft Visual Studio 12.0
2015-06-19 13:39 . 2015-06-19 13:40 -------- d-----w- c:\users\Adrian\SpongeAPI
2015-06-10 11:28 . 2015-05-22 18:18 1021440 ----a-w- c:\windows\system32\appraiser.dll
2015-06-10 11:27 . 2015-05-25 18:19 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-06-10 11:26 . 2015-04-24 18:17 633856 ----a-w- c:\windows\system32\comctl32.dll
2015-06-10 11:26 . 2015-04-24 17:56 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-06-10 11:26 . 2015-05-25 17:08 3206144 ----a-w- c:\windows\system32\win32k.sys
2015-06-10 11:26 . 2015-04-11 03:19 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-06-08 14:14 . 2015-06-08 14:14 -------- d-----w- c:\users\Adrian\hpremote
2015-06-06 14:17 . 2015-06-11 16:22 -------- d-----w- c:\users\Adrian\AppData\Roaming\.StarMade
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-01 12:47 . 2012-06-15 00:12 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-01 12:47 . 2012-06-15 00:12 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-27 06:54 . 2014-05-05 17:31 442264 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-06-17 09:10 . 2015-04-13 14:48 17724600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-06-17 09:10 . 2014-09-02 07:36 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-06-17 09:10 . 2014-09-02 07:36 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-06-17 09:10 . 2014-09-02 07:32 1567576 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-06-17 09:10 . 2013-11-13 10:22 1571696 ----a-w- c:\windows\system32\nvspcap64.dll
2015-06-17 09:10 . 2013-11-13 10:22 1320304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-06-17 09:10 . 2013-04-10 13:47 15224784 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-06-17 09:10 . 2013-02-25 22:32 2997544 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-06-17 09:10 . 2012-03-15 04:59 3395648 ----a-w- c:\windows\system32\nvapi64.dll
2015-06-17 09:10 . 2012-03-15 04:59 12855416 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-06-17 06:48 . 2012-06-14 23:58 937616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2012-06-14 23:58 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2012-06-14 23:58 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2012-06-14 23:58 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2012-06-14 23:58 6873232 ----a-w- c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2012-06-14 23:58 3492168 ----a-w- c:\windows\system32\nvsvc64.dll
2015-06-10 18:41 . 2013-04-11 10:47 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-02 14:11 . 2012-06-14 23:58 4421614 ----a-w- c:\windows\system32\nvcoproc.bin
2015-05-25 18:01 . 2015-06-10 11:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-19 03:14 . 2014-09-02 07:32 61616 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-05-17 18:24 . 2015-05-17 18:24 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-05-17 18:24 . 2014-05-05 17:31 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-05-17 18:24 . 2014-05-05 17:31 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-05-17 18:24 . 2014-05-05 17:31 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-05-17 18:24 . 2014-05-05 17:31 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-05-17 18:24 . 2014-05-05 17:31 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-05-17 18:24 . 2014-05-05 17:31 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-05-17 18:24 . 2015-05-17 18:24 43112 ----a-w- c:\windows\avastSS.scr
2015-05-17 18:24 . 2014-05-05 17:31 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-05-06 13:07 . 2013-03-23 12:22 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-05-04 06:47 . 2013-04-05 11:51 348672 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-05-04 06:47 . 2013-04-05 11:49 348672 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-05-04 06:43 . 2013-04-05 11:49 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-05-01 13:17 . 2015-05-13 07:53 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 07:53 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 09:27 . 2015-05-01 09:27 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-21 15:13 . 2015-04-21 15:16 627920 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-04-20 03:17 . 2015-05-13 07:48 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 03:17 . 2015-05-13 07:48 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 02:56 . 2015-05-13 07:48 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 07:50 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 07:50 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-13 03:28 . 2015-05-13 07:48 328704 ----a-w- c:\windows\system32\services.exe
2015-04-09 00:58 . 2015-04-13 14:48 1895568 ----a-w- c:\windows\system32\nvdispco6435012.dll
2015-04-09 00:58 . 2015-04-13 14:48 1557648 ----a-w- c:\windows\system32\nvdispgenco6435012.dll
2015-04-08 03:29 . 2015-05-13 07:48 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 07:48 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 07:48 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-04-21 15:32 329376 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-04-21 15:32 329376 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-04-21 15:32 329376 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-04-21 15:32 329376 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-04-21 15:32 329376 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"Akamai NetSession Interface"="c:\users\Adrian\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 4673432]
"Spotify Web Helper"="c:\users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-26 2023480]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-06-02 28785280]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"MySQL Notifier"="c:\program files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe" [2014-09-03 773120]
"Spotify"="c:\users\Adrian\AppData\Roaming\Spotify\Spotify.exe" [2015-06-26 7415864]
"GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-06-05 813896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-17 5515496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [x]
S2 chromoting;Chrome Remote Desktop Service;c:\program files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe;c:\program files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-18 12:04 986440 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.124\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 12:47]
.
2015-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 16:03]
.
2015-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 16:03]
.
2013-12-24 c:\windows\Tasks\HPCeeScheduleForAdrian.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-04-21 15:32 358064 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-04-21 15:32 358064 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-04-21 15:32 358064 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-04-21 15:32 358064 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-04-21 15:32 358064 ----a-w- c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-21 15:18 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-21 15:18 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-21 15:18 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-17 18:24 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-03-30 37888]
"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-18 1356240]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-17 1571696]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-17 2754704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-12 21720]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-Mod-MC - c:\users\Adrian\Desktop\Uninstal.exe
AddRemove-{87686C21-8A15-4b4d-A3F1-11141D9BE094} - c:\users\Adrian\Desktop\Desktop\ddd\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\SecuROM\License information*]
"datasecu"=hex:d8,b2,7a,c6,b4,33,c2,7f,d6,fe,43,a1,a8,66,fd,db,35,64,0a,c4,d3,
c1,2b,61,91,51,78,eb,21,df,3c,25,fd,0e,38,80,1e,1e,2d,d7,dd,a7,8c,b1,c2,70,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-03 08:32:22
ComboFix-quarantined-files.txt 2015-07-03 06:32
.
Vor Suchlauf: 21 Verzeichnis(se), 322.265.214.976 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 323.936.432.128 Bytes frei
.
- - End Of File - - 20FC84F2B6482B99278F1748A325B496
5FB38429D5D77768867C76DCBDB35194
Geändert von Freakey_ (03.07.2015 um 07:34 Uhr) Grund: Mein Fehler - hat nur ne Zeit gedauert zu starten |
|
03.07.2015, 09:05
| #9 |
| /// the machine /// TB-Ausbilder | Taskmanager blockiert, consent.exe 6x offen Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.07.2015, 11:55
| #10 |
| | Taskmanager blockiert, consent.exe 6x offenCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.07.2015 Suchlaufzeit: 11:19 Protokolldatei: Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.03.01 Rootkit-Datenbank: v2015.07.01.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Adrian Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 657653 Abgelaufene Zeit: 1 Std., 16 Min., 32 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 3 PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh, , [a9b46e6fc4c695a147e0ab3a2fd48878], PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1, , [a9b46e6fc4c695a147e0ab3a2fd48878], PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata, , [a9b46e6fc4c695a147e0ab3a2fd48878], Dateien: 2 PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata\computed_hashes.json, , [a9b46e6fc4c695a147e0ab3a2fd48878], PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata\verified_contents.json, , [a9b46e6fc4c695a147e0ab3a2fd48878], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.7 (07.02.2015:2)
OS: Windows 7 Home Premium x64
Ran by Adrian on 03.07.2015 at 12:47:32,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\windows\system32\tasks\update-S-1-5-21-1501557853-1401194567-1476615106-1000
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\windows\syswow64\sho239A.tmp
Successfully deleted: [File] C:\windows\syswow64\sho62F.tmp
Successfully deleted: [File] C:\windows\syswow64\sho766B.tmp
Successfully deleted: [File] C:\windows\syswow64\sho7ADA.tmp
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\tuneup software
Successfully deleted: [Folder] C:\Users\Adrian\AppData\Roaming\tuneup software
Successfully deleted: [Folder] C:\Users\Adrian\AppData\Roaming\3909
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh
[C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
ofjgnhihlklpobkaloamkankaaoclfjh
[C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
fmlgoencnlndpglbocajlimaikjohmab,
ofjgnhihlklpobkaloamkankaaoclfjh
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.07.2015 at 12:51:23,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v4.207 - Bericht erstellt 03/07/2015 um 12:40:14
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-07-02.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Adrian - ADRIAN
# Gestarted von : C:\Users\Adrian\Downloads\adwcleaner_4.207(1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v38.0.1 (x86 de)
-\\ Google Chrome v43.0.2357.124
[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=AT&userid=9c551487-5f5f-4f9c-9c01-b430fcd06690&searchtype=ds&q={searchTerms}&installDate=11/08/2013
[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
*************************
AdwCleaner[R2].txt - [1483 Bytes] - [07/12/2014 08:50:39]
AdwCleaner[R3].txt - [2554 Bytes] - [22/01/2015 14:55:28]
AdwCleaner[R5].txt - [1680 Bytes] - [03/07/2015 12:38:20]
AdwCleaner[S1].txt - [1620 Bytes] - [07/12/2014 08:54:17]
AdwCleaner[S2].txt - [3716 Bytes] - [01/07/2015 15:37:40]
AdwCleaner[S3].txt - [1529 Bytes] - [03/07/2015 12:40:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1588 Bytes] ##########
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Adrian (administrator) on ADRIAN on 03-07-2015 12:54:09
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian & Roland & Julia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Adrian\Desktop\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-17] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2013-12-13] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Spotify Web Helper] => C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2015-06-26] (Spotify Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Spotify] => C:\Users\Adrian\AppData\Roaming\Spotify\Spotify.exe [7415864 2015-06-26] (Spotify Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-17] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://g.uk.msn.com/HPCON/13
SearchScopes: HKLM -> {939B14F3-B461-4624-9A18-471F61BFA534} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> {939B14F3-B461-4624-9A18-471F61BFA534} URL =
SearchScopes: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-17] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-21] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-17] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-21] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4D90CE45-67A0-49AB-B5B4-C64A4C422721}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8B69EE98-7CCE-4594-BF68-254040775923}: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-01] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-09] ()
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\donottrackplus@abine.com [2015-05-29]
FF Extension: ColorZilla - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-05-29]
FF Extension: WOT - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29]
FF Extension: Ghostery - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\firefox@ghostery.com.xpi [2015-05-09]
FF Extension: Adblock Edge - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-05]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]
CHR Extension: (Google Docs) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]
CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (MaskMe) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2015-06-04]
CHR Extension: (Blur) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-06-04]
CHR Extension: (Google Sheets) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-06-04]
CHR Extension: (AdBlock) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-04]
CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-19]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-17] (Avast Software s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-06] ()
S2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe [69448 2015-05-28] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-03-18] (Microsoft Corporation)
R2 ezSharedSvc; C:\windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [4276136 2013-04-03] (INCA Internet Co., Ltd.) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1996144 2015-05-21] (Electronic Arts)
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-04-04] (PDF Complete Inc)
S2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2014-10-02] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-17] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-17] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-17] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-17] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-17] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-02] ()
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-08-02] (Echobit, LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-14] ()
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 X6va011; \??\C:\windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\windows\SysWOW64\Drivers\X6va015 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-03 12:51 - 2015-07-03 12:51 - 00002053 _____ C:\Users\Adrian\Desktop\JRT.txt
2015-07-03 12:47 - 2015-07-03 12:47 - 00000207 _____ C:\windows\tweaking.com-regbackup-ADRIAN-Windows-7-Home-Premium-(64-bit).dat
2015-07-03 12:47 - 2015-07-03 12:47 - 00000000 ____D C:\RegBackup
2015-07-03 11:24 - 2015-07-03 11:24 - 02951023 _____ (Malwarebytes Corporation) C:\Users\Adrian\Desktop\JRT.exe
2015-07-03 10:22 - 2015-07-03 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-07-03 10:12 - 2015-07-03 10:22 - 00000000 ____D C:\xampp
2015-07-03 10:01 - 2015-07-03 10:11 - 112208384 _____ (Bitnami) C:\Users\Adrian\Downloads\xampp-win32-5.6.8-0-VC11-installer.exe
2015-07-03 08:32 - 2015-07-03 08:32 - 00040672 _____ C:\ComboFix.txt
2015-07-03 08:10 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2015-07-03 08:10 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2015-07-03 08:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2015-07-03 08:07 - 2015-07-03 08:07 - 05631262 _____ (Swearware) C:\Users\Adrian\Downloads\ComboFix.exe
2015-07-03 08:01 - 2015-07-03 08:32 - 00000000 ____D C:\Qoobox
2015-07-03 08:00 - 2015-07-03 08:31 - 00000000 ____D C:\windows\erdnt
2015-07-02 18:01 - 2015-07-02 18:01 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Adrian\Downloads\tdsskiller.exe
2015-07-01 19:27 - 2015-07-01 19:27 - 00065222 _____ C:\Users\Adrian\Desktop\GAListener.jar
2015-07-01 19:22 - 2015-07-01 19:22 - 00018694 _____ C:\Users\Adrian\Desktop\Votifier.jar
2015-07-01 18:56 - 2015-07-01 18:56 - 00002135 _____ C:\Users\Adrian\Desktop\mbam.txt
2015-07-01 16:01 - 2015-07-01 16:02 - 00000000 ____D C:\Users\Adrian\AppData\Local\PAYDAY 2
2015-07-01 16:01 - 2015-07-01 16:01 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-07-01 15:44 - 2015-07-03 12:54 - 00027886 _____ C:\Users\Adrian\Desktop\FRST.txt
2015-07-01 15:43 - 2015-07-01 15:43 - 02112512 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64(1).exe
2015-07-01 15:36 - 2015-07-01 15:37 - 00095283 _____ C:\Users\Adrian\Downloads\FRST.txt
2015-07-01 15:36 - 2015-07-01 15:36 - 02112512 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-07-01 15:33 - 2015-07-03 12:43 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-01 15:33 - 2015-07-01 15:33 - 00001068 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-01 15:33 - 2015-07-01 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-01 15:33 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-07-01 15:33 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-07-01 15:33 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-07-01 15:32 - 2015-07-01 15:34 - 00003880 _____ C:\Users\Adrian\Desktop\AdwCleaner[R4].txt
2015-07-01 15:32 - 2015-07-01 15:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-01 15:31 - 2015-07-01 15:32 - 02244096 _____ C:\Users\Adrian\Downloads\adwcleaner_4.207(1).exe
2015-07-01 14:57 - 2015-07-01 14:57 - 02244096 _____ C:\Users\Adrian\Downloads\AdwCleaner_4.207.exe
2015-06-30 21:03 - 2015-06-30 21:03 - 00000000 ____D C:\Users\Adrian\Desktop\Bauserver
2015-06-30 18:54 - 2015-06-30 18:54 - 00000278 _____ C:\Users\Adrian\Desktop\How to use the new things added in 1.4.6 (no NBT) Bukkit Forums.URL
2015-06-29 16:39 - 2015-06-29 16:39 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.atlauncher
2015-06-28 16:15 - 2015-06-28 16:15 - 00990670 _____ C:\Users\Adrian\Downloads\Essentials(1).zip
2015-06-28 16:08 - 2015-06-28 16:08 - 00279917 _____ C:\Users\Adrian\Downloads\nbteditor-1.2.zip
2015-06-23 18:22 - 2015-06-23 18:22 - 00001343 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-23 18:21 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2015-06-23 18:12 - 2015-06-17 11:10 - 42729104 _____ C:\windows\system32\nvcompiler.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 37748880 _____ C:\windows\SysWOW64\nvcompiler.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-06-23 18:12 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6435330.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6435330.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2015-06-23 18:12 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00030966 _____ C:\windows\system32\nvinfo.pb
2015-06-23 18:06 - 2015-06-23 18:06 - 00000000 ____D C:\NVIDIA
2015-06-23 17:48 - 2015-06-23 17:48 - 00158823 _____ C:\Users\Adrian\Downloads\2c36ac-Play GTA V.rar
2015-06-23 17:42 - 2015-06-23 17:42 - 00060476 _____ C:\Users\Adrian\Downloads\16420b-OpenAllInteriors.rar
2015-06-23 17:41 - 2015-06-23 17:41 - 00139690 _____ C:\Users\Adrian\Downloads\3137dd-the_red_house.zip
2015-06-23 17:41 - 2015-06-23 17:41 - 00130877 _____ C:\Users\Adrian\Downloads\7d5fc4-Bodyguard Menu 1.7.zip
2015-06-23 17:39 - 2015-06-23 17:39 - 00766494 _____ C:\Users\Adrian\Downloads\f72d70-RealPoliceOffenses.rar
2015-06-23 17:38 - 2015-06-23 17:38 - 00393765 _____ C:\Users\Adrian\Downloads\ScriptHookV_1.0.372.2.zip
2015-06-23 17:34 - 2015-06-23 17:42 - 292264080 _____ (NVIDIA Corporation) C:\Users\Adrian\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-06-23 17:29 - 2015-06-23 17:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-23 17:29 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2015-06-23 17:29 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2015-06-21 16:11 - 2015-06-21 16:12 - 00024799 _____ C:\Users\Adrian\Downloads\TurretsStarterPackRAW.rar
2015-06-21 16:09 - 2015-06-21 16:09 - 01399043 _____ C:\Users\Adrian\Desktop\DieUberwaffe_Tigerlily_HF50.sment
2015-06-21 09:54 - 2015-06-21 09:54 - 00000257 _____ C:\Users\Adrian\Desktop\Rockstar Games Social Club - Crew Squad Lemonators.URL
2015-06-20 17:03 - 2015-06-20 17:03 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2013
2015-06-20 17:03 - 2015-06-20 17:03 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2013
2015-06-20 11:54 - 2015-06-20 11:54 - 00005618 _____ C:\Users\Adrian\Desktop\Mein Radio.application
2015-06-20 11:54 - 2015-06-20 11:54 - 00000000 ____D C:\Users\Adrian\Desktop\Application Files
2015-06-20 11:54 - 2015-06-20 11:54 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2015-06-20 11:53 - 2015-06-20 11:53 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft FxCop
2015-06-20 11:32 - 2015-05-06 15:07 - 00319584 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2015-06-20 11:32 - 2015-05-06 15:07 - 00206944 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2015-06-20 11:32 - 2015-05-06 15:07 - 00206432 _____ (Oracle Corporation) C:\windows\system32\java.exe
2015-06-20 11:15 - 2015-06-20 11:28 - 146861984 _____ (Oracle Corporation) C:\Users\Adrian\Downloads\jdk-7u79-windows-x64.exe
2015-06-19 17:53 - 2015-06-19 17:53 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\NuGet
2015-06-19 17:24 - 2015-06-19 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-06-19 17:24 - 2015-06-19 17:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-06-19 17:20 - 2015-06-19 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2015-06-19 17:20 - 2015-06-19 17:20 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits
2015-06-19 17:16 - 2015-06-19 18:55 - 00000000 ____D C:\Users\Adrian\Documents\Visual Studio 2013
2015-06-19 17:16 - 2015-06-19 17:16 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2015-06-19 17:08 - 2015-06-19 17:08 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-06-19 17:02 - 2015-06-19 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2015-06-19 16:55 - 2015-06-19 17:10 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-06-19 16:55 - 2015-06-19 16:55 - 00000000 ____D C:\Program Files\Application Verifier
2015-06-19 16:55 - 2015-06-19 16:55 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-06-19 16:51 - 2015-06-19 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-06-19 16:45 - 2015-06-19 16:45 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-06-19 16:39 - 2015-06-19 16:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-06-19 16:38 - 2015-06-19 17:09 - 00000000 ____D C:\Program Files\IIS Express
2015-06-19 16:38 - 2015-06-19 17:09 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\ProgramData\NuGet
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files\IIS
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\IIS
2015-06-19 16:34 - 2015-06-19 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-06-19 16:25 - 2015-06-19 16:31 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-06-19 16:25 - 2015-06-19 16:25 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\windows\symbols
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-06-19 16:20 - 2015-06-19 17:36 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-19 16:20 - 2015-06-19 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2015-06-19 16:20 - 2015-06-19 16:29 - 00000000 ____D C:\windows\SysWOW64\1033
2015-06-19 16:08 - 2015-06-19 16:08 - 00000000 ____D C:\Users\Adrian\.tooling
2015-06-19 16:07 - 2015-06-19 17:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-06-19 16:07 - 2015-06-19 16:22 - 00000000 ____D C:\windows\system32\1033
2015-06-19 16:07 - 2015-06-19 16:07 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-06-19 15:47 - 2015-06-19 15:47 - 01240624 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\vs_community.exe
2015-06-19 15:46 - 2015-06-19 15:46 - 01198368 _____ C:\Users\Adrian\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe
2015-06-19 15:39 - 2015-06-19 15:40 - 00000000 ____D C:\Users\Adrian\SpongeAPI
2015-06-19 15:38 - 2015-06-19 15:39 - 03709881 _____ C:\Users\Adrian\Downloads\forge-1.8-11.14.3.1468-installer-win.exe
2015-06-19 15:37 - 2015-06-19 15:38 - 14131704 _____ C:\Users\Adrian\Downloads\sponge-1.8-1446-2.1DEV-490.jar
2015-06-18 14:12 - 2015-06-18 14:12 - 00054619 _____ C:\Users\Adrian\Downloads\ts18.nitrado.net-11200-2981-BU181829.dat
2015-06-17 16:59 - 2015-06-17 16:59 - 04832017 _____ C:\Users\Adrian\Downloads\WM01-demo.zip
2015-06-17 16:34 - 2015-06-17 16:34 - 00025510 _____ C:\Users\Adrian\Desktop\freakey.pdn
2015-06-15 16:18 - 2015-06-15 16:18 - 00000000 ____D C:\Users\Adrian\Desktop\icons
2015-06-11 18:12 - 2015-06-11 18:13 - 02210768 _____ C:\Users\Adrian\Downloads\StarMade-starter(1).exe
2015-06-11 11:27 - 2015-06-11 11:27 - 00000000 ____D C:\Users\Adrian\Desktop\Minecraft Server
2015-06-11 11:21 - 2015-06-11 11:21 - 00004010 _____ C:\Users\Adrian\AppData\Local\recently-used.xbel
2015-06-11 10:16 - 2015-06-11 10:16 - 21553694 _____ C:\Users\Adrian\Desktop\spigot-1.8.7-R0.1-SNAPSHOT.jar
2015-06-11 10:16 - 2015-06-11 10:16 - 21553694 _____ C:\Users\Adrian\Desktop\spigot-1.8.7.jar
2015-06-10 19:33 - 2015-06-10 19:33 - 00080153 _____ C:\Users\Adrian\Downloads\Orebfuscator.jar
2015-06-10 17:40 - 2015-06-10 17:40 - 00045721 _____ C:\Users\Adrian\Downloads\PvPTimer.jar
2015-06-10 17:32 - 2015-06-10 17:32 - 00020799 _____ C:\Users\Adrian\Downloads\PVPLeveling.jar
2015-06-10 17:18 - 2015-06-10 17:18 - 00295492 _____ C:\Users\Adrian\Downloads\Vault(1).jar
2015-06-10 15:41 - 2015-06-10 15:41 - 00203534 _____ C:\Users\Adrian\Downloads\BossShop.jar
2015-06-10 13:29 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-10 13:29 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-10 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-10 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-10 13:29 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-10 13:29 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-06-10 13:29 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-06-10 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-06-10 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-06-10 13:29 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-06-10 13:28 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-06-10 13:28 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-10 13:28 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-06-10 13:28 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-10 13:28 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-06-10 13:28 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-10 13:28 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-06-10 13:28 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-06-10 13:28 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-06-10 13:28 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-06-10 13:28 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-10 13:28 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-06-10 13:28 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-06-10 13:28 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-06-10 13:28 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-10 13:28 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-06-10 13:28 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-06-10 13:28 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-06-10 13:28 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 13:28 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-06-10 13:28 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-10 13:28 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-10 13:28 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-10 13:28 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-10 13:28 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-10 13:28 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-06-10 13:28 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-10 13:28 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-10 13:28 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-10 13:28 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-06-10 13:28 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-06-10 13:28 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-06-10 13:28 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-06-10 13:28 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-06-10 13:28 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-06-10 13:28 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-06-10 13:28 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-06-10 13:28 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-06-10 13:28 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-06-10 13:28 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-06-10 13:28 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-06-10 13:28 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-06-10 13:28 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 13:28 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-06-10 13:28 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-06-10 13:28 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-06-10 13:28 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-06-10 13:28 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-06-10 13:28 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-06-10 13:28 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-06-10 13:28 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-06-10 13:28 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-06-10 13:28 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-06-10 13:28 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-06-10 13:28 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-06-10 13:28 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-10 13:27 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-06-10 13:27 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-06-10 13:27 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-06-10 13:27 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-06-10 13:27 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-06-10 13:27 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-06-10 13:27 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-06-10 13:27 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-06-10 13:27 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-06-10 13:27 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-06-10 13:27 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-06-10 13:27 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-06-10 13:27 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-06-10 13:27 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-06-10 13:27 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:26 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-10 13:26 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-06-10 13:26 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-06-10 13:26 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-06-09 20:59 - 2015-06-09 20:59 - 00097426 _____ C:\Users\Adrian\Downloads\SimpleAlias_1.6.0.jar
2015-06-09 20:44 - 2015-06-09 20:44 - 00242829 _____ C:\Users\Adrian\Downloads\SimpleClans.jar
2015-06-09 20:41 - 2015-06-09 20:41 - 00088581 _____ C:\Users\Adrian\Downloads\FactionChat.jar
2015-06-09 20:36 - 2015-06-09 20:36 - 01353976 _____ C:\Users\Adrian\Downloads\MassiveCore.jar
2015-06-09 20:35 - 2015-06-09 20:35 - 01492385 _____ C:\Users\Adrian\Downloads\Factions-2.7.5.zip
2015-06-09 20:28 - 2015-06-09 20:28 - 00464200 _____ C:\Users\Adrian\Downloads\LWC.jar
2015-06-09 19:27 - 2015-06-09 19:27 - 06477032 _____ (Tim Kosse) C:\Users\Adrian\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-09 19:26 - 2015-06-09 19:26 - 00352171 _____ C:\Users\Adrian\Downloads\BVotifier[1].jar
2015-06-08 16:14 - 2015-06-08 16:14 - 00002580 _____ C:\windows\DPINST.LOG
2015-06-08 16:14 - 2015-06-08 16:14 - 00000000 ____D C:\Users\Adrian\hpremote
2015-06-07 12:24 - 2015-06-07 12:24 - 02803105 _____ C:\Users\Adrian\Downloads\craftconomy3-3.2.1(1).jar
2015-06-06 16:52 - 2015-06-07 11:01 - 00036984 _____ C:\windows\DirectX.log
2015-06-06 16:18 - 2015-06-27 13:09 - 00000000 ____D C:\Users\Adrian\Downloads\StarMade
2015-06-06 16:17 - 2015-06-11 18:22 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.StarMade
2015-06-06 16:17 - 2015-06-06 16:17 - 02210768 _____ C:\Users\Adrian\Downloads\StarMade-starter.exe
2015-06-04 09:48 - 2015-06-04 09:49 - 00087894 _____ C:\Users\Adrian\Downloads\BAT-WebInterface1.6(1).zip
2015-06-04 08:39 - 2015-06-04 08:39 - 00000000 ____D C:\ProgramData\Google
2015-06-04 08:35 - 2015-06-04 08:36 - 08180736 _____ C:\Users\Adrian\Downloads\chromeremotedesktophost.msi
2015-06-04 08:31 - 2015-06-04 08:31 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-04 07:27 - 2015-06-04 07:27 - 01822832 _____ (Pushbullet Inc ) C:\Users\Adrian\Downloads\pushbullet_installer.exe
2015-06-04 07:02 - 2015-06-04 07:02 - 00000233 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-03 12:54 - 2015-02-24 14:54 - 00000000 ____D C:\FRST
2015-07-03 12:48 - 2013-03-15 02:51 - 01211979 _____ C:\windows\WindowsUpdate.log
2015-07-03 12:48 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-03 12:48 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-03 12:47 - 2013-09-02 11:16 - 00000000 ____D C:\Users\Adrian\AppData\Local\LogMeIn Hamachi
2015-07-03 12:46 - 2013-03-14 19:02 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Skype
2015-07-03 12:45 - 2014-05-18 07:56 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Spotify
2015-07-03 12:44 - 2014-05-18 07:57 - 00000000 ____D C:\Users\Adrian\AppData\Local\Spotify
2015-07-03 12:44 - 2013-03-16 08:15 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-03 12:43 - 2012-06-15 02:18 - 00000000 ____D C:\ProgramData\PDFC
2015-07-03 12:42 - 2015-05-18 16:26 - 00018453 _____ C:\windows\setupact.log
2015-07-03 12:41 - 2015-05-18 16:26 - 00070458 _____ C:\windows\PFRO.log
2015-07-03 12:41 - 2012-06-15 01:58 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-03 12:41 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-03 12:40 - 2014-12-07 08:50 - 00000000 ____D C:\AdwCleaner
2015-07-03 12:39 - 2013-03-16 09:10 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Audacity
2015-07-03 12:14 - 2014-11-08 11:14 - 00000000 ____D C:\Users\Adrian\AppData\Local\Eclipse
2015-07-03 10:55 - 2013-05-18 19:37 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\TS3Client
2015-07-03 10:28 - 2013-05-11 09:31 - 00000000 ____D C:\Users\Adrian\workspace
2015-07-03 10:04 - 2015-02-09 12:26 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.minecraft
2015-07-03 08:32 - 2014-04-01 19:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Apps\2.0
2015-07-03 08:32 - 2013-04-01 10:00 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-03 08:32 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-03 08:29 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2015-07-03 08:25 - 2012-06-15 02:06 - 00000000 ____D C:\ProgramData\Temp
2015-07-03 08:10 - 2013-06-22 18:56 - 00000000 ____D C:\Users\Adrian\AppData\Local\Adobe
2015-07-03 07:52 - 2014-05-05 19:31 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-07-02 18:31 - 2012-06-15 01:44 - 00700336 _____ C:\windows\system32\perfh007.dat
2015-07-02 18:31 - 2012-06-15 01:44 - 00149928 _____ C:\windows\system32\perfc007.dat
2015-07-02 18:31 - 2011-02-11 19:15 - 01597118 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-07-02 18:31 - 2009-07-14 07:13 - 01597118 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-02 12:35 - 2009-07-14 06:45 - 00000000 ____D C:\windows\Setup
2015-07-01 18:15 - 2015-04-14 15:52 - 00000080 _____ C:\Users\Adrian\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-07-01 15:33 - 2014-07-07 15:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-01 15:26 - 2013-09-13 19:07 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-01 14:47 - 2013-09-13 19:07 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-01 14:47 - 2012-06-15 02:12 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-01 14:47 - 2012-06-15 02:12 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-29 16:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-29 13:47 - 2012-06-15 02:18 - 00000000 ____D C:\ProgramData\Skype
2015-06-27 08:54 - 2014-05-05 19:31 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswsp.sys
2015-06-24 20:03 - 2014-11-04 09:40 - 00000000 ____D C:\Users\Adrian\Documents\Action!
2015-06-23 18:22 - 2013-08-05 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-23 18:22 - 2012-06-15 01:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-23 18:19 - 2012-06-15 01:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-20 20:32 - 2014-04-01 19:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Deployment
2015-06-20 17:02 - 2014-08-25 14:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-20 11:29 - 2013-03-23 14:22 - 00000000 ____D C:\Program Files\Java
2015-06-20 08:48 - 2013-09-28 08:31 - 05259320 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-19 17:39 - 2014-06-09 08:16 - 00143352 _____ C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-19 17:35 - 2014-04-14 07:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-19 17:16 - 2014-04-14 07:25 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-06-19 17:00 - 2014-04-14 07:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-06-19 17:00 - 2013-08-10 19:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-06-19 17:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-19 16:43 - 2014-10-15 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-19 16:08 - 2013-03-14 18:59 - 00000000 ____D C:\Users\Adrian
2015-06-19 16:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-17 16:38 - 2015-03-27 11:52 - 00000000 ___RD C:\Users\Adrian\Desktop\Meine Dateien
2015-06-17 16:34 - 2013-05-28 20:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Paint.NET
2015-06-17 16:29 - 2013-03-26 12:03 - 00000000 ____D C:\Users\Adrian\.gimp-2.8
2015-06-17 11:10 - 2015-04-13 16:48 - 17724600 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-06-17 11:10 - 2014-09-02 09:36 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2015-06-17 11:10 - 2014-09-02 09:36 - 01316000 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2015-06-17 11:10 - 2014-09-02 09:32 - 01567576 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2015-06-17 11:10 - 2013-11-13 12:22 - 01571696 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2015-06-17 11:10 - 2013-11-13 12:22 - 01320304 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2015-06-17 11:10 - 2013-04-10 15:47 - 15224784 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-06-17 11:10 - 2013-02-26 00:32 - 02997544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-06-17 11:10 - 2012-03-15 06:59 - 12855416 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2015-06-17 11:10 - 2012-03-15 06:59 - 03395648 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 06873232 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 03492168 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 02558792 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 00937616 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2015-06-17 08:48 - 2012-06-15 01:58 - 00385168 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 00062792 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2015-06-12 12:48 - 2015-05-06 17:23 - 00000600 _____ C:\Users\Adrian\AppData\Local\PUTTY.RND
2015-06-12 12:48 - 2013-04-15 17:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\FileZilla
2015-06-11 15:15 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-06-11 14:40 - 2015-01-07 15:14 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-06-11 14:40 - 2014-05-05 19:25 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieUserList
2015-06-11 14:40 - 2014-05-05 19:25 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieSiteList
2015-06-11 13:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-06-11 11:21 - 2015-04-07 15:53 - 00000000 ____D C:\Users\Adrian\AppData\Local\gtk-2.0
2015-06-11 10:17 - 2013-05-25 21:54 - 00000000 ____D C:\Users\Adrian\Documents\Bandicam
2015-06-11 09:56 - 2015-03-31 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2015-06-11 08:22 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-06-11 08:19 - 2014-12-11 19:20 - 00000000 ____D C:\windows\system32\appraiser
2015-06-11 08:19 - 2014-05-06 12:21 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-11 08:19 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-10 20:48 - 2013-08-15 16:39 - 00000000 ____D C:\windows\system32\MRT
2015-06-10 20:41 - 2013-04-11 12:47 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-10 17:21 - 2013-04-15 17:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-06-10 17:21 - 2013-04-15 17:25 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-06-10 16:32 - 2015-04-14 15:52 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-10 16:32 - 2015-04-14 15:52 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-08 16:17 - 2013-06-09 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-06-08 16:17 - 2013-06-09 20:40 - 00000000 ____D C:\Program Files (x86)\Nero
2015-06-08 16:15 - 2012-06-15 02:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-06-08 16:15 - 2012-06-15 02:04 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-06-08 16:14 - 2012-06-15 02:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-08 16:00 - 2015-04-21 14:10 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\soundcloud-musicaudio-515e62acb4534adf9d67bd67c3aef5e8
2015-06-06 16:53 - 2013-05-11 11:56 - 00000000 ____D C:\Users\Adrian\Documents\My Games
==================== Files in the root of some directories =======
2013-11-14 15:51 - 2015-02-03 17:15 - 0000132 _____ () C:\Users\Adrian\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-05-20 07:19 - 2013-06-11 19:23 - 0000096 _____ () C:\Users\Adrian\AppData\Roaming\Camdata.ini
2013-05-20 07:19 - 2013-06-11 19:23 - 0000408 _____ () C:\Users\Adrian\AppData\Roaming\CamLayout.ini
2013-05-20 07:19 - 2013-06-11 19:23 - 0000408 _____ () C:\Users\Adrian\AppData\Roaming\CamShapes.ini
2013-05-20 07:13 - 2013-05-26 07:46 - 0004508 _____ () C:\Users\Adrian\AppData\Roaming\CamStudio.cfg
2015-05-13 11:21 - 2015-05-13 11:21 - 0000000 _____ () C:\Users\Adrian\AppData\Roaming\gdfw.log
2015-05-13 11:21 - 2015-05-13 11:21 - 0000779 _____ () C:\Users\Adrian\AppData\Roaming\gdscan.log
2014-10-13 18:59 - 2014-10-13 18:59 - 0001456 _____ () C:\Users\Adrian\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-04-06 19:11 - 2013-04-11 15:39 - 0003584 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-06 17:23 - 2015-06-12 12:48 - 0000600 _____ () C:\Users\Adrian\AppData\Local\PUTTY.RND
2015-06-11 11:21 - 2015-06-11 11:21 - 0004010 _____ () C:\Users\Adrian\AppData\Local\recently-used.xbel
2014-05-22 16:45 - 2014-05-22 16:45 - 0000003 _____ () C:\Users\Adrian\AppData\Local\updater.log
2014-05-22 16:45 - 2014-05-22 16:45 - 0000442 _____ () C:\Users\Adrian\AppData\Local\UserProducts.xml
Files to move or delete:
====================
C:\Users\Adrian\Quiz.bat
C:\Users\Adrian\worldpainter_64_1.10.3.exe
C:\Users\Adrian\worldpainter_64_1.9.0.exe
Some files in TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-4807662166137902960.dll
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-12-21 15:41
==================== End of log ============================
|
|
03.07.2015, 11:56
| #11 |
| | Taskmanager blockiert, consent.exe 6x offen Addition.txt [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Adrian at 2015-07-03 12:54:47
Running from C:\Users\Adrian\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1501557853-1401194567-1476615106-500 - Administrator - Disabled)
Adrian (S-1-5-21-1501557853-1401194567-1476615106-1000 - Administrator - Enabled) => C:\Users\Adrian
Gast (S-1-5-21-1501557853-1401194567-1476615106-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1501557853-1401194567-1476615106-1005 - Limited - Enabled)
Julia (S-1-5-21-1501557853-1401194567-1476615106-1008 - Limited - Enabled) => C:\Users\Julia
Roland (S-1-5-21-1501557853-1401194567-1476615106-1002 - Administrator - Enabled) => C:\Users\Roland
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Alarm für Cobra 11 - Das Syndikat - DEMO (HKLM-x32\...\Alarm für Cobra 11 - Das Syndikat - DEMO_is1) (Version: - dtp)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft)
Assassin's Creed(R) III v1.02 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.02 - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoHotkey 1.1.22.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.22.00 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Blockland (HKLM-x32\...\Steam App 250340) (Version: - Eric Hartman)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
Bridge Constructor (HKLM-x32\...\Steam App 250460) (Version: - )
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version: - Rockstar New England)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)
Chrome Remote Desktop Host (HKLM-x32\...\{FD6E648E-1378-467F-AD37-2B98B379B0DD}) (Version: 44.0.2403.25 - Google Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Cobra 11 - Burning Wheels (remove only) (HKLM-x32\...\BurningWheels) (Version: - )
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DC Universe Online PSG (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Dropbox (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.7.0.0 - Electronic Arts)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FileZilla Client 3.11.0.2 (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.11.827 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)
Harry Potter und die Heiligtümer des Todes(TM) - Teil 2 (HKLM-x32\...\{F0C9E8E9-C54B-48C1-9192-F5D49633AB5D}) (Version: 1.0.0.0 - Electronic Arts)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{750E9D0F-B188-4A7E-ADD2-84B7ED7D32F6}) (Version: 5.1.4281.27332 - Hewlett-Packard)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 6.0.0.0 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 7 Update 79 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
King Arthur's Gold (HKLM-x32\...\{643B056F-61C1-4489-9797-4D846D101A7A}) (Version: 0.95.428.0 - THD)
Kit SDK de vérification de Visual Studio*2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LCPD First Response (HKLM-x32\...\LCPD First Response) (Version: 1.0.0.0d - G17 Media)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.1.2 (HKLM-x32\...\{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}) (Version: 4.0.1.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MC-RP Setup (HKLM-x32\...\{0115E035-5A7B-4972-BC55-E639EE7E0749}) (Version: 2.1.0 - mc-rp)
Mein Radio (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\4d13c7785a7a8b30) (Version: 1.0.0.0 - Hewlett-Packard Company)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4711.1002 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Note Block Studio version 3.2.1 (HKLM-x32\...\{84077DA9-3075-4AE5-BC82-345202B8CD4F}_is1) (Version: 3.2.1 - David Norgren)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MySQL Connector J (HKLM-x32\...\{5E91E205-AC15-4FA2-8A73-3CB5EC0E04A5}) (Version: 5.1.35 - Oracle Corporation)
MySQL Connector Net 6.9.6 (HKLM-x32\...\{71458704-E552-4A3E-8BFA-4F61C1F70724}) (Version: 6.9.6 - Oracle)
MySQL Documents 5.6 (HKLM-x32\...\{277FCB89-B03D-4A74-B9E6-97A4B07F691E}) (Version: 5.6.24 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{AC5A7E5E-629D-4A20-90D1-0FC2D426D7BF}) (Version: 5.6.24 - Oracle Corporation)
MySQL Fabric 1.6.1 & MySQL Utilities 1.6.1 (HKLM-x32\...\{5E11C144-6B3A-42A0-9646-7A80D565ECFF}) (Version: 1.6.1 - Oracle Corporation)
MySQL For Excel 1.3.4 (HKLM-x32\...\{A0352E65-6E78-48B3-B6D6-B3208E663249}) (Version: 1.3.4 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{7F30C2D9-2CEF-44FD-A2BA-C39DA3F7AD93}) (Version: 1.4.5.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero Burning ROM 2014 (HKLM-x32\...\{C9F54777-001E-41F6-83F8-B99A19EA5083}) (Version: 15.0.05600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PBO Manager v.1.4 beta (HKLM-x32\...\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}) (Version: 1.4.0 - )
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.95 - PDF Complete, Inc)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version: - )
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version: - Prism Studios)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.6207 - CyberLink Corp.) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 2.7 pygame-1.9.1 (HKLM-x32\...\{5D13804A-67B7-49DA-9B15-65B70A83B9C3}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 2.7.7 (64-bit) (HKLM\...\{049CA433-77A0-4e48-AC76-180A282C4E11}) (Version: 2.7.7150 - Python Software Foundation)
Python 3.3.2 (HKLM-x32\...\{92389DE9-939E-341B-A076-1D52D7DBCA71}) (Version: 3.3.2150 - Python Software Foundation)
Python 3.3.3 (64-bit) (HKLM\...\{E9D90870-AB19-32A8-AA93-F8348BA21D05}) (Version: 3.3.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samplitude Pro X Silver (HKLM-x32\...\MAGIX_{86460AB2-75D3-400D-B9A8-232EC729192E}) (Version: 12.0.2.115 - MAGIX AG)
Samplitude Pro X Silver (Version: 12.0.2.115 - MAGIX AG) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version: - sparsevector)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Escapists (HKLM-x32\...\Steam App 298630) (Version: - Mouldy Toof Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version: - Redlynx Ltd)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EEB9EFDE-ED91-11E2-91A8-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
x64 Components v4.1.6 (HKLM\...\Advanced x64Components_is1) (Version: 4.1.6 - Shark007)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.8-0 - Bitnami)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
02-07-2015 18:01:12 Revo Uninstaller's restore point - Snap.Do
02-07-2015 18:27:44 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-07-03 08:29 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {041AC71C-2E83-41A3-9554-505E9BC16A5E} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {06DC07AE-E4AD-43C7-A24E-36F63BF63935} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Adrian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {0ADC71B8-807C-4136-A3A1-A2C3E0D084BC} - System32\Tasks\HPCeeScheduleForAdrian => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1B2201A4-4B21-4025-B055-C91AB2D0B29E} - System32\Tasks\{2B544749-C5E0-4CB9-A076-C8F05F2E49BF} => pcalua.exe -a C:\Users\Adrian\Desktop\Setup.exe -d C:\Users\Adrian\Desktop
Task: {1F1D4F11-089A-4AF6-810E-480C83C2DFEE} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {26C3BDE7-D28F-40C5-AD50-122105E7002A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {27FC4DFF-9139-46D8-9BF7-CE891B4C2E1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {334F62A1-14D5-4AD7-9D9D-185FAF306C5E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {337E307F-1DDD-4EF0-8D40-F5EFCEB32DBA} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {3642C4C0-3B98-4160-A064-39ED0869F341} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {4DADD9CC-035A-406B-A423-6B9555ACE9A8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {55DC6AA8-CFC9-4392-891B-F9C3B1BD7EA3} - System32\Tasks\SERVER
Task: {5B077394-0B98-480C-87C3-0C240709CD75} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {5DE5203F-8628-4E1A-AF35-4C4678BB1EF7} - System32\Tasks\{E6EA3E45-7165-40A4-9FC3-83B36A2E9B84} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {61F768E0-7D8A-450F-AFD5-00F08BB5DCC2} - System32\Tasks\PaysafeCard in Portal2 Hülle!!!
Task: {631DD178-9898-4117-A534-A74C057FEA18} - System32\Tasks\MySQL\Installer\ManifestUpdate => c:\program files (x86)\mysql\mysql installer for windows\mysqlinstallerconsole.exe [2015-03-29] (Oracle Corporation)
Task: {698904AF-BD7C-43A6-A791-A640E6913B5D} - System32\Tasks\avastBCLRestartS-1-5-21-1501557853-1401194567-1476615106-1000 => Firefox.exe
Task: {6B2959FE-F5FF-41E9-A669-AF05D5320A10} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {6D1AFA16-BF1F-4D69-B875-95745F2DF63C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-21] (Microsoft Corporation)
Task: {81CD89CF-09B7-4ED3-BFB9-4B8EB8437EB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {8230EFE9-711B-4354-98E1-57115D150942} - System32\Tasks\NCH Software\PrismSevenDays => C:\Program Files (x86)\NCH Software\Prism\Prism.exe
Task: {82B4103C-9A1A-4AEC-90A3-BE60C56A9082} - System32\Tasks\GAMIANO GEWINNSPIEL!
Task: {8604EB66-6E7D-4936-A784-64AC3EA48886} - System32\Tasks\WICHTIG
Task: {8EA51C4D-D3C9-439C-AB09-F5AE20B1157E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9101B909-7E8B-4996-8107-7247FB2E333F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)
Task: {91DC1A61-7372-4CF2-B2D9-E0A5648D2343} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)
Task: {931A1AD6-0FAC-45BC-AC61-21C7DD92229E} - System32\Tasks\NCH Software\ExpressBurnSevenDays => C:\Program Files (x86)\NCH Software\ExpressBurn\ExpressBurn.exe
Task: {94E9226C-97F0-4AF1-9274-A581A54DCC1B} - \update-S-1-5-21-1501557853-1401194567-1476615106-1000 No Task File <==== ATTENTION
Task: {9AAA1E7E-ACAA-43FD-889C-C7A16220C851} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9B36A057-A3D2-4345-A3B2-53106925BC34} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {9B867FDC-FEEE-4B88-9456-EB8F2D6B0363} - System32\Tasks\Start => C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
Task: {A459918B-B947-46D1-BFBF-D9D579DE4512} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Roland => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {A61FD028-E47B-4D5E-A476-9E9BE7E65B2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {B21DCAB4-B6D3-44F3-ABDC-B9637ABD7E00} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B5B4D891-6588-4B0A-92E5-365D3BCE4B0C} - System32\Tasks\DUC => C:\Program Files (x86)\No-IP\DUC40.exe
Task: {B83B0121-745B-4DE4-8C17-CBA638E82C2D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-02-17] ()
Task: {B972E0F9-134A-471C-BF1E-EBC4F7E86496} - System32\Tasks\{E89F20C8-6676-4864-9408-C01E0C2755AF} => pcalua.exe -a "C:\Program Files (x86)\GTA IV Vehicle Mod Installer\v1.5\gtaivvmi.exe" -d "C:\Program Files (x86)\GTA IV Vehicle Mod Installer\v1.5"
Task: {BB9F7843-A597-4CE1-9E5E-2E77079141D1} - System32\Tasks\{E043DE6B-9827-4807-9472-69EDE4CEDB0E} => C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe [2014-01-07] (Ubisoft Entertainment.)
Task: {CF789FA9-E7EC-4217-9CD3-296B9552F25E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E366872B-3E2A-4C8E-B1CB-7BE3E0101987} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01] (Adobe Systems Incorporated)
Task: {EFF15A10-9722-4D58-AD11-9C48EE1F8A62} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {F1E040D6-34C6-40D7-866E-286F0C380210} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForAdrian.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-02 17:18 - 2015-06-02 17:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-04-21 17:04 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-17 20:24 - 2015-05-17 20:24 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-17 20:24 - 2015-05-17 20:24 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-03 11:28 - 2015-07-03 11:28 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070300\algo.dll
2015-03-19 15:23 - 2015-03-19 15:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\Users\Adrian\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Adrian\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Adrian\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Adrian\AppData\Roaming:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7725DE89-E83F-4BAB-B960-3184D07C10D3}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [{C56BE747-D7D9-405F-B6DC-1F2B8FB170B9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{B805765A-3445-44AB-B66A-E99526A6EFD1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{74B8F962-14AF-47E3-B4F5-9EE44DC56893}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8E2387B-6CE2-43D0-84F8-94B85C41BAF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4E346773-872D-491B-B087-6C5FE3CC2ED1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5767F5B3-ECEE-46BB-BCAA-F38BF9050775}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E0FC6BB-7068-4B6F-B65B-FC6F549E2D01}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C5F7B186-2702-4B3A-AA96-D7E1C085739E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2DEF6007-2AD3-44DB-B3DD-5E8BCF11F774}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{AE19D90D-8E24-4F00-9C5A-EF2F4664A12A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{41BD13B0-6E06-411E-95E8-A6A5C1FC10F6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{EC382866-8441-4B7B-8B16-C153BC1646A4}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{69A3602A-D727-4FC1-A7E2-61569D006923}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{E3655670-0721-46B5-A6B7-D70F3A983568}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{0938812A-7DED-41BC-8358-86939A56B552}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{34EF15B3-95BB-4515-B44F-BACE39D9B957}] => (Allow) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{C47DA7AC-02E6-4A35-B4AD-9629C4228DD9}] => (Allow) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{AB40C52B-B1DD-4556-8D32-6FCE4AAEC1F2}] => (Allow) C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6B63423E-6CFF-4398-9185-EDC135215FC8}] => (Allow) C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{CAD9D6D8-793C-4210-9153-20123064028D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{637F538C-A56C-42B9-B6A1-4DCE6CC6ECA9}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{998CD0DC-C563-4D14-AA37-A73A1D2419FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{5342D3C2-D9D1-4BDC-8CF7-AE1FB9037D3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{5F9887C1-4E6A-4C22-8E08-C118EC71E1AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{FCEE714A-FB37-454C-8B3A-C4C80AB56157}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{32505978-7C0F-4ADF-8FC5-10706CAD98BF}] => (Allow) C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7CA689AD-2342-4865-A892-106015C8F4F8}] => (Allow) C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AF51A93D-60E6-400F-88D7-CDA2FC66FBA9}C:\users\adrian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adrian\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8533760E-43EB-4492-9865-36330F82EB81}C:\users\adrian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adrian\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8F3EED5C-288A-457D-98BA-B39C02BE7EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{396285FC-4B7A-472F-A666-F71691BDBE41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4E948EEB-1484-49FA-A012-4801BA30788D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{79AEE65C-DA83-49CC-B8F4-9DDBEB66BD00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E963F82B-07D0-4AEA-AFBC-C7F30B0B59A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4106D859-3300-42CE-A9F9-93A55B3CD1E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1CF0E882-6F4B-44BD-8C84-77C6396C1D37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E2241544-C2BE-48C3-8F36-6C64E4070B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B4D9AC2F-C060-4ACD-BA82-E3AE61110F3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{AF4304B8-C7D5-4DAF-B3F9-3FE10A8C9E85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{AB658D72-0EAD-415E-9F96-3326478009BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{3D00E488-ADB4-4A83-B8BA-42F227465435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{33499D7C-59E6-489F-899C-21336D4475DC}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{AAADD60B-1110-47A3-8D4E-CEFBE5B28989}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{C15D3FC8-C272-4E47-90AE-0490A274B949}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{5560E43F-05F7-49AD-954F-EB5B178D82E8}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{139662F9-FC74-485F-A2A3-1FE8C4F93DBD}] => (Allow) LPort=5353
FirewallRules: [{57F05CF8-97F3-47EB-8F19-33D03EC86641}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{7B8041C9-7199-4D08-9BEE-F632AE8337DC}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{D19D4D27-657A-466A-AEAD-FA7ED3ECF410}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{F332566E-4F8F-4D59-905E-758A95D4FA91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DA340EC9-1D6E-425E-A991-63068AB0B1A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9CA84589-D26E-4252-B259-3FE3ED612479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E66F7C9C-F737-4BA5-A2AA-68BCE9583622}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9E2B167-FFAD-4E31-8396-08412ED67084}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{173906CC-5AF9-425A-BC0B-0A068C2E77EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E713AFAB-7A23-43E3-AD25-3228A9D1264F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6399EF50-8D00-4BBC-A0A1-1D08F3348C8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{C260E583-E366-41A5-AE3D-AC2100C9E1E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C78F265E-8FBF-4B69-BBE9-042AA2F9B88D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{7BFBB678-C0DC-42DA-937C-6E2817EF0B5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{10665EEA-0E26-47FE-AB5C-4940F8D391B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{476CA168-75E4-41E4-B26F-01F046718385}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4BE04311-EB97-45C6-B699-70499B211DCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{6AA415F3-8C11-496E-A5F1-FE20E2914E0F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{394F1F83-D77A-4232-AF37-DDDE3F06EFC8}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B0DF2AB0-70DA-4C53-BD08-D45D4A58938A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF11AAF-A126-4DAA-8817-024DC70F8C3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{87A957D0-58F1-4271-82EB-D4C6E1B6CC14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7672E71B-F416-450E-8305-77BE503FAD68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9A2E237D-AB79-4747-A42B-0A852FD360E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{FB1D3B69-EBBC-4849-AA00-AC9F7C1C2278}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{56C72EDB-DFB2-451D-8FF9-AC049E83551F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{8FCCB769-E062-4ECD-B8AE-5837031DAB1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{2AB5D71E-D662-4062-8D44-26F41ABFD0CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{C92760AB-A7CC-43ED-824B-542E321D53F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [TCP Query User{5C3296CA-31DD-4E8F-82CD-32F3463559F8}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [UDP Query User{29E77F18-289A-4947-97FA-F1818493880B}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [{22209C58-B94B-4536-B06C-AB5883FDF9F9}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{7E73E6E8-9EDD-472D-9642-7FAE4FC7761C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{C91119AE-F1BC-4D85-BC32-234CA157257B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{6B55690F-21AB-4D02-B25A-56694F67468B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [TCP Query User{189D7521-6549-45BA-A10C-229E77BD64AD}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{BA0903AA-3E21-4F14-AB46-DEFAA8F2F7B2}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{6DBEC91E-8637-4408-9994-0A1A37E6105D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{52F34E45-7D18-4111-AA05-963BF4E1479B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{8A6D7E74-EA75-4DDE-B544-41C4E659665D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{762E4113-F0DC-4779-9F2B-E0FAAABDF617}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{146919FF-1602-4DA7-B341-1C8C9D13684C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BridgeConstructor\BridgeConstructor.exe
FirewallRules: [{C94D4FF6-AD86-4BE0-B314-D81C18519E86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BridgeConstructor\BridgeConstructor.exe
FirewallRules: [{52A53501-046E-4372-84BF-A9B3A732A92B}] => (Allow) C:\Program Files (x86)\Brick-Force\BfLauncher.exe
FirewallRules: [{F3F06992-ED76-46F5-910A-8805CFB0B638}] => (Allow) C:\Program Files (x86)\Brick-Force\BrickForce.exe
FirewallRules: [{5BDA46F9-4D26-4F10-9620-AF8AF6D8CCB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A62D5167-2E1B-45E0-AEAB-A77A964D4892}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{70E8A62D-48AC-49F9-B354-06EAB06A765E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{26F8BD50-F655-4FC6-9D39-FA4CCD9AAC07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{FEAB6A70-00BE-40C9-BD70-82A3E5C9B188}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8C141BBD-58C9-467D-9848-8EAAF1FC0BB0}] => (Allow) LPort=2869
FirewallRules: [{719D9BB2-CB0D-49A9-B1C1-729C5474CC77}] => (Allow) LPort=1900
FirewallRules: [{CD2D6934-42CE-4D82-9D5E-5555CCD22B0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{2B2E2F5E-231B-4143-BD6F-C15B81CBA8A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{7DA7A065-F4E9-444E-9259-6620EF4ECDFB}C:\users\adrian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adrian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CA15F759-FEA4-46A6-A52C-A7085859165D}C:\users\adrian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adrian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3692B34A-1607-4AA1-81D7-554C028A445E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E5A71671-CB7F-4751-BDD9-603949C1A172}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{321D86F8-56EC-491C-A1FF-1349A525D509}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{3B6DB4E0-65A3-43CC-AF91-A980F62CBD07}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{5557BD66-2409-4F2C-A3E8-2EDF5BBBE279}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{34832F51-133E-4E40-9EF3-C738B3E43A16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{1F34037F-8B4C-460D-9A64-160B9B699E9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{3A849086-4E3A-4DEE-93CF-C5041AC28C28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{CB0A3944-4DB5-4D9E-9B42-CC841C92B03B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{BB361EB2-2517-44A8-BA69-BE283A829621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [TCP Query User{C50B81B0-F0CF-455E-A5FA-75C3C43FE778}C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{67CFD63B-6BF1-479E-8C7F-71042F420ABA}C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [{08665BE5-08B1-4FF5-8F78-A8AB2968D6C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{6639D13C-656E-4284-8A1B-8D4806EBD300}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{878D3DD1-336B-4145-A0D8-D0F237FBC43D}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{8811FA59-1250-4E07-82D2-8A07AC1876A5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{49180D1C-E43C-424D-9D93-958C0F28C43C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{724CE73C-6007-4C5A-9A6B-787F97FC7BEC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [TCP Query User{B37D49DA-7616-4B4E-BFDD-802C089B2ACE}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{57C7E261-C832-4846-AE6F-9B4E72018584}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{E377194F-6B8D-49A9-90EA-0D4A5A956421}C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe
FirewallRules: [UDP Query User{7978E998-2FA6-48E1-B199-31E8ED39F2FC}C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe
FirewallRules: [{B413F2FC-4698-4EA6-A374-745552BBC774}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{10DF6214-9844-4AD5-95D0-941BFC7D7E22}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{AA819EC6-3F82-4AAB-8176-FE09013BDAAA}C:\pylo\mcreator149\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator149\jdk\bin\java.exe
FirewallRules: [UDP Query User{2F723A8F-C93E-4C36-BD33-8B48A5889648}C:\pylo\mcreator149\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator149\jdk\bin\java.exe
FirewallRules: [{4CC77073-C5C2-49EF-8B37-4C1F79046576}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{50EC1D90-0FA1-4DA4-899E-E80E01201A94}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{2FAFE501-CB20-408F-9F26-ACAE1F6FE920}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{92142424-EC09-4349-8B98-41AE05C0E66C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3799D8FD-8437-4CB4-8473-58B20B5A850B}C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe
FirewallRules: [UDP Query User{69ADB191-09B6-4581-B9FA-308530A4BCCC}C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe
FirewallRules: [{69AA04D8-7B14-43BC-921E-47B1ED61854E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{83C53085-7214-4CEC-8B0B-04CE6E8A145E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{2FBE2A57-28AA-4A34-A80A-B4F77FF32EA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{3DAF6ECE-1BB5-4145-8825-A25ED441B212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{9F903F5B-3475-4D4F-ABC5-E7BE93F5873A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F0804D8E-D099-43B8-8D0A-DF2FC660F48D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3052E117-8836-4C8C-8179-F67D7A1968FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{42035716-DDBB-4E58-A34E-9F6C1F469E03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{94C26BC9-5E85-44B7-9854-4DD45A8A6D8D}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{52299794-2CE7-4B21-87CD-4DDB42C3272D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{93E7D721-2482-43FF-86CC-5728C5483BDC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C5BFE56-C37D-48CF-A38D-2FBF3EA2265E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4B624882-21EE-4935-9068-EB8A5E3D2579}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{000A36FD-FF4D-48AC-9CD2-C5E0D4E61376}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{A7D0850B-CAFA-4F2A-AE35-47DAD1E13033}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{7D6F8545-4D2D-422F-8952-0512FE9077D8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{4596D5DC-AB37-4592-8ECD-9D7770801E72}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{8C729E3E-4444-4B01-B928-A697EF2D793D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{9E7FF24A-44E7-4188-8424-A9B5B2E988D7}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{E132DFF6-7075-4DE8-BDB6-3D3310A446A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{DB7B89FD-B222-40ED-BC98-51022AD43AC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{F3A23186-2122-4E82-B6EA-6D7686EB28F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{C86045CB-B5A2-44A4-B589-C93124C89414}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{149585E9-5868-434D-8BF1-C70046E154CF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{129A03C7-1CD8-4B1D-81BD-98E07E3F3E9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{8739D6F5-C7F6-4F6C-BC1A-FCCD10DE8920}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{5F2FA9C8-F6EC-4AAB-BFFF-D97B23F5BC8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{F6FE675F-D33F-46D1-B4C9-223BD92ACBE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{B4FCCA00-E4C1-4A9E-8372-BC92F2DD7B28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [TCP Query User{EA6D42E3-F35B-467E-A3AA-55D9E8CAE726}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{A7DD2141-8A45-489B-AFFB-57A05229F3AD}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{F212B33B-31FA-4F06-91F4-ED042CA73673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B2854B13-4054-462B-8C5D-9E792D4F1763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{99BEBAFD-80BA-4E63-96AC-BA8ADDFB315D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{4BB0F19D-E19A-4A06-9DCC-C6AD08E1FBD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{C1144C6E-CDC3-48FE-A893-F2362900B24D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4AA7C2FC-6F54-47F7-A4B5-A1E1AE21A033}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4D7CA139-6DBE-4BF2-B0A9-F57972BA74B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2F232AE0-0C28-404F-8425-22610C051E5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AC180EF4-C0BF-4B73-95F2-2C7F679F840E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BC6983BB-E0AC-44FF-99A9-7DECBC999C53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{099D57FF-548F-482A-97C4-5D7D1D7DF301}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{030813A3-143C-429F-865C-592013D48B51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{2E2F7D48-E6C5-4AB8-A0DF-324420761B21}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F0941AF2-DD9F-4798-9F93-5FE5DFAAD340}] => (Allow) C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A56F683D-C3C5-4289-9628-D8E752BF8E66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{686FBA29-FF54-4CA1-916A-15F40238DAC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{72C34A5B-1EEC-4589-B760-4687C5C68B83}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{224E577A-3FDF-46BB-9230-35D35505A82B}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{5F5C282C-FE93-42DB-BB20-1CC29DF4957E}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2DEACC97-D40B-45E4-BD9E-D5FCFD100FAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{973ECF3D-9FB5-4413-BC6F-EE83F99E2F58}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{60CC3B70-2E81-461D-B372-84801A31B1C6}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{2CF76AFB-F847-42EE-ABC8-94316C6D89E1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{55C299BD-57DC-4764-995E-501BFAA0FAE3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{19641893-ADED-4838-8290-7FC5A4473A40}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{1404C65F-6854-43F6-A727-B3CD0376C895}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{E7AA8B43-40A2-4B2F-ACB7-1C37B424A521}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{EF888B35-708A-4731-A198-E0D0A376B784}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{952D2CF4-95A6-4E41-82FC-3CDAC45EA374}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{ED546795-7DB0-4A7C-913F-6E48102F59EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B8D97A83-009B-4717-8352-A864625E8710}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8E1A5031-0E76-484F-9AC0-7FAA14F41F85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{AF3621B2-AD70-461B-BB17-020DA0235F1B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{127475BA-12A2-43B3-B55E-FE8082B5A684}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{57F5CC14-9CD5-41A8-9B6D-ECEFF5DCB6F0}C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe] => (Allow) C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe
FirewallRules: [UDP Query User{BDB24747-9CE5-4AB2-94E9-69D842869416}C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe] => (Allow) C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe
FirewallRules: [{7E2F8A72-D0E5-4CCE-A0C5-EBB3657D5101}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FF62ABC-32B9-47F6-9A4F-928AFA3ED621}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{CB690175-4ABC-45F7-BB70-13D8404A683A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7D1D7A34-8E9D-4CB3-9A14-97CE04163F8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B03FD55B-6314-4B9C-B89B-E68B13634E9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{64184ECF-DAE3-4802-BBDE-FC23763E9227}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{3801CA63-0CCA-4FE0-9DF1-AEF857E49A00}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2015 10:36:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.1.5611, Zeitstempel: 0x55541a90
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.1.5611, Zeitstempel: 0x55540a1e
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/03/2015 10:36:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 38.0.1.5611 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 10b4
Startzeit: 01d0b55d4e4bff80
Endzeit: 788
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 9f70d202-215e-11e5-adc1-80c16ee1eaf7
Error: (07/02/2015 06:27:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1501557853-1401194567-1476615106-1003.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {bbf531dd-c968-4fc2-9aac-3b4722d41b9a}
Error: (07/02/2015 06:01:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1501557853-1401194567-1476615106-1003.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {1acbed67-be75-40f1-9717-b7912dc2751b}
Error: (07/01/2015 02:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 147c
Startzeit: 01d0b3f9bfb94b45
Endzeit: 4
Anwendungspfad: C:\Program Files (x86)\Steam\steam.exe
Berichts-ID: 361dc56a-1fed-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:29:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 738
Startzeit: 01d0b3f799d255de
Endzeit: 6
Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
Berichts-ID: d44138a6-1fec-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:15:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b48
Startzeit: 01d0b3f723b1ce43
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
Berichts-ID: d56ea64b-1fea-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:11:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17e0
Startzeit: 01d0b328f699ab83
Endzeit: 9
Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
Berichts-ID: 55cafba8-1fea-11e5-ba37-80c16ee1eaf7
Error: (06/29/2015 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 8.0.45.15, Zeitstempel: 0x554287ba
Name des fehlerhaften Moduls: awt.dll, Version: 8.0.45.15, Zeitstempel: 0x55428cbf
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000024a30
ID des fehlerhaften Prozesses: 0x2f4
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3
Error: (06/29/2015 05:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 8.0.45.15, Zeitstempel: 0x554287ba
Name des fehlerhaften Moduls: awt.dll, Version: 8.0.45.15, Zeitstempel: 0x55428cbf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000024a30
ID des fehlerhaften Prozesses: 0x2f4
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3
System errors:
=============
Error: (07/03/2015 00:50:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Modules Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (07/03/2015 00:48:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/03/2015 00:48:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X86" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CalendarSynchService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/03/2015 00:48:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
Error: (07/03/2015 10:36:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa1157401d0b56a8a9a068fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla296fac0-215e-11e5-adc1-80c16ee1eaf7
Error: (07/03/2015 10:36:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe38.0.1.561110b401d0b55d4e4bff80788C:\Program Files (x86)\Mozilla Firefox\firefox.exe9f70d202-215e-11e5-adc1-80c16ee1eaf7
Error: (07/02/2015 06:27:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1501557853-1401194567-1476615106-1003.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {bbf531dd-c968-4fc2-9aac-3b4722d41b9a}
Error: (07/02/2015 06:01:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1501557853-1401194567-1476615106-1003.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {1acbed67-be75-40f1-9717-b7912dc2751b}
Error: (07/01/2015 02:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: steam.exe2.81.34.6147c01d0b3f9bfb94b454C:\Program Files (x86)\Steam\steam.exe361dc56a-1fed-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:29:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.673801d0b3f799d255de6C:\Program Files (x86)\Steam\Steam.exed44138a6-1fec-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:15:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.6b4801d0b3f723b1ce4315C:\Program Files (x86)\Steam\Steam.exed56ea64b-1fea-11e5-ba37-80c16ee1eaf7
Error: (07/01/2015 02:11:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.617e001d0b328f699ab839C:\Program Files (x86)\Steam\Steam.exe55cafba8-1fea-11e5-ba37-80c16ee1eaf7
Error: (06/29/2015 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe8.0.45.15554287baawt.dll8.0.45.1555428cbfc000041d0000000000024a302f401d0b281c47fd524C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeC:\Program Files\Java\jre1.8.0_45\bin\awt.dll10edd01d-1e75-11e5-a5e4-80c16ee1eaf7
Error: (06/29/2015 05:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe8.0.45.15554287baawt.dll8.0.45.1555428cbfc00000050000000000024a302f401d0b281c47fd524C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeC:\Program Files\Java\jre1.8.0_45\bin\awt.dll04947803-1e75-11e5-a5e4-80c16ee1eaf7
CodeIntegrity Errors:
===================================
Date: 2015-07-03 08:28:34.268
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-03 08:28:34.208
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:39:01.968
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:39:01.898
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:53.081
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:53.009
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:47.742
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:47.612
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:33.071
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-12 21:38:32.991
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 29%
Total physical RAM: 8148.01 MB
Available physical RAM: 5739.68 MB
Total Pagefile: 16294.23 MB
Available Pagefile: 13721.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:300.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:16.88 GB) (Free:2.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5F651316)
Partition: GPT Partition Type.
==================== End of log ============================
|
|
03.07.2015, 12:36
| #12 |
| /// the machine /// TB-Ausbilder | Taskmanager blockiert, consent.exe 6x offenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Taskmanager blockiert, consent.exe 6x offen |
| bildschirm, blockiert, consent, fenster, gestartet, gestern, herunterfahren, heute, hilfe!, klicke, klicken, komisches, konnte, lädt, nicht mehr, nicht schließen, offen, schließe, schließen, starte, starten, taskmanager, taste, troja, trojaner, trojanerboard, virus, öffnen |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
