| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Festplatte füllt und leert sich selbstständigWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.07.2015, 09:58
| #1 |
 |  Festplatte füllt und leert sich selbstständig Servus, meine Systemfestplatte füllt und leert sich in beobachtbarer Geschwindigkeit selbst. Meinem Gefühl nach nur wenn ich zum Internet verbunden bin. Ich habe die Hinweise aus einem vorhandenen Thread benutzt und hier schon mal zwei Logs angehängt. Das löschen der Wiederherstellungspunkte hat einen Großteil des Speichers wieder befreit, das Problem aber nicht behoben; der Speicher variiert auch bin ausgeschalteter Systemwiederherstellung. Vielen Dank und Grüße., Tobi Edit: Ich habe mit TreeSize jetzt die Speicherplatzverschiebungen auf den Windows Ordner begrenzen können. Anhang 75197 Anhang 75198 Geändert von lokithease (25.07.2015 um 10:15 Uhr) |
|
25.07.2015, 10:44
| #2 |
| /// TB-Ausbilder   | Festplatte füllt und leert sich selbstständig Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
25.07.2015, 11:08
| #3 |
| | Festplatte füllt und leert sich selbstständig Servus Matthias,
__________________vielen Dank für deine schnelle Antwort. Hier die Logs: tdsskiller Code:
ATTFilter 12:07:17.0619 0x1958 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
12:07:19.0209 0x1958 ============================================================
12:07:19.0209 0x1958 Current date / time: 2015/07/25 12:07:19.0209
12:07:19.0209 0x1958 SystemInfo:
12:07:19.0209 0x1958
12:07:19.0209 0x1958 OS Version: 6.1.7601 ServicePack: 1.0
12:07:19.0209 0x1958 Product type: Workstation
12:07:19.0209 0x1958 ComputerName: TSK-PC
12:07:19.0209 0x1958 UserName: TSK
12:07:19.0209 0x1958 Windows directory: C:\Windows
12:07:19.0209 0x1958 System windows directory: C:\Windows
12:07:19.0209 0x1958 Running under WOW64
12:07:19.0209 0x1958 Processor architecture: Intel x64
12:07:19.0209 0x1958 Number of processors: 8
12:07:19.0209 0x1958 Page size: 0x1000
12:07:19.0209 0x1958 Boot type: Normal boot
12:07:19.0209 0x1958 ============================================================
12:07:19.0239 0x1958 KLMD registered as C:\Windows\system32\drivers\78496991.sys
12:07:19.0279 0x1958 System UUID: {D2749764-BCEB-7EAD-2396-654DE29FB217}
12:07:19.0459 0x1958 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 ( 55.90 Gb ), SectorSize: 0x200, Cylinders: 0x6B98, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
12:07:19.0469 0x1958 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:07:19.0469 0x1958 Drive \Device\Harddisk2\DR2 - Size: 0x3F3C0000 ( 0.99 Gb ), SectorSize: 0x200, Cylinders: 0x80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:07:19.0469 0x1958 ============================================================
12:07:19.0469 0x1958 \Device\Harddisk0\DR0:
12:07:19.0469 0x1958 MBR partitions:
12:07:19.0469 0x1958 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6FCB800
12:07:19.0469 0x1958 \Device\Harddisk1\DR1:
12:07:19.0469 0x1958 MBR partitions:
12:07:19.0469 0x1958 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:07:19.0469 0x1958 \Device\Harddisk2\DR2:
12:07:19.0469 0x1958 MBR partitions:
12:07:19.0469 0x1958 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1F9DE0
12:07:19.0469 0x1958 ============================================================
12:07:19.0469 0x1958 C: <-> \Device\Harddisk0\DR0\Partition1
12:07:19.0499 0x1958 D: <-> \Device\Harddisk1\DR1\Partition1
12:07:19.0499 0x1958 ============================================================
12:07:19.0499 0x1958 Initialize success
12:07:19.0499 0x1958 ============================================================
12:07:23.0462 0x0bd8 ============================================================
12:07:23.0462 0x0bd8 Scan started
12:07:23.0462 0x0bd8 Mode: Manual; SigCheck; TDLFS;
12:07:23.0462 0x0bd8 ============================================================
12:07:23.0462 0x0bd8 KSN ping started
12:07:25.0782 0x0bd8 KSN ping finished: true
12:07:26.0013 0x0bd8 ================ Scan system memory ========================
12:07:26.0013 0x0bd8 System memory - ok
12:07:26.0013 0x0bd8 ================ Scan services =============================
12:07:26.0053 0x0bd8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:07:26.0083 0x0bd8 1394ohci - ok
12:07:26.0093 0x0bd8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:07:26.0103 0x0bd8 ACPI - ok
12:07:26.0103 0x0bd8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:07:26.0113 0x0bd8 AcpiPmi - ok
12:07:26.0123 0x0bd8 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:07:26.0123 0x0bd8 AdobeARMservice - ok
12:07:26.0153 0x0bd8 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:07:26.0163 0x0bd8 AdobeFlashPlayerUpdateSvc - ok
12:07:26.0173 0x0bd8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:07:26.0193 0x0bd8 adp94xx - ok
12:07:26.0193 0x0bd8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:07:26.0213 0x0bd8 adpahci - ok
12:07:26.0213 0x0bd8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:07:26.0223 0x0bd8 adpu320 - ok
12:07:26.0223 0x0bd8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:07:26.0243 0x0bd8 AeLookupSvc - ok
12:07:26.0263 0x0bd8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:07:26.0273 0x0bd8 AFD - ok
12:07:26.0283 0x0bd8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:07:26.0283 0x0bd8 agp440 - ok
12:07:26.0293 0x0bd8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:07:26.0293 0x0bd8 ALG - ok
12:07:26.0303 0x0bd8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:07:26.0303 0x0bd8 aliide - ok
12:07:26.0303 0x0bd8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:07:26.0313 0x0bd8 amdide - ok
12:07:26.0313 0x0bd8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:07:26.0323 0x0bd8 AmdK8 - ok
12:07:26.0323 0x0bd8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:07:26.0333 0x0bd8 AmdPPM - ok
12:07:26.0333 0x0bd8 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:07:26.0343 0x0bd8 amdsata - ok
12:07:26.0353 0x0bd8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:07:26.0363 0x0bd8 amdsbs - ok
12:07:26.0363 0x0bd8 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:07:26.0363 0x0bd8 amdxata - ok
12:07:26.0373 0x0bd8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
12:07:26.0373 0x0bd8 AppID - ok
12:07:26.0383 0x0bd8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:07:26.0383 0x0bd8 AppIDSvc - ok
12:07:26.0393 0x0bd8 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
12:07:26.0393 0x0bd8 Appinfo - ok
12:07:26.0403 0x0bd8 [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:07:26.0403 0x0bd8 Apple Mobile Device - ok
12:07:26.0413 0x0bd8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:07:26.0413 0x0bd8 arc - ok
12:07:26.0423 0x0bd8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:07:26.0433 0x0bd8 arcsas - ok
12:07:26.0443 0x0bd8 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:07:26.0443 0x0bd8 aspnet_state - ok
12:07:26.0453 0x0bd8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:07:26.0473 0x0bd8 AsyncMac - ok
12:07:26.0473 0x0bd8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:07:26.0483 0x0bd8 atapi - ok
12:07:26.0533 0x0bd8 [ 40734F3A5EEC4C4AC6A1FAF10B293714, 069885A5EED99E51E5D8621CF5174DCCC6C56B3F950A11C14A3A97A8DADD9D5C ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:07:26.0583 0x0bd8 athr - ok
12:07:26.0603 0x0bd8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:07:26.0613 0x0bd8 AudioEndpointBuilder - ok
12:07:26.0633 0x0bd8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:07:26.0653 0x0bd8 AudioSrv - ok
12:07:26.0653 0x0bd8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:07:26.0663 0x0bd8 AxInstSV - ok
12:07:26.0683 0x0bd8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:07:26.0693 0x0bd8 b06bdrv - ok
12:07:26.0703 0x0bd8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:07:26.0713 0x0bd8 b57nd60a - ok
12:07:26.0713 0x0bd8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:07:26.0723 0x0bd8 BDESVC - ok
12:07:26.0723 0x0bd8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:07:26.0743 0x0bd8 Beep - ok
12:07:26.0763 0x0bd8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:07:26.0783 0x0bd8 BFE - ok
12:07:26.0803 0x0bd8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:07:26.0833 0x0bd8 BITS - ok
12:07:26.0843 0x0bd8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:07:26.0843 0x0bd8 blbdrive - ok
12:07:26.0863 0x0bd8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:07:26.0873 0x0bd8 Bonjour Service - ok
12:07:26.0883 0x0bd8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:07:26.0883 0x0bd8 bowser - ok
12:07:26.0893 0x0bd8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:07:26.0893 0x0bd8 BrFiltLo - ok
12:07:26.0903 0x0bd8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:07:26.0903 0x0bd8 BrFiltUp - ok
12:07:26.0913 0x0bd8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:07:26.0923 0x0bd8 Browser - ok
12:07:26.0933 0x0bd8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:07:26.0943 0x0bd8 Brserid - ok
12:07:26.0943 0x0bd8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:07:26.0953 0x0bd8 BrSerWdm - ok
12:07:26.0953 0x0bd8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:07:26.0963 0x0bd8 BrUsbMdm - ok
12:07:26.0963 0x0bd8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:07:26.0973 0x0bd8 BrUsbSer - ok
12:07:26.0973 0x0bd8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:07:26.0983 0x0bd8 BTHMODEM - ok
12:07:26.0983 0x0bd8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:07:27.0013 0x0bd8 bthserv - ok
12:07:27.0013 0x0bd8 [ 3862E463B01E20326325DDDDDFBB3372, 55257D1AFD80B57FB1CAFFBED94FC79B90EC6803095C6E26426FFC3E5E6A1251 ] busenum C:\Windows\system32\DRIVERS\SteelBus64.sys
12:07:27.0023 0x0bd8 busenum - ok
12:07:27.0023 0x0bd8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:07:27.0043 0x0bd8 cdfs - ok
12:07:27.0053 0x0bd8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:07:27.0063 0x0bd8 cdrom - ok
12:07:27.0063 0x0bd8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:07:27.0083 0x0bd8 CertPropSvc - ok
12:07:27.0093 0x0bd8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:07:27.0093 0x0bd8 circlass - ok
12:07:27.0103 0x0bd8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
12:07:27.0123 0x0bd8 CLFS - ok
12:07:27.0123 0x0bd8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:07:27.0133 0x0bd8 clr_optimization_v2.0.50727_32 - ok
12:07:27.0133 0x0bd8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:07:27.0143 0x0bd8 clr_optimization_v2.0.50727_64 - ok
12:07:27.0153 0x0bd8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:07:27.0163 0x0bd8 clr_optimization_v4.0.30319_32 - ok
12:07:27.0163 0x0bd8 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:07:27.0173 0x0bd8 clr_optimization_v4.0.30319_64 - ok
12:07:27.0173 0x0bd8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:07:27.0183 0x0bd8 CmBatt - ok
12:07:27.0183 0x0bd8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:07:27.0193 0x0bd8 cmdide - ok
12:07:27.0203 0x0bd8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
12:07:27.0223 0x0bd8 CNG - ok
12:07:27.0223 0x0bd8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:07:27.0223 0x0bd8 Compbatt - ok
12:07:27.0233 0x0bd8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:07:27.0243 0x0bd8 CompositeBus - ok
12:07:27.0243 0x0bd8 COMSysApp - ok
12:07:27.0263 0x0bd8 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:07:27.0283 0x0bd8 cphs - ok
12:07:27.0283 0x0bd8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:07:27.0283 0x0bd8 crcdisk - ok
12:07:27.0293 0x0bd8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:07:27.0303 0x0bd8 CryptSvc - ok
12:07:27.0323 0x0bd8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:07:27.0343 0x0bd8 DcomLaunch - ok
12:07:27.0353 0x0bd8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:07:27.0383 0x0bd8 defragsvc - ok
12:07:27.0383 0x0bd8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:07:27.0403 0x0bd8 DfsC - ok
12:07:27.0413 0x0bd8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:07:27.0443 0x0bd8 Dhcp - ok
12:07:27.0443 0x0bd8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:07:27.0463 0x0bd8 discache - ok
12:07:27.0463 0x0bd8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:07:27.0473 0x0bd8 Disk - ok
12:07:27.0483 0x0bd8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:07:27.0493 0x0bd8 Dnscache - ok
12:07:27.0493 0x0bd8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:07:27.0523 0x0bd8 dot3svc - ok
12:07:27.0523 0x0bd8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:07:27.0543 0x0bd8 DPS - ok
12:07:27.0553 0x0bd8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:07:27.0553 0x0bd8 drmkaud - ok
12:07:27.0563 0x0bd8 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:07:27.0573 0x0bd8 dtsoftbus01 - ok
12:07:27.0593 0x0bd8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:07:27.0613 0x0bd8 DXGKrnl - ok
12:07:27.0613 0x0bd8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:07:27.0643 0x0bd8 EapHost - ok
12:07:27.0703 0x0bd8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:07:27.0763 0x0bd8 ebdrv - ok
12:07:27.0763 0x0bd8 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
12:07:27.0773 0x0bd8 EFS - ok
12:07:27.0793 0x0bd8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:07:27.0803 0x0bd8 ehRecvr - ok
12:07:27.0813 0x0bd8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:07:27.0823 0x0bd8 ehSched - ok
12:07:27.0833 0x0bd8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:07:27.0843 0x0bd8 elxstor - ok
12:07:27.0843 0x0bd8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:07:27.0853 0x0bd8 ErrDev - ok
12:07:27.0863 0x0bd8 [ 3663291D0D26001A2BB67678AB61D14C, 33199EA9E25E2C262E58ADAA41030AF353A73F3C23225F457CDE1AC22E9A4FE3 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
12:07:27.0863 0x0bd8 EtronHub3 - ok
12:07:27.0863 0x0bd8 [ 744420D6C062C38F7361870F010D6D4B, F4FFA21A6DE872D5ACEC3DAD46AE2F18517CD11FD04D19D959643AA508B3E85E ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
12:07:27.0873 0x0bd8 EtronXHCI - ok
12:07:27.0883 0x0bd8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:07:27.0913 0x0bd8 EventSystem - ok
12:07:27.0913 0x0bd8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:07:27.0943 0x0bd8 exfat - ok
12:07:27.0943 0x0bd8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:07:27.0973 0x0bd8 fastfat - ok
12:07:27.0983 0x0bd8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:07:28.0003 0x0bd8 Fax - ok
12:07:28.0003 0x0bd8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:07:28.0013 0x0bd8 fdc - ok
12:07:28.0013 0x0bd8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:07:28.0033 0x0bd8 fdPHost - ok
12:07:28.0033 0x0bd8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:07:28.0063 0x0bd8 FDResPub - ok
12:07:28.0063 0x0bd8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:07:28.0073 0x0bd8 FileInfo - ok
12:07:28.0073 0x0bd8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:07:28.0093 0x0bd8 Filetrace - ok
12:07:28.0113 0x0bd8 [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:07:28.0133 0x0bd8 FLEXnet Licensing Service - ok
12:07:28.0133 0x0bd8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:07:28.0143 0x0bd8 flpydisk - ok
12:07:28.0153 0x0bd8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:07:28.0163 0x0bd8 FltMgr - ok
12:07:28.0173 0x0bd8 [ D4463A74E1BFBF3FB9B4FC6CF5390152, 88797B2C3AA5AF8F8A4FF1E25B23D9947A687EB6B4286C9A1F81177244664A58 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
12:07:28.0173 0x0bd8 fltsrv - ok
12:07:28.0203 0x0bd8 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
12:07:28.0233 0x0bd8 FontCache - ok
12:07:28.0233 0x0bd8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:07:28.0243 0x0bd8 FontCache3.0.0.0 - ok
12:07:28.0243 0x0bd8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:07:28.0253 0x0bd8 FsDepends - ok
12:07:28.0253 0x0bd8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:07:28.0253 0x0bd8 Fs_Rec - ok
12:07:28.0263 0x0bd8 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:07:28.0273 0x0bd8 fvevol - ok
12:07:28.0273 0x0bd8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:07:28.0283 0x0bd8 gagp30kx - ok
12:07:28.0383 0x0bd8 [ 7037D548B726108F9420B9F345573DC4, 659202CD4F8E789B47D9E7281312DD87B4718A615EC8B5C7F143E84AC7B9ACA3 ] GalaxyClientService D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
12:07:28.0423 0x0bd8 GalaxyClientService - ok
12:07:28.0563 0x0bd8 [ 7747954B78DEED16169FC816108FE995, 677A09A5702884A138C83739487AF23EF6E4C8F79875997D26417E823D692293 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
12:07:28.0674 0x0bd8 GalaxyCommunication - ok
12:07:28.0684 0x0bd8 gdrv - ok
12:07:28.0684 0x0bd8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:07:28.0694 0x0bd8 GEARAspiWDM - ok
12:07:28.0724 0x0bd8 [ 171CCFEB86294AFAA3609DB3899A841E, 0C2162A2D4A276182E922BBEF195CB936ABCBE6729C535CA23CDA9DAD0DDF491 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:07:28.0744 0x0bd8 GfExperienceService - ok
12:07:28.0764 0x0bd8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:07:28.0794 0x0bd8 gpsvc - ok
12:07:28.0804 0x0bd8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:07:28.0804 0x0bd8 gupdate - ok
12:07:28.0814 0x0bd8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:07:28.0814 0x0bd8 gupdatem - ok
12:07:28.0824 0x0bd8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:07:28.0824 0x0bd8 hcw85cir - ok
12:07:28.0834 0x0bd8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:07:28.0854 0x0bd8 HdAudAddService - ok
12:07:28.0854 0x0bd8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:07:28.0864 0x0bd8 HDAudBus - ok
12:07:28.0864 0x0bd8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:07:28.0874 0x0bd8 HidBatt - ok
12:07:28.0884 0x0bd8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:07:28.0884 0x0bd8 HidBth - ok
12:07:28.0894 0x0bd8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:07:28.0904 0x0bd8 HidIr - ok
12:07:28.0904 0x0bd8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:07:28.0924 0x0bd8 hidserv - ok
12:07:28.0924 0x0bd8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:07:28.0934 0x0bd8 HidUsb - ok
12:07:28.0934 0x0bd8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:07:28.0954 0x0bd8 hkmsvc - ok
12:07:28.0964 0x0bd8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:07:28.0974 0x0bd8 HomeGroupListener - ok
12:07:28.0984 0x0bd8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:07:28.0994 0x0bd8 HomeGroupProvider - ok
12:07:28.0994 0x0bd8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:07:29.0004 0x0bd8 HpSAMD - ok
12:07:29.0014 0x0bd8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:07:29.0034 0x0bd8 HTTP - ok
12:07:29.0034 0x0bd8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:07:29.0044 0x0bd8 hwpolicy - ok
12:07:29.0044 0x0bd8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:07:29.0054 0x0bd8 i8042prt - ok
12:07:29.0074 0x0bd8 [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:07:29.0084 0x0bd8 iaStor - ok
12:07:29.0084 0x0bd8 [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:07:29.0094 0x0bd8 IAStorDataMgrSvc - ok
12:07:29.0104 0x0bd8 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:07:29.0114 0x0bd8 iaStorV - ok
12:07:29.0134 0x0bd8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:07:29.0154 0x0bd8 idsvc - ok
12:07:29.0164 0x0bd8 IEEtwCollectorService - ok
12:07:29.0314 0x0bd8 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:07:29.0404 0x0bd8 igfx - ok
12:07:29.0414 0x0bd8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:07:29.0424 0x0bd8 iirsp - ok
12:07:29.0444 0x0bd8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:07:29.0464 0x0bd8 IKEEXT - ok
12:07:29.0464 0x0bd8 IntcAzAudAddService - ok
12:07:29.0474 0x0bd8 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:07:29.0484 0x0bd8 IntcDAud - ok
12:07:29.0494 0x0bd8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:07:29.0494 0x0bd8 intelide - ok
12:07:29.0494 0x0bd8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:07:29.0504 0x0bd8 intelppm - ok
12:07:29.0514 0x0bd8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:07:29.0534 0x0bd8 IPBusEnum - ok
12:07:29.0534 0x0bd8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:07:29.0554 0x0bd8 IpFilterDriver - ok
12:07:29.0574 0x0bd8 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:07:29.0604 0x0bd8 iphlpsvc - ok
12:07:29.0604 0x0bd8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:07:29.0614 0x0bd8 IPMIDRV - ok
12:07:29.0614 0x0bd8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:07:29.0634 0x0bd8 IPNAT - ok
12:07:29.0654 0x0bd8 [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:07:29.0668 0x0bd8 iPod Service - ok
12:07:29.0678 0x0bd8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:07:29.0688 0x0bd8 IRENUM - ok
12:07:29.0688 0x0bd8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:07:29.0688 0x0bd8 isapnp - ok
12:07:29.0698 0x0bd8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:07:29.0708 0x0bd8 iScsiPrt - ok
12:07:29.0718 0x0bd8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:07:29.0718 0x0bd8 kbdclass - ok
12:07:29.0718 0x0bd8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:07:29.0728 0x0bd8 kbdhid - ok
12:07:29.0728 0x0bd8 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
12:07:29.0738 0x0bd8 KeyIso - ok
12:07:29.0738 0x0bd8 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:07:29.0748 0x0bd8 KSecDD - ok
12:07:29.0758 0x0bd8 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:07:29.0758 0x0bd8 KSecPkg - ok
12:07:29.0768 0x0bd8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:07:29.0788 0x0bd8 ksthunk - ok
12:07:29.0788 0x0bd8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:07:29.0818 0x0bd8 KtmRm - ok
12:07:29.0828 0x0bd8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:07:29.0848 0x0bd8 LanmanServer - ok
12:07:29.0848 0x0bd8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:07:29.0878 0x0bd8 LanmanWorkstation - ok
12:07:29.0878 0x0bd8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:07:29.0898 0x0bd8 lltdio - ok
12:07:29.0908 0x0bd8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:07:29.0928 0x0bd8 lltdsvc - ok
12:07:29.0938 0x0bd8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:07:29.0958 0x0bd8 lmhosts - ok
12:07:29.0958 0x0bd8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:07:29.0968 0x0bd8 LSI_FC - ok
12:07:29.0968 0x0bd8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:07:29.0978 0x0bd8 LSI_SAS - ok
12:07:29.0978 0x0bd8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:07:29.0988 0x0bd8 LSI_SAS2 - ok
12:07:29.0988 0x0bd8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:07:29.0998 0x0bd8 LSI_SCSI - ok
12:07:29.0998 0x0bd8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:07:30.0018 0x0bd8 luafv - ok
12:07:30.0028 0x0bd8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:07:30.0038 0x0bd8 Mcx2Svc - ok
12:07:30.0038 0x0bd8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:07:30.0038 0x0bd8 megasas - ok
12:07:30.0048 0x0bd8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:07:30.0058 0x0bd8 MegaSR - ok
12:07:30.0068 0x0bd8 [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:07:30.0068 0x0bd8 MEIx64 - ok
12:07:30.0078 0x0bd8 Microsoft SharePoint Workspace Audit Service - ok
12:07:30.0078 0x0bd8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:07:30.0098 0x0bd8 MMCSS - ok
12:07:30.0098 0x0bd8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:07:30.0128 0x0bd8 Modem - ok
12:07:30.0128 0x0bd8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:07:30.0138 0x0bd8 monitor - ok
12:07:30.0138 0x0bd8 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
12:07:30.0148 0x0bd8 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
12:07:32.0658 0x0bd8 Detect skipped due to KSN trusted
12:07:32.0668 0x0bd8 MotioninJoyXFilter - ok
12:07:32.0668 0x0bd8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:07:32.0688 0x0bd8 mouclass - ok
12:07:32.0688 0x0bd8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:07:32.0698 0x0bd8 mouhid - ok
12:07:32.0708 0x0bd8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:07:32.0718 0x0bd8 mountmgr - ok
12:07:32.0718 0x0bd8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:07:32.0728 0x0bd8 mpio - ok
12:07:32.0738 0x0bd8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:07:32.0758 0x0bd8 mpsdrv - ok
12:07:32.0778 0x0bd8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:07:32.0818 0x0bd8 MpsSvc - ok
12:07:32.0818 0x0bd8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:07:32.0828 0x0bd8 MRxDAV - ok
12:07:32.0828 0x0bd8 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:07:32.0838 0x0bd8 mrxsmb - ok
12:07:32.0848 0x0bd8 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:07:32.0858 0x0bd8 mrxsmb10 - ok
12:07:32.0868 0x0bd8 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:07:32.0868 0x0bd8 mrxsmb20 - ok
12:07:32.0878 0x0bd8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:07:32.0878 0x0bd8 msahci - ok
12:07:32.0888 0x0bd8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:07:32.0888 0x0bd8 msdsm - ok
12:07:32.0898 0x0bd8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:07:32.0908 0x0bd8 MSDTC - ok
12:07:32.0908 0x0bd8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:07:32.0928 0x0bd8 Msfs - ok
12:07:32.0928 0x0bd8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:07:32.0948 0x0bd8 mshidkmdf - ok
12:07:32.0958 0x0bd8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:07:32.0958 0x0bd8 msisadrv - ok
12:07:32.0968 0x0bd8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:07:32.0988 0x0bd8 MSiSCSI - ok
12:07:32.0988 0x0bd8 msiserver - ok
12:07:32.0998 0x0bd8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:07:33.0008 0x0bd8 MSKSSRV - ok
12:07:33.0018 0x0bd8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:07:33.0038 0x0bd8 MSPCLOCK - ok
12:07:33.0038 0x0bd8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:07:33.0058 0x0bd8 MSPQM - ok
12:07:33.0068 0x0bd8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:07:33.0078 0x0bd8 MsRPC - ok
12:07:33.0078 0x0bd8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:07:33.0088 0x0bd8 mssmbios - ok
12:07:33.0218 0x0bd8 MSSQL$BWDATOOLSET - ok
12:07:33.0225 0x0bd8 [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:07:33.0230 0x0bd8 MSSQLServerADHelper - ok
12:07:33.0233 0x0bd8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:07:33.0253 0x0bd8 MSTEE - ok
12:07:33.0255 0x0bd8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:07:33.0262 0x0bd8 MTConfig - ok
12:07:33.0265 0x0bd8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:07:33.0271 0x0bd8 Mup - ok
12:07:33.0282 0x0bd8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:07:33.0310 0x0bd8 napagent - ok
12:07:33.0320 0x0bd8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:07:33.0334 0x0bd8 NativeWifiP - ok
12:07:33.0356 0x0bd8 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:07:33.0378 0x0bd8 NDIS - ok
12:07:33.0381 0x0bd8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:07:33.0402 0x0bd8 NdisCap - ok
12:07:33.0405 0x0bd8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:07:33.0425 0x0bd8 NdisTapi - ok
12:07:33.0429 0x0bd8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:07:33.0449 0x0bd8 Ndisuio - ok
12:07:33.0455 0x0bd8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:07:33.0478 0x0bd8 NdisWan - ok
12:07:33.0481 0x0bd8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:07:33.0501 0x0bd8 NDProxy - ok
12:07:33.0504 0x0bd8 [ 04DC476E1E5C1178724CA350F77E8D93, C2870142EC14F62F9A6086262EE997F33FB9CC5719B66DAF82544E9B6245B919 ] Neo_VPN C:\Windows\system32\DRIVERS\Neo_0025.sys
12:07:33.0509 0x0bd8 Neo_VPN - ok
12:07:33.0512 0x0bd8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:07:33.0534 0x0bd8 NetBIOS - ok
12:07:33.0544 0x0bd8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:07:33.0568 0x0bd8 NetBT - ok
12:07:33.0568 0x0bd8 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
12:07:33.0578 0x0bd8 Netlogon - ok
12:07:33.0588 0x0bd8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:07:33.0608 0x0bd8 Netman - ok
12:07:33.0618 0x0bd8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:07:33.0631 0x0bd8 NetMsmqActivator - ok
12:07:33.0636 0x0bd8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:07:33.0645 0x0bd8 NetPipeActivator - ok
12:07:33.0658 0x0bd8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:07:33.0687 0x0bd8 netprofm - ok
12:07:33.0691 0x0bd8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:07:33.0700 0x0bd8 NetTcpActivator - ok
12:07:33.0704 0x0bd8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:07:33.0712 0x0bd8 NetTcpPortSharing - ok
12:07:33.0715 0x0bd8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:07:33.0721 0x0bd8 nfrd960 - ok
12:07:33.0731 0x0bd8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:07:33.0743 0x0bd8 NlaSvc - ok
12:07:33.0746 0x0bd8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:07:33.0767 0x0bd8 Npfs - ok
12:07:33.0770 0x0bd8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:07:33.0791 0x0bd8 nsi - ok
12:07:33.0794 0x0bd8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:07:33.0815 0x0bd8 nsiproxy - ok
12:07:33.0849 0x0bd8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:07:33.0881 0x0bd8 Ntfs - ok
12:07:33.0886 0x0bd8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:07:33.0907 0x0bd8 Null - ok
12:07:33.0913 0x0bd8 [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:07:33.0921 0x0bd8 NVHDA - ok
12:07:34.0152 0x0bd8 [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:07:34.0343 0x0bd8 nvlddmkm - ok
12:07:34.0388 0x0bd8 [ 4B1E6975B565883985FB43C3FD6C88C6, D4CCA860A9AFDF5D729885896B3034A55C4778FE0A333C06B8B71C20BF73A48A ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:07:34.0423 0x0bd8 NvNetworkService - ok
12:07:34.0431 0x0bd8 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:07:34.0439 0x0bd8 nvraid - ok
12:07:34.0445 0x0bd8 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:07:34.0453 0x0bd8 nvstor - ok
12:07:34.0456 0x0bd8 [ DD8043B662B1F0CFC037976E38271975, A129975AE17677783A76E8DBEC6D01709BC40202672AAB5BB72A8E19A285C4C9 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:07:34.0496 0x0bd8 NvStreamKms - ok
12:07:34.0497 0x0bd8 NvStreamSvc - ok
12:07:34.0523 0x0bd8 [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:07:34.0544 0x0bd8 nvsvc - ok
12:07:34.0548 0x0bd8 [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:07:34.0554 0x0bd8 nvvad_WaveExtensible - ok
12:07:34.0559 0x0bd8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:07:34.0567 0x0bd8 nv_agp - ok
12:07:34.0571 0x0bd8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:07:34.0578 0x0bd8 ohci1394 - ok
12:07:34.0656 0x0bd8 [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
12:07:34.0694 0x0bd8 Origin Client Service - ok
12:07:34.0701 0x0bd8 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:07:34.0708 0x0bd8 ose64 - ok
12:07:34.0831 0x0bd8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:07:34.0921 0x0bd8 osppsvc - ok
12:07:34.0937 0x0bd8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:07:34.0949 0x0bd8 p2pimsvc - ok
12:07:34.0960 0x0bd8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:07:34.0974 0x0bd8 p2psvc - ok
12:07:34.0978 0x0bd8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:07:34.0986 0x0bd8 Parport - ok
12:07:34.0990 0x0bd8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:07:34.0997 0x0bd8 partmgr - ok
12:07:35.0004 0x0bd8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:07:35.0013 0x0bd8 PcaSvc - ok
12:07:35.0019 0x0bd8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:07:35.0028 0x0bd8 pci - ok
12:07:35.0030 0x0bd8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:07:35.0035 0x0bd8 pciide - ok
12:07:35.0043 0x0bd8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:07:35.0051 0x0bd8 pcmcia - ok
12:07:35.0055 0x0bd8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:07:35.0061 0x0bd8 pcw - ok
12:07:35.0076 0x0bd8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:07:35.0093 0x0bd8 PEAUTH - ok
12:07:35.0115 0x0bd8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:07:35.0122 0x0bd8 PerfHost - ok
12:07:35.0153 0x0bd8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:07:35.0197 0x0bd8 pla - ok
12:07:35.0212 0x0bd8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:07:35.0225 0x0bd8 PlugPlay - ok
12:07:35.0228 0x0bd8 PnkBstrA - ok
12:07:35.0231 0x0bd8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:07:35.0238 0x0bd8 PNRPAutoReg - ok
12:07:35.0246 0x0bd8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:07:35.0258 0x0bd8 PNRPsvc - ok
12:07:35.0270 0x0bd8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:07:35.0299 0x0bd8 PolicyAgent - ok
12:07:35.0306 0x0bd8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:07:35.0330 0x0bd8 Power - ok
12:07:35.0334 0x0bd8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:07:35.0355 0x0bd8 PptpMiniport - ok
12:07:35.0359 0x0bd8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:07:35.0366 0x0bd8 Processor - ok
12:07:35.0373 0x0bd8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:07:35.0383 0x0bd8 ProfSvc - ok
12:07:35.0386 0x0bd8 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
12:07:35.0393 0x0bd8 ProtectedStorage - ok
12:07:35.0398 0x0bd8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:07:35.0420 0x0bd8 Psched - ok
12:07:35.0460 0x0bd8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:07:35.0492 0x0bd8 ql2300 - ok
12:07:35.0499 0x0bd8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:07:35.0507 0x0bd8 ql40xx - ok
12:07:35.0514 0x0bd8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:07:35.0528 0x0bd8 QWAVE - ok
12:07:35.0531 0x0bd8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:07:35.0542 0x0bd8 QWAVEdrv - ok
12:07:35.0544 0x0bd8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:07:35.0564 0x0bd8 RasAcd - ok
12:07:35.0568 0x0bd8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:07:35.0589 0x0bd8 RasAgileVpn - ok
12:07:35.0594 0x0bd8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:07:35.0617 0x0bd8 RasAuto - ok
12:07:35.0621 0x0bd8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:07:35.0643 0x0bd8 Rasl2tp - ok
12:07:35.0652 0x0bd8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:07:35.0678 0x0bd8 RasMan - ok
12:07:35.0683 0x0bd8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:07:35.0704 0x0bd8 RasPppoe - ok
12:07:35.0708 0x0bd8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:07:35.0729 0x0bd8 RasSstp - ok
12:07:35.0739 0x0bd8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:07:35.0764 0x0bd8 rdbss - ok
12:07:35.0768 0x0bd8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:07:35.0776 0x0bd8 rdpbus - ok
12:07:35.0778 0x0bd8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:07:35.0799 0x0bd8 RDPCDD - ok
12:07:35.0802 0x0bd8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:07:35.0823 0x0bd8 RDPENCDD - ok
12:07:35.0826 0x0bd8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:07:35.0847 0x0bd8 RDPREFMP - ok
12:07:35.0853 0x0bd8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:07:35.0861 0x0bd8 RDPWD - ok
12:07:35.0870 0x0bd8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:07:35.0879 0x0bd8 rdyboost - ok
12:07:35.0883 0x0bd8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:07:35.0905 0x0bd8 RemoteAccess - ok
12:07:35.0911 0x0bd8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:07:35.0934 0x0bd8 RemoteRegistry - ok
12:07:35.0938 0x0bd8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:07:35.0960 0x0bd8 RpcEptMapper - ok
12:07:35.0963 0x0bd8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:07:35.0970 0x0bd8 RpcLocator - ok
12:07:35.0984 0x0bd8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:07:36.0012 0x0bd8 RpcSs - ok
12:07:36.0016 0x0bd8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:07:36.0037 0x0bd8 rspndr - ok
12:07:36.0050 0x0bd8 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A, AB2615EB7313C02F6311143B27A426042A16925480ECBA6880448BE9818E9A39 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:07:36.0060 0x0bd8 RTL8167 - ok
12:07:36.0063 0x0bd8 [ 92EEA5F44DBFD36D794660A4E1F8DAC5, 42CFD442FB1ED7DF3B1324BD59E33FE113C3668041452090A85BCAC2F02DEE3D ] SAlphamHid C:\Windows\system32\DRIVERS\SAlpham64.sys
12:07:36.0069 0x0bd8 SAlphamHid - ok
12:07:36.0072 0x0bd8 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
12:07:36.0079 0x0bd8 SamSs - ok
12:07:36.0083 0x0bd8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:07:36.0089 0x0bd8 sbp2port - ok
12:07:36.0158 0x0bd8 [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:07:36.0182 0x0bd8 SBSDWSCService - ok
12:07:36.0190 0x0bd8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:07:36.0214 0x0bd8 SCardSvr - ok
12:07:36.0217 0x0bd8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:07:36.0238 0x0bd8 scfilter - ok
12:07:36.0261 0x0bd8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:07:36.0301 0x0bd8 Schedule - ok
12:07:36.0307 0x0bd8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:07:36.0328 0x0bd8 SCPolicySvc - ok
12:07:36.0334 0x0bd8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:07:36.0343 0x0bd8 SDRSVC - ok
12:07:36.0345 0x0bd8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:07:36.0366 0x0bd8 secdrv - ok
12:07:36.0369 0x0bd8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:07:36.0390 0x0bd8 seclogon - ok
12:07:36.0393 0x0bd8 [ C66245C07365872DC19A164C54CCDF7D, 1F378E96603398023B2A530E1E1CE42691EC5C9DDD33FE53BF8108BC0D428215 ] SEE C:\Windows\system32\drivers\see.sys
12:07:36.0398 0x0bd8 SEE - ok
12:07:36.0402 0x0bd8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:07:36.0424 0x0bd8 SENS - ok
12:07:36.0426 0x0bd8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:07:36.0433 0x0bd8 SensrSvc - ok
12:07:36.0436 0x0bd8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:07:36.0443 0x0bd8 Serenum - ok
12:07:36.0447 0x0bd8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:07:36.0454 0x0bd8 Serial - ok
12:07:36.0457 0x0bd8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:07:36.0464 0x0bd8 sermouse - ok
12:07:36.0471 0x0bd8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:07:36.0494 0x0bd8 SessionEnv - ok
12:07:36.0497 0x0bd8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:07:36.0505 0x0bd8 sffdisk - ok
12:07:36.0507 0x0bd8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:07:36.0515 0x0bd8 sffp_mmc - ok
12:07:36.0517 0x0bd8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:07:36.0526 0x0bd8 sffp_sd - ok
12:07:36.0528 0x0bd8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:07:36.0534 0x0bd8 sfloppy - ok
12:07:36.0545 0x0bd8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:07:36.0572 0x0bd8 SharedAccess - ok
12:07:36.0581 0x0bd8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:07:36.0608 0x0bd8 ShellHWDetection - ok
12:07:36.0611 0x0bd8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:07:36.0617 0x0bd8 SiSRaid2 - ok
12:07:36.0621 0x0bd8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:07:36.0627 0x0bd8 SiSRaid4 - ok
12:07:36.0632 0x0bd8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:07:36.0654 0x0bd8 Smb - ok
12:07:36.0665 0x0bd8 [ F26AAD9ADFC9B62AC59A004A913C92DA, BECD2B5E4A99F31A4BE28D9535A49BE517DD9F94A7A0C122A8FAEA4382C62595 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
12:07:36.0674 0x0bd8 snapman - ok
12:07:36.0677 0x0bd8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:07:36.0684 0x0bd8 SNMPTRAP - ok
12:07:36.0687 0x0bd8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:07:36.0692 0x0bd8 spldr - ok
12:07:36.0707 0x0bd8 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
12:07:36.0736 0x0bd8 Spooler - ok
12:07:36.0826 0x0bd8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:07:36.0905 0x0bd8 sppsvc - ok
12:07:36.0913 0x0bd8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:07:36.0935 0x0bd8 sppuinotify - ok
12:07:36.0944 0x0bd8 [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:07:36.0952 0x0bd8 SQLBrowser - ok
12:07:36.0958 0x0bd8 [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:07:36.0965 0x0bd8 SQLWriter - ok
12:07:36.0978 0x0bd8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:07:36.0993 0x0bd8 srv - ok
12:07:37.0005 0x0bd8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:07:37.0018 0x0bd8 srv2 - ok
12:07:37.0024 0x0bd8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:07:37.0032 0x0bd8 srvnet - ok
12:07:37.0039 0x0bd8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:07:37.0063 0x0bd8 SSDPSRV - ok
12:07:37.0067 0x0bd8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:07:37.0089 0x0bd8 SstpSvc - ok
12:07:37.0107 0x0bd8 [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:07:37.0125 0x0bd8 Steam Client Service - ok
12:07:37.0138 0x0bd8 [ C64C157B167FE562E8670984E72C25FA, 9302C82A75CA65515297B72F3A6230307AAE0B14FD8C9C7FA343F7B62E5ED376 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:07:37.0149 0x0bd8 Stereo Service - ok
12:07:37.0152 0x0bd8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:07:37.0158 0x0bd8 stexstor - ok
12:07:37.0172 0x0bd8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:07:37.0192 0x0bd8 stisvc - ok
12:07:37.0195 0x0bd8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:07:37.0201 0x0bd8 swenum - ok
12:07:37.0214 0x0bd8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:07:37.0244 0x0bd8 swprv - ok
12:07:37.0279 0x0bd8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:07:37.0318 0x0bd8 SysMain - ok
12:07:37.0325 0x0bd8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:07:37.0337 0x0bd8 TabletInputService - ok
12:07:37.0345 0x0bd8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:07:37.0370 0x0bd8 TapiSrv - ok
12:07:37.0374 0x0bd8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:07:37.0396 0x0bd8 TBS - ok
12:07:37.0434 0x0bd8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:07:37.0470 0x0bd8 Tcpip - ok
12:07:37.0509 0x0bd8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:07:37.0546 0x0bd8 TCPIP6 - ok
12:07:37.0553 0x0bd8 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:07:37.0574 0x0bd8 tcpipreg - ok
12:07:37.0577 0x0bd8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:07:37.0583 0x0bd8 TDPIPE - ok
12:07:37.0586 0x0bd8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:07:37.0592 0x0bd8 TDTCP - ok
12:07:37.0596 0x0bd8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:07:37.0618 0x0bd8 tdx - ok
12:07:37.0621 0x0bd8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:07:37.0627 0x0bd8 TermDD - ok
12:07:37.0642 0x0bd8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:07:37.0660 0x0bd8 TermService - ok
12:07:37.0664 0x0bd8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:07:37.0675 0x0bd8 Themes - ok
12:07:37.0678 0x0bd8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:07:37.0700 0x0bd8 THREADORDER - ok
12:07:37.0705 0x0bd8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:07:37.0729 0x0bd8 TrkWks - ok
12:07:37.0734 0x0bd8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:07:37.0757 0x0bd8 TrustedInstaller - ok
12:07:37.0761 0x0bd8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:07:37.0767 0x0bd8 tssecsrv - ok
12:07:37.0770 0x0bd8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:07:37.0776 0x0bd8 TsUsbFlt - ok
12:07:37.0781 0x0bd8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:07:37.0803 0x0bd8 tunnel - ok
12:07:37.0806 0x0bd8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:07:37.0813 0x0bd8 uagp35 - ok
12:07:37.0823 0x0bd8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:07:37.0847 0x0bd8 udfs - ok
12:07:37.0852 0x0bd8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:07:37.0860 0x0bd8 UI0Detect - ok
12:07:37.0864 0x0bd8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:07:37.0870 0x0bd8 uliagpkx - ok
12:07:37.0873 0x0bd8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:07:37.0880 0x0bd8 umbus - ok
12:07:37.0883 0x0bd8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:07:37.0889 0x0bd8 UmPass - ok
12:07:37.0899 0x0bd8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:07:37.0926 0x0bd8 upnphost - ok
12:07:37.0930 0x0bd8 [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:07:37.0934 0x0bd8 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
12:07:40.0272 0x0bd8 Detect skipped due to KSN trusted
12:07:40.0272 0x0bd8 USBAAPL64 - ok
12:07:40.0282 0x0bd8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:07:40.0296 0x0bd8 usbaudio - ok
12:07:40.0302 0x0bd8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:07:40.0312 0x0bd8 usbccgp - ok
12:07:40.0318 0x0bd8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:07:40.0328 0x0bd8 usbcir - ok
12:07:40.0333 0x0bd8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:07:40.0342 0x0bd8 usbehci - ok
12:07:40.0354 0x0bd8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:07:40.0368 0x0bd8 usbhub - ok
12:07:40.0371 0x0bd8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:07:40.0377 0x0bd8 usbohci - ok
12:07:40.0380 0x0bd8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:07:40.0388 0x0bd8 usbprint - ok
12:07:40.0392 0x0bd8 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:07:40.0400 0x0bd8 USBSTOR - ok
12:07:40.0403 0x0bd8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:07:40.0409 0x0bd8 usbuhci - ok
12:07:40.0412 0x0bd8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:07:40.0434 0x0bd8 UxSms - ok
12:07:40.0437 0x0bd8 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
12:07:40.0444 0x0bd8 VaultSvc - ok
12:07:40.0447 0x0bd8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:07:40.0453 0x0bd8 vdrvroot - ok
12:07:40.0465 0x0bd8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:07:40.0495 0x0bd8 vds - ok
12:07:40.0498 0x0bd8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:07:40.0507 0x0bd8 vga - ok
12:07:40.0509 0x0bd8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:07:40.0531 0x0bd8 VgaSave - ok
12:07:40.0538 0x0bd8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:07:40.0546 0x0bd8 vhdmp - ok
12:07:40.0549 0x0bd8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:07:40.0555 0x0bd8 viaide - ok
12:07:40.0559 0x0bd8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:07:40.0565 0x0bd8 volmgr - ok
12:07:40.0576 0x0bd8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:07:40.0588 0x0bd8 volmgrx - ok
12:07:40.0595 0x0bd8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:07:40.0605 0x0bd8 volsnap - ok
12:07:40.0612 0x0bd8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:07:40.0620 0x0bd8 vsmraid - ok
12:07:40.0653 0x0bd8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:07:40.0700 0x0bd8 VSS - ok
12:07:40.0704 0x0bd8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:07:40.0713 0x0bd8 vwifibus - ok
12:07:40.0716 0x0bd8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:07:40.0726 0x0bd8 vwififlt - ok
12:07:40.0729 0x0bd8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:07:40.0738 0x0bd8 vwifimp - ok
12:07:40.0749 0x0bd8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:07:40.0775 0x0bd8 W32Time - ok
12:07:40.0779 0x0bd8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:07:40.0786 0x0bd8 WacomPen - ok
12:07:40.0790 0x0bd8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:07:40.0801 0x0bd8 WANARP - ok
12:07:40.0811 0x0bd8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:07:40.0831 0x0bd8 Wanarpv6 - ok
12:07:40.0861 0x0bd8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:07:40.0891 0x0bd8 wbengine - ok
12:07:40.0901 0x0bd8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:07:40.0911 0x0bd8 WbioSrvc - ok
12:07:40.0921 0x0bd8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:07:40.0941 0x0bd8 wcncsvc - ok
12:07:40.0941 0x0bd8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:07:40.0951 0x0bd8 WcsPlugInService - ok
12:07:40.0961 0x0bd8 [ E47E66538692B1CFD6CC8021546FCC83, EF8EB285D815437B1E6A2A78AE4C2FC751C77ACEA4EB626E092D8E6012D725EF ] WCUService_STC_FF C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
12:07:40.0971 0x0bd8 WCUService_STC_FF - ok
12:07:40.0991 0x0bd8 [ 147C60622CB53E901EFD8BB6D44A4C46, 453E9DDBE17C9C54C60BD160BBA045B39914A70B6DF7B6C530D68333944C43FB ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
12:07:41.0001 0x0bd8 WCUService_STC_IE - ok
12:07:41.0001 0x0bd8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:07:41.0011 0x0bd8 Wd - ok
12:07:41.0031 0x0bd8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:07:41.0051 0x0bd8 Wdf01000 - ok
12:07:41.0051 0x0bd8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:07:41.0061 0x0bd8 WdiServiceHost - ok
12:07:41.0071 0x0bd8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:07:41.0081 0x0bd8 WdiSystemHost - ok
12:07:41.0081 0x0bd8 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
12:07:41.0101 0x0bd8 WebClient - ok
12:07:41.0111 0x0bd8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:07:41.0131 0x0bd8 Wecsvc - ok
12:07:41.0131 0x0bd8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:07:41.0161 0x0bd8 wercplsupport - ok
12:07:41.0161 0x0bd8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:07:41.0181 0x0bd8 WerSvc - ok
12:07:41.0181 0x0bd8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:07:41.0201 0x0bd8 WfpLwf - ok
12:07:41.0211 0x0bd8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:07:41.0211 0x0bd8 WIMMount - ok
12:07:41.0211 0x0bd8 WinDefend - ok
12:07:41.0221 0x0bd8 WinHttpAutoProxySvc - ok
12:07:41.0221 0x0bd8 WinI2C-DDC - ok
12:07:41.0231 0x0bd8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:07:41.0261 0x0bd8 Winmgmt - ok
12:07:41.0301 0x0bd8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:07:41.0355 0x0bd8 WinRM - ok
12:07:41.0363 0x0bd8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:07:41.0372 0x0bd8 WinUsb - ok
12:07:41.0395 0x0bd8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:07:41.0420 0x0bd8 Wlansvc - ok
12:07:41.0465 0x0bd8 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:07:41.0504 0x0bd8 wlidsvc - ok
12:07:41.0514 0x0bd8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:07:41.0514 0x0bd8 WmiAcpi - ok
12:07:41.0524 0x0bd8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:07:41.0534 0x0bd8 wmiApSrv - ok
12:07:41.0534 0x0bd8 WMPNetworkSvc - ok
12:07:41.0544 0x0bd8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:07:41.0544 0x0bd8 WPCSvc - ok
12:07:41.0554 0x0bd8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:07:41.0564 0x0bd8 WPDBusEnum - ok
12:07:41.0564 0x0bd8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:07:41.0584 0x0bd8 ws2ifsl - ok
12:07:41.0584 0x0bd8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:07:41.0604 0x0bd8 wscsvc - ok
12:07:41.0604 0x0bd8 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:07:41.0614 0x0bd8 WSDPrintDevice - ok
12:07:41.0614 0x0bd8 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys
12:07:41.0624 0x0bd8 WSDScan - ok
12:07:41.0624 0x0bd8 WSearch - ok
12:07:41.0674 0x0bd8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
12:07:41.0724 0x0bd8 wuauserv - ok
12:07:41.0724 0x0bd8 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:07:41.0754 0x0bd8 WudfPf - ok
12:07:41.0754 0x0bd8 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:07:41.0774 0x0bd8 WUDFRd - ok
12:07:41.0784 0x0bd8 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:07:41.0804 0x0bd8 wudfsvc - ok
12:07:41.0814 0x0bd8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:07:41.0824 0x0bd8 WwanSvc - ok
12:07:41.0824 0x0bd8 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
12:07:41.0834 0x0bd8 xusb21 - ok
12:07:41.0844 0x0bd8 ================ Scan global ===============================
12:07:41.0844 0x0bd8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:07:41.0844 0x0bd8 [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
12:07:41.0854 0x0bd8 [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
12:07:41.0864 0x0bd8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:07:41.0874 0x0bd8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:07:41.0874 0x0bd8 [ Global ] - ok
12:07:41.0874 0x0bd8 ================ Scan MBR ==================================
12:07:41.0874 0x0bd8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:07:41.0974 0x0bd8 \Device\Harddisk0\DR0 - ok
12:07:41.0984 0x0bd8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:07:42.0154 0x0bd8 \Device\Harddisk1\DR1 - ok
12:07:42.0164 0x0bd8 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk2\DR2
12:07:42.0224 0x0bd8 \Device\Harddisk2\DR2 - ok
12:07:42.0224 0x0bd8 ================ Scan VBR ==================================
12:07:42.0224 0x0bd8 [ 72A3471637CA02F7B3B1E149FE37949A ] \Device\Harddisk0\DR0\Partition1
12:07:42.0224 0x0bd8 \Device\Harddisk0\DR0\Partition1 - ok
12:07:42.0234 0x0bd8 [ DE3B3D26C79A40C422ED19959C39C4BD ] \Device\Harddisk1\DR1\Partition1
12:07:42.0254 0x0bd8 \Device\Harddisk1\DR1\Partition1 - ok
12:07:42.0264 0x0bd8 [ 9E5DB219C3DAB8EA95A71EB72D465328 ] \Device\Harddisk2\DR2\Partition1
12:07:42.0264 0x0bd8 \Device\Harddisk2\DR2\Partition1 - ok
12:07:42.0264 0x0bd8 ================ Scan generic autorun ======================
12:07:42.0274 0x0bd8 [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
12:07:42.0284 0x0bd8 BCSSync - ok
12:07:42.0284 0x0bd8 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
12:07:42.0294 0x0bd8 IgfxTray - ok
12:07:42.0314 0x0bd8 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
12:07:42.0324 0x0bd8 HotKeysCmds - ok
12:07:42.0334 0x0bd8 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
12:07:42.0344 0x0bd8 Persistence - ok
12:07:42.0404 0x0bd8 [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:07:42.0454 0x0bd8 NvBackend - ok
12:07:42.0454 0x0bd8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:07:42.0464 0x0bd8 ShadowPlay - ok
12:07:42.0474 0x0bd8 [ F96C73D7D525174B80CFD865A5D7E083, 06E7ACA4B9496CF0505F623DC4516A893E7A70EA37EAB27EA943C8831D221F40 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:07:42.0484 0x0bd8 IAStorIcon - ok
12:07:42.0554 0x0bd8 [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] D:\Program Files (x86)\iTunes\iTunesHelper.exe
12:07:42.0554 0x0bd8 iTunesHelper - ok
12:07:42.0604 0x0bd8 [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] D:\Program Files (x86)\PDF24\pdf24.exe
12:07:42.0624 0x0bd8 PDFPrint - ok
12:07:42.0654 0x0bd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:07:42.0684 0x0bd8 Sidebar - ok
12:07:42.0684 0x0bd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:07:42.0694 0x0bd8 mctadmin - ok
12:07:42.0724 0x0bd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:07:42.0744 0x0bd8 Sidebar - ok
12:07:42.0754 0x0bd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:07:42.0764 0x0bd8 mctadmin - ok
12:07:42.0854 0x0bd8 [ 8DACA62F3E15E45EBAF7AE51A609CBC1, 5FACF0EA36572E7228EB2808731ED00DD08B481937569E71C3A537D7E65022AD ] D:\Program Files (x86)\Steam\steam.exe
12:07:42.0904 0x0bd8 Steam - ok
12:07:42.0974 0x0bd8 [ 390679F7A217A5E73D756276C40AE887, 3EDFB645B2F58864E653C66516D6D48C4F9D691CFD51D91D4D88E316EE7B7177 ] D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
12:07:43.0014 0x0bd8 SpybotSD TeaTimer - detected UnsignedFile.Multi.Generic ( 1 )
12:07:45.0346 0x0bd8 Detect skipped due to KSN trusted
12:07:45.0346 0x0bd8 SpybotSD TeaTimer - ok
12:07:45.0359 0x0bd8 [ 146F096060E2906CF579CF0096ED85CB, 8E633A025C2026463298E6170C82FD8203A705DC493183432684566484533F42 ] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
12:07:45.0372 0x0bd8 SteelSeries Engine - detected UnsignedFile.Multi.Generic ( 1 )
12:07:47.0903 0x0bd8 Detect skipped due to KSN trusted
12:07:47.0903 0x0bd8 SteelSeries Engine - ok
12:07:48.0067 0x0bd8 [ 36C55F2645D61F15457D23B56F0149DA, 410DDEA347DD8AA58838560CC01AABD3F7D40A6879482AADD09BC4A82E26D48D ] D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
12:07:48.0194 0x0bd8 GalaxyClient - ok
12:07:48.0207 0x0bd8 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
12:07:48.0213 0x0bd8 Dropbox Update - ok
12:07:48.0213 0x0bd8 Waiting for KSN requests completion. In queue: 79
12:07:49.0213 0x0bd8 Waiting for KSN requests completion. In queue: 2
12:07:50.0213 0x0bd8 Waiting for KSN requests completion. In queue: 2
12:07:51.0223 0x0bd8 Win FW state via NFP2: enabled ( trusted )
12:07:53.0578 0x0bd8 ============================================================
12:07:53.0578 0x0bd8 Scan finished
12:07:53.0578 0x0bd8 ============================================================
12:07:53.0586 0x12c4 Detected object count: 0
12:07:53.0586 0x12c4 Actual detected object count: 0
|
|
25.07.2015, 11:09
| #4 |
| | Festplatte füllt und leert sich selbstständig FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by TSK (administrator) on TSK-PC on 25-07-2015 11:56:44
Running from C:\Users\TSK\Desktop
Loaded Profiles: TSK (Available Profiles: TSK)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Dropbox, Inc.) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Users\TSK\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [SpybotSD TeaTimer] => D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [239104 2013-02-06] (SteelSeries ApS)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7247416 2015-07-20] (GOG.com)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [Dropbox Update] => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
Startup: C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-05-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zenimax Launcher.lnk [2014-01-09]
ShortcutTarget: Zenimax Launcher.lnk -> D:\Program Files (x86)\Zenimax Online\Launcher\Bethesda.net_Launcher.exe (No File)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {269C069F-43BD-4245-8ADB-8EE265057163} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {6A2FA341-331E-421e-9B67-5C00501C6F1D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {AE27EA29-0A68-4bee-98A4-623994B4BDE3} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0643C37E-5534-4489-941C-0F6F78949918}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A8FD029E-32DA-4DA6-A0EC-3BAC3E53C00E}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default
FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/971030084/proxy.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\system32\npdeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2232650930-980712706-877487117-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: GFACE Experience Plugin - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: FoxyProxy Standard - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\foxyproxy@eric.h.jung [2015-01-04]
FF Extension: Premiumize.me - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2015-01-04]
FF Extension: web Player - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{07a56c5c-9aba-46d7-876a-2aaab7932900}.xpi [2014-06-15]
FF Extension: {b26ec7aa-f2b6-4ddc-800e-5c43e181fe95} - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{b26ec7aa-f2b6-4ddc-800e-5c43e181fe95}.xpi [2014-06-11]
FF Extension: Adblock Plus - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-24]
Chrome:
=======
CHR Profile: C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18]
CHR Extension: (Google Drive) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18]
CHR Extension: (YouTube) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18]
CHR Extension: (Google Search) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-02-14]
CHR Extension: (Hola Better Internet Engine) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-11-16]
CHR Extension: (SciLor's Grooveshark(tm) Unlocker) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob [2014-04-18]
CHR Extension: (AdBlock) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Gmail) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-20] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S2 MSSQL$BWDATOOLSET; D:\Downloads\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-09-18] ()
R2 SBSDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-06] (DT Soft Ltd)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0025.sys [28768 2014-11-18] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-01-10] (SteelSeries Corporation)
S3 SEE; C:\Windows\System32\drivers\see.sys [38240 2014-11-18] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [File not signed]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S2 WinI2C-DDC; \??\C:\Windows\system32\drivers\DDCDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 11:56 - 2015-07-25 11:56 - 00024559 _____ C:\Users\TSK\Desktop\FRST.txt
2015-07-25 11:56 - 2015-07-25 11:56 - 00000000 ____D C:\FRST
2015-07-25 11:55 - 2015-07-25 11:55 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\TSK\Desktop\tdsskiller.exe
2015-07-25 11:55 - 2015-07-25 11:55 - 02135552 _____ (Farbar) C:\Users\TSK\Desktop\FRST64.exe
2015-07-25 10:49 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-25 10:49 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-25 10:49 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-25 10:49 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-25 10:32 - 2015-07-25 10:32 - 00000000 ____D C:\Users\TSK\AppData\Roaming\JAM Software
2015-07-25 10:32 - 2015-07-25 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-07-25 10:28 - 2015-07-25 10:28 - 00096362 _____ C:\Users\TSK\Desktop\OTL.Txt
2015-07-25 10:23 - 2015-07-25 10:23 - 00002995 _____ C:\Users\TSK\Desktop\AdwCleaner[S1].txt
2015-07-16 16:35 - 2015-07-25 11:27 - 00002184 _____ C:\Windows\setupact.log
2015-07-16 16:35 - 2015-07-16 16:35 - 00000000 _____ C:\Windows\setuperr.log
2015-07-15 11:19 - 2015-07-16 09:24 - 00000000 ____D C:\Users\TSK\Documents\Darkest
2015-07-15 10:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 10:06 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 10:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 10:06 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 10:06 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 10:06 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 10:06 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 10:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 10:06 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 10:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 10:06 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 10:06 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 10:06 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 10:06 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 10:06 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 10:06 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 10:06 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 10:06 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 10:06 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 10:06 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 10:06 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 10:05 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 10:05 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 10:05 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 10:05 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 10:05 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 10:05 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 10:05 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 10:05 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:05 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 10:05 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 10:05 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 10:05 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 10:05 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 10:05 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:05 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 10:05 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:05 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 10:05 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 10:05 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 10:05 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 10:05 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 10:05 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 10:05 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 10:05 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 10:05 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 10:05 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 10:05 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 10:05 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 10:05 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 10:05 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 10:05 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 10:05 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 10:05 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 10:05 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 10:05 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 10:05 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 10:05 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 10:05 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 10:05 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 10:05 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 10:05 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 10:05 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 10:05 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 10:05 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 10:03 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 10:03 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 10:03 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 10:03 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 10:03 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 10:03 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 10:03 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 10:03 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 10:03 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 10:03 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 10:03 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 10:03 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 10:03 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 10:03 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 10:03 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 10:03 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 10:03 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 10:03 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 10:03 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 10:03 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 10:03 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 10:03 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 10:03 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 10:03 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 10:03 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 10:03 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 10:03 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-13 14:12 - 2015-07-13 14:12 - 00000000 ____D C:\Users\TSK\Documents\Telltale Games
2015-07-11 12:55 - 2015-07-16 14:33 - 00000000 ____D C:\Users\TSK\AppData\Roaming\DVDVideoSoft
2015-07-11 11:56 - 2015-07-11 11:56 - 00000000 ____D C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-10 21:52 - 2015-07-10 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS
2015-06-27 12:29 - 2015-06-27 12:29 - 00000736 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 11:56 - 2012-05-14 21:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 11:46 - 2014-04-18 19:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 11:18 - 2015-06-17 17:06 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job
2015-07-25 11:18 - 2015-06-17 17:06 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job
2015-07-25 11:13 - 2015-06-17 17:06 - 00004186 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA
2015-07-25 11:13 - 2015-06-17 17:06 - 00003790 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core
2015-07-25 11:09 - 2009-07-14 06:45 - 00020208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 11:09 - 2009-07-14 06:45 - 00020208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 11:08 - 2009-07-14 19:58 - 00749336 _____ C:\Windows\system32\perfh007.dat
2015-07-25 11:08 - 2009-07-14 19:58 - 00168106 _____ C:\Windows\system32\perfc007.dat
2015-07-25 11:08 - 2009-07-14 07:13 - 01761708 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-25 11:06 - 2015-05-17 21:59 - 01560464 _____ C:\Windows\WindowsUpdate.log
2015-07-25 11:02 - 2014-04-18 19:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 11:02 - 2012-05-06 20:52 - 00000000 ____D C:\Users\TSK\AppData\Roaming\Dropbox
2015-07-25 11:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 11:01 - 2015-04-16 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-25 11:01 - 2009-07-14 06:45 - 00408520 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-25 10:53 - 2015-05-17 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-07-25 10:35 - 2012-05-06 20:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-25 10:22 - 2014-07-06 10:37 - 00000000 ____D C:\AdwCleaner
2015-07-16 09:56 - 2012-05-14 21:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 09:56 - 2012-05-14 21:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 09:56 - 2012-05-14 21:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 09:41 - 2014-04-18 19:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 09:41 - 2014-04-18 19:44 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 09:35 - 2015-01-04 13:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 09:35 - 2014-12-07 10:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 15:10 - 2012-05-06 20:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 15:07 - 2013-08-14 22:34 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 11:19 - 2015-05-02 17:02 - 00000000 ____D C:\Users\TSK\AppData\Roaming\NVIDIA
2015-07-15 11:19 - 2012-12-01 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-12 12:11 - 2015-06-15 20:46 - 00001660 _____ C:\Windows\PFRO.log
2015-07-11 12:53 - 2015-06-15 10:41 - 00036794 _____ C:\Windows\DirectX.log
2015-07-11 12:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-06 23:20 - 2012-05-06 20:58 - 00000000 ____D C:\Windows\Minidump
2015-07-03 08:43 - 2012-05-10 12:06 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-01 10:12 - 2015-05-19 08:02 - 00000000 ____D C:\Users\TSK\Documents\The Witcher 3
2015-06-27 12:30 - 2012-05-07 14:05 - 00000000 ____D C:\Users\TSK\Documents\Nexus Mod Manager
2015-06-27 12:30 - 2012-05-06 22:37 - 00000000 ____D C:\Users\TSK\AppData\Local\Skyrim
2015-06-27 12:29 - 2014-11-09 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-06-25 23:59 - 2012-11-23 20:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
==================== Files in the root of some directories =======
2014-01-07 23:25 - 2014-01-07 23:25 - 0000037 ___SH () C:\Users\TSK\AppData\Local\70149b02515b3bb20dd492.47983420
Some files in TEMP:
====================
C:\Users\TSK\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyymxtj.dll
C:\Users\TSK\AppData\Local\Temp\Quarantine.exe
C:\Users\TSK\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 15:55
==================== End of log ============================
|
|
25.07.2015, 11:09
| #5 |
| | Festplatte füllt und leert sich selbstständig Addition [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by TSK at 2015-07-25 11:57:01
Running from C:\Users\TSK\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2232650930-980712706-877487117-500 - Administrator - Disabled)
Gast (S-1-5-21-2232650930-980712706-877487117-501 - Limited - Enabled)
TSK (S-1-5-21-2232650930-980712706-877487117-1000 - Administrator - Enabled) => C:\Users\TSK
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1998142718.48.56.41167770 - Audible, Inc.)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - )
ContentMod2.6 (HKLM-x32\...\ContentMod_2.6) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
Curse Client (HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version: - )
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
Dropbox (HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Knights of Honor (HKLM-x32\...\Steam App 25830) (Version: - Black Sea Studios Ltd)
Leviathan: Warships (HKLM-x32\...\Steam App 202270) (Version: - Pieces Interactive)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mumble 1.3.0 (HKLM\...\{5CF49B6B-598B-4944-8A8E-B1B34E6ECB6F}) (Version: 1.3.0 - The Mumble team)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.7 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Parallels runtime modules (x32 Version: 1.00.0000 - Parallels) Hidden
Parallels USB Driver (x32 Version: 6.00.23350 - Parallels) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Penny Arcade's On the Rain-Slick Precipice of Darkness 4 (HKLM-x32\...\Steam App 237570) (Version: - Zeboyd Games)
Postal 2 - Apocalypse Weekend (HKLM-x32\...\Postal 2 - Apocalypse Weekend) (Version: - )
Postal 2 - Share The Pain (HKLM-x32\...\Postal 2 - Share The Pain) (Version: - )
Realistic Colors and Real Nights 3.0.1 - HDR Edition - (HKLM-x32\...\Realistic Colors and Real Nights 3.0.1 - HDR Edition -) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SnapAPI (x32 Version: 4.2.709 - Acronis) Hidden
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version: - SSC Localization Group)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.7.3047.30645 - SteelSeries)
Tales from the Borderlands (HKLM-x32\...\1432213337_is1) (Version: 2.1.0.2 - GOG.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.7.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
TripleA Version 1_7_0_3 (HKLM-x32\...\TripleAVersion1_7_0_3) (Version: - )
TripleA Version 1_8_0_3 (HKLM-x32\...\TripleAVersion1_8_0_3) (Version: - )
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Datacolor (Spyder3) USB (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{9e177f9e-27b6-4a84-9037-eab4b82868e3}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-01-13 00:24 - 00450752 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E4558E8-1388-4CB2-8499-9BA89236AA30} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {1609CAE3-61A6-4EC9-8CBB-44AC9B153B6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {6EE1111F-D08B-4B71-BE34-766B1AD60053} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {7E57F72C-F856-4227-A3E0-6E8089F0CC31} - System32\Tasks\{7C29FCC2-7733-474E-9577-EF1F9F2369E1} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {96FCD9BF-49CD-4801-B7FF-F56D16AB088F} - System32\Tasks\{4A483AA4-33C3-4A41-8E61-430241C68B28} => pcalua.exe -a "D:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries\Launcher.exe" -d "D:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries"
Task: {9DEF66E7-BA9C-4E37-9858-CB01D59AFBB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AB02F77F-807A-4B3A-A242-10E47B69D3CB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {C5E47D3B-3B80-4F50-9564-BB626F49FC4E} - System32\Tasks\{A0F26065-B8E6-43EC-AEA7-DD1A05A66449} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {DECCCFA2-6E7F-4879-B8D6-BAADF6471504} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {F1FF2A19-9D5F-4282-A04E-FB8EC18EA7CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {F2D2070C-D795-45A1-9210-1179BFB074E9} - System32\Tasks\{0A9F147B-8610-4C94-BC48-E425BFDBD47E} => pcalua.exe -a "D:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/39500
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2012-12-01 17:30 - 2013-09-18 21:25 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-16 19:28 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-06 20:43 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-05-06 20:31 - 2011-04-10 04:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00603136 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00175616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2013-04-01 18:46 - 2015-07-19 15:54 - 00089915 _____ () C:\Users\TSK\AppData\Local\Temp\d12d05b4-91e4-4bef-b454-f07710dc01b4\CliSecureRT64.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00269824 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00142336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 09435648 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00198144 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00349184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00172032 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00306688 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00154112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00168960 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00156160 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-16 19:35 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-25 11:02 - 2015-07-25 11:02 - 00043008 _____ () c:\users\tsk\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyymxtj.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-10-16 17:02 - 2014-10-16 17:02 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2012-05-06 20:34 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-03-12 18:10 - 2015-04-16 19:40 - 00776192 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 23:21 - 2015-04-23 04:16 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2015-01-19 23:21 - 2015-04-23 04:16 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 23:21 - 2015-04-23 04:16 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 19:38 - 2015-06-04 20:56 - 02407104 _____ () D:\Program Files (x86)\Steam\video.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 02396672 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 00479744 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2012-02-11 16:16 - 2015-06-04 20:56 - 00703168 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-02-11 16:16 - 2015-05-11 21:01 - 36302728 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-14 09:16 - 2015-05-11 21:01 - 08958344 _____ () D:\Program Files (x86)\Steam\bin\pdf.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-14 19:43 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 19:43 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\TSK\Desktop\aWZ2wEK_460s.jpg:com.dropbox.attributes
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: SCBackService => 2
MSCONFIG\Services: WCUService_STC_IE => 2
MSCONFIG\startupfolder: C:^Users^TSK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EIZO EasyPIX.lnk => C:\Windows\pss\EIZO EasyPIX.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EasyPIXCore => "D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe"
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: STCAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
MSCONFIG\startupreg: ZyngaGamesAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D0D30725-FFDD-43A6-A681-582C84F5387A}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3AE695D4-4665-4152-961C-DC32916E3DE4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E0B9DA6-2ECD-4F30-872A-F545A8A4724B}] => (Allow) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5D593C93-F9EB-489E-8DC6-E015FB22160F}] => (Allow) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{BAABF21E-5B3A-4DA3-8A69-955571F36797}C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe] => (Allow) C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe
FirewallRules: [UDP Query User{9DCD5E7B-FAF8-4872-BB35-3004CE9DAC72}C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe] => (Allow) C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe
FirewallRules: [TCP Query User{BCF8E1C4-F015-4D5D-861F-595BC74FFF00}D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{D9C15FEB-69D8-4250-9F38-BAFAABC0D905}D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{B201688A-47B4-4073-9369-078D7334CF2D}C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6533D624-16F8-419A-8904-5E6B9BD20601}C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4B024105-6E0E-441D-917D-4BBC5E09FF53}D:\downloads\diablo-iii-8370-dede-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [UDP Query User{FD25BEF3-DD2A-4E48-9B39-B4B47F447065}D:\downloads\diablo-iii-8370-dede-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [{6853CD0B-B222-48FA-960C-F2602A73CCA3}] => (Allow) D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe
FirewallRules: [{E915AEE6-8A39-45FF-8F6A-AFBA07EB0630}] => (Allow) D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe
FirewallRules: [{3D389463-6911-410D-B81B-912767978CD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{14264450-AB67-44A8-9C42-A85EC10E23C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{AE523EF3-A9CA-41C4-8197-29292AD0FC5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{DFD7446D-1FAB-48F3-A876-75AA61D724C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [TCP Query User{21A2ECC1-8960-4736-B5EE-4E4AE0E49E57}D:\program files\eizo\eizo easypix core\ep_eacore.exe] => (Allow) D:\program files\eizo\eizo easypix core\ep_eacore.exe
FirewallRules: [UDP Query User{D1AE69D7-23F0-4906-AF46-BCFA5666C89C}D:\program files\eizo\eizo easypix core\ep_eacore.exe] => (Allow) D:\program files\eizo\eizo easypix core\ep_eacore.exe
FirewallRules: [TCP Query User{654FC5D9-BA8A-4A67-AE5A-2A6420A691B3}D:\downloads\diablo-iii-8370-engb-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-engb-installer-downloader.exe
FirewallRules: [UDP Query User{8E11BFFC-4D44-4B37-99E2-9FE442F09137}D:\downloads\diablo-iii-8370-engb-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-engb-installer-downloader.exe
FirewallRules: [{8D99FC34-3390-4CFD-9E5F-34D9C5CAEABF}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{95644706-F3A2-4CBD-AEA7-1B22485C884B}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E3839F1D-72FE-4503-A5C7-CC0B06007619}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{021982FF-B36A-4EA3-859A-D37AECFFCC43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{E2EDF72B-D8A7-439F-89A1-692F3592C0B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [{DD0C543E-772E-4D62-A259-A1E6962D2722}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [TCP Query User{FCF8243B-7A67-4440-B37A-72D8E0919B2B}C:\users\tsk\appdata\local\temp\gw2.exe] => (Allow) C:\users\tsk\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{B184EC7C-F6EA-47EF-AD8D-3A0C7B40BCD9}C:\users\tsk\appdata\local\temp\gw2.exe] => (Allow) C:\users\tsk\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{F9C9D214-3430-4073-9930-7EC18CE17EED}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{12C4455A-F857-421F-93A6-9052135501B4}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [{A145F7E5-804F-400E-BC43-3A140FED5BC5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{6AC240D7-BC97-4897-B4FA-B6F1FE3F83EB}D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{D716C1AB-5460-4D32-83F6-F0DE2A397FD7}D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{1A0A46A9-666A-43E9-ACCB-38D49A872ED1}D:\jdownloader\jre\bin\javaw.exe] => (Allow) D:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4ADBA8C0-E3C8-4F2A-BC5E-57C2965B8B27}D:\jdownloader\jre\bin\javaw.exe] => (Allow) D:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{0F4C77D0-6E68-471A-A4FA-466E55072DD7}D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{9B8BC567-4EAB-487A-84C9-9CDFA6B44445}D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{037441F9-ED70-4CF8-8AE8-DD4C2C423B13}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{FF0FA164-8276-49C7-BC5E-6D56D21F4C33}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{F5A4EB06-757A-431B-B4D5-7EBD9F8595D4}D:\downloads\dead space 2\deadspace2.exe] => (Allow) D:\downloads\dead space 2\deadspace2.exe
FirewallRules: [UDP Query User{B00F2B16-7933-45A7-ACCC-DB9A2C80F31E}D:\downloads\dead space 2\deadspace2.exe] => (Allow) D:\downloads\dead space 2\deadspace2.exe
FirewallRules: [{6B14C0AF-AD0F-42F2-8A7A-051064A5DF04}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{EF908D24-7CB8-4888-B595-2874D3E5C123}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{906D5D74-1CF5-4511-871D-F5868562E67F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{59082A65-FAAA-4512-BB5E-86BB3EA38639}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{B3126EA9-EAFF-493A-B6AB-9AE584F7961D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS_Demo\bin\SteamDemoCastlevaniaLoSUE.exe
FirewallRules: [{E720B376-4D90-4BC5-85E9-AF6045F1A90E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS_Demo\bin\SteamDemoCastlevaniaLoSUE.exe
FirewallRules: [{67D5DADC-2CE7-4ECB-B93C-EE2EEC4567C1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{A5D87FAE-BC70-477C-9D64-D39122447CB1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{6A17B3B1-B612-4132-B5D5-F572B620A68C}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{0EF286D4-84EE-4945-8D99-115C674D3AD0}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{74392404-232F-444D-9C38-BA39F0DA364C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{127A960B-08BF-4937-86A4-316FA9B38DCA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{1CCA714D-45F0-4029-BD78-6D00F08A43CD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{C2130B57-2BFA-45C2-9E8D-6DB4C211A33D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{E7E9FDD6-F367-4D09-B089-002E1D9CAFCF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6C42164B-A073-4661-B9B9-2BE7E2B179A0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{4A13BA5B-1323-4C56-8513-28F4DE08F0C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ApocalypseWeekend\System\ApocalypseWeekend.exe
FirewallRules: [{A62E93FA-BC95-465F-A14A-94459651731E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ApocalypseWeekend\System\ApocalypseWeekend.exe
FirewallRules: [{586FE56D-9FAB-4249-A3E0-BE64543CA7D3}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{BF884D5C-098B-4D0B-A931-25061DBABAD4}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{8042B1A4-195E-4E26-9EC5-786F0B43271E}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{6580414E-97BD-44C1-A64B-11503B54D555}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{1EF2CC53-42B3-4CB4-95B4-13B89C61DD93}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{5CDE34F9-DD1C-40D2-9E0D-54693DBBE22B}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{0C14A072-409E-4968-98EE-1313FEBF5474}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A0C376F8-0D22-41C3-9760-3E465F03DAB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{13B409AA-03D2-4348-B196-168D096977F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4B76F4C8-1D1E-421F-A330-AC1244D36CED}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{93DA7922-6398-45B1-83BD-4FA25B9D3D8F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{866B7424-9427-44C2-BF53-035A3E889F8C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{77402F84-6803-448C-AE2E-DDD50BA737BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BD34614D-ADCF-4D24-9B17-534F9A43BD4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{A1D16131-5A95-407C-BBC9-F825E792CAEE}D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => (Allow) D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [UDP Query User{3D9D999C-74B9-47C5-A946-56A4DD14082C}D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => (Allow) D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [{3B14C5EA-7B8F-4E28-802B-7F7B7D877AF4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9CB7AE8C-F996-42F5-9553-F63B569721F1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C9DC6806-1EA6-4239-AA06-43FBE7B4CE20}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8847229E-F14E-463B-812B-F353EECBE06D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{FEF9F887-9BEB-46D1-B6C4-4020D1999A5D}D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{56ACBB8C-6F89-4DE4-88AE-2E45E9DAD9B1}D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [{E15E42F1-EEC5-4CDF-A7D7-1051FEA16BB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{80FBCBB1-2362-4436-B343-F66715206D56}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E25C2D15-1997-4E3F-8338-114E0305DBC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
FirewallRules: [{CCF1279E-8C23-40FC-9D6F-5B9B9F00508C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
FirewallRules: [{C6A9C98B-FC49-4D9D-AB38-5B7319FB69A9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{A706169A-DBA3-4596-B1FD-D801C9BB1825}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{AC789CF9-A303-47BD-B761-5D442C919494}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F21A6BB5-2635-4940-B9BF-01361FAB72ED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{93A4B8F6-E39B-4A05-9445-D1431A15DC2D}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{E9816897-8F4A-48EA-8C11-C42A2D9617FA}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{8B76EC21-BB5C-4E00-A1EC-6E181F0C23FE}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{4FD76A01-9415-4A2A-AA08-C41EB8E3E381}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{25B8E651-51BA-4698-84B1-0A303CF9F379}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{377DD0C5-393A-405C-B2EF-6A5C1A786E92}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\Rosetta Stone TOTALe.exe
FirewallRules: [{02D9DA10-E5E2-4498-AB4C-B40D39FFFD89}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{5F54FAC8-CB69-4D27-9548-1812DB8B4274}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{82FA8ED3-B413-4487-9EE5-7FA476C96A71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{421C714E-6F95-4663-AC2E-5559440FF727}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{CCD7B8C9-716D-410C-BAE6-23D19D1C2314}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{A717A2FC-860F-4E2C-A9FE-7498D8992D3A}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{C3F9B305-8BC9-455A-A086-1539580FC466}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{F85C4CA0-94C9-4096-8ADD-83B966666FBA}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{83B15348-B8C8-4DDB-A953-2AF28CE4ECBB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{50FCC96F-DAE5-4080-A43A-D5347475C133}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{CFCFBFCD-3067-45A5-B0B5-7F25EB1D090B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{6AD7B061-10CE-4E6A-9CBF-3D8EDEE07324}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{F48E80A6-D624-4514-822E-19D67ED2BC69}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{3B6D3582-044F-46A1-BCE4-0ECD06CAF6D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{BED4E547-E03B-42CA-8AAE-D889D9FACF6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{2E468B09-E137-46FB-98D7-34DC00C333BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{929B96C8-BB30-45E2-8C4D-67F003D00831}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3496ACD8-4A9A-4AD8-A5C7-317F0720080D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{639C5751-4241-4C6F-ABC1-EC24AEDE7275}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{315D1985-D72D-43F6-B085-544C64CFFB7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7F7C8A34-3EB4-4440-8CE8-E089CB98D1FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{6726B2D7-EE50-40AD-B07D-8BF1A43FD53A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{E9DE99EA-2E30-4CA7-B03D-BEAE05DAAFD8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{ADB9B820-FEF1-4EA4-B3DB-08C9B09D72EC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{92B651A6-7E41-4692-8536-5F04642FEB87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{81A733D8-F18D-481B-910D-617BD7DE26A4}D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{2F371CA9-215F-4D3A-A235-9E6E1C52A457}D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{B2E711EE-16DA-4B94-B39E-6A39C129FD67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{74A0F31F-EB8E-4201-96A7-51FA43B53049}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{16AE12E4-115E-4849-855F-32DD6286C905}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C9C49129-EE12-4018-9B8D-94A9D766147F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{BB5B96D5-3D2C-4A9B-89F6-B316D9C08BC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{6A29DE1C-451F-4B0E-B0AD-1F6EDC2AC3EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{98201F84-A77F-489F-B624-ED72E35B30FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{A70A99E2-73A8-4389-894B-38FE31FE461F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{E7340C6C-3894-486D-AAF4-F7EE375F686C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{8C37AD88-386B-4C93-81A5-8AA8D0242007}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{65F3BEFC-5D70-44E8-8D0A-EF1F9218F20B}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{74E3FA54-D568-4786-95F4-D70F41763673}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{42422D7C-7BC2-4EC1-A7C4-128B1310C1BD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{3917E3FE-39DA-4F46-BCD0-29F3199AE28B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{44179890-4A98-465B-9BFB-AC58712DBDFA}D:\games\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{F8C8C636-634E-405B-A614-37F0D519C8CE}D:\games\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\gw2.exe
FirewallRules: [{F2C3DAD8-F760-4342-AFB5-21768A7A1AEF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{409F07F5-630A-4DE1-B3BB-CA90C3AEA98E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{943528FB-7BE3-4BA4-AF17-68BBC20FF892}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{390BA2AD-D186-4034-B2F9-D17AC01C63B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [TCP Query User{722966E3-4E85-44D3-9D02-DFE80ECA1DD6}D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe] => (Block) D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [UDP Query User{4C133EE3-2E80-49F1-BDBD-D8B5C1D66B08}D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe] => (Block) D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [{350366D2-5F43-455B-8886-E553759DB557}] => (Allow) D:\Downloads\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{A7CC2804-D904-4D3C-98A4-8095B8B9A2A5}] => (Allow) D:\Downloads\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{0F59F4FF-2C1D-4668-A62A-3B237FF0EA33}] => (Allow) D:\Downloads\Dragon Age\tools\RPU.exe
FirewallRules: [{25650B00-C688-4997-812D-A9DA38EC635E}] => (Allow) D:\Downloads\Dragon Age\tools\RPU.exe
FirewallRules: [{C784BC3D-D43E-412D-AAC2-33447BA17CFF}] => (Allow) D:\Downloads\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [{336F5B60-7EA4-454A-9DDA-4473C157B77A}] => (Allow) D:\Downloads\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [TCP Query User{974D6F34-D942-4BB7-9125-50BA65424AD7}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [UDP Query User{EEF9B811-76EF-44BE-9942-AE38A8232A15}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{25F486DE-3124-4A03-9A15-658DBBB4716B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F4F3579F-C1D3-4C75-BF48-85FA1CF0E2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF63036B-E346-4D7D-9D8B-732173170D2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{47EE331D-2B7F-44F6-93AF-3A7FEFD3C25A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{75394979-87B0-4439-A684-683638C659FD}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F834FDC-D6EF-49AB-8129-9383EF23F72F}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0F4DAFBD-52B4-45C3-9C46-6A61C9779DE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{60CD3691-DAE8-4E09-AC97-92400C557C0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{011F936A-EE6E-47B2-802B-91EE7FABFA53}D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [UDP Query User{43EF2D69-F02F-4843-A3C6-165CEBBCC898}D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [{8D300A7F-33FB-40B3-BF73-EAEE4A661CFC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D437C575-FA84-4134-83FF-F334BBA577C2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [TCP Query User{5AEC509D-E07A-4363-8A44-A400B6ADE478}D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{0F90AB27-1560-496D-B68F-8FA362CF5777}D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [{25ACEFD4-1814-4A2A-9405-56C6F06ED4EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{8A1E9DEE-A3BF-49D6-B5A0-E0D0655A5C34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{710BD64B-C703-41CC-95EB-19B206C0719B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{1A546FC1-D0B4-4AAD-841A-8FABCDD871D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{20571518-0693-43D7-A5EB-83FAF66B29E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{A3011250-858A-4881-86B8-979678266503}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [TCP Query User{13410BC9-4C0B-4F4F-AF3F-B4D455C21C30}D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [UDP Query User{2943C021-5278-4E80-BB6C-890E679E9B40}D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{1103BEEC-9066-475E-A4AC-23D8D2753B97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{92FECCA3-3443-4915-A7BC-E56DB2421C53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{BD3626F5-2042-4EC0-849C-ADBFB43FA484}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{77C3C81F-69CD-40B6-A892-0302F0F82C37}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA938B6E-D6DE-47AB-9E5F-C958DCF75901}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{54ADD87D-C53C-4092-A231-A9B3E32CBB45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AED77D6-164D-4147-906A-27877F56CBB0}] => (Allow) D:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7CEF7A7F-5123-4267-B7F3-C9BE1112CD45}D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{0BFB461F-A440-42BD-9F76-937F7EDA178B}D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{893D1063-8C75-4299-8225-019427FD3E5A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{41A61AEC-3349-4614-87CD-F55F87FE3946}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{9260A945-63C9-4B51-AD66-639DFE236F3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{73A3D382-B8A5-4355-B729-D59154A48563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1B92CC88-6C48-42FF-BA9F-E51E91D92F03}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{2C6E3089-BD04-40AE-80BD-CE71F7AE282A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{CC2F9F08-17A0-4335-BE96-52375490B223}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{4E886C7F-2070-42CE-8A9B-6EED8380CF13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{CC538997-514D-4F66-AC29-C5FDCBEECC3A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{4F978A49-5712-464E-A2F9-1F2DECDDD70C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{52D9A1A2-6E4D-43A9-8087-B978894C9EE2}D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe] => (Block) D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe
FirewallRules: [UDP Query User{5F4590DC-2306-40AE-B1DF-52EDBD4E4633}D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe] => (Block) D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe
FirewallRules: [{2CED1D6A-3502-43DB-9932-9F0E34CC8569}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{2D03009B-DD1F-43C0-AAB6-4E5C96050F47}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{D253C664-72E3-4B5F-982B-A80404CD5CB5}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{F8DD63A3-0F1E-4C67-92B9-0CD4B8E9D3EB}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{42F6B230-1B0E-4023-AE65-2E3480E6FACB}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{C3F1A140-1EAD-4434-9144-71828418EA0C}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{8EA95A28-4967-47F5-BC04-9B272E0FE057}] => (Allow) D:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{83D87E5B-BDBF-43D4-9152-68913B8614D6}] => (Allow) D:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [TCP Query User{A5C77DFF-C8D7-40A7-8D4A-62DE80CC0E79}D:\program files (x86)\dying light\dyinglightgame.exe] => (Block) D:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{53DB70E5-CA1B-4F57-BDA3-FE691ED78BCB}D:\program files (x86)\dying light\dyinglightgame.exe] => (Block) D:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [{EE9D4FED-AEC6-408D-BB5D-3AAD609DB373}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{B11A01E4-BA1B-4A67-BDB3-37BB8B0A6BA1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{D0AE4AD0-1AC2-4CE4-A448-A854C1DBE9D9}D:\program files (x86)\thechineseroom\dear esther\dearesther.exe] => (Block) D:\program files (x86)\thechineseroom\dear esther\dearesther.exe
FirewallRules: [UDP Query User{258223E1-F27B-48BF-9194-F3BFB5E8F70F}D:\program files (x86)\thechineseroom\dear esther\dearesther.exe] => (Block) D:\program files (x86)\thechineseroom\dear esther\dearesther.exe
FirewallRules: [TCP Query User{F382CF67-4637-4018-9E9F-B4ADD8603278}D:\games\launcher\bethesda.net_launcher.exe] => (Allow) D:\games\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{4E2E6E9D-7D18-4576-9182-E87BB1365146}D:\games\launcher\bethesda.net_launcher.exe] => (Allow) D:\games\launcher\bethesda.net_launcher.exe
FirewallRules: [{3AE27273-FAB1-4A3D-A18C-EA6A458B3309}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5DDD4A36-ABF4-4FFE-857C-202EDE507462}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F18986CB-2F9F-44C8-9F45-2A895A54A468}] => (Allow) D:\Games\Hearthstone\Hearthstone.exe
FirewallRules: [{EF0FC17B-B91A-468B-99EE-2EB4C450137B}] => (Allow) D:\Games\Hearthstone\Hearthstone.exe
FirewallRules: [{442257FA-9A46-4AEC-9503-3D21DEBE1DC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{6618F859-019E-406A-BDF6-B494B0796ECC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{0007F8F4-B69E-47D7-95AE-47C5DF797B18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{30D0124E-8A64-4528-87AE-F1F1208A06EA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{87A35DF0-C652-4BEE-A862-9F542B40C87E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{063FFE2A-A23D-4EA8-9C68-3054BC783296}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CC5326C9-AF2C-425A-ACBD-A3EE31FD8555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{88896BDF-6AFC-41A4-B09D-E32C937D10D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{482A1D9C-C486-4658-AD8E-4D7F3A2A2BB2}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{3A7600BA-8557-49F9-978E-397B2DEC60BA}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{057195C2-CE48-44F1-87E0-7FCD349D0D18}] => (Allow) D:\Downloads\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{6713D87A-76B5-4569-BEEA-FD28203E8CFD}] => (Allow) D:\Downloads\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{060CC6F0-79AD-402B-9E71-6C18953812DA}] => (Allow) C:\Users\TSK\AppData\Local\Apps\2.0\RL7QCVJJ.8Q5\JRR2TL53.7ZV\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{388A117E-EF86-4A20-85AF-95B02F50F7CE}] => (Allow) C:\Users\TSK\AppData\Local\Apps\2.0\RL7QCVJJ.8Q5\JRR2TL53.7ZV\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{D482C428-6C0E-400B-B0F9-513ADC7D1AD7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{5A4179F4-7144-4A43-98FD-2A1CA3395A7B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{552EEF84-4CE8-480B-BCA6-2E5F8E09D693}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{ABD7ACDB-C06F-4682-966E-35BE6BB099DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{66B77B7B-B067-4570-A590-AE82F4B9A180}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{0D6AAC33-9EC3-4AD9-BF7A-4A07158A3BC8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{AD4102CC-B4E8-49A5-8D62-3F7200CDBAFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{46904335-AB5E-4F37-AAF3-A74697A39DA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6BDDD889-9CD9-4DBD-AD1C-6247C2F6C06A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
==================== Faulty Device Manager Devices =============
Name: WinI2C-DDC Kernel Mode Driver
Description: WinI2C-DDC Kernel Mode Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WinI2C-DDC
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/25/2015 10:21:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GalaxyClient Helper.exe, Version: 1.0.6.31, Zeitstempel: 0x55a8e976
Name des fehlerhaften Moduls: libcef.dll, Version: 3.1750.1638.0, Zeitstempel: 0x5321c89d
Ausnahmecode: 0x80000003
Fehleroffset: 0x00114d90
ID des fehlerhaften Prozesses: 0xd3c
Startzeit der fehlerhaften Anwendung: 0xGalaxyClient Helper.exe0
Pfad der fehlerhaften Anwendung: GalaxyClient Helper.exe1
Pfad des fehlerhaften Moduls: GalaxyClient Helper.exe2
Berichtskennung: GalaxyClient Helper.exe3
Error: (07/20/2015 07:47:55 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (07/19/2015 11:38:21 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5547614
Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5547614
Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5546616
Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5546616
Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/19/2015 06:36:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5545617
System errors:
=============
Error: (07/25/2015 11:02:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server (BWDATOOLSET)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/25/2015 11:02:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinI2C-DDC Kernel Mode Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/25/2015 10:23:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server (BWDATOOLSET)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/25/2015 10:23:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinI2C-DDC Kernel Mode Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SBSD Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (07/25/2015 10:21:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GalaxyClient Helper.exe1.0.6.3155a8e976libcef.dll3.1750.1638.05321c89d8000000300114d90d3c01d0c6b2ef88f23cD:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exeD:\Program Files (x86)\GalaxyClient\libcef.dll2f2c49b9-32a6-11e5-8b27-00aceb45131e
Error: (07/20/2015 07:47:55 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*d:\program files (x86)\spybot - search & destroy\DelZip179.dlld:\program files (x86)\spybot - search & destroy\DelZip179.dll8
Error: (07/19/2015 11:38:21 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5547614
Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5547614
Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5546616
Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5546616
Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/19/2015 06:36:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5545617
CodeIntegrity Errors:
===================================
Date: 2014-10-10 17:37:04.604
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\TSK\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:37:04.562
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\TSK\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:37:04.512
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:37:04.469
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 8109.11 MB
Available physical RAM: 5337.56 MB
Total Virtual: 16216.41 MB
Available Virtual: 13347.73 MB
==================== Drives ================================
Drive c: (Volume) (Fixed) (Total:55.9 GB) (Free:9.46 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:119.58 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (CARBOARDBOX) (Removable) (Total:0.99 GB) (Free:0.84 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 45C40761)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5B2849B1)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1011.8 MB) (Disk ID: 009EAF4A)
Partition 1: (Active) - (Size=1012 MB) - (Type=06)
==================== End of log ============================
|
|
25.07.2015, 11:11
| #6 |
| /// TB-Ausbilder | Festplatte füllt und leert sich selbstständig Servus, Scan mit Combofix
|
|
25.07.2015, 11:20
| #7 |
| | Festplatte füllt und leert sich selbstständigCode:
ATTFilter ComboFix 15-07-23.01 - TSK 25.07.2015 12:14:31.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8109.5992 [GMT 2:00]
ausgeführt von:: c:\users\TSK\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\TSK\AppData\Local\Temp\d12d05b4-91e4-4bef-b454-f07710dc01b4\CliSecureRT64.dll
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
D:\install.exe
D:\Setup.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-06-25 bis 2015-07-25 ))))))))))))))))))))))))))))))
.
.
2015-07-25 10:17 . 2015-07-25 10:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-25 09:56 . 2015-07-25 09:57 -------- d-----w- C:\FRST
2015-07-25 08:50 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC5D0CAB-57B7-4DF5-B031-E89E40B9A425}\mpengine.dll
2015-07-25 08:49 . 2015-07-15 03:19 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-25 08:49 . 2015-07-15 03:19 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-25 08:49 . 2015-07-15 03:19 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-25 08:49 . 2015-07-15 03:19 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-25 08:49 . 2015-07-15 02:55 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-25 08:49 . 2015-07-15 02:55 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-25 08:49 . 2015-07-15 02:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-25 08:49 . 2015-07-15 02:54 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-25 08:49 . 2015-07-15 01:59 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-25 08:49 . 2015-07-15 01:52 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-07-25 08:32 . 2015-07-25 08:32 -------- d-----w- c:\users\TSK\AppData\Roaming\JAM Software
2015-07-15 08:05 . 2015-06-20 19:57 49664 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-07-15 08:03 . 2015-07-04 18:07 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-11 10:55 . 2015-07-16 12:33 -------- d-----w- c:\users\TSK\AppData\Roaming\DVDVideoSoft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-16 07:56 . 2012-05-14 19:22 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-16 07:56 . 2012-05-14 19:22 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 06:43 . 2012-05-10 10:06 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-06-24 11:36 . 2015-04-16 17:35 1320120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-06-24 11:36 . 2015-04-16 17:35 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-06-24 11:36 . 2015-04-16 17:35 1571696 ----a-w- c:\windows\system32\nvspcap64.dll
2015-06-24 11:36 . 2015-04-16 17:35 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-06-23 23:31 . 2015-06-23 23:31 1615016 ----a-w- c:\windows\system32\FM20.DLL
2015-06-23 11:30 . 2012-05-06 19:15 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-05-19 03:29 . 2015-06-23 12:00 46768 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-05-19 03:14 . 2015-06-23 12:00 57520 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-05-19 03:14 . 2015-04-16 17:34 61616 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-05-13 06:52 . 2015-05-18 18:57 31552 ----a-w- c:\windows\system32\nvhdap64.dll
2015-05-13 06:52 . 2015-05-18 18:57 195912 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-05-13 06:52 . 2013-04-01 16:55 1558848 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-05-12 06:27 . 2015-05-18 18:57 982672 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-05-12 06:27 . 2015-05-18 18:57 974480 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-05-12 06:27 . 2015-05-18 18:57 939080 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-05-12 06:27 . 2015-05-18 18:57 502896 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2015-05-12 06:27 . 2015-05-18 18:57 42718864 ----a-w- c:\windows\system32\nvcompiler.dll
2015-05-12 06:27 . 2015-05-18 18:57 408208 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2015-05-12 06:27 . 2015-05-18 18:57 407296 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2015-05-12 06:27 . 2015-05-18 18:57 37741712 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-05-12 06:27 . 2015-05-18 18:57 364176 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2015-05-12 06:27 . 2015-05-18 18:57 30478992 ----a-w- c:\windows\system32\nvoglv64.dll
2015-05-12 06:27 . 2015-05-18 18:57 2932368 ----a-w- c:\windows\system32\nvcuvid.dll
2015-05-12 06:27 . 2015-05-18 18:57 2599056 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-05-12 06:27 . 2015-05-18 18:57 22945424 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-05-12 06:27 . 2015-05-18 18:57 1898312 ----a-w- c:\windows\system32\nvdispco6435286.dll
2015-05-12 06:27 . 2015-05-18 18:57 16145176 ----a-w- c:\windows\system32\nvopencl.dll
2015-05-12 06:27 . 2015-05-18 18:57 1557648 ----a-w- c:\windows\system32\nvdispgenco6435286.dll
2015-05-12 06:27 . 2015-05-18 18:57 150832 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-05-12 06:27 . 2015-05-18 18:57 14455296 ----a-w- c:\windows\system32\nvcuda.dll
2015-05-12 06:27 . 2015-05-18 18:57 13263568 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-05-12 06:27 . 2015-05-18 18:57 128512 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-05-12 06:27 . 2015-05-18 18:57 11790144 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-05-12 06:27 . 2015-05-18 18:57 1099808 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-05-12 06:27 . 2015-05-18 18:57 10972304 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-05-12 06:27 . 2015-05-18 18:57 1059984 ----a-w- c:\windows\system32\NvIFR64.dll
2015-05-12 06:27 . 2015-05-18 18:57 1050256 ----a-w- c:\windows\system32\NvFBC64.dll
2015-05-12 06:27 . 2015-04-16 17:34 3363224 ----a-w- c:\windows\system32\nvapi64.dll
2015-05-12 06:27 . 2015-04-16 17:34 12849056 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-05-12 06:27 . 2015-04-16 17:28 112784 ----a-w- c:\windows\system32\OpenCL.dll
2015-05-12 06:27 . 2015-04-16 17:28 105288 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-05-12 06:27 . 2014-11-18 15:19 2971776 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-05-12 06:27 . 2014-11-18 15:19 176064 ----a-w- c:\windows\system32\nvinitx.dll
2015-05-12 06:27 . 2014-11-18 15:19 17540416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-05-12 06:27 . 2014-11-18 15:19 15858728 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-05-12 06:27 . 2014-11-18 15:19 154256 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-05-12 06:27 . 2014-11-18 15:19 15048816 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-05-12 03:30 . 2015-04-16 17:28 937288 ----a-w- c:\windows\system32\nvvsvc.exe
2015-05-12 03:30 . 2015-04-16 17:28 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-05-12 03:30 . 2015-04-16 17:28 385352 ----a-w- c:\windows\system32\nvmctray.dll
2015-05-12 03:30 . 2015-04-16 17:28 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-05-12 03:30 . 2015-04-16 17:28 6872392 ----a-w- c:\windows\system32\nvcpl.dll
2015-05-12 03:30 . 2015-04-16 17:28 3490448 ----a-w- c:\windows\system32\nvsvc64.dll
2015-05-12 02:34 . 2015-05-18 18:57 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-05-11 17:01 . 2015-04-16 17:28 4391871 ----a-w- c:\windows\system32\nvcoproc.bin
2015-05-09 03:27 . 2015-06-09 20:54 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-09 03:27 . 2015-06-09 20:54 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-09 03:27 . 2015-06-09 20:54 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-09 03:27 . 2015-06-09 20:54 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-09 03:26 . 2015-06-09 20:54 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-09 03:26 . 2015-06-09 20:54 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-09 03:26 . 2015-06-09 20:54 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-09 03:25 . 2015-06-09 20:54 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-09 03:20 . 2015-06-09 20:54 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 03:13 . 2015-06-09 20:54 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-09 03:13 . 2015-06-09 20:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-09 03:13 . 2015-06-09 20:54 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-09 03:12 . 2015-06-09 20:54 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-09 03:12 . 2015-06-09 20:54 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-09 03:08 . 2015-06-09 20:54 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 151576 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"SpybotSD TeaTimer"="d:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SteelSeries Engine"="c:\program files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" [2013-02-06 239104]
"GalaxyClient"="d:\program files (x86)\GalaxyClient\GalaxyClient.exe" [2015-07-20 7247416]
"Dropbox Update"="c:\users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-17 134512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2014-09-01 152392]
"PDFPrint"="d:\program files (x86)\PDF24\pdf24.exe" [2014-11-28 193568]
.
c:\users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 43871968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);d:\downloads\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe;d:\downloads\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
R2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
R3 GalaxyClientService;GalaxyClientService;d:\program files (x86)\GalaxyClient\GalaxyClientService.exe;d:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x]
R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Origin Client Service;Origin Client Service;d:\program files (x86)\Origin\OriginClientService.exe;d:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SEE;SoftEther Ethernet Layer Driver;c:\windows\system32\drivers\see.sys;c:\windows\SYSNATIVE\drivers\see.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;d:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;d:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [x]
S3 busenum;SteelBusSvc;c:\windows\system32\DRIVERS\SteelBus64.sys;c:\windows\SYSNATIVE\DRIVERS\SteelBus64.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0025.sys;c:\windows\SYSNATIVE\DRIVERS\Neo_0025.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys;c:\windows\SYSNATIVE\DRIVERS\SAlpham64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 39676603
*NewlyCreated* - 55436216
*Deregistered* - 39676603
*Deregistered* - 55436216
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-14 17:43 991048 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 07:56]
.
2015-07-25 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job
- c:\users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 15:06]
.
2015-07-25 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job
- c:\users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 15:06]
.
2015-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 17:44]
.
2015-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 17:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 184856 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 184856 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 184856 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 184856 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 184856 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 184856 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 184856 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30 184856 ----a-w- c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-24 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-24 1571696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mDefault_Page_URL = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zenimax Launcher.lnk - d:\program files (x86)\Zenimax Online\Launcher\Bethesda.net_Launcher.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-ContentMod_2.5 - d:\program files (x86)\Steam\steamapps\common\Gothic 3\Uninstall_CM_2.6.exe
AddRemove-Realistic Colors and Real Nights 3.0.1 - HDR Edition - - d:\program files (x86)\Steam\steamapps\common\skyrim\Uninstall-RCRN.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-25 12:18:38
ComboFix-quarantined-files.txt 2015-07-25 10:18
.
Vor Suchlauf: 9.974.759.424 Bytes frei
Nach Suchlauf: 9.841.053.696 Bytes frei
.
- - End Of File - - 1504BAB96671EE4DB42034ABDB0D7441
|
|
26.07.2015, 08:18
| #8 |
| /// TB-Ausbilder | Festplatte füllt und leert sich selbstständig Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
26.07.2015, 09:46
| #9 |
| | Festplatte füllt und leert sich selbstständigCode:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 26/07/2015 um 10:32:45
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-09.2 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : TSK - TSK-PC
# Gestarted von : C:\Users\TSK\Desktop\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v
-\\ Google Chrome v43.0.2357.134
[C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=dspp&ts=1400433733&from=cor&uid=OCZ-AGILITY3_OCZ-4P4QI634PS92FC1V&q={searchTerms}
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [7321 Bytes] - [06/07/2014 10:37:57]
AdwCleaner[R1].txt - [3018 Bytes] - [25/07/2015 10:21:03]
AdwCleaner[R2].txt - [1419 Bytes] - [26/07/2015 10:31:40]
AdwCleaner[S0].txt - [7286 Bytes] - [06/07/2014 10:38:11]
AdwCleaner[S1].txt - [2995 Bytes] - [25/07/2015 10:22:17]
AdwCleaner[S2].txt - [1339 Bytes] - [26/07/2015 10:32:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1398 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 26.07.2015 Suchlauf-Zeit: 10:35:19 Logdatei: malwaer bytes.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.03.09.05 Rootkit Datenbank: v2015.02.25.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: TSK Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 370740 Verstrichene Zeit: 4 Min, 14 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 7 Home Premium x64
Ran by TSK on 26.07.2015 at 10:40:44,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully deleted: [Service] wcuservice_stc_ie [Reboot required]
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Successfully deleted: [File] C:\Users\TSK\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.lyricsfreak.com_0.localstorage
Successfully deleted: [File] C:\Users\TSK\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.lyricsfreak.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\TSK\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\TSK\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage-journal
~~~ Folders
Successfully deleted: [Folder] C:\Users\TSK\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Users\TSK\AppData\Roaming\0F1L1I1P0H1L1E1E1F
~~~ Chrome
[C:\Users\TSK\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\TSK\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gkojfkhlekighikafcpjkiklfbnlmeio
[C:\Users\TSK\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\TSK\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.07.2015 at 10:42:48,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
durchgeführt von TSK (Administrator) auf TSK-PC (26-07-2015 10:43:55)
Gestartet von C:\Users\TSK\Desktop
Geladene Profile: TSK (Verfügbare Profile: TSK)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [SpybotSD TeaTimer] => D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [239104 2013-02-06] (SteelSeries ApS)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7247416 2015-07-20] (GOG.com)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [Dropbox Update] => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
Startup: C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-05-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {269C069F-43BD-4245-8ADB-8EE265057163} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {6A2FA341-331E-421e-9B67-5C00501C6F1D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {AE27EA29-0A68-4bee-98A4-623994B4BDE3} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0643C37E-5534-4489-941C-0F6F78949918}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A8FD029E-32DA-4DA6-A0EC-3BAC3E53C00E}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default
FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/971030084/proxy.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\system32\npdeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2232650930-980712706-877487117-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll Keine Datei
FF Extension: GFACE Experience Plugin - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: FoxyProxy Standard - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\foxyproxy@eric.h.jung [2015-01-04]
FF Extension: Premiumize.me - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2015-01-04]
FF Extension: web Player - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{07a56c5c-9aba-46d7-876a-2aaab7932900}.xpi [2014-06-15]
FF Extension: {b26ec7aa-f2b6-4ddc-800e-5c43e181fe95} - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{b26ec7aa-f2b6-4ddc-800e-5c43e181fe95}.xpi [2014-06-11]
FF Extension: Adblock Plus - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-24]
Chrome:
=======
CHR Profile: C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18]
CHR Extension: (Google Drive) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18]
CHR Extension: (YouTube) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18]
CHR Extension: (Google Search) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-02-14]
CHR Extension: (Hola Better Internet Engine) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-11-16]
CHR Extension: (SciLor's Grooveshark(tm) Unlocker) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob [2014-04-18]
CHR Extension: (AdBlock) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Gmail) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-20] (GOG.com)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 MSSQL$BWDATOOLSET; D:\Downloads\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-09-18] ()
S2 SBSDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-06] (DT Soft Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0025.sys [28768 2014-11-18] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-01-10] (SteelSeries Corporation)
S3 SEE; C:\Windows\System32\drivers\see.sys [38240 2014-11-18] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [Datei ist nicht signiert]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S2 WinI2C-DDC; \??\C:\Windows\system32\drivers\DDCDrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-26 10:43 - 2015-07-26 10:43 - 00000000 ____D C:\Users\TSK\Desktop\FRST-OlderVersion
2015-07-26 10:42 - 2015-07-26 10:42 - 00002064 _____ C:\Users\TSK\Desktop\JRT.txt
2015-07-26 10:39 - 2015-07-26 10:39 - 00001217 _____ C:\Users\TSK\Desktop\malwaer bytes.txt
2015-07-26 10:35 - 2015-07-26 10:35 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-26 10:34 - 2015-07-26 10:34 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-26 10:34 - 2015-07-26 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-26 10:34 - 2015-07-26 10:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-26 10:34 - 2015-07-26 10:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-26 10:34 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-26 10:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-26 10:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-26 10:33 - 2015-07-26 10:33 - 00001478 _____ C:\Users\TSK\Desktop\AdwCleaner[S2].txt
2015-07-26 10:31 - 2015-07-26 10:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\TSK\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-26 10:31 - 2015-07-26 10:30 - 02248704 _____ C:\Users\TSK\Desktop\AdwCleaner_4.208.exe
2015-07-26 10:31 - 2015-07-26 10:30 - 01798288 _____ (Malwarebytes Corporation) C:\Users\TSK\Desktop\JRT.exe
2015-07-25 15:01 - 2015-07-25 15:01 - 00000000 ____D C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-25 12:55 - 2015-07-25 12:55 - 00000000 ____D C:\Users\TSK\AppData\Local\CEF
2015-07-25 12:18 - 2015-07-25 12:18 - 00032621 _____ C:\ComboFix.txt
2015-07-25 12:12 - 2015-07-25 12:18 - 00000000 ____D C:\Qoobox
2015-07-25 12:12 - 2015-07-25 12:17 - 00000000 ____D C:\Windows\erdnt
2015-07-25 12:12 - 2015-07-25 12:12 - 05633622 ____R (Swearware) C:\Users\TSK\Desktop\ComboFix.exe
2015-07-25 12:12 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-25 12:12 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-25 12:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-25 11:56 - 2015-07-26 10:44 - 00022568 _____ C:\Users\TSK\Desktop\FRST.txt
2015-07-25 11:56 - 2015-07-26 10:43 - 00000000 ____D C:\FRST
2015-07-25 11:55 - 2015-07-26 10:43 - 02146816 _____ (Farbar) C:\Users\TSK\Desktop\FRST64.exe
2015-07-25 11:55 - 2015-07-25 11:55 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\TSK\Desktop\tdsskiller.exe
2015-07-25 10:49 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-25 10:49 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-25 10:49 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-25 10:49 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-25 10:32 - 2015-07-25 10:32 - 00000000 ____D C:\Users\TSK\AppData\Roaming\JAM Software
2015-07-25 10:32 - 2015-07-25 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-07-25 10:28 - 2015-07-25 10:28 - 00096362 _____ C:\Users\TSK\Desktop\OTL.Txt
2015-07-25 10:23 - 2015-07-25 10:23 - 00002995 _____ C:\Users\TSK\Desktop\AdwCleaner[S1].txt
2015-07-16 16:35 - 2015-07-26 10:33 - 00003192 _____ C:\Windows\setupact.log
2015-07-16 16:35 - 2015-07-16 16:35 - 00000000 _____ C:\Windows\setuperr.log
2015-07-15 11:19 - 2015-07-16 09:24 - 00000000 ____D C:\Users\TSK\Documents\Darkest
2015-07-15 10:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 10:06 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 10:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 10:06 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 10:06 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 10:06 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 10:06 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 10:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 10:06 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 10:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 10:06 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 10:06 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 10:06 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 10:06 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 10:06 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 10:06 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 10:06 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 10:06 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 10:06 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 10:06 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 10:06 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 10:05 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 10:05 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 10:05 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 10:05 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 10:05 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 10:05 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 10:05 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 10:05 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:05 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 10:05 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 10:05 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 10:05 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 10:05 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 10:05 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:05 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 10:05 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:05 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 10:05 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 10:05 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 10:05 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 10:05 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 10:05 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 10:05 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 10:05 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 10:05 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 10:05 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 10:05 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 10:05 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 10:05 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 10:05 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 10:05 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 10:05 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 10:05 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 10:05 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 10:05 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 10:05 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 10:05 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 10:05 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 10:05 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 10:05 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 10:05 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 10:05 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 10:05 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 10:05 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 10:03 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 10:03 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 10:03 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 10:03 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 10:03 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 10:03 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 10:03 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 10:03 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 10:03 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 10:03 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 10:03 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 10:03 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 10:03 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 10:03 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 10:03 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 10:03 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 10:03 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 10:03 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 10:03 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 10:03 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 10:03 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 10:03 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 10:03 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 10:03 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 10:03 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 10:03 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 10:03 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-13 14:12 - 2015-07-13 14:12 - 00000000 ____D C:\Users\TSK\Documents\Telltale Games
2015-07-11 12:55 - 2015-07-16 14:33 - 00000000 ____D C:\Users\TSK\AppData\Roaming\DVDVideoSoft
2015-07-10 21:52 - 2015-07-10 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS
2015-06-27 12:29 - 2015-06-27 12:29 - 00000736 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-26 10:44 - 2015-05-17 21:59 - 01606392 _____ C:\Windows\WindowsUpdate.log
2015-07-26 10:41 - 2009-07-14 06:45 - 00020208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-26 10:41 - 2009-07-14 06:45 - 00020208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-26 10:39 - 2009-07-14 19:58 - 00749336 _____ C:\Windows\system32\perfh007.dat
2015-07-26 10:39 - 2009-07-14 19:58 - 00168106 _____ C:\Windows\system32\perfc007.dat
2015-07-26 10:39 - 2009-07-14 07:13 - 01761708 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-26 10:33 - 2015-04-16 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-26 10:33 - 2014-04-18 19:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-26 10:33 - 2012-05-06 20:52 - 00000000 ____D C:\Users\TSK\AppData\Roaming\Dropbox
2015-07-26 10:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-26 10:32 - 2014-07-06 10:37 - 00000000 ____D C:\AdwCleaner
2015-07-26 10:28 - 2015-06-17 17:06 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job
2015-07-26 10:28 - 2014-04-18 19:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-26 10:27 - 2012-05-14 21:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 15:05 - 2015-06-15 20:46 - 00003514 _____ C:\Windows\PFRO.log
2015-07-25 12:18 - 2015-03-27 15:55 - 00000000 ____D C:\Users\TSK\AppData\Local\Apps\2.0
2015-07-25 12:17 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-25 11:18 - 2015-06-17 17:06 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job
2015-07-25 11:13 - 2015-06-17 17:06 - 00004186 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA
2015-07-25 11:13 - 2015-06-17 17:06 - 00003790 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core
2015-07-25 11:01 - 2009-07-14 06:45 - 00408520 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-25 10:53 - 2015-05-17 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-07-25 10:35 - 2012-05-06 20:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-16 09:56 - 2012-05-14 21:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 09:56 - 2012-05-14 21:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 09:56 - 2012-05-14 21:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 09:41 - 2014-04-18 19:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 09:41 - 2014-04-18 19:44 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 09:35 - 2015-01-04 13:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 09:35 - 2014-12-07 10:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 15:10 - 2012-05-06 20:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 15:07 - 2013-08-14 22:34 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 11:19 - 2015-05-02 17:02 - 00000000 ____D C:\Users\TSK\AppData\Roaming\NVIDIA
2015-07-15 11:19 - 2012-12-01 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-11 12:53 - 2015-06-15 10:41 - 00036794 _____ C:\Windows\DirectX.log
2015-07-11 12:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-06 23:20 - 2012-05-06 20:58 - 00000000 ____D C:\Windows\Minidump
2015-07-03 08:43 - 2012-05-10 12:06 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-01 10:12 - 2015-05-19 08:02 - 00000000 ____D C:\Users\TSK\Documents\The Witcher 3
2015-06-27 12:30 - 2012-05-07 14:05 - 00000000 ____D C:\Users\TSK\Documents\Nexus Mod Manager
2015-06-27 12:30 - 2012-05-06 22:37 - 00000000 ____D C:\Users\TSK\AppData\Local\Skyrim
2015-06-27 12:29 - 2014-11-09 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-01-07 23:25 - 2014-01-07 23:25 - 0000037 ___SH () C:\Users\TSK\AppData\Local\70149b02515b3bb20dd492.47983420
Einige Dateien in TEMP:
====================
C:\Users\TSK\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy1s4v0.dll
C:\Users\TSK\AppData\Local\Temp\Quarantine.exe
C:\Users\TSK\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-25 14:05
==================== Ende von log ============================
|
|
26.07.2015, 09:47
| #10 |
| | Festplatte füllt und leert sich selbstständigCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-07-2015
durchgeführt von TSK an 2015-07-26 10:44:09
Gestartet von C:\Users\TSK\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2232650930-980712706-877487117-500 - Administrator - Disabled)
Gast (S-1-5-21-2232650930-980712706-877487117-501 - Limited - Enabled)
TSK (S-1-5-21-2232650930-980712706-877487117-1000 - Administrator - Enabled) => C:\Users\TSK
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1998142718.48.56.41167770 - Audible, Inc.)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - )
ContentMod2.6 (HKLM-x32\...\ContentMod_2.6) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
Curse Client (HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version: - )
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
Dropbox (HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Knights of Honor (HKLM-x32\...\Steam App 25830) (Version: - Black Sea Studios Ltd)
Leviathan: Warships (HKLM-x32\...\Steam App 202270) (Version: - Pieces Interactive)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mumble 1.3.0 (HKLM\...\{5CF49B6B-598B-4944-8A8E-B1B34E6ECB6F}) (Version: 1.3.0 - The Mumble team)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.7 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Parallels runtime modules (x32 Version: 1.00.0000 - Parallels) Hidden
Parallels USB Driver (x32 Version: 6.00.23350 - Parallels) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Penny Arcade's On the Rain-Slick Precipice of Darkness 4 (HKLM-x32\...\Steam App 237570) (Version: - Zeboyd Games)
Postal 2 - Apocalypse Weekend (HKLM-x32\...\Postal 2 - Apocalypse Weekend) (Version: - )
Postal 2 - Share The Pain (HKLM-x32\...\Postal 2 - Share The Pain) (Version: - )
Realistic Colors and Real Nights 3.0.1 - HDR Edition - (HKLM-x32\...\Realistic Colors and Real Nights 3.0.1 - HDR Edition -) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SnapAPI (x32 Version: 4.2.709 - Acronis) Hidden
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version: - SSC Localization Group)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.7.3047.30645 - SteelSeries)
Tales from the Borderlands (HKLM-x32\...\1432213337_is1) (Version: 2.1.0.2 - GOG.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.7.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
TripleA Version 1_7_0_3 (HKLM-x32\...\TripleAVersion1_7_0_3) (Version: - )
TripleA Version 1_8_0_3 (HKLM-x32\...\TripleAVersion1_8_0_3) (Version: - )
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Datacolor (Spyder3) USB (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{9e177f9e-27b6-4a84-9037-eab4b82868e3}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
ATTENTION: Systemwiederherstellung ist deaktiviert
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-07-25 12:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E4558E8-1388-4CB2-8499-9BA89236AA30} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {1609CAE3-61A6-4EC9-8CBB-44AC9B153B6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {6EE1111F-D08B-4B71-BE34-766B1AD60053} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {7E57F72C-F856-4227-A3E0-6E8089F0CC31} - System32\Tasks\{7C29FCC2-7733-474E-9577-EF1F9F2369E1} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {96FCD9BF-49CD-4801-B7FF-F56D16AB088F} - System32\Tasks\{4A483AA4-33C3-4A41-8E61-430241C68B28} => pcalua.exe -a "D:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries\Launcher.exe" -d "D:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries"
Task: {9DEF66E7-BA9C-4E37-9858-CB01D59AFBB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AB02F77F-807A-4B3A-A242-10E47B69D3CB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {C5E47D3B-3B80-4F50-9564-BB626F49FC4E} - System32\Tasks\{A0F26065-B8E6-43EC-AEA7-DD1A05A66449} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {DECCCFA2-6E7F-4879-B8D6-BAADF6471504} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {F1FF2A19-9D5F-4282-A04E-FB8EC18EA7CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {F2D2070C-D795-45A1-9210-1179BFB074E9} - System32\Tasks\{0A9F147B-8610-4C94-BC48-E425BFDBD47E} => pcalua.exe -a "D:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/39500
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-06 20:43 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-14 19:43 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 19:43 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\TSK\Desktop\aWZ2wEK_460s.jpg:com.dropbox.attributes
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. The "AlternateShell" value will be restored.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7865 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: SCBackService => 2
MSCONFIG\Services: WCUService_STC_IE => 2
MSCONFIG\startupfolder: C:^Users^TSK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EIZO EasyPIX.lnk => C:\Windows\pss\EIZO EasyPIX.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EasyPIXCore => "D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe"
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: STCAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
MSCONFIG\startupreg: ZyngaGamesAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{D0D30725-FFDD-43A6-A681-582C84F5387A}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3AE695D4-4665-4152-961C-DC32916E3DE4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E0B9DA6-2ECD-4F30-872A-F545A8A4724B}] => (Allow) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5D593C93-F9EB-489E-8DC6-E015FB22160F}] => (Allow) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{BAABF21E-5B3A-4DA3-8A69-955571F36797}C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe] => (Allow) C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe
FirewallRules: [UDP Query User{9DCD5E7B-FAF8-4872-BB35-3004CE9DAC72}C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe] => (Allow) C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe
FirewallRules: [TCP Query User{BCF8E1C4-F015-4D5D-861F-595BC74FFF00}D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{D9C15FEB-69D8-4250-9F38-BAFAABC0D905}D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{B201688A-47B4-4073-9369-078D7334CF2D}C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6533D624-16F8-419A-8904-5E6B9BD20601}C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4B024105-6E0E-441D-917D-4BBC5E09FF53}D:\downloads\diablo-iii-8370-dede-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [UDP Query User{FD25BEF3-DD2A-4E48-9B39-B4B47F447065}D:\downloads\diablo-iii-8370-dede-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [{6853CD0B-B222-48FA-960C-F2602A73CCA3}] => (Allow) D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe
FirewallRules: [{E915AEE6-8A39-45FF-8F6A-AFBA07EB0630}] => (Allow) D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe
FirewallRules: [{3D389463-6911-410D-B81B-912767978CD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{14264450-AB67-44A8-9C42-A85EC10E23C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{AE523EF3-A9CA-41C4-8197-29292AD0FC5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{DFD7446D-1FAB-48F3-A876-75AA61D724C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [TCP Query User{21A2ECC1-8960-4736-B5EE-4E4AE0E49E57}D:\program files\eizo\eizo easypix core\ep_eacore.exe] => (Allow) D:\program files\eizo\eizo easypix core\ep_eacore.exe
FirewallRules: [UDP Query User{D1AE69D7-23F0-4906-AF46-BCFA5666C89C}D:\program files\eizo\eizo easypix core\ep_eacore.exe] => (Allow) D:\program files\eizo\eizo easypix core\ep_eacore.exe
FirewallRules: [TCP Query User{654FC5D9-BA8A-4A67-AE5A-2A6420A691B3}D:\downloads\diablo-iii-8370-engb-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-engb-installer-downloader.exe
FirewallRules: [UDP Query User{8E11BFFC-4D44-4B37-99E2-9FE442F09137}D:\downloads\diablo-iii-8370-engb-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-engb-installer-downloader.exe
FirewallRules: [{8D99FC34-3390-4CFD-9E5F-34D9C5CAEABF}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{95644706-F3A2-4CBD-AEA7-1B22485C884B}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E3839F1D-72FE-4503-A5C7-CC0B06007619}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{021982FF-B36A-4EA3-859A-D37AECFFCC43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{E2EDF72B-D8A7-439F-89A1-692F3592C0B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [{DD0C543E-772E-4D62-A259-A1E6962D2722}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [TCP Query User{FCF8243B-7A67-4440-B37A-72D8E0919B2B}C:\users\tsk\appdata\local\temp\gw2.exe] => (Allow) C:\users\tsk\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{B184EC7C-F6EA-47EF-AD8D-3A0C7B40BCD9}C:\users\tsk\appdata\local\temp\gw2.exe] => (Allow) C:\users\tsk\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{F9C9D214-3430-4073-9930-7EC18CE17EED}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{12C4455A-F857-421F-93A6-9052135501B4}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [{A145F7E5-804F-400E-BC43-3A140FED5BC5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{6AC240D7-BC97-4897-B4FA-B6F1FE3F83EB}D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{D716C1AB-5460-4D32-83F6-F0DE2A397FD7}D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{1A0A46A9-666A-43E9-ACCB-38D49A872ED1}D:\jdownloader\jre\bin\javaw.exe] => (Allow) D:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4ADBA8C0-E3C8-4F2A-BC5E-57C2965B8B27}D:\jdownloader\jre\bin\javaw.exe] => (Allow) D:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{0F4C77D0-6E68-471A-A4FA-466E55072DD7}D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{9B8BC567-4EAB-487A-84C9-9CDFA6B44445}D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{037441F9-ED70-4CF8-8AE8-DD4C2C423B13}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{FF0FA164-8276-49C7-BC5E-6D56D21F4C33}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{F5A4EB06-757A-431B-B4D5-7EBD9F8595D4}D:\downloads\dead space 2\deadspace2.exe] => (Allow) D:\downloads\dead space 2\deadspace2.exe
FirewallRules: [UDP Query User{B00F2B16-7933-45A7-ACCC-DB9A2C80F31E}D:\downloads\dead space 2\deadspace2.exe] => (Allow) D:\downloads\dead space 2\deadspace2.exe
FirewallRules: [{6B14C0AF-AD0F-42F2-8A7A-051064A5DF04}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{EF908D24-7CB8-4888-B595-2874D3E5C123}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{906D5D74-1CF5-4511-871D-F5868562E67F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{59082A65-FAAA-4512-BB5E-86BB3EA38639}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{B3126EA9-EAFF-493A-B6AB-9AE584F7961D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS_Demo\bin\SteamDemoCastlevaniaLoSUE.exe
FirewallRules: [{E720B376-4D90-4BC5-85E9-AF6045F1A90E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS_Demo\bin\SteamDemoCastlevaniaLoSUE.exe
FirewallRules: [{67D5DADC-2CE7-4ECB-B93C-EE2EEC4567C1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{A5D87FAE-BC70-477C-9D64-D39122447CB1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{6A17B3B1-B612-4132-B5D5-F572B620A68C}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{0EF286D4-84EE-4945-8D99-115C674D3AD0}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{74392404-232F-444D-9C38-BA39F0DA364C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{127A960B-08BF-4937-86A4-316FA9B38DCA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{1CCA714D-45F0-4029-BD78-6D00F08A43CD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{C2130B57-2BFA-45C2-9E8D-6DB4C211A33D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{E7E9FDD6-F367-4D09-B089-002E1D9CAFCF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6C42164B-A073-4661-B9B9-2BE7E2B179A0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{4A13BA5B-1323-4C56-8513-28F4DE08F0C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ApocalypseWeekend\System\ApocalypseWeekend.exe
FirewallRules: [{A62E93FA-BC95-465F-A14A-94459651731E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ApocalypseWeekend\System\ApocalypseWeekend.exe
FirewallRules: [{586FE56D-9FAB-4249-A3E0-BE64543CA7D3}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{BF884D5C-098B-4D0B-A931-25061DBABAD4}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{8042B1A4-195E-4E26-9EC5-786F0B43271E}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{6580414E-97BD-44C1-A64B-11503B54D555}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{1EF2CC53-42B3-4CB4-95B4-13B89C61DD93}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{5CDE34F9-DD1C-40D2-9E0D-54693DBBE22B}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{0C14A072-409E-4968-98EE-1313FEBF5474}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A0C376F8-0D22-41C3-9760-3E465F03DAB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{13B409AA-03D2-4348-B196-168D096977F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4B76F4C8-1D1E-421F-A330-AC1244D36CED}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{93DA7922-6398-45B1-83BD-4FA25B9D3D8F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{866B7424-9427-44C2-BF53-035A3E889F8C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{77402F84-6803-448C-AE2E-DDD50BA737BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BD34614D-ADCF-4D24-9B17-534F9A43BD4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{A1D16131-5A95-407C-BBC9-F825E792CAEE}D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => (Allow) D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [UDP Query User{3D9D999C-74B9-47C5-A946-56A4DD14082C}D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => (Allow) D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [{3B14C5EA-7B8F-4E28-802B-7F7B7D877AF4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9CB7AE8C-F996-42F5-9553-F63B569721F1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C9DC6806-1EA6-4239-AA06-43FBE7B4CE20}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8847229E-F14E-463B-812B-F353EECBE06D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{FEF9F887-9BEB-46D1-B6C4-4020D1999A5D}D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{56ACBB8C-6F89-4DE4-88AE-2E45E9DAD9B1}D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [{E15E42F1-EEC5-4CDF-A7D7-1051FEA16BB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{80FBCBB1-2362-4436-B343-F66715206D56}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E25C2D15-1997-4E3F-8338-114E0305DBC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
FirewallRules: [{CCF1279E-8C23-40FC-9D6F-5B9B9F00508C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
FirewallRules: [{C6A9C98B-FC49-4D9D-AB38-5B7319FB69A9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{A706169A-DBA3-4596-B1FD-D801C9BB1825}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{AC789CF9-A303-47BD-B761-5D442C919494}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F21A6BB5-2635-4940-B9BF-01361FAB72ED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{93A4B8F6-E39B-4A05-9445-D1431A15DC2D}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{E9816897-8F4A-48EA-8C11-C42A2D9617FA}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{8B76EC21-BB5C-4E00-A1EC-6E181F0C23FE}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{4FD76A01-9415-4A2A-AA08-C41EB8E3E381}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{25B8E651-51BA-4698-84B1-0A303CF9F379}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{377DD0C5-393A-405C-B2EF-6A5C1A786E92}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\Rosetta Stone TOTALe.exe
FirewallRules: [{02D9DA10-E5E2-4498-AB4C-B40D39FFFD89}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{5F54FAC8-CB69-4D27-9548-1812DB8B4274}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{82FA8ED3-B413-4487-9EE5-7FA476C96A71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{421C714E-6F95-4663-AC2E-5559440FF727}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{CCD7B8C9-716D-410C-BAE6-23D19D1C2314}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{A717A2FC-860F-4E2C-A9FE-7498D8992D3A}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{C3F9B305-8BC9-455A-A086-1539580FC466}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{F85C4CA0-94C9-4096-8ADD-83B966666FBA}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{83B15348-B8C8-4DDB-A953-2AF28CE4ECBB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{50FCC96F-DAE5-4080-A43A-D5347475C133}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{CFCFBFCD-3067-45A5-B0B5-7F25EB1D090B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{6AD7B061-10CE-4E6A-9CBF-3D8EDEE07324}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{F48E80A6-D624-4514-822E-19D67ED2BC69}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{3B6D3582-044F-46A1-BCE4-0ECD06CAF6D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{BED4E547-E03B-42CA-8AAE-D889D9FACF6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{2E468B09-E137-46FB-98D7-34DC00C333BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{929B96C8-BB30-45E2-8C4D-67F003D00831}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3496ACD8-4A9A-4AD8-A5C7-317F0720080D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{639C5751-4241-4C6F-ABC1-EC24AEDE7275}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{315D1985-D72D-43F6-B085-544C64CFFB7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7F7C8A34-3EB4-4440-8CE8-E089CB98D1FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{6726B2D7-EE50-40AD-B07D-8BF1A43FD53A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{E9DE99EA-2E30-4CA7-B03D-BEAE05DAAFD8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{ADB9B820-FEF1-4EA4-B3DB-08C9B09D72EC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{92B651A6-7E41-4692-8536-5F04642FEB87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{81A733D8-F18D-481B-910D-617BD7DE26A4}D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{2F371CA9-215F-4D3A-A235-9E6E1C52A457}D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{B2E711EE-16DA-4B94-B39E-6A39C129FD67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{74A0F31F-EB8E-4201-96A7-51FA43B53049}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{16AE12E4-115E-4849-855F-32DD6286C905}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C9C49129-EE12-4018-9B8D-94A9D766147F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{BB5B96D5-3D2C-4A9B-89F6-B316D9C08BC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{6A29DE1C-451F-4B0E-B0AD-1F6EDC2AC3EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{98201F84-A77F-489F-B624-ED72E35B30FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{A70A99E2-73A8-4389-894B-38FE31FE461F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{E7340C6C-3894-486D-AAF4-F7EE375F686C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{8C37AD88-386B-4C93-81A5-8AA8D0242007}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{65F3BEFC-5D70-44E8-8D0A-EF1F9218F20B}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{74E3FA54-D568-4786-95F4-D70F41763673}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{42422D7C-7BC2-4EC1-A7C4-128B1310C1BD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{3917E3FE-39DA-4F46-BCD0-29F3199AE28B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{44179890-4A98-465B-9BFB-AC58712DBDFA}D:\games\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{F8C8C636-634E-405B-A614-37F0D519C8CE}D:\games\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\gw2.exe
FirewallRules: [{F2C3DAD8-F760-4342-AFB5-21768A7A1AEF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{409F07F5-630A-4DE1-B3BB-CA90C3AEA98E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{943528FB-7BE3-4BA4-AF17-68BBC20FF892}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{390BA2AD-D186-4034-B2F9-D17AC01C63B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [TCP Query User{722966E3-4E85-44D3-9D02-DFE80ECA1DD6}D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe] => (Block) D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [UDP Query User{4C133EE3-2E80-49F1-BDBD-D8B5C1D66B08}D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe] => (Block) D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [{350366D2-5F43-455B-8886-E553759DB557}] => (Allow) D:\Downloads\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{A7CC2804-D904-4D3C-98A4-8095B8B9A2A5}] => (Allow) D:\Downloads\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{0F59F4FF-2C1D-4668-A62A-3B237FF0EA33}] => (Allow) D:\Downloads\Dragon Age\tools\RPU.exe
FirewallRules: [{25650B00-C688-4997-812D-A9DA38EC635E}] => (Allow) D:\Downloads\Dragon Age\tools\RPU.exe
FirewallRules: [{C784BC3D-D43E-412D-AAC2-33447BA17CFF}] => (Allow) D:\Downloads\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [{336F5B60-7EA4-454A-9DDA-4473C157B77A}] => (Allow) D:\Downloads\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [TCP Query User{974D6F34-D942-4BB7-9125-50BA65424AD7}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [UDP Query User{EEF9B811-76EF-44BE-9942-AE38A8232A15}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{25F486DE-3124-4A03-9A15-658DBBB4716B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F4F3579F-C1D3-4C75-BF48-85FA1CF0E2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF63036B-E346-4D7D-9D8B-732173170D2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{47EE331D-2B7F-44F6-93AF-3A7FEFD3C25A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{75394979-87B0-4439-A684-683638C659FD}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F834FDC-D6EF-49AB-8129-9383EF23F72F}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0F4DAFBD-52B4-45C3-9C46-6A61C9779DE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{60CD3691-DAE8-4E09-AC97-92400C557C0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{011F936A-EE6E-47B2-802B-91EE7FABFA53}D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [UDP Query User{43EF2D69-F02F-4843-A3C6-165CEBBCC898}D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [{8D300A7F-33FB-40B3-BF73-EAEE4A661CFC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D437C575-FA84-4134-83FF-F334BBA577C2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [TCP Query User{5AEC509D-E07A-4363-8A44-A400B6ADE478}D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{0F90AB27-1560-496D-B68F-8FA362CF5777}D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [{25ACEFD4-1814-4A2A-9405-56C6F06ED4EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{8A1E9DEE-A3BF-49D6-B5A0-E0D0655A5C34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{710BD64B-C703-41CC-95EB-19B206C0719B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{1A546FC1-D0B4-4AAD-841A-8FABCDD871D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{20571518-0693-43D7-A5EB-83FAF66B29E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{A3011250-858A-4881-86B8-979678266503}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [TCP Query User{13410BC9-4C0B-4F4F-AF3F-B4D455C21C30}D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [UDP Query User{2943C021-5278-4E80-BB6C-890E679E9B40}D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{1103BEEC-9066-475E-A4AC-23D8D2753B97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{92FECCA3-3443-4915-A7BC-E56DB2421C53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{BD3626F5-2042-4EC0-849C-ADBFB43FA484}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{77C3C81F-69CD-40B6-A892-0302F0F82C37}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA938B6E-D6DE-47AB-9E5F-C958DCF75901}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{54ADD87D-C53C-4092-A231-A9B3E32CBB45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AED77D6-164D-4147-906A-27877F56CBB0}] => (Allow) D:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7CEF7A7F-5123-4267-B7F3-C9BE1112CD45}D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{0BFB461F-A440-42BD-9F76-937F7EDA178B}D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{893D1063-8C75-4299-8225-019427FD3E5A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{41A61AEC-3349-4614-87CD-F55F87FE3946}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{9260A945-63C9-4B51-AD66-639DFE236F3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{73A3D382-B8A5-4355-B729-D59154A48563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1B92CC88-6C48-42FF-BA9F-E51E91D92F03}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{2C6E3089-BD04-40AE-80BD-CE71F7AE282A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{CC2F9F08-17A0-4335-BE96-52375490B223}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{4E886C7F-2070-42CE-8A9B-6EED8380CF13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{CC538997-514D-4F66-AC29-C5FDCBEECC3A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{4F978A49-5712-464E-A2F9-1F2DECDDD70C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{52D9A1A2-6E4D-43A9-8087-B978894C9EE2}D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe] => (Block) D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe
FirewallRules: [UDP Query User{5F4590DC-2306-40AE-B1DF-52EDBD4E4633}D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe] => (Block) D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe
FirewallRules: [{2CED1D6A-3502-43DB-9932-9F0E34CC8569}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{2D03009B-DD1F-43C0-AAB6-4E5C96050F47}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{D253C664-72E3-4B5F-982B-A80404CD5CB5}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{F8DD63A3-0F1E-4C67-92B9-0CD4B8E9D3EB}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{42F6B230-1B0E-4023-AE65-2E3480E6FACB}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{C3F1A140-1EAD-4434-9144-71828418EA0C}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{8EA95A28-4967-47F5-BC04-9B272E0FE057}] => (Allow) D:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{83D87E5B-BDBF-43D4-9152-68913B8614D6}] => (Allow) D:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [TCP Query User{A5C77DFF-C8D7-40A7-8D4A-62DE80CC0E79}D:\program files (x86)\dying light\dyinglightgame.exe] => (Block) D:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{53DB70E5-CA1B-4F57-BDA3-FE691ED78BCB}D:\program files (x86)\dying light\dyinglightgame.exe] => (Block) D:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [{EE9D4FED-AEC6-408D-BB5D-3AAD609DB373}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{B11A01E4-BA1B-4A67-BDB3-37BB8B0A6BA1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{D0AE4AD0-1AC2-4CE4-A448-A854C1DBE9D9}D:\program files (x86)\thechineseroom\dear esther\dearesther.exe] => (Block) D:\program files (x86)\thechineseroom\dear esther\dearesther.exe
FirewallRules: [UDP Query User{258223E1-F27B-48BF-9194-F3BFB5E8F70F}D:\program files (x86)\thechineseroom\dear esther\dearesther.exe] => (Block) D:\program files (x86)\thechineseroom\dear esther\dearesther.exe
FirewallRules: [TCP Query User{F382CF67-4637-4018-9E9F-B4ADD8603278}D:\games\launcher\bethesda.net_launcher.exe] => (Allow) D:\games\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{4E2E6E9D-7D18-4576-9182-E87BB1365146}D:\games\launcher\bethesda.net_launcher.exe] => (Allow) D:\games\launcher\bethesda.net_launcher.exe
FirewallRules: [{3AE27273-FAB1-4A3D-A18C-EA6A458B3309}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5DDD4A36-ABF4-4FFE-857C-202EDE507462}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F18986CB-2F9F-44C8-9F45-2A895A54A468}] => (Allow) D:\Games\Hearthstone\Hearthstone.exe
FirewallRules: [{EF0FC17B-B91A-468B-99EE-2EB4C450137B}] => (Allow) D:\Games\Hearthstone\Hearthstone.exe
FirewallRules: [{442257FA-9A46-4AEC-9503-3D21DEBE1DC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{6618F859-019E-406A-BDF6-B494B0796ECC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{0007F8F4-B69E-47D7-95AE-47C5DF797B18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{30D0124E-8A64-4528-87AE-F1F1208A06EA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{87A35DF0-C652-4BEE-A862-9F542B40C87E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{063FFE2A-A23D-4EA8-9C68-3054BC783296}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CC5326C9-AF2C-425A-ACBD-A3EE31FD8555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{88896BDF-6AFC-41A4-B09D-E32C937D10D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{482A1D9C-C486-4658-AD8E-4D7F3A2A2BB2}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{3A7600BA-8557-49F9-978E-397B2DEC60BA}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{057195C2-CE48-44F1-87E0-7FCD349D0D18}] => (Allow) D:\Downloads\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{6713D87A-76B5-4569-BEEA-FD28203E8CFD}] => (Allow) D:\Downloads\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{060CC6F0-79AD-402B-9E71-6C18953812DA}] => (Allow) C:\Users\TSK\AppData\Local\Apps\2.0\RL7QCVJJ.8Q5\JRR2TL53.7ZV\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{388A117E-EF86-4A20-85AF-95B02F50F7CE}] => (Allow) C:\Users\TSK\AppData\Local\Apps\2.0\RL7QCVJJ.8Q5\JRR2TL53.7ZV\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{D482C428-6C0E-400B-B0F9-513ADC7D1AD7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{5A4179F4-7144-4A43-98FD-2A1CA3395A7B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{552EEF84-4CE8-480B-BCA6-2E5F8E09D693}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{ABD7ACDB-C06F-4682-966E-35BE6BB099DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{66B77B7B-B067-4570-A590-AE82F4B9A180}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{0D6AAC33-9EC3-4AD9-BF7A-4A07158A3BC8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{AD4102CC-B4E8-49A5-8D62-3F7200CDBAFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{46904335-AB5E-4F37-AAF3-A74697A39DA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6BDDD889-9CD9-4DBD-AD1C-6247C2F6C06A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: WinI2C-DDC Kernel Mode Driver
Description: WinI2C-DDC Kernel Mode Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WinI2C-DDC
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64546709
Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64546709
Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64545711
Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64545711
Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64544712
Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64544712
Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 10:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64543714
Systemfehler:
=============
Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SBSD Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/26/2015 10:41:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop Connect Firefox Software Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/26/2015 10:41:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/26/2015 10:41:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "SQL Server Browser" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/26/2015 10:41:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64546709
Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64546709
Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64545711
Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64545711
Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64544712
Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64544712
Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 10:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64543714
CodeIntegrity Fehler:
===================================
Date: 2015-07-25 12:17:16.360
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-25 12:17:16.328
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:37:04.604
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\TSK\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:37:04.562
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\TSK\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:37:04.512
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 17:37:04.469
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 35%
Total physical RAM: 8109.11 MB
Available physical RAM: 5246.32 MB
Total Virtual: 9107.3 MB
Available Virtual: 6325.9 MB
==================== Drives ================================
Drive c: (Volume) (Fixed) (Total:55.9 GB) (Free:8.32 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:127.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (CARBOARDBOX) (Removable) (Total:0.99 GB) (Free:0.84 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 45C40761)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5B2849B1)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1011.8 MB) (Disk ID: 009EAF4A)
Partition 1: (Active) - (Size=1012 MB) - (Type=06)
==================== Ende von log ============================
|
|
27.07.2015, 12:51
| #11 |
| /// TB-Ausbilder | Festplatte füllt und leert sich selbstständig Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
FF Extension: {b26ec7aa-f2b6-4ddc-800e-5c43e181fe95} - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{b26ec7aa-f2b6-4ddc-800e-5c43e181fe95}.xpi [2014-06-11]
FF Extension: web Player - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default
\Extensions\{07a56c5c-9aba-46d7-876a-2aaab7932900}.xpi [2014-06-15]
CHR Extension: (Hola Better Internet Engine) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-11-16]
C:\Users\TSK\AppData\Local\70149b02515b3bb20dd492.47983420
RemoveProxy:
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
27.07.2015, 15:57
| #12 |
| | Festplatte füllt und leert sich selbstständig Super, ich bin jetzt aber erstmal weit entfernt von meinem PC. In ca. zwei Wochen bin ich wieder da. |
|
28.07.2015, 04:46
| #13 | |
| /// TB-Ausbilder | Festplatte füllt und leert sich selbstständigZitat:
Bis dahin kann sich zu viel am Rechner ändern.  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Festplatte füllt und leert sich selbstständig |
| festplatte, füllt, geschwindigkeit, hinweise, inter, interne, internet, leer, leert, löschen, platte, problem, selbstständig, servus, thread, verbunden, wiederherstellungspunkte |
Linear-Darstellung
