| |
| |||||||
Log-Analyse und Auswertung: Pishing-Mail Paypal link angeklickt ohne Daten einzugebenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.12.2015, 00:35
| #1 |
 |  Pishing-Mail Paypal link angeklickt ohne Daten einzugeben Hallo, Ich habe bei einer Paypal-Pishing Email auf den eingefügten Link geklickt, danach jedoch sofort den Browser geschlossen (löscht bei mir automatisch alle Daten im Browser). Dann habe ich den Browser neugestartet und mich bei Pypal eingeloggt und gemerkt, dass die andere Email ein Spam war. TDSKiller gestartet jedoch ohne Fund, (Kaspersky neuste Version ist mein Virenschutz) Bitte um Hilfe! Kommt da jetzt noch was nach oder bin ich sicher? Vielen Dank! Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-12-2015
durchgeführt von Philip (Administrator) auf PHILIP-PC (31-12-2015 00:31:42)
Gestartet von D:\Downloads
Geladene Profile: Philip (Verfügbare Profile: Philip)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Run: [Dropbox Update] => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-21] (Dropbox, Inc.)
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Run: [Spotify Web Helper] => C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-21] (Spotify Ltd)
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\MountPoints2: {66e52a31-a04e-11e2-b6b3-806e6f6e6963} - F:\Bin\ASSETUP.exe
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-08] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk [2013-04-08]
ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 192.168.5.1
Tcpip\..\Interfaces\{038D747B-E372-47DC-BD77-93ACCAC2AF22}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{A7446BE3-4664-4327-967C-AF964981366F}: [DhcpNameServer] 192.168.5.1 192.168.5.1
Tcpip\..\Interfaces\{C54E0121-7C09-43CE-93EC-D17F0B216E6F}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-12-13] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-21] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => Keine Datei
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll => Keine Datei
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-13] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => Keine Datei
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\o9p1vvy5.default-1446752911483
FF Homepage: google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-17] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-10-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1043415761-1617859271-1540384589-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Philip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1043415761-1617859271-1540384589-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1043415761-1617859271-1540384589-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-05-28] ()
FF Extension: WOT - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\o9p1vvy5.default-1446752911483\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-12-03]
FF Extension: Adblock Plus - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\o9p1vvy5.default-1446752911483\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => Keine Datei
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Store) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Erwecke die Macht in dir) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeojddkbfhdgnnicgkgogjnbkdljibb [2015-11-28]
CHR Extension: (Store) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]
CHR Extension: (Google-Suche) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-10-01]
CHR Extension: (Google Docs Offline) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Proxmate) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2015-12-18]
CHR Extension: (Google Wallet) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Google Mail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-02] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-06] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-19] (GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-10-03] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-10-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-10-03] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-05] (Electronic Arts)
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ArcService; D:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-20] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940928 2015-12-03] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-10-03] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2012-08-15] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\Philip\AppData\Local\Temp\ALSysIO64.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-31 00:19 - 2015-12-31 00:31 - 00000000 ____D C:\FRST
2015-12-31 00:10 - 2015-12-31 00:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-12-31 00:01 - 2015-12-31 00:18 - 00433224 _____ C:\TDSSKiller.3.1.0.9_31.12.2015_00.01.36_log.txt
2015-12-31 00:00 - 2015-12-31 00:00 - 00000364 _____ C:\TDSSKiller.3.1.0.5_31.12.2015_00.00.56_log.txt
2015-12-28 23:20 - 2015-12-28 23:20 - 00000000 ____D C:\Users\Philip\AppData\LocalLow\Thunder Lotus Games
2015-12-28 20:58 - 2015-12-28 20:58 - 00000000 ____D C:\Users\Philip\AppData\Local\Ori and the Blind Forest
2015-12-28 17:18 - 2015-12-29 20:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 11:35 - 2015-12-20 11:35 - 00002251 _____ C:\Users\Philip\Desktop\Google Chrome.lnk
2015-12-13 23:40 - 2015-12-13 23:40 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 18:08 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 18:08 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 18:08 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 18:08 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 18:08 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 18:08 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 18:08 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 18:08 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 18:08 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 18:08 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 18:08 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 18:08 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 18:08 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 18:08 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 18:08 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 18:08 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 18:08 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 18:08 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 18:08 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 18:08 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 18:08 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 18:08 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 18:08 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 18:08 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 18:08 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 18:08 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 18:08 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 18:08 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 18:08 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 18:08 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 18:08 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 18:08 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 18:08 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 18:08 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 18:08 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 18:08 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 18:08 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 18:08 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 18:08 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 18:08 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 18:08 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 18:08 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 18:08 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 18:08 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 18:08 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 18:08 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 18:08 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 18:08 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 18:08 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 18:08 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 18:08 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 18:08 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 18:08 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 18:08 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 18:08 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 18:08 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 18:08 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 18:08 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 18:08 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 18:08 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 18:08 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 18:08 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 18:08 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 18:08 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 18:08 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 18:08 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 18:08 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 18:08 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 18:08 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 18:08 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 18:08 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 18:08 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 18:08 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 18:08 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 18:08 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 18:08 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 18:08 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 18:08 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 18:08 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 18:08 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 18:08 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 18:08 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 18:08 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 18:08 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 18:08 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 18:08 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 18:08 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 18:08 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 18:08 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 18:08 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 18:08 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 18:08 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 18:08 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 18:08 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 18:08 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 18:08 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 18:08 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 18:08 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 18:08 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 18:04 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 18:04 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 21:23 - 2015-12-07 21:23 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Arrowhead
2015-12-06 16:23 - 2015-12-06 16:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Notepad++
2015-12-06 16:23 - 2015-12-06 16:23 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-06 16:23 - 2015-12-06 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-06 16:23 - 2015-12-06 16:23 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-12-06 16:22 - 2015-12-06 16:13 - 00003920 _____ C:\Users\Philip\Fallout4Prefs.ini
2015-12-06 16:22 - 2015-12-06 16:13 - 00000041 _____ C:\Users\Philip\Fallout4Custom.ini
2015-12-06 16:22 - 2015-11-10 00:39 - 00002465 _____ C:\Users\Philip\Fallout4.ini
2015-12-06 16:16 - 2015-12-19 11:39 - 00000741 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-12-06 11:55 - 2015-12-20 21:02 - 00000000 ____D C:\Users\Philip\AppData\Roaming\PJShooterUltimate
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-31 00:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-31 00:11 - 2014-11-06 22:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-12-31 00:11 - 2013-04-08 20:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-31 00:03 - 2013-04-15 18:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-30 23:46 - 2015-08-21 10:41 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000UA.job
2015-12-30 23:36 - 2013-04-08 18:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-30 20:36 - 2013-04-08 20:19 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-12-30 20:16 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-12-30 20:16 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-12-30 20:16 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-30 20:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-30 17:33 - 2009-07-14 05:45 - 00023344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-30 17:33 - 2009-07-14 05:45 - 00023344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-30 17:27 - 2013-04-15 18:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-30 17:18 - 2015-06-23 11:24 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-30 17:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-30 00:07 - 2015-11-08 01:01 - 00003026 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-12-29 23:23 - 2013-04-08 20:34 - 00000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2015-12-29 20:10 - 2015-11-05 21:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-28 23:00 - 2015-07-15 16:37 - 00000000 ____D C:\Users\Philip\AppData\Local\JDownloader 2.0
2015-12-20 11:46 - 2015-08-21 10:41 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000Core.job
2015-12-19 11:39 - 2015-01-12 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-12-19 00:21 - 2015-04-04 18:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-19 00:21 - 2015-04-04 18:49 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 22:59 - 2013-10-07 21:34 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TS3Client
2015-12-17 16:57 - 2015-09-21 21:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-17 16:57 - 2015-09-21 21:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-13 23:40 - 2013-10-22 19:53 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Dropbox
2015-12-13 17:04 - 2013-10-15 15:05 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-13 17:04 - 2013-10-15 15:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-13 17:04 - 2013-04-08 14:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-13 17:01 - 2013-10-15 16:22 - 00000000 ____D C:\Users\Philip\Documents\Benutzerdefinierte Office-Vorlagen
2015-12-13 13:14 - 2013-09-18 20:58 - 00062464 ___SH C:\Users\Philip\Thumbs.db
2015-12-12 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 16:49 - 2009-07-14 05:45 - 00462312 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 00:48 - 2014-05-17 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 00:48 - 2014-05-17 19:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 00:48 - 2014-05-17 19:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 00:47 - 2013-08-15 23:15 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 00:44 - 2013-04-08 18:18 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-06 16:22 - 2013-04-08 14:19 - 00000000 ____D C:\Users\Philip
2015-12-06 16:18 - 2015-11-10 00:29 - 00000000 ____D C:\Users\Philip\AppData\Local\Fallout4
2015-12-05 10:11 - 2013-04-08 14:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-05 10:10 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-05 09:58 - 2013-04-15 18:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 09:58 - 2013-04-15 18:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 22:48 - 2014-05-17 17:34 - 00000000 ____D C:\Users\Philip\AppData\Roaming\DVDVideoSoft
2015-12-03 23:13 - 2015-09-02 11:07 - 00940928 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-12-02 13:18 - 2013-04-08 14:35 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-11 09:48 - 2013-12-11 09:48 - 49940480 _____ () C:\Program Files (x86)\GUTEAAD.tmp
2014-06-29 17:28 - 2014-06-29 13:20 - 0012005 _____ () C:\Users\Philip\AppData\Roaming\alsoft.ini
2015-11-01 21:36 - 2015-11-01 21:36 - 0000135 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmq8tku.dll
C:\Users\Philip\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Philip\AppData\Local\Temp\GUR1525.exe
C:\Users\Philip\AppData\Local\Temp\i4jdel0.exe
C:\Users\Philip\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.53.1.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.53.2.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.61.2.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.61.3.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.61.4.exe
C:\Users\Philip\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\Philip\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Philip\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Philip\AppData\Local\Temp\nvStInst.exe
C:\Users\Philip\AppData\Local\Temp\proxy_vole3781096880749226472.dll
C:\Users\Philip\AppData\Local\Temp\proxy_vole5268617146009629776.dll
C:\Users\Philip\AppData\Local\Temp\proxy_vole8992570765991943043.dll
C:\Users\Philip\AppData\Local\Temp\setup.exe
C:\Users\Philip\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Philip\AppData\Local\Temp\tmd_34014538.exe
C:\Users\Philip\AppData\Local\Temp\tmp33AB.exe
C:\Users\Philip\AppData\Local\Temp\tmp59A9.exe
C:\Users\Philip\AppData\Local\Temp\tmp7C6E.exe
C:\Users\Philip\AppData\Local\Temp\tmpEFBB.exe
C:\Users\Philip\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-20 17:55
==================== Ende von FRST.txt ============================
|
|
31.12.2015, 00:36
| #2 |
| | Pishing-Mail Paypal link angeklickt ohne Daten einzugebenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-12-2015
durchgeführt von Philip (2015-12-31 00:31:55)
Gestartet von D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-04-08 13:19:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1043415761-1617859271-1540384589-500 - Administrator - Disabled)
Gast (S-1-5-21-1043415761-1617859271-1540384589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1043415761-1617859271-1540384589-1002 - Limited - Enabled)
Philip (S-1-5-21-1043415761-1617859271-1540384589-1000 - Administrator - Enabled) => C:\Users\Philip
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
ADRIFT 5 (HKLM-x32\...\{22EEACC9-C06E-45E5-8FBA-C9270989CA13}) (Version: 5.0.31.4 - Campbell Wild)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Amazon Kindle (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Among the Sleep (HKLM-x32\...\Steam App 250620) (Version: - Krillbite Studio)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.11.12 - Atheros Communications Inc.)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version: - Rocksteady Studios)
Battle Worlds Kronos Version 0.4.3 (HKLM-x32\...\C52E2E84-EE31-11E2-9C58-D5676188709B_is1) (Version: 0.4.3 - KING Art Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beneath a Steel Sky (HKLM-x32\...\GOGPACKBENEATH_is1) (Version: 2.0.0.9 - GOG.com)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Broforce (HKLM-x32\...\Steam App 274190) (Version: - Free Lives)
Broken Age (HKLM-x32\...\Steam App 232790) (Version: - Double Fine Productions)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - )
Castlevania: Lords of Shadow – Mirror of Fate HD (HKLM-x32\...\Steam App 282530) (Version: - MercurySteam)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft Montréal)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Crawl (HKLM-x32\...\Steam App 293780) (Version: - Powerhoof)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version: - Brace Yourself Games)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4520.54 - CyberLink Corp.)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version: - Ion Storm)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version: - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Deus Ex: Revision (HKLM-x32\...\Steam App 397550) (Version: - Caustic Creative)
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.0.4.7 - GOG.com)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
Dropbox (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Keeper (HKLM-x32\...\GOGPACKDUNGEONKEEPERDOS_is1) (Version: 2.0.0.2 - GOG.com)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios)
Edimax Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.1.0 - Edimax)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)
Evoland (HKLM-x32\...\GOGPACKEVOLAND_is1) (Version: 2.0.0.3 - GOG.com)
Evoland 2 (HKLM-x32\...\1439275574_is1) (Version: 2.0.0.2 - GOG.com)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version: - Ubisoft Montreal)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.1.1001 - DVDVideoSoft Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Full Combat Rebalance 2 Hotfix version 1.1a (HKLM-x32\...\Full Combat Rebalance 2 Hotfix_is1) (Version: 1.1a - Andrzej Kwiatkowski)
Full Combat Rebalance 2 version 1.1 (HKLM-x32\...\Full Combat Rebalance 2_is1) (Version: 1.1 - Andrzej Kwiatkowski)
Gemini Rue (HKLM-x32\...\GOGPACKGEMINIRUE_is1) (Version: 2.0.0.5 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 1.0 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GraphPad Prism 6 (HKLM-x32\...\{606443B0-9831-11DC-5F90-015CFB7A6952}) (Version: 6.01 - GraphPad Software)
Grim Dawn (HKLM-x32\...\Steam App 219990) (Version: - )
Grim Fandango Remastered (HKLM-x32\...\1207667183_is1) (Version: 2.0.0.2 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HELLDIVERS™ (HKLM-x32\...\Steam App 394510) (Version: - Arrowhead Game Studios)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version: - HEX Entertainment)
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version: - Gearbox Software)
Hotline Miami (HKLM-x32\...\1207659118_is1) (Version: 2.2.0.8 - GOG.com)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.4.0.5 - GOG.com)
IBM SPSS Statistics 23 (HKLM\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.0 - IBM Corp)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Incredipede (HKLM-x32\...\GOGPACKINCREDIPEDE_is1) (Version: 2.2.0.6 - GOG.com)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Invisible Inc (HKLM-x32\...\Invisible Inc_is1) (Version: - )
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jotun (HKLM-x32\...\Steam App 323580) (Version: - Thunder Lotus Games)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Codec Pack 9.8.5 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Legend of Grimrock 2 (HKLM-x32\...\Steam App 251730) (Version: - Almost Human Games)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LOOT Version 0.8.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.0 - LOOT Team)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Magicka 2 (HKLM-x32\...\Steam App 238370) (Version: - Pieces Interactive)
Magicka 2 Sneak Peek (HKLM-x32\...\Steam App 351950) (Version: - )
MASSIVE CHALICE (HKLM-x32\...\Steam App 246110) (Version: - Double Fine Productions)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
Memoria (HKLM-x32\...\{265D60A5-F9D4-4141-A17F-82D4436665DD}) (Version: 1.00 - Deep Silver)
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\Steam App 235460) (Version: - PlatinumGames)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Miasmata (HKLM-x32\...\GOGPACKMIASMATA_is1) (Version: 2.1.0.5 - GOG.com)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Morten242s UI for DSFix (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\bd16ebff8bf348a4) (Version: 1.0.0.30 - Morten242)
Mozilla Firefox 43.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 3.0.0.10 - MSI)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.4 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version: - )
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150311.103813 - Square Enix Ltd)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenXcom 0.9 (HKLM-x32\...\OpenXcom) (Version: 0.9.0.0 - OpenXcom Developers)
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Outland (HKLM-x32\...\Steam App 305050) (Version: - Housemarque)
Outlast (HKLM-x32\...\1207660064_is1) (Version: 2.1.0.8 - GOG.com)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Party Hard (HKLM-x32\...\Steam App 356570) (Version: - Pinokl Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.8.25003 - Grinding Gear Games)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version: - Obsidian Entertainment)
PixelJunk™ Shooter Ultimate (HKLM-x32\...\Steam App 332330) (Version: - Q-Games, Ltd.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Primordia (HKLM-x32\...\GOGPACKPRIMORDIA_is1) (Version: 2.0.0.2 - GOG.com)
Rags Suite (HKLM-x32\...\{1F16A5E0-C0EF-4A37-9C09-8B8A2810BC3B}) (Version: 2.4.14 - RagsGame)
Rags Suite (HKLM-x32\...\{E50D4D29-C7B5-4136-AADE-D85794926840}) (Version: 2.4.0 - RagsGame)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.)
Riffplayer 0.4.3 (HKLM-x32\...\Riffplayer) (Version: 0.4.3 - RVM)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rogue Legacy (HKLM-x32\...\GOGPACKROGUELEGACY_is1) (Version: 2.2.0.10 - GOG.com)
Saints Row: Gat out of Hell (HKLM-x32\...\Steam App 301910) (Version: - Deep Silver Volition)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung SSD Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 3.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Satellite Reign (HKLM-x32\...\Steam App 268870) (Version: - 5 Lives Studios)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
Shadowrun: Dragonfall - Director's Cut (HKLM-x32\...\Steam App 300550) (Version: - Harebrained Schemes)
Shadowrun: Hong Kong (HKLM-x32\...\Steam App 346940) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.10.0.17 - GOG.com)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Small World 2 (HKLM-x32\...\Steam App 235620) (Version: - Days of Wonder)
SOMA (HKLM-x32\...\Steam App 282140) (Version: - Frictional Games)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)
Spotify (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
StarCrawlers (HKLM-x32\...\Steam App 318970) (Version: - Juggernaut Games)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
System Shock - Enhanced Edition (HKLM-x32\...\1439995156_is1) (Version: 2.1.0.4 - GOG.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Adventures of Shuggy (HKLM-x32\...\GOGPACKADVENTURESSHUGGY_is1) (Version: 2.0.0.3 - GOG.com)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Book of Unwritten Tales 2 (HKLM-x32\...\Steam App 279940) (Version: - KING Art)
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version: - Daedalic Entertainment)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version: - Tango Gameworks)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Swapper (HKLM-x32\...\GOGPACKTHESWAPPER_is1) (Version: 2.0.0.2 - GOG.com)
The Vanishing of Ethan Carter (HKLM-x32\...\1207665373_is1) (Version: 2.0.0.2 - GOG.com)
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.11.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher Adventure Game (HKLM-x32\...\1207664653_is1) (Version: 2.0.33.36 - GOG.com)
The Witcher Adventure Game (HKLM-x32\...\1207666883_is1) (Version: 2.1.0.2 - GOG.com)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version: - Days of Wonder)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Transistor (HKLM-x32\...\Steam App 237930) (Version: - Supergiant Games)
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Unity Web Player (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA)
Velocity 2X (HKLM-x32\...\VmVsb2NpdHkyWA==_is1) (Version: 1 - )
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warhammer: End Times - Vermintide (HKLM-x32\...\Steam App 235540) (Version: - Fatshark)
Wasteland 2 - Director's Cut (HKLM-x32\...\1444386007_is1) (Version: 2.1.0.3 - GOG.com)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
XCom Long War EW Mod version Beta 15d2 (HKLM-x32\...\{860C3266-65B9-4BF2-937A-1778483046B5}_is1) (Version: Beta 15d2 - JohnnyLump)
Xenonauts (HKLM-x32\...\GOGPACKXENONAUTS_is1) (Version: 2.0.0.5 - GOG.com)
YACReader 7.0.1 (HKLM-x32\...\YACReader_is1) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0018AC5C-EDAA-4447-A164-E9DCF7D4FC1E} - System32\Tasks\Herunterfahren => shutdown
Task: {03C8A357-C47B-4709-90C9-29FBF7AFC382} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-05-27] ()
Task: {0E413C6A-54D7-4323-98B5-74915FEF8B88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2D722023-2200-4C61-980C-BBBC522BB742} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {695B82BE-B988-451C-BA2D-2C38E07985C8} - System32\Tasks\{0407E141-AE0F-4231-A78A-88BC0F0F70CD} => pcalua.exe -a "D:\GOG Games\Divinity - Original Sin\LanguageSetup.exe" -d "D:\GOG Games\Divinity - Original Sin"
Task: {6DF13B51-2A75-4D96-B23F-A2D9E1645D54} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {9256E0D6-86D9-4802-B172-1D02DDF8900D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {96C1C839-D0DC-44DE-B706-53E17E2120D2} - \MySearchDial -> Keine Datei <==== ACHTUNG
Task: {A16A671F-F5DE-4B8F-A697-F464B86D7D30} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000Core => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-21] (Dropbox, Inc.)
Task: {A3672B7B-662B-484B-9D80-02E9077520E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E231F15A-AAD0-444D-BAA5-4F8B0A665C5B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000UA => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-21] (Dropbox, Inc.)
Task: {EE1B3E61-967F-4892-A4B2-7D8962A74795} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {EE317E43-05EB-4ECB-A517-ECEEB1181955} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F0CB111A-FF9D-43BD-8928-373A88718B1E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {F24D24F1-04E9-4530-907C-5EABA73799C7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-13] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000Core.job => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000UA.job => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-23 11:24 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-22 16:21 - 2012-06-01 16:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-03-20 17:00 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-04-08 20:06 - 2011-12-06 02:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-04-08 20:06 - 2011-12-06 02:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2015-05-27 11:05 - 2015-05-27 11:05 - 00578272 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2014-06-22 16:21 - 2015-12-30 17:18 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-06-22 16:21 - 2010-06-29 09:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-07-08 22:18 - 2015-07-08 22:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2014-10-16 18:27 - 2014-10-16 18:27 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-04-08 20:12 - 2012-02-01 15:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-06-23 11:28 - 2015-10-03 06:06 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-05-29 22:16 - 2009-12-09 20:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
2015-05-18 12:43 - 2015-05-18 12:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-05-18 12:43 - 2015-05-18 12:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-05-18 12:43 - 2015-05-18 12:43 - 00218624 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-05-22 11:56 - 2015-05-22 11:56 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-05-22 12:36 - 2015-05-22 12:36 - 00649216 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.5.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Philip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AirPort Base Station Agent => "C:\Program Files (x86)\AirPort\APAgent.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Philip\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8A1C0A10-66CE-40EF-8F12-9041E21AC8E8}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{C335D937-F356-4C53-A842-03C13BDAC706}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{5F82454B-AEF8-4F1A-B155-89C5AEA82E8E}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{36849973-9B66-4168-AFAE-2583199A3191}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{BC4090D7-9397-48FB-87A6-B516FDA71C45}] => (Allow) D:\Program Files\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{2F9D63A4-7BE3-4C61-9E59-624354B384A2}] => (Allow) D:\Program Files\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E13E136D-FDD5-4DC0-BE34-1AF522ED9661}] => (Allow) D:\Program Files\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D670F9E3-C27B-40EB-8C80-FE3DC94419A8}] => (Allow) D:\Program Files\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{19ACA024-9308-48A6-9E78-05BBC945D1FF}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machinarium\machinarium.exe
FirewallRules: [{B3908767-A4FF-4720-96AA-DD395D002528}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machinarium\machinarium.exe
FirewallRules: [{47A76D5F-5E58-43D4-9739-5A8BB91B6E7A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{CED56D3E-AA08-4F5E-910D-A4E067293A3E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{E6C8BE6D-356F-4D72-B134-21DCA947B469}] => (Allow) D:\Program Files\Steam\SteamApps\common\Legend of Grimrock\grimrock.exe
FirewallRules: [{324633F3-1A0E-43A5-A0D0-64B00BFE6D31}] => (Allow) D:\Program Files\Steam\SteamApps\common\Legend of Grimrock\grimrock.exe
FirewallRules: [{F966065E-DBC1-441C-87BB-98BE1BD7EDEA}] => (Allow) D:\Program Files\Steam\SteamApps\common\Botanicula\Botanicula.exe
FirewallRules: [{84355A2E-C52C-42D3-90F3-110B77577C9B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Botanicula\Botanicula.exe
FirewallRules: [{E2AC8BA5-3010-444A-9573-76B4F2855C67}] => (Allow) D:\Program Files\Steam\SteamApps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{6AF10175-B6C4-402A-9155-6E5519AA58B7}] => (Allow) D:\Program Files\Steam\SteamApps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{C29F14EC-9A64-48DC-883B-A2EB0835FCEF}] => (Allow) D:\Program Files\Steam\SteamApps\common\FLYN\Source\Flyn.exe
FirewallRules: [{EB027AE7-2555-4E6F-9D60-9F65618DCD5C}] => (Allow) D:\Program Files\Steam\SteamApps\common\FLYN\Source\Flyn.exe
FirewallRules: [{BC535C57-53B6-454F-BC74-01441DE17CE3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8FBA72EA-519C-4272-8DAC-65D533D89645}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A5441C8E-CF57-4BD7-A856-251F8E3A0526}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F957A579-1A18-4B56-93BB-F699970306D8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{78CBC1AC-6E47-479A-9B3C-900FDEE195AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{649E0D75-7489-4644-881C-E3E881DFB0E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1D92D548-EEC6-4944-805D-EB739CF50688}] => (Allow) D:\Program Files\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{30C7747A-1824-43A0-8FD6-BE6C4C630181}] => (Allow) D:\Program Files\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{B16D6E7F-763E-4F80-AE6D-34E1A2DD3F85}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A78BF878-D988-4F77-A0CA-2F20163F834A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAF27AA5-E342-4C0B-AD98-C3CDA76BE784}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E18B623-5BDC-4879-B131-4F0C6FD21190}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F75C188E-5A8F-4196-996C-35195FB10323}] => (Allow) D:\Program Files\Steam\SteamApps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{69E17936-47AC-48EC-B86F-198821587874}] => (Allow) D:\Program Files\Steam\SteamApps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{2BE227BE-5A56-401C-B0DB-642E80BA6653}] => (Allow) D:\Program Files\Steam\SteamApps\common\Trine\trine_launcher.exe
FirewallRules: [{9BFA7128-3B39-41CA-B417-47D27C3395FC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Trine\trine_launcher.exe
FirewallRules: [{7F90CBE4-B748-4792-9601-9B4651190268}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{5981E54F-59A1-45AC-8BFF-17FEDEB16572}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{5603C234-D800-4414-B408-061E3D716460}] => (Allow) LPort=1542
FirewallRules: [{B43E132C-2962-4872-9FE6-F7F056F0C1BF}] => (Allow) LPort=1542
FirewallRules: [{C5F4CF01-40AC-4F7D-AF1D-063845AD9FB0}] => (Allow) LPort=53
FirewallRules: [{E7C807C9-455D-4D9E-9787-9661865FF8DB}] => (Allow) LPort=67
FirewallRules: [{FD7740F0-7079-4937-8C75-AD77D07FA8AC}] => (Allow) LPort=68
FirewallRules: [{5E9E9D0C-CE0F-49AD-818B-F35D84774449}] => (Allow) LPort=53
FirewallRules: [{5E357BE8-B381-4E8E-855C-B17656F20B95}] => (Allow) LPort=53
FirewallRules: [{FF3C696B-9DA3-48ED-97E9-BD95519A8720}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{E04714B9-88A7-4DD3-980F-3F8DD03F8A88}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{D7955368-BAC8-4308-AF4E-AE3574E03A92}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{71BE0213-C301-4A47-A34C-16F820395387}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{084CFBF9-F34B-4E91-9397-54DB813C57F2}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{8C42DE4F-7E03-452C-A411-ABEFC34F1095}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{8385C0D4-A120-4846-A933-41C80D7003D5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{E68B3037-4D6A-4A7E-9EC8-4D77A38992FE}] => (Allow) D:\Program Files\Steam\SteamApps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{985E3F6F-05EE-41E6-BF0B-DACD0D5AFD7F}] => (Allow) D:\Program Files\Steam\SteamApps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{6487DE0E-742E-4171-B057-959F58364F44}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{422B0022-7EC2-4D02-9C2D-A02780D58385}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{464DDE53-CE54-4259-820B-A7B5447481C3}] => (Allow) D:\Program Files\Steam\SteamApps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{CCC3C347-B6F3-45C5-ACCA-07696D980661}] => (Allow) D:\Program Files\Steam\SteamApps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{99E3194D-6D01-44B3-B859-5EB0C91E892F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{4B433F01-4A09-442B-81D2-0951F1C58893}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{CDDC338C-254A-4B2C-BC92-5C40F4B61BE3}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{2FADE017-F87F-46F5-8B78-10C7BC7798E3}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{03CAA25D-52B0-457C-B76D-3BFC59196D50}] => (Allow) D:\Program Files\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{D30C0CF5-15CE-445D-A4D9-75EBAE0F6FE2}] => (Allow) D:\Program Files\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{9216B3B0-EE27-4AA0-863E-56484E7DF97B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{42655C63-D7DD-4104-8C00-236522665E9C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{5F155532-38AF-4DE8-9F42-F2795CAB2DE8}] => (Allow) D:\Program Files\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{6F4FA5D3-C27B-49FC-93AE-36D5D839CE58}] => (Allow) D:\Program Files\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{4450842D-FF12-47C5-98DB-56458A2FF784}] => (Allow) D:\Program Files\Steam\SteamApps\common\DXHRML\dxhrml.exe
FirewallRules: [{3006C72A-9017-4E82-BD82-C66F1CF28190}] => (Allow) D:\Program Files\Steam\SteamApps\common\DXHRML\dxhrml.exe
FirewallRules: [{0A4F5A60-B55A-4959-B07A-B7BA90CD37A5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{99709194-B6E5-4F0E-A68F-D02A841902CE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{9849F33F-DA09-4056-8AC5-2D0A2A379DD1}] => (Allow) C:\Users\Philip\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{0034DBCA-93E1-4ED6-A3D6-5160C6352469}] => (Allow) D:\Program Files\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{504E8C83-EE8F-453A-B454-62D8AC85C782}] => (Allow) D:\Program Files\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{D58B589C-BE55-4F35-93DE-E0028D0EE30F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{D9360C63-8E3B-4682-BDF7-D3079BA1BBFC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A9330567-1535-4E7D-919D-B85EF4A7F310}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{7266F51E-42F3-4B7D-BCD5-6075C4A7BC1B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{327ECC98-9A12-4DD7-9D7A-9BC460E39466}] => (Allow) C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4B048A2D-8A8A-4BF5-AF18-FA573A801EA9}] => (Allow) C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DCD686B4-9F86-44AE-B3BF-02B74679CE51}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Bards Tale\Config\The Bard's Setup.exe
FirewallRules: [{DBC5C6A2-C1B0-43E9-868E-0A1ABDB2E056}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Bards Tale\Config\The Bard's Setup.exe
FirewallRules: [TCP Query User{09459696-823C-42A6-9A55-C3E4CA16CD13}D:\program files\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Block) D:\program files\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{6E7604D0-8A50-4DE6-861C-48CD9AD011CF}D:\program files\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Block) D:\program files\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{CA72A3EB-12A8-4967-8735-ED4E3D679E1D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{AD3A4A40-CAC2-48B0-9A0A-F9701C65EAD5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{DF3E8DFB-E597-4A95-B39A-5256B2B7ACB7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{82ACB426-95E1-4F31-8CCA-5410A625573F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{6EE95592-57DD-4313-8BA7-1A31209DAB03}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{46E58A7D-7CAC-4373-BC24-F95B175EBFC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{B945928B-D4E4-44F2-8CC8-8B9318AF06F5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5D6CE26F-2682-4205-8D12-181CB81A847D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0FED6F8B-4A35-430A-8F27-3A995FD0F057}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{815E9AAB-C931-42E4-87A7-70D7F3D925B5}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{24C713CC-AF5B-422C-BE6E-1A3B8CDF71F1}] => (Allow) D:\Program Files\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{DB26838E-F27E-41AD-9AAD-F83E8D2AC581}] => (Allow) D:\Program Files\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{199D60BA-E9D2-489E-B813-04E1DDDEB5D8}] => (Allow) D:\Program Files\Steam\SteamApps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{6AD1D9D5-738F-4420-AC91-01BD24AEEA24}] => (Allow) D:\Program Files\Steam\SteamApps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{80CBC4E7-802D-4231-8EAA-1C2FB56BD337}] => (Allow) D:\Program Files\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{D3F45CA5-1518-4C68-92DD-F09E66F3710F}] => (Allow) D:\Program Files\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{90714090-5BD0-4545-8E92-900EC4C8C943}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{5F2922CB-1E92-4259-8F54-30BF29EF4040}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{9E68C9A5-973A-43BC-85F9-E8055C815218}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{F8689F6A-6D9C-4E6C-8ADA-AEBE21A7B5D6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{8A4256BE-46C8-44D0-84F8-531FC916734A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{F74B3E1D-285E-4447-A3B7-A7860432A934}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{E5EC3AEF-102A-4167-88D4-B803D6A3A0E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{C675E239-C278-49A7-B897-95E62656987D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{976D8C1C-2A70-49F7-907B-D6803B0A6461}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{619C2B3C-401D-4C27-8CDF-48C325A6D6E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{1E88C240-148F-472A-AE9B-22B680564CE6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{4BF6CA25-E098-492D-A51E-FF8F43046E0D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{D878CD36-63CF-4F57-9B86-49F42FFD2A8A}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{B6E3240C-852B-422D-BDF9-14974C3F39CC}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{8907FFD4-0817-4BEE-9D61-D61974CD5D97}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow 2 Demo\bin\CLOS2DEMO.exe
FirewallRules: [{5464E92B-1A59-46CF-B4C3-20AFB9771A99}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow 2 Demo\bin\CLOS2DEMO.exe
FirewallRules: [{4E4A2723-C102-4AC7-BB84-C93123759DCE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3989D694-C530-4566-BEA4-3637A24698D6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{975CB929-F358-4819-8ECE-4F66761692DB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{820D6522-40E4-4FCF-879A-6A0A238F0D51}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{52066AE0-E2FB-44E4-9B96-90C4378CB32B}] => (Allow) D:\Program Files\Steam\SteamApps\common\BattleWorldsKronos\BattleworldsBuilder\BattleworldsBuilder.exe
FirewallRules: [{D5320418-0427-481A-9A8B-EBAA4E5B5111}] => (Allow) D:\Program Files\Steam\SteamApps\common\BattleWorldsKronos\BattleworldsBuilder\BattleworldsBuilder.exe
FirewallRules: [{7160C884-AC0E-4E40-AAB7-C5FED5A9046F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{BC91F2DA-B773-4982-9F3C-F8563B970FBC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{1F7BB3EA-E86C-40B0-8C47-8CF99013E859}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{382F965C-B85E-4C7D-A414-4DB4447A3718}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{24277499-B306-41A1-B2A9-E792D53BF983}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound_server.exe
FirewallRules: [{E70C633C-F515-4061-8135-9DE71E5A24A1}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound_server.exe
FirewallRules: [{55F22B51-EF6F-4E8E-A4A2-D7CE8BD77133}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound_server.exe
FirewallRules: [{29E1AD31-1EB9-4D18-855D-2C5C7BD49C7B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound_server.exe
FirewallRules: [{D5791240-4FED-40B0-AC28-F5F43CCEA268}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{A9CEB083-50B1-463B-976B-0AE3FBB4B212}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{19671BA6-9DE0-4528-96C8-0B0131C75DDD}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{60FFE87E-96D1-4DBA-BD3C-F3BFCA9DD2F3}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{D88DECD1-6B9C-45ED-8F59-6D07425EE045}] => (Allow) D:\Program Files\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{49BDFC64-0789-42FF-9347-276D5A627F3D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{A1C520A4-B5D4-46A2-9B1C-3FC1652EDC23}] => (Allow) D:\Program Files\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{AA1BE878-FD58-4DF7-946B-4F4D19A8AC57}] => (Allow) D:\Program Files\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{F979E342-06FA-4E43-8FE1-40D926A9365C}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{11EDACD8-D982-4714-BE6B-4755672A7F7E}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{387A61D8-A93A-43A8-819F-4D91D39A8AE0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{DE679DAF-69AC-42E9-99B2-E7FB91E39F23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D8C7FE6A-D8A5-4A43-9389-B93534171F65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{6BF5E364-D3A2-41BC-8C0D-50BE35B5F5CE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow 2\bin\CLOS2.exe
FirewallRules: [{B1795017-7C65-4C04-9750-A2E37A3CE5AB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow 2\bin\CLOS2.exe
FirewallRules: [{88D5303A-EAF8-43D8-9325-B5B4A7C98CEA}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\SupportTool.exe
FirewallRules: [{EC27B2E4-A258-48A0-9603-41124AF5FCDE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\SupportTool.exe
FirewallRules: [{E5424D7D-0C3A-42AA-90ED-911C5168302B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{A56A97D5-DE4C-47AF-BCE7-A822403927AC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{C02B6F82-9048-4FDE-890F-7BB9D9EF18C9}] => (Allow) D:\Program Files\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{25EE0BA0-1A9C-4917-A3B9-C8A92FDE13EF}] => (Allow) D:\Program Files\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{89309CFB-281B-42DB-AEEE-45641C2658B5}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{C98E816F-38DB-46B7-9197-F4B4A40D231B}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{5455F23E-BB72-4F6D-A3D2-FA62F93069A9}] => (Allow) D:\Program Files\Steam\SteamApps\common\Among the Sleep\Among the Sleep.exe
FirewallRules: [{C45BC7A4-A10B-4C19-A3D3-F13BB9F9C1BB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Among the Sleep\Among the Sleep.exe
FirewallRules: [{7130851F-7CC2-4CAF-95B6-22479026D72F}] => (Allow) C:\Program Files (x86)\AirPort\APAgent.exe
FirewallRules: [{46B2072D-9D31-4191-94ED-08B2DF789708}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\SupportTool.exe
FirewallRules: [{2EF68433-33D9-4A23-A3EC-8DD55ABE8277}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\SupportTool.exe
FirewallRules: [{E5DE6F01-D7C8-413B-87C0-BC3EC692C66C}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{023D7FEE-539A-46FD-A029-43B85AED8F6F}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{5664DC3F-0DD2-4898-80D7-9611315730A5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{EDC9C83E-236E-49AB-BCCC-94E273FBE584}] => (Allow) D:\Program Files\Steam\SteamApps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{5CD563D8-D334-401F-9A0B-6B119C86EC8E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{878E9C20-2DFC-4D3F-B1A4-A6D98C5ACC0D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{242147BD-1867-4F94-9566-A3BCE71AA527}] => (Allow) D:\Program Files\Steam\SteamApps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{A42A04C0-6352-4D95-B2EC-C288910606E5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{5E0EC2CA-40CE-4E3D-BE3C-01B8C679B964}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{15CA59F7-1956-4F04-9667-BDD3009617D3}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{1ED1B975-51F7-4B9E-9300-B9B9B5C0405A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{B13DEEB6-204F-4382-92DD-1394437F4541}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{8E5F28C5-A24C-46CB-9F18-C583851E8A4E}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{36721C42-699F-4B08-8C1B-01FF51D1192A}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{4D926746-89D5-44F0-9F87-12FEB362BC52}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [{37433E1A-AE7D-4542-8192-A75438EFC9F6}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [TCP Query User{0643A6B7-9126-43A1-8876-5A8947B8D2C0}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3B511FA1-8406-4933-B3D9-3627A76B9209}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1B4343F7-2BAA-4A3B-A1BF-B47306253A63}] => (Allow) D:\Program Files\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{1DCD884B-F1BD-45A3-B6A7-BE46037798BA}] => (Allow) D:\Program Files\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{63E87E9D-748F-49A2-89C4-2CB1EA9966DB}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{16E49298-B36E-4B20-85B6-A5A177363AA5}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{8F8916EA-964D-45C7-92F0-22E0609B23EF}] => (Allow) D:\Program Files\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{DFE7D931-28B3-49D1-B61F-6EC87E75C5DA}] => (Allow) D:\Program Files\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{79EFEEDD-66EF-4ECA-8BE8-1BE3D101C7E6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{F506AACC-D60A-47DA-81D6-3B0DAE0CBEEE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{C406BB96-88E5-42C1-9814-3428FA3C47AA}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{B6254CA8-846C-468D-AE76-198190E2CE23}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{CF1D1183-EDEB-44A6-92C0-889BA928C82A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Legend of Grimrock 2\grimrock2.exe
FirewallRules: [{6C4145C6-9511-4C2F-906A-140936E73F3D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Legend of Grimrock 2\grimrock2.exe
FirewallRules: [{907FBD19-1221-48C3-AFFF-870DE9BBAD0B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{1CD7DADC-DCF3-4C7D-A11C-0071FE51982F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{A730F81A-31D6-46B2-A43C-42006AA27A2F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{4357E118-49EC-4F74-9015-7569915E3335}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{BCB0887F-6F88-4A59-BF85-63D4C7790F89}] => (Allow) D:\Program Files\Steam\SteamApps\common\ODP\ourdarkerpurpose.exe
FirewallRules: [{F94356F2-1656-414A-A2FB-A956E6EF9799}] => (Allow) D:\Program Files\Steam\SteamApps\common\ODP\ourdarkerpurpose.exe
FirewallRules: [{107A5789-E543-4A62-9158-44AE4314D0D2}] => (Allow) D:\Program Files\Steam\SteamApps\common\Massive Chalice\MC.exe
FirewallRules: [{30156E9F-FDC4-446B-99B6-8D7EF8751429}] => (Allow) D:\Program Files\Steam\SteamApps\common\Massive Chalice\MC.exe
FirewallRules: [{7E2E5569-8802-4DDB-B730-A11615F000D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{AE10A9AA-71E1-451A-9B13-ACC58BB33557}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{C43851B4-7FA4-4157-A349-4DA6542942AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{4AB5E18D-5CE8-47E2-8C4D-5BB3C2370929}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{8AE85B7F-D30D-4057-9988-3808DA5B8D7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{F3CF3261-3E12-4645-9CBE-1AE14E5BB5C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{5A2EC408-8A0C-471A-80D4-59F15CA6317D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{5476676F-DD45-4783-91D1-32314DACF5A7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{3005C0EB-0BB9-4220-B542-4A1572CC3849}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{A70E6740-249A-4B37-BF18-5AF236946495}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{B6890E2A-202E-4DCB-9573-F248BD9BBF2C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{F01AF7CE-8E10-40B1-A5FB-7DDD36216552}] => (Allow) D:\Program Files\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{DF47AFC5-BD3E-45F5-9D84-5E01AB43B55F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{F7701F8D-B90A-4AED-B078-D9AC89A85B21}] => (Allow) D:\Program Files\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{2C1DF266-254C-4BAD-A145-7C197B9E28C6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{B74D82AE-0A42-4FF0-8E2F-62F09A3D9E2F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{A8658D6B-9D8E-4517-ABA9-A40FBE5F39A8}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{D1CA11BE-870A-4A26-8D8A-9A3B1CE41BBF}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{C1E7CC6A-C030-44EB-A011-C5D431F1FC2C}] => (Allow) D:\Program Files\Steam\SteamApps\common\BattleWorldsKronos\Battleworlds Builder\BattleworldsBuilder.exe
FirewallRules: [{6E83CF89-112B-4731-A27E-EE4EB2112068}] => (Allow) D:\Program Files\Steam\SteamApps\common\BattleWorldsKronos\Battleworlds Builder\BattleworldsBuilder.exe
FirewallRules: [{4DDF7D2D-3A04-4F88-947F-51667B82C5E1}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{08321D96-E765-42CA-B5E1-AB733C977576}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{6A6674D6-F0EC-4EBB-B7E4-38AC0ACFFD9A}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{78CE12D6-078F-43DF-B647-D01EE6605945}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{D355552C-5BC5-48A1-BF37-CE04A9352551}] => (Allow) D:\Program Files\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{DCDDBE16-11F3-482F-A14A-5AD63BD3FE94}] => (Allow) D:\Program Files\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{062E7B51-EA45-483F-A4A6-AC51AC4F04FB}] => (Allow) D:\Program Files\Steam\SteamApps\common\StarCrawlers\StarCrawlers.exe
FirewallRules: [{2C5383F9-73BB-4C80-9D3E-C1A6AA882B17}] => (Allow) D:\Program Files\Steam\SteamApps\common\StarCrawlers\StarCrawlers.exe
FirewallRules: [{BA2D6204-25FD-4470-9ADF-5C7ECFFDC459}] => (Allow) D:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{407D3310-64C0-404A-A974-2ADDCC2F9F1B}] => (Allow) D:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [TCP Query User{FBC9F27A-8AA6-4E08-93A8-68BDFB6F24FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DFAA0A15-DD43-4CA9-A847-884F7D63CD97}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6CAF526F-7C58-4250-933A-5DCDBD2D9180}] => (Allow) D:\Program Files\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{115D9763-FB2F-4E85-84E6-FEC0756F3FEC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{387DA867-6F2B-4E02-B17B-146D10B9CFBC}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{48E4BC80-18D2-4E99-A415-1846C6669DB5}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{2344EE3B-8656-4EAF-A13B-3CC26D4178D6}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{5BD6AA2C-0C2B-4B44-9110-8DCA948C5777}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{60FA15AD-33D2-41B3-9CB1-B6941B162CE7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magicka 2 Sneak Peek\engine\Magicka2.exe
FirewallRules: [{0990C566-D5A7-4239-9845-9531E97BB942}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magicka 2 Sneak Peek\engine\Magicka2.exe
FirewallRules: [{6C223F62-39E4-4D8E-8F27-B0867A3ACE5B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{886FAD59-7A10-463F-A2B5-5366DFC0E17E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{439DF99C-5689-430F-926A-38CF870EA534}] => (Allow) D:\Program Files\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{E1A7C312-646D-42A8-952F-51891531E6BE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{39F58A31-65E4-475F-A04E-8963F2FFC522}] => (Allow) D:\Program Files\Steam\SteamApps\common\Outland\Outland.exe
FirewallRules: [{CAAFA632-64B2-48A6-9E57-1AB8631D280C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Outland\Outland.exe
FirewallRules: [{7B4021D1-0151-483B-B2B6-1A28ED0BC2DC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{08F0F24A-4555-4771-B853-76695B58B7E9}] => (Allow) D:\Program Files\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{53775119-2804-47AD-B43C-EB30253A7414}] => (Allow) D:\Program Files\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{22F65293-044B-4B93-8A5C-7103574C1966}] => (Allow) D:\Program Files\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B7FCACD0-C604-414A-84D8-65BC296AB32C}] => (Allow) D:\Program Files\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{361DDD61-9641-468B-89C7-D6D165BE4DFD}] => (Allow) D:\Program Files\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{8794B96E-99F5-471E-A993-A98F76FFC1E0}] => (Allow) D:\Program Files\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{CCF08EF0-737E-4370-9FEC-F312ABB5106E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{83D75DDB-F210-4FAF-871D-001C56E178BB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{9018C160-C4FA-4172-AD53-2194068809D1}] => (Allow) D:\Program Files\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{400E8CA4-94EC-44D6-8146-7CB3409ACCC5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{F28A7EB8-5C6C-444A-B769-9FD39763C8F0}] => (Allow) D:\Program Files\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{74336F9F-5D4E-4D3F-8C5F-14FEF44FDF78}] => (Allow) D:\Program Files\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{E8DED508-36D6-4D37-B4F8-C6AB8A2691DD}] => (Allow) D:\Program Files\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{D53DE7B9-AE7B-4117-96AB-18233F1B4323}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow - Mirror of Fate HD\CMOF.exe
FirewallRules: [{63F10F44-5761-4CCE-A251-F1FD965A671A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow - Mirror of Fate HD\CMOF.exe
FirewallRules: [{07EC44E5-8AE9-4B70-B3A0-AD00037EF19B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Saints Row Gat out of Hell\SaintsRowGatOutOfHell.exe
FirewallRules: [{0987B328-25F9-4E93-A7C8-7A60297DEE1A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Saints Row Gat out of Hell\SaintsRowGatOutOfHell.exe
FirewallRules: [{E0451930-A36C-4802-A70D-4E4F8FB14061}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CFC50EA0-D18A-4DF5-8000-6C1E772090A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D1F3FFFC-3238-4E3C-B80F-CB055E8D84A7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{ED4A6305-4498-486B-B244-9F413577BCF8}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{A1D39482-999F-4488-82EA-759F0D07B750}] => (Allow) D:\Program Files\Steam\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{AE680E31-1EAF-42C3-A642-83F5CAA219E5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{D9349B5D-C21D-4835-9247-9B84DBDD2B15}] => (Allow) D:\Program Files\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{A7D747CD-F8C6-47C1-9F41-D0060750D763}] => (Allow) D:\Program Files\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{3524F848-113A-468E-B472-59C73A8CD75D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{A2B1B3C7-D7D9-4AE0-A242-B24453E6245C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{8EDA7CFB-AC61-4E40-97F8-FBB60A138F27}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{68189B20-04AD-47B7-9156-A4C7AD37EFEC}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{78F1F98B-9040-43D6-82D7-8E8D6169B377}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{354B6710-9607-4046-83BC-E706624C5B07}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{3B9C55AB-9608-4E7A-8F29-BB28F72DDAB8}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{5CB95ABC-DB30-41FA-8BDF-BB792E672701}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{5984F958-B578-42E6-BA84-BC6C85C04F6A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7FD3BC08-CC3C-43DD-B104-4F38EB14EA5E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0AD851BB-AFA8-4FF2-84C1-DF56627CABC4}] => (Allow) D:\Program Files\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{F653D05A-D164-415A-BC8E-7E66C06D3A31}] => (Allow) D:\Program Files\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{C8BDFB98-AC68-47D6-BD2F-D7165F9333A2}] => (Allow) D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{E964974C-5411-48BD-8520-6624A3C2FF7C}] => (Allow) D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{8311A531-A56F-418B-ACC4-E80348193575}] => (Allow) D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{DD4C0C21-E6A6-4F8D-811F-FC8E5EE148DF}] => (Allow) D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{EBAE42E0-FBF1-4C48-9199-6B7EC4DD1A55}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{E1361908-D55B-424E-B932-336353394D79}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{39906BB8-A86B-4E27-940B-DAFE9BD32F2F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{4A538A70-E378-4EF4-A08A-70887128A21A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{30C66EAB-EEA3-4F00-B240-6848848D9B8F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{4256FF9F-D8B1-47A7-B090-89E5FCFF4AD5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{A7996F6B-D0DB-4ED5-97F2-24F95CB6FECC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{4E525DE8-7E12-48DF-AA05-ECE5AD64BF3F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{F1553B15-E8BF-4298-8B8B-EC8707031C9F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Crawl\Crawl.exe
FirewallRules: [{0C92F38F-03B8-49DB-80AE-76383D344D96}] => (Allow) D:\Program Files\Steam\SteamApps\common\Crawl\Crawl.exe
FirewallRules: [{1801CA36-2F1D-42A8-B019-44A80B82F6C8}] => (Allow) D:\Program Files\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{F10A6782-EBD8-4377-9E5D-21A4CB931B01}] => (Allow) D:\Program Files\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{6DBB2DEA-EA7D-4DEB-A8E6-0E74186B97FD}] => (Allow) D:\Program Files\Steam\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{8B305339-DCE5-425E-BC29-1A0B5A4BDCA2}] => (Allow) D:\Program Files\Steam\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{106FB401-0968-4E4E-A74B-45356EE376CA}] => (Allow) D:\Program Files\Steam\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{6BCC81FA-750B-4C77-BA67-BF928A7E318B}] => (Allow) D:\Program Files\Steam\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{42868D0B-4A6F-4528-8344-25AF5E66832E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{7AD1F1A4-A9B7-4DF9-B916-C48FEBF561C6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{E163CBB7-1672-4F5F-8B3F-F97245B2A8D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B4F0718F-0F61-4485-A2E2-D40AE56C254D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FF950A6F-DDA6-42E0-AB56-5AB4FD4A587F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4E22C913-36BF-4CEE-A573-D82C97194394}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{523F7204-53CE-4439-B9C2-7AB774541DEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BD3DB9EC-5A6C-4AD7-BD33-98654F8E22B0}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex\System\Revision.exe
FirewallRules: [{D54618DF-D5A0-49B0-B50B-3067BEEC3D8D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex\System\Revision.exe
FirewallRules: [{A186EE9E-B127-4FB7-91F1-A44884C2F045}] => (Allow) D:\Program Files\Steam\SteamApps\common\Broforce\Broforce_beta.exe
FirewallRules: [{FADD1C36-A3B5-40CA-AD99-FB4B79ED8710}] => (Allow) D:\Program Files\Steam\SteamApps\common\Broforce\Broforce_beta.exe
FirewallRules: [{52B936A0-C88C-4226-881D-F9E4E4EEF940}] => (Allow) D:\Program Files\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{8263295D-36E5-4AF2-A933-038EF7A49E9D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B87B1DA4-2D01-4A6B-BCB8-80E1E9D4AA03}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{F494E864-1B65-40FD-BC31-EAA4EB2D0370}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{DC6F41FB-669F-46D9-BA5A-C13816ABB289}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{DB8397C6-54E0-4131-B8FF-3E48432C28EE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{620827C1-9764-44AC-89F8-0F851B71ADD7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Skyshine\win32\Skyshines BEDLAM.exe
FirewallRules: [{291416E6-0B23-48C4-A980-F824C14137E7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Skyshine\win32\Skyshines BEDLAM.exe
FirewallRules: [{73C54003-0B92-4A5A-92EA-8E8DEBFD820B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4B089A4-3652-49AB-937A-D942871D0D00}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8012314E-4F94-4A1C-8F50-2DA5B8045070}] => (Allow) D:\Program Files\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{47D28776-DE8D-43BC-88E5-640A23B5A4FD}] => (Allow) D:\Program Files\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{83EDCC21-6570-4496-8FD0-E40C2016F239}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{AF9607B4-038B-4F8D-8B83-69EA7CCD5599}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{26BAE4C6-4FAD-40F0-A490-786F02E4BA31}] => (Allow) D:\Program Files\Steam\SteamApps\common\ShooterUltimate\ShooterUltimate.exe
FirewallRules: [{1A7A0822-69CC-48D4-8792-533A66C060BD}] => (Allow) D:\Program Files\Steam\SteamApps\common\ShooterUltimate\ShooterUltimate.exe
FirewallRules: [{64F14642-E220-4715-8BBD-E636B5947364}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{AF0660E1-97B8-472B-809D-E91659D0BDC3}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{43C440E3-BDC9-4C6D-B6A0-58BD76C355C8}] => (Allow) D:\Program Files\Steam\SteamApps\common\StarCrawlers\StarCrawlers_x86_64.exe
FirewallRules: [{85B831E4-2DFC-4373-A873-32CD2C659823}] => (Allow) D:\Program Files\Steam\SteamApps\common\StarCrawlers\StarCrawlers_x86_64.exe
FirewallRules: [{E0AF0248-AB0E-44BF-AEC8-FE87F313B38F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{809FE91F-2157-4B0B-8924-B200B92A6DDB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{AD50BBF5-BD78-44BA-A7F5-B1F1D993E53F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{95BD4387-FBAC-41C8-975C-CC3C68017F92}] => (Allow) D:\Program Files\Steam\SteamApps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{C999DC6A-13F6-4E84-9F94-CA9F0CC3F19E}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{4A85679E-51EA-4CE7-83F1-3A9D5BF0013C}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{2274D31E-A565-492F-B447-51F64D6F6882}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{14A6C098-C6BA-451E-940D-F94E18D00891}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{112235EB-72C0-422E-A7FB-EDC0656F1E76}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{C58AC9DA-7A21-4ED8-B0BD-94B9D021D432}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{05789D91-4C93-48F9-BE30-307CCDF25E5A}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{7B90EEC3-F1E1-4982-810D-579BFBE98C0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D07AEF7-156B-4E2E-BACF-A20B4DFF1203}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{27400842-05C2-4145-BE06-85A98291528B}] => (Allow) D:\Program Files\Steam\SteamApps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{6FAB26CE-C80A-4314-9973-CAB71F8B988B}] => (Allow) D:\Program Files\Steam\SteamApps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{5509ABA6-DF9D-4EAC-9AC8-B65FD1C85127}] => (Allow) D:\Program Files\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{A8D33DE2-4C5E-4E06-B228-E3F66466541F}] => (Allow) D:\Program Files\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{1172BAEE-4CC3-419B-9294-DE85ABBD5012}] => (Allow) D:\Program Files\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{EC5DDBB1-34E7-4E0F-A2A0-555D9AA2526E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{3409D4F8-677A-4F64-BE17-198015F18822}] => (Allow) D:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B0E8AE08-3C6C-4889-B9D9-07DABFBB4308}] => (Allow) D:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{73FA8B1A-4FBE-4039-AC56-5477E9D4042C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Jotun\Jotun.exe
FirewallRules: [{F1C6FE85-89CB-45BB-8A7D-E23A433D135B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Jotun\Jotun.exe
==================== Wiederherstellungspunkte =========================
18-12-2015 17:46:46 Windows Update
19-12-2015 00:21:23 Windows Update
22-12-2015 18:28:46 Windows Update
27-12-2015 23:17:30 Windows Update
31-12-2015 00:11:05 Entfernt Hi-Rez Studios Games
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/27/2015 11:15:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 5.9.9.F.6.6.A.4.E.C.D.1.3.6.4.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Philip-PC-2.local.
Error: (12/27/2015 11:15:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.5.110:5353 17 5.9.9.F.6.6.A.4.E.C.D.1.3.6.4.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Philip-PC.local.
Error: (12/27/2015 11:15:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 110.5.168.192.in-addr.arpa. PTR Philip-PC-2.local.
Error: (12/27/2015 11:15:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.5.110:5353 17 110.5.168.192.in-addr.arpa. PTR Philip-PC.local.
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Philip-PC.local already in use; will try Philip-PC-2.local instead
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Philip-PC.local. Addr 192.168.5.110
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.5.110:5353 16 Philip-PC.local. AAAA 2003:0045:4971:DCE3:7463:1DCE:4A66:F995
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Philip-PC.local. AAAA FE80:0000:0000:0000:7463:1DCE:4A66:F995
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.5.110:5353 16 Philip-PC.local. AAAA 2003:0045:4971:DCE3:7463:1DCE:4A66:F995
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Philip-PC.local. Addr 192.168.5.110
Systemfehler:
=============
Error: (12/22/2015 12:19:32 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (12/17/2015 06:18:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/17/2015 06:18:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/17/2015 12:38:55 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (12/13/2015 01:43:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (12/13/2015 01:05:02 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/13/2015 01:04:53 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/11/2015 07:16:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/11/2015 07:16:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/04/2015 06:32:32 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
CodeIntegrity:
===================================
Date: 2014-09-13 20:04:04.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 20:04:04.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 20:04:04.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 20:04:04.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 19:58:47.843
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 19:58:47.763
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:22:58.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:22:58.668
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:22:58.665
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:22:58.664
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3550 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8147.52 MB
Verfügbarer physikalischer RAM: 5476.78 MB
Summe virtueller Speicher: 16293.24 MB
Verfügbarer virtueller Speicher: 13249.43 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:7.33 GB) NTFS
Drive d: (Games) (Fixed) (Total:1863.01 GB) (Free:202.58 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 41AC5349)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 41AC5336)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
31.12.2015, 00:38
| #3 |
| | Pishing-Mail Paypal link angeklickt ohne Daten einzugebenCode:
ATTFilter 00:37:04.0958 0x2848 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
00:37:07.0610 0x2848 ============================================================
00:37:07.0610 0x2848 Current date / time: 2015/12/31 00:37:07.0610
00:37:07.0610 0x2848 SystemInfo:
00:37:07.0610 0x2848
00:37:07.0610 0x2848 OS Version: 6.1.7601 ServicePack: 1.0
00:37:07.0610 0x2848 Product type: Workstation
00:37:07.0610 0x2848 ComputerName: PHILIP-PC
00:37:07.0610 0x2848 UserName: Philip
00:37:07.0610 0x2848 Windows directory: C:\Windows
00:37:07.0610 0x2848 System windows directory: C:\Windows
00:37:07.0610 0x2848 Running under WOW64
00:37:07.0610 0x2848 Processor architecture: Intel x64
00:37:07.0610 0x2848 Number of processors: 4
00:37:07.0610 0x2848 Page size: 0x1000
00:37:07.0610 0x2848 Boot type: Normal boot
00:37:07.0610 0x2848 ============================================================
00:37:07.0704 0x2848 KLMD registered as C:\Windows\system32\drivers\58916673.sys
00:37:07.0829 0x2848 System UUID: {0CE6832F-A0CE-4716-CB23-C6CD1E6BFAD0}
00:37:08.0109 0x2848 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:37:08.0109 0x2848 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:37:08.0109 0x2848 ============================================================
00:37:08.0109 0x2848 \Device\Harddisk0\DR0:
00:37:08.0109 0x2848 MBR partitions:
00:37:08.0109 0x2848 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:37:08.0109 0x2848 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
00:37:08.0125 0x2848 \Device\Harddisk1\DR1:
00:37:08.0328 0x2848 MBR partitions:
00:37:08.0328 0x2848 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
00:37:08.0328 0x2848 ============================================================
00:37:08.0343 0x2848 C: <-> \Device\Harddisk0\DR0\Partition2
00:37:08.0359 0x2848 D: <-> \Device\Harddisk1\DR1\Partition1
00:37:08.0359 0x2848 ============================================================
00:37:08.0359 0x2848 Initialize success
00:37:08.0359 0x2848 ============================================================
00:37:14.0053 0x322c ============================================================
00:37:14.0053 0x322c Scan started
00:37:14.0053 0x322c Mode: Manual; SigCheck; TDLFS;
00:37:14.0053 0x322c ============================================================
00:37:14.0053 0x322c KSN ping started
00:37:16.0799 0x322c KSN ping finished: true
00:37:17.0157 0x322c ================ Scan system memory ========================
00:37:17.0157 0x322c System memory - ok
00:37:17.0157 0x322c ================ Scan services =============================
00:37:17.0189 0x322c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:37:17.0220 0x322c 1394ohci - ok
00:37:17.0220 0x322c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:37:17.0235 0x322c ACPI - ok
00:37:17.0235 0x322c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:37:17.0251 0x322c AcpiPmi - ok
00:37:17.0251 0x322c [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:37:17.0267 0x322c AdobeARMservice - ok
00:37:17.0267 0x322c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:37:17.0282 0x322c adp94xx - ok
00:37:17.0282 0x322c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:37:17.0298 0x322c adpahci - ok
00:37:17.0298 0x322c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:37:17.0313 0x322c adpu320 - ok
00:37:17.0313 0x322c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:37:17.0329 0x322c AeLookupSvc - ok
00:37:17.0329 0x322c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
00:37:17.0345 0x322c AFD - ok
00:37:17.0345 0x322c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
00:37:17.0360 0x322c agp440 - ok
00:37:17.0360 0x322c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:37:17.0360 0x322c ALG - ok
00:37:17.0360 0x322c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
00:37:17.0376 0x322c aliide - ok
00:37:17.0391 0x322c ALSysIO - ok
00:37:17.0391 0x322c [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:37:17.0407 0x322c AMD External Events Utility - ok
00:37:17.0407 0x322c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
00:37:17.0423 0x322c amdide - ok
00:37:17.0423 0x322c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:37:17.0438 0x322c AmdK8 - ok
00:37:17.0657 0x322c [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:37:17.0859 0x322c amdkmdag - ok
00:37:17.0891 0x322c [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
00:37:17.0906 0x322c amdkmdap - ok
00:37:17.0906 0x322c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:37:17.0922 0x322c AmdPPM - ok
00:37:17.0922 0x322c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:37:17.0937 0x322c amdsata - ok
00:37:17.0937 0x322c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:37:17.0937 0x322c amdsbs - ok
00:37:17.0953 0x322c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:37:17.0953 0x322c amdxata - ok
00:37:17.0953 0x322c [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
00:37:17.0969 0x322c AppID - ok
00:37:17.0969 0x322c [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:37:17.0969 0x322c AppIDSvc - ok
00:37:17.0969 0x322c [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
00:37:17.0984 0x322c Appinfo - ok
00:37:17.0984 0x322c [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:37:18.0000 0x322c Apple Mobile Device Service - ok
00:37:18.0000 0x322c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:37:18.0000 0x322c arc - ok
00:37:18.0000 0x322c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:37:18.0015 0x322c arcsas - ok
00:37:18.0047 0x322c ArcService - ok
00:37:18.0062 0x322c [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
00:37:18.0093 0x322c asComSvc - ok
00:37:18.0109 0x322c [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
00:37:18.0125 0x322c asHmComSvc - ok
00:37:18.0140 0x322c [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
00:37:18.0140 0x322c AsIO - ok
00:37:18.0156 0x322c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:37:18.0171 0x322c aspnet_state - ok
00:37:18.0171 0x322c [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
00:37:18.0171 0x322c AsSysCtrlService - ok
00:37:18.0187 0x322c [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys
00:37:18.0187 0x322c ASUSFILTER - ok
00:37:18.0187 0x322c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:37:18.0203 0x322c AsyncMac - ok
00:37:18.0203 0x322c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
00:37:18.0218 0x322c atapi - ok
00:37:18.0249 0x322c [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur C:\Windows\system32\DRIVERS\athurx.sys
00:37:18.0281 0x322c athur - ok
00:37:18.0281 0x322c [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
00:37:18.0296 0x322c AtiHDAudioService - ok
00:37:18.0296 0x322c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:37:18.0312 0x322c AudioEndpointBuilder - ok
00:37:18.0327 0x322c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:37:18.0343 0x322c AudioSrv - ok
00:37:18.0359 0x322c [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
00:37:18.0359 0x322c AVP16.0.0 - ok
00:37:18.0374 0x322c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:37:18.0374 0x322c AxInstSV - ok
00:37:18.0390 0x322c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:37:18.0405 0x322c b06bdrv - ok
00:37:18.0405 0x322c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:37:18.0421 0x322c b57nd60a - ok
00:37:18.0421 0x322c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:37:18.0437 0x322c BDESVC - ok
00:37:18.0437 0x322c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:37:18.0452 0x322c Beep - ok
00:37:18.0468 0x322c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
00:37:18.0483 0x322c BFE - ok
00:37:18.0499 0x322c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
00:37:18.0530 0x322c BITS - ok
00:37:18.0530 0x322c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:37:18.0546 0x322c blbdrive - ok
00:37:18.0546 0x322c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:37:18.0561 0x322c Bonjour Service - ok
00:37:18.0561 0x322c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:37:18.0577 0x322c bowser - ok
00:37:18.0577 0x322c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:37:18.0577 0x322c BrFiltLo - ok
00:37:18.0577 0x322c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:37:18.0593 0x322c BrFiltUp - ok
00:37:18.0593 0x322c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
00:37:18.0608 0x322c Browser - ok
00:37:18.0608 0x322c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:37:18.0624 0x322c Brserid - ok
00:37:18.0624 0x322c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:37:18.0624 0x322c BrSerWdm - ok
00:37:18.0639 0x322c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:37:18.0639 0x322c BrUsbMdm - ok
00:37:18.0639 0x322c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:37:18.0655 0x322c BrUsbSer - ok
00:37:18.0655 0x322c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:37:18.0655 0x322c BTHMODEM - ok
00:37:18.0671 0x322c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:37:18.0686 0x322c bthserv - ok
00:37:18.0686 0x322c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:37:18.0702 0x322c cdfs - ok
00:37:18.0717 0x322c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:37:18.0717 0x322c cdrom - ok
00:37:18.0733 0x322c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
00:37:18.0749 0x322c CertPropSvc - ok
00:37:18.0749 0x322c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:37:18.0749 0x322c circlass - ok
00:37:18.0764 0x322c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
00:37:18.0780 0x322c CLFS - ok
00:37:18.0827 0x322c [ 7A36AD856A17AFB1EBAAD3C5BF1362A1, 9779501A2B733B6F2855E421115C0123AC3A67715E7E7C85ACED58939DC0883D ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
00:37:18.0873 0x322c ClickToRunSvc - ok
00:37:18.0873 0x322c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:37:18.0889 0x322c clr_optimization_v2.0.50727_32 - ok
00:37:18.0889 0x322c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:37:18.0905 0x322c clr_optimization_v2.0.50727_64 - ok
00:37:18.0905 0x322c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:37:18.0920 0x322c clr_optimization_v4.0.30319_32 - ok
00:37:18.0936 0x322c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:37:18.0936 0x322c clr_optimization_v4.0.30319_64 - ok
00:37:18.0951 0x322c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:37:18.0951 0x322c CmBatt - ok
00:37:18.0951 0x322c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:37:18.0967 0x322c cmdide - ok
00:37:18.0967 0x322c [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
00:37:18.0983 0x322c cm_km - ok
00:37:18.0998 0x322c [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
00:37:19.0014 0x322c CNG - ok
00:37:19.0014 0x322c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:37:19.0014 0x322c Compbatt - ok
00:37:19.0014 0x322c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:37:19.0029 0x322c CompositeBus - ok
00:37:19.0029 0x322c COMSysApp - ok
00:37:19.0029 0x322c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:37:19.0029 0x322c crcdisk - ok
00:37:19.0045 0x322c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:37:19.0045 0x322c CryptSvc - ok
00:37:19.0061 0x322c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:37:19.0092 0x322c DcomLaunch - ok
00:37:19.0092 0x322c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:37:19.0107 0x322c defragsvc - ok
00:37:19.0123 0x322c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:37:19.0139 0x322c DfsC - ok
00:37:19.0139 0x322c [ 0B3F6C8F93C5C25977EA5A8B2E656357, 1B1C8DA8592D2B892382E062017E60BF02B1B6642822039F21446DF01FAFDEE1 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
00:37:19.0154 0x322c dg_ssudbus - ok
00:37:19.0154 0x322c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:37:19.0170 0x322c Dhcp - ok
00:37:19.0185 0x322c [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
00:37:19.0217 0x322c DiagTrack - ok
00:37:19.0217 0x322c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:37:19.0232 0x322c discache - ok
00:37:19.0248 0x322c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:37:19.0248 0x322c Disk - ok
00:37:19.0248 0x322c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:37:19.0263 0x322c Dnscache - ok
00:37:19.0263 0x322c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
00:37:19.0295 0x322c dot3svc - ok
00:37:19.0295 0x322c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
00:37:19.0310 0x322c DPS - ok
00:37:19.0310 0x322c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:37:19.0326 0x322c drmkaud - ok
00:37:19.0341 0x322c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:37:19.0357 0x322c DXGKrnl - ok
00:37:19.0357 0x322c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:37:19.0388 0x322c EapHost - ok
00:37:19.0388 0x322c EasyAntiCheat - ok
00:37:19.0435 0x322c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:37:19.0482 0x322c ebdrv - ok
00:37:19.0482 0x322c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
00:37:19.0497 0x322c EFS - ok
00:37:19.0513 0x322c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:37:19.0529 0x322c ehRecvr - ok
00:37:19.0529 0x322c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:37:19.0529 0x322c ehSched - ok
00:37:19.0544 0x322c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:37:19.0560 0x322c elxstor - ok
00:37:19.0560 0x322c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:37:19.0575 0x322c ErrDev - ok
00:37:19.0575 0x322c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:37:19.0607 0x322c EventSystem - ok
00:37:19.0607 0x322c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:37:19.0622 0x322c exfat - ok
00:37:19.0638 0x322c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:37:19.0653 0x322c fastfat - ok
00:37:19.0669 0x322c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
00:37:19.0685 0x322c Fax - ok
00:37:19.0685 0x322c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:37:19.0685 0x322c fdc - ok
00:37:19.0700 0x322c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:37:19.0716 0x322c fdPHost - ok
00:37:19.0716 0x322c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:37:19.0731 0x322c FDResPub - ok
00:37:19.0731 0x322c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:37:19.0747 0x322c FileInfo - ok
00:37:19.0747 0x322c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:37:19.0763 0x322c Filetrace - ok
00:37:19.0763 0x322c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:37:19.0778 0x322c flpydisk - ok
00:37:19.0778 0x322c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:37:19.0794 0x322c FltMgr - ok
00:37:19.0809 0x322c [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
00:37:19.0841 0x322c FontCache - ok
00:37:19.0841 0x322c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:37:19.0841 0x322c FontCache3.0.0.0 - ok
00:37:19.0841 0x322c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:37:19.0856 0x322c FsDepends - ok
00:37:19.0856 0x322c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:37:19.0856 0x322c Fs_Rec - ok
00:37:19.0872 0x322c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:37:19.0872 0x322c fvevol - ok
00:37:19.0887 0x322c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:37:19.0887 0x322c gagp30kx - ok
00:37:19.0965 0x322c [ 6D18B1088696CF96CBEBD31B8A519BD4, 4B47EECD18C12749FBEFA9C20B466F1A501F238166BBAE5B1793C918305A3348 ] GalaxyClientService D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
00:37:19.0997 0x322c GalaxyClientService - ok
00:37:20.0106 0x322c [ 8EFA8CD6CE8E38E6F112076958D84602, F7D339598262BE5279588ABA8BCC5B3857DFABA9B8C23E6FD78766C07FF069EF ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
00:37:20.0199 0x322c GalaxyCommunication - ok
00:37:20.0215 0x322c [ 3EB903DA33CB9E11BDCD62F38430DB40, 14CA13E79FBB4EF8CCA530B7AD8F5B579C59F9589B86CABEFDA152359E3D52B6 ] GamingApp_Service C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
00:37:20.0215 0x322c GamingApp_Service - ok
00:37:20.0231 0x322c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:37:20.0231 0x322c GEARAspiWDM - ok
00:37:20.0246 0x322c [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
00:37:20.0262 0x322c GfExperienceService - ok
00:37:20.0277 0x322c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
00:37:20.0309 0x322c gpsvc - ok
00:37:20.0324 0x322c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:37:20.0324 0x322c gupdate - ok
00:37:20.0324 0x322c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:37:20.0340 0x322c gupdatem - ok
00:37:20.0340 0x322c [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
00:37:20.0340 0x322c hamachi - ok
00:37:20.0340 0x322c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:37:20.0355 0x322c hcw85cir - ok
00:37:20.0355 0x322c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:37:20.0371 0x322c HdAudAddService - ok
00:37:20.0371 0x322c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:37:20.0387 0x322c HDAudBus - ok
00:37:20.0387 0x322c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:37:20.0402 0x322c HidBatt - ok
00:37:20.0402 0x322c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:37:20.0402 0x322c HidBth - ok
00:37:20.0418 0x322c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:37:20.0418 0x322c HidIr - ok
00:37:20.0418 0x322c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
00:37:20.0449 0x322c hidserv - ok
00:37:20.0449 0x322c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:37:20.0449 0x322c HidUsb - ok
00:37:20.0449 0x322c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:37:20.0480 0x322c hkmsvc - ok
00:37:20.0480 0x322c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:37:20.0496 0x322c HomeGroupListener - ok
00:37:20.0496 0x322c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:37:20.0511 0x322c HomeGroupProvider - ok
00:37:20.0511 0x322c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:37:20.0511 0x322c HpSAMD - ok
00:37:20.0527 0x322c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:37:20.0543 0x322c HTTP - ok
00:37:20.0543 0x322c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:37:20.0558 0x322c hwpolicy - ok
00:37:20.0558 0x322c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:37:20.0558 0x322c i8042prt - ok
00:37:20.0574 0x322c [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:37:20.0589 0x322c iaStor - ok
00:37:20.0589 0x322c [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
00:37:20.0589 0x322c IAStorDataMgrSvc - ok
00:37:20.0605 0x322c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:37:20.0621 0x322c iaStorV - ok
00:37:20.0621 0x322c [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
00:37:20.0621 0x322c ICCS - ok
00:37:20.0636 0x322c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:37:20.0667 0x322c idsvc - ok
00:37:20.0730 0x322c IEEtwCollectorService - ok
00:37:20.0730 0x322c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:37:20.0745 0x322c iirsp - ok
00:37:20.0761 0x322c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
00:37:20.0792 0x322c IKEEXT - ok
00:37:20.0792 0x322c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
00:37:20.0792 0x322c intelide - ok
00:37:20.0808 0x322c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:37:20.0808 0x322c intelppm - ok
00:37:20.0808 0x322c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:37:20.0839 0x322c IPBusEnum - ok
00:37:20.0839 0x322c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:37:20.0855 0x322c IpFilterDriver - ok
00:37:20.0870 0x322c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:37:20.0886 0x322c iphlpsvc - ok
00:37:20.0886 0x322c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:37:20.0901 0x322c IPMIDRV - ok
00:37:20.0901 0x322c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:37:20.0917 0x322c IPNAT - ok
00:37:20.0933 0x322c [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:37:20.0948 0x322c iPod Service - ok
00:37:20.0948 0x322c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:37:20.0964 0x322c IRENUM - ok
00:37:20.0964 0x322c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:37:20.0964 0x322c isapnp - ok
00:37:20.0979 0x322c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:37:20.0979 0x322c iScsiPrt - ok
00:37:20.0979 0x322c [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
00:37:20.0995 0x322c iusb3hcs - ok
00:37:20.0995 0x322c [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
00:37:21.0011 0x322c iusb3hub - ok
00:37:21.0026 0x322c [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
00:37:21.0042 0x322c iusb3xhc - ok
00:37:21.0042 0x322c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:37:21.0042 0x322c kbdclass - ok
00:37:21.0042 0x322c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:37:21.0057 0x322c kbdhid - ok
00:37:21.0057 0x322c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
00:37:21.0057 0x322c KeyIso - ok
00:37:21.0073 0x322c [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
00:37:21.0089 0x322c kl1 - ok
00:37:21.0089 0x322c [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
00:37:21.0089 0x322c klbackupdisk - ok
00:37:21.0104 0x322c [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
00:37:21.0104 0x322c klbackupflt - ok
00:37:21.0104 0x322c [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
00:37:21.0120 0x322c kldisk - ok
00:37:21.0120 0x322c [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
00:37:21.0135 0x322c klflt - ok
00:37:21.0135 0x322c [ C62B714428FD30DD7B3115566C3F470B, 991CA0FCA02D744BAB29FF3F0029BC99EF85C7D8B8024EF5EF51589639191B05 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
00:37:21.0135 0x322c klhk - ok
00:37:21.0167 0x322c [ DFF69C0DB50E1211E82541835448A1CE, 9EE94CCE492262F79B5AF8D9BF9B3F1AA62645465F537EE734F66832BDB67166 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
00:37:21.0182 0x322c KLIF - ok
00:37:21.0182 0x322c [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
00:37:21.0182 0x322c KLIM6 - ok
00:37:21.0198 0x322c [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
00:37:21.0198 0x322c klkbdflt - ok
00:37:21.0198 0x322c klkbdflt2 - ok
00:37:21.0198 0x322c [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
00:37:21.0213 0x322c klmouflt - ok
00:37:21.0213 0x322c [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
00:37:21.0213 0x322c klpd - ok
00:37:21.0213 0x322c [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
00:37:21.0229 0x322c kltdi - ok
00:37:21.0229 0x322c [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
00:37:21.0245 0x322c Klwtp - ok
00:37:21.0245 0x322c [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
00:37:21.0245 0x322c kneps - ok
00:37:21.0260 0x322c [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:37:21.0260 0x322c KSecDD - ok
00:37:21.0260 0x322c [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:37:21.0276 0x322c KSecPkg - ok
00:37:21.0276 0x322c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:37:21.0291 0x322c ksthunk - ok
00:37:21.0307 0x322c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
00:37:21.0323 0x322c KtmRm - ok
00:37:21.0323 0x322c [ BD56BAE4403497E31727096CEBC42956, 516AC82FA7DDC4D97E26D33C0C2D085EB0D268E0580B87628FCE07F10625AA30 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
00:37:21.0338 0x322c L1C - ok
00:37:21.0338 0x322c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:37:21.0369 0x322c LanmanServer - ok
00:37:21.0369 0x322c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:37:21.0385 0x322c LanmanWorkstation - ok
00:37:21.0385 0x322c [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
00:37:21.0401 0x322c LGBusEnum - ok
00:37:21.0401 0x322c [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
00:37:21.0401 0x322c LGSHidFilt - ok
00:37:21.0401 0x322c [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
00:37:21.0416 0x322c LGVirHid - ok
00:37:21.0416 0x322c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:37:21.0432 0x322c lltdio - ok
00:37:21.0432 0x322c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:37:21.0463 0x322c lltdsvc - ok
00:37:21.0463 0x322c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:37:21.0479 0x322c lmhosts - ok
00:37:21.0494 0x322c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:37:21.0494 0x322c LSI_FC - ok
00:37:21.0494 0x322c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:37:21.0510 0x322c LSI_SAS - ok
00:37:21.0510 0x322c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:37:21.0510 0x322c LSI_SAS2 - ok
00:37:21.0510 0x322c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:37:21.0525 0x322c LSI_SCSI - ok
00:37:21.0525 0x322c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
00:37:21.0541 0x322c luafv - ok
00:37:21.0557 0x322c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:37:21.0557 0x322c Mcx2Svc - ok
00:37:21.0557 0x322c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:37:21.0572 0x322c megasas - ok
00:37:21.0572 0x322c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:37:21.0588 0x322c MegaSR - ok
00:37:21.0588 0x322c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:37:21.0588 0x322c MEIx64 - ok
00:37:21.0588 0x322c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
00:37:21.0619 0x322c MMCSS - ok
00:37:21.0619 0x322c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
00:37:21.0635 0x322c Modem - ok
00:37:21.0635 0x322c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:37:21.0650 0x322c monitor - ok
00:37:21.0650 0x322c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:37:21.0650 0x322c mouclass - ok
00:37:21.0650 0x322c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:37:21.0666 0x322c mouhid - ok
00:37:21.0666 0x322c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:37:21.0666 0x322c mountmgr - ok
00:37:21.0681 0x322c [ 9763F3C17AC8C095C4419482BD1484BA, 5E329D63ADF7ADAF615DF45F7A0C1E9528B1A5CEE50B6340CEE8584EFE285FB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:37:21.0681 0x322c MozillaMaintenance - ok
00:37:21.0681 0x322c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
00:37:21.0697 0x322c mpio - ok
00:37:21.0697 0x322c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:37:21.0713 0x322c mpsdrv - ok
00:37:21.0728 0x322c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:37:21.0759 0x322c MpsSvc - ok
00:37:21.0775 0x322c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:37:21.0775 0x322c MRxDAV - ok
00:37:21.0775 0x322c [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:37:21.0791 0x322c mrxsmb - ok
00:37:21.0806 0x322c [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:37:21.0806 0x322c mrxsmb10 - ok
00:37:21.0822 0x322c [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:37:21.0822 0x322c mrxsmb20 - ok
00:37:21.0822 0x322c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
00:37:21.0837 0x322c msahci - ok
00:37:21.0837 0x322c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:37:21.0837 0x322c msdsm - ok
00:37:21.0853 0x322c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
00:37:21.0853 0x322c MSDTC - ok
00:37:21.0869 0x322c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:37:21.0884 0x322c Msfs - ok
00:37:21.0884 0x322c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:37:21.0900 0x322c mshidkmdf - ok
00:37:21.0900 0x322c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:37:21.0915 0x322c msisadrv - ok
00:37:21.0915 0x322c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:37:21.0931 0x322c MSiSCSI - ok
00:37:21.0931 0x322c msiserver - ok
00:37:21.0931 0x322c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:37:21.0962 0x322c MSKSSRV - ok
00:37:21.0962 0x322c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:37:21.0978 0x322c MSPCLOCK - ok
00:37:21.0978 0x322c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:37:21.0993 0x322c MSPQM - ok
00:37:22.0009 0x322c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:37:22.0009 0x322c MsRPC - ok
00:37:22.0025 0x322c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:37:22.0025 0x322c mssmbios - ok
00:37:22.0025 0x322c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:37:22.0040 0x322c MSTEE - ok
00:37:22.0040 0x322c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:37:22.0056 0x322c MTConfig - ok
00:37:22.0056 0x322c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
00:37:22.0056 0x322c Mup - ok
00:37:22.0071 0x322c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
00:37:22.0103 0x322c napagent - ok
00:37:22.0103 0x322c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:37:22.0118 0x322c NativeWifiP - ok
00:37:22.0134 0x322c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:37:22.0149 0x322c NDIS - ok
00:37:22.0149 0x322c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:37:22.0181 0x322c NdisCap - ok
00:37:22.0181 0x322c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:37:22.0196 0x322c NdisTapi - ok
00:37:22.0196 0x322c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:37:22.0212 0x322c Ndisuio - ok
00:37:22.0227 0x322c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:37:22.0243 0x322c NdisWan - ok
00:37:22.0243 0x322c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:37:22.0259 0x322c NDProxy - ok
00:37:22.0274 0x322c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:37:22.0290 0x322c NetBIOS - ok
00:37:22.0290 0x322c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:37:22.0305 0x322c NetBT - ok
00:37:22.0321 0x322c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
00:37:22.0321 0x322c Netlogon - ok
00:37:22.0337 0x322c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
00:37:22.0352 0x322c Netman - ok
00:37:22.0352 0x322c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:37:22.0368 0x322c NetMsmqActivator - ok
00:37:22.0368 0x322c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:37:22.0383 0x322c NetPipeActivator - ok
00:37:22.0383 0x322c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
00:37:22.0415 0x322c netprofm - ok
00:37:22.0430 0x322c [ 4AE3BC27A3BA9F99AA1259E995DCE08E, D999C886878B14B569B10D342DC96F3EA34AAD7B7A299840FEF5702547689F20 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
00:37:22.0446 0x322c netr28ux - ok
00:37:22.0461 0x322c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:37:22.0461 0x322c NetTcpActivator - ok
00:37:22.0461 0x322c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:37:22.0477 0x322c NetTcpPortSharing - ok
00:37:22.0477 0x322c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:37:22.0477 0x322c nfrd960 - ok
00:37:22.0493 0x322c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
00:37:22.0508 0x322c NlaSvc - ok
00:37:22.0508 0x322c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:37:22.0524 0x322c Npfs - ok
00:37:22.0524 0x322c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
00:37:22.0539 0x322c nsi - ok
00:37:22.0539 0x322c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:37:22.0571 0x322c nsiproxy - ok
00:37:22.0586 0x322c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:37:22.0617 0x322c Ntfs - ok
00:37:22.0617 0x322c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
00:37:22.0649 0x322c Null - ok
00:37:22.0649 0x322c [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
00:37:22.0664 0x322c NVHDA - ok
00:37:22.0805 0x322c [ 36BAB895547EA82892292F05FA02142E, 224D165CE3ECB0EF35C18D09507AB43ADC4A7AD12E507F31230012943C83BEDB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:37:22.0961 0x322c nvlddmkm - ok
00:37:23.0007 0x322c [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
00:37:23.0039 0x322c NvNetworkService - ok
00:37:23.0039 0x322c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:37:23.0039 0x322c nvraid - ok
00:37:23.0054 0x322c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:37:23.0054 0x322c nvstor - ok
00:37:23.0054 0x322c [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
00:37:23.0070 0x322c NvStreamKms - ok
00:37:23.0148 0x322c [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
00:37:23.0226 0x322c NvStreamSvc - ok
00:37:23.0241 0x322c [ 6B245B7F96F901891636814B5A7A9088, BC6DF13929AEBA2CF5DC8449FF9D5F73497DF8E9760AFA93B56543D86BE940C3 ] nvsvc C:\Windows\system32\nvvsvc.exe
00:37:23.0257 0x322c nvsvc - ok
00:37:23.0257 0x322c [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
00:37:23.0273 0x322c nvvad_WaveExtensible - ok
00:37:23.0273 0x322c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:37:23.0288 0x322c nv_agp - ok
00:37:23.0288 0x322c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:37:23.0304 0x322c odserv - ok
00:37:23.0304 0x322c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:37:23.0319 0x322c ohci1394 - ok
00:37:23.0444 0x322c [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
00:37:23.0475 0x322c Origin Client Service - ok
00:37:23.0475 0x322c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:37:23.0491 0x322c ose - ok
00:37:23.0553 0x322c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:37:23.0631 0x322c osppsvc - ok
00:37:23.0647 0x322c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:37:23.0663 0x322c p2pimsvc - ok
00:37:23.0663 0x322c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
00:37:23.0678 0x322c p2psvc - ok
00:37:23.0678 0x322c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:37:23.0694 0x322c Parport - ok
00:37:23.0694 0x322c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:37:23.0694 0x322c partmgr - ok
00:37:23.0709 0x322c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:37:23.0709 0x322c PcaSvc - ok
00:37:23.0725 0x322c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
00:37:23.0725 0x322c pci - ok
00:37:23.0725 0x322c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
00:37:23.0741 0x322c pciide - ok
00:37:23.0741 0x322c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:37:23.0756 0x322c pcmcia - ok
00:37:23.0756 0x322c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
00:37:23.0756 0x322c pcw - ok
00:37:23.0772 0x322c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:37:23.0787 0x322c PEAUTH - ok
00:37:23.0803 0x322c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:37:23.0803 0x322c PerfHost - ok
00:37:23.0834 0x322c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
00:37:23.0865 0x322c pla - ok
00:37:23.0881 0x322c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:37:23.0897 0x322c PlugPlay - ok
00:37:23.0897 0x322c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:37:23.0912 0x322c PNRPAutoReg - ok
00:37:23.0912 0x322c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:37:23.0928 0x322c PNRPsvc - ok
00:37:23.0928 0x322c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:37:23.0959 0x322c PolicyAgent - ok
00:37:23.0959 0x322c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
00:37:23.0990 0x322c Power - ok
00:37:23.0990 0x322c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:37:24.0006 0x322c PptpMiniport - ok
00:37:24.0006 0x322c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:37:24.0021 0x322c Processor - ok
00:37:24.0021 0x322c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
00:37:24.0037 0x322c ProfSvc - ok
00:37:24.0037 0x322c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:37:24.0037 0x322c ProtectedStorage - ok
00:37:24.0053 0x322c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:37:24.0068 0x322c Psched - ok
00:37:24.0084 0x322c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:37:24.0115 0x322c ql2300 - ok
00:37:24.0115 0x322c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:37:24.0131 0x322c ql40xx - ok
00:37:24.0131 0x322c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
00:37:24.0146 0x322c QWAVE - ok
00:37:24.0146 0x322c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:37:24.0162 0x322c QWAVEdrv - ok
00:37:24.0162 0x322c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:37:24.0177 0x322c RasAcd - ok
00:37:24.0177 0x322c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:37:24.0193 0x322c RasAgileVpn - ok
00:37:24.0209 0x322c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
00:37:24.0224 0x322c RasAuto - ok
00:37:24.0224 0x322c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:37:24.0255 0x322c Rasl2tp - ok
00:37:24.0255 0x322c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
00:37:24.0271 0x322c RasMan - ok
00:37:24.0287 0x322c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:37:24.0302 0x322c RasPppoe - ok
00:37:24.0302 0x322c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:37:24.0318 0x322c RasSstp - ok
00:37:24.0333 0x322c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:37:24.0349 0x322c rdbss - ok
00:37:24.0349 0x322c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:37:24.0365 0x322c rdpbus - ok
00:37:24.0365 0x322c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:37:24.0380 0x322c RDPCDD - ok
00:37:24.0396 0x322c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:37:24.0411 0x322c RDPENCDD - ok
00:37:24.0411 0x322c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:37:24.0427 0x322c RDPREFMP - ok
00:37:24.0427 0x322c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:37:24.0443 0x322c RdpVideoMiniport - ok
00:37:24.0443 0x322c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:37:24.0458 0x322c RDPWD - ok
00:37:24.0458 0x322c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:37:24.0474 0x322c rdyboost - ok
00:37:24.0474 0x322c [ EA569D48B2E755AF6D96F03F3335D98A, EED2DCDF187A69F36A38129C8A1E0D6FE0EBF9232DEAF68A116E9A26E40AB636 ] Realtek11nSU C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
00:37:24.0474 0x322c Realtek11nSU - detected UnsignedFile.Multi.Generic ( 1 )
00:37:29.0201 0x322c Detect skipped due to KSN trusted
00:37:29.0201 0x322c Realtek11nSU - ok
00:37:29.0216 0x322c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:37:29.0263 0x322c RemoteAccess - ok
00:37:29.0263 0x322c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:37:29.0279 0x322c RemoteRegistry - ok
00:37:29.0294 0x322c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:37:29.0310 0x322c RpcEptMapper - ok
00:37:29.0310 0x322c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
00:37:29.0325 0x322c RpcLocator - ok
00:37:29.0325 0x322c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
00:37:29.0357 0x322c RpcSs - ok
00:37:29.0357 0x322c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:37:29.0372 0x322c rspndr - ok
00:37:29.0388 0x322c [ 027E10A5048B135862D638B9085D1402, BAC1CD96BA242CDF29F8FEAC501110739F1524F0DB1C8FCAD59409E77B8928BA ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
00:37:29.0388 0x322c RTCore64 - ok
00:37:29.0403 0x322c [ 5EDFCEE5682237607082880338415AA6, C711253F14B176800C68EE1B4620E11B5C2894CD052D5A82D4CE3B05E22B359C ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
00:37:29.0419 0x322c RTL8192su - ok
00:37:29.0419 0x322c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
00:37:29.0419 0x322c SamSs - ok
00:37:29.0435 0x322c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:37:29.0435 0x322c sbp2port - ok
00:37:29.0435 0x322c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:37:29.0466 0x322c SCardSvr - ok
00:37:29.0466 0x322c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:37:29.0481 0x322c scfilter - ok
00:37:29.0497 0x322c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
00:37:29.0528 0x322c Schedule - ok
00:37:29.0528 0x322c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:37:29.0544 0x322c SCPolicySvc - ok
00:37:29.0544 0x322c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:37:29.0559 0x322c SDRSVC - ok
00:37:29.0559 0x322c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:37:29.0559 0x322c secdrv - ok
00:37:29.0575 0x322c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
00:37:29.0591 0x322c seclogon - ok
00:37:29.0591 0x322c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
00:37:29.0606 0x322c SENS - ok
00:37:29.0606 0x322c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:37:29.0622 0x322c SensrSvc - ok
00:37:29.0622 0x322c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:37:29.0622 0x322c Serenum - ok
00:37:29.0637 0x322c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:37:29.0637 0x322c Serial - ok
00:37:29.0637 0x322c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:37:29.0653 0x322c sermouse - ok
00:37:29.0653 0x322c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
00:37:29.0669 0x322c SessionEnv - ok
00:37:29.0684 0x322c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:37:29.0684 0x322c sffdisk - ok
00:37:29.0684 0x322c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:37:29.0700 0x322c sffp_mmc - ok
00:37:29.0700 0x322c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:37:29.0700 0x322c sffp_sd - ok
00:37:29.0700 0x322c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:37:29.0715 0x322c sfloppy - ok
00:37:29.0715 0x322c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:37:29.0747 0x322c SharedAccess - ok
00:37:29.0747 0x322c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:37:29.0778 0x322c ShellHWDetection - ok
00:37:29.0778 0x322c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:37:29.0778 0x322c SiSRaid2 - ok
00:37:29.0793 0x322c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:37:29.0793 0x322c SiSRaid4 - ok
00:37:29.0793 0x322c [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:37:29.0809 0x322c SkypeUpdate - ok
00:37:29.0809 0x322c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:37:29.0840 0x322c Smb - ok
00:37:29.0840 0x322c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:37:29.0840 0x322c SNMPTRAP - ok
00:37:29.0856 0x322c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
00:37:29.0856 0x322c spldr - ok
00:37:29.0871 0x322c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
00:37:29.0871 0x322c Spooler - ok
00:37:29.0934 0x322c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
00:37:29.0996 0x322c sppsvc - ok
00:37:29.0996 0x322c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:37:30.0027 0x322c sppuinotify - ok
00:37:30.0027 0x322c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:37:30.0043 0x322c srv - ok
00:37:30.0059 0x322c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:37:30.0074 0x322c srv2 - ok
00:37:30.0074 0x30d4 Object required for P2P: [ 6B245B7F96F901891636814B5A7A9088 ] nvsvc
00:37:30.0074 0x322c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:37:30.0090 0x322c srvnet - ok
00:37:30.0090 0x322c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:37:30.0105 0x322c SSDPSRV - ok
00:37:30.0121 0x322c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:37:30.0137 0x322c SstpSvc - ok
00:37:30.0137 0x322c [ EA8F41484CCC5BA6A1455C2AD3D1BE3C, B206AA8F4BA7C1E15561B4F2011FA483C5401B0300914F747804A116CCE972BF ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
00:37:30.0152 0x322c ssudmdm - ok
00:37:30.0168 0x322c [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:37:30.0183 0x322c Steam Client Service - ok
00:37:30.0183 0x322c [ C368FAF3084E3978462159F1DDAFF54F, F7DD88038E002EF3D2BCA648FE7CF0F92347E901C5F495D8D8E4D24076E895CD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:37:30.0199 0x322c Stereo Service - ok
00:37:30.0199 0x322c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:37:30.0215 0x322c stexstor - ok
00:37:30.0215 0x322c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
00:37:30.0230 0x322c stisvc - ok
00:37:30.0246 0x322c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
00:37:30.0246 0x322c swenum - ok
00:37:30.0261 0x322c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
00:37:30.0277 0x322c swprv - ok
00:37:30.0308 0x322c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
00:37:30.0339 0x322c SysMain - ok
00:37:30.0339 0x322c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:37:30.0355 0x322c TabletInputService - ok
00:37:30.0355 0x322c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
00:37:30.0386 0x322c TapiSrv - ok
00:37:30.0386 0x322c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
00:37:30.0402 0x322c TBS - ok
00:37:30.0433 0x322c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:37:30.0464 0x322c Tcpip - ok
00:37:30.0495 0x322c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:37:30.0527 0x322c TCPIP6 - ok
00:37:30.0527 0x322c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:37:30.0542 0x322c tcpipreg - ok
00:37:30.0542 0x322c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:37:30.0542 0x322c TDPIPE - ok
00:37:30.0542 0x322c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:37:30.0558 0x322c TDTCP - ok
00:37:30.0558 0x322c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:37:30.0573 0x322c tdx - ok
00:37:30.0651 0x322c [ C32E6295D7D024B2302EFF1A7FEFD720, A9E5C78FD8765367863FFCA4954E52EEC77BE4956A6910CD09BBBF9D5BC96D4E ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
00:37:30.0714 0x322c TeamViewer9 - ok
00:37:30.0729 0x322c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
00:37:30.0729 0x322c TermDD - ok
00:37:30.0745 0x322c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
00:37:30.0761 0x322c TermService - ok
00:37:30.0761 0x322c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
00:37:30.0776 0x322c Themes - ok
00:37:30.0776 0x322c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
00:37:30.0792 0x322c THREADORDER - ok
00:37:30.0792 0x322c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
00:37:30.0823 0x322c TrkWks - ok
00:37:30.0823 0x322c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:37:30.0839 0x322c TrustedInstaller - ok
00:37:30.0854 0x322c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:37:30.0854 0x322c tssecsrv - ok
00:37:30.0854 0x322c [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:37:30.0870 0x322c TsUsbFlt - ok
00:37:30.0870 0x322c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:37:30.0885 0x322c tunnel - ok
00:37:30.0885 0x322c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:37:30.0901 0x322c uagp35 - ok
00:37:30.0901 0x322c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:37:30.0932 0x322c udfs - ok
00:37:30.0932 0x322c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:37:30.0932 0x322c UI0Detect - ok
00:37:30.0948 0x322c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:37:30.0948 0x322c uliagpkx - ok
00:37:30.0948 0x322c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:37:30.0963 0x322c umbus - ok
00:37:30.0963 0x322c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:37:30.0979 0x322c UmPass - ok
00:37:30.0979 0x322c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
00:37:31.0010 0x322c upnphost - ok
00:37:31.0010 0x322c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:37:31.0010 0x322c USBAAPL64 - ok
00:37:31.0026 0x322c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:37:31.0026 0x322c usbccgp - ok
00:37:31.0026 0x322c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:37:31.0041 0x322c usbcir - ok
00:37:31.0041 0x322c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:37:31.0041 0x322c usbehci - ok
00:37:31.0057 0x322c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:37:31.0057 0x322c usbhub - ok
00:37:31.0073 0x322c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:37:31.0073 0x322c usbohci - ok
00:37:31.0073 0x322c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:37:31.0088 0x322c usbprint - ok
00:37:31.0088 0x322c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:37:31.0088 0x322c usbscan - ok
00:37:31.0104 0x322c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:37:31.0104 0x322c USBSTOR - ok
00:37:31.0104 0x322c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:37:31.0119 0x322c usbuhci - ok
00:37:31.0119 0x322c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
00:37:31.0135 0x322c UxSms - ok
00:37:31.0135 0x322c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
00:37:31.0151 0x322c VaultSvc - ok
00:37:31.0151 0x322c [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus C:\Windows\system32\DRIVERS\vcd10bus.sys
00:37:31.0151 0x322c vcd10bus - ok
00:37:31.0166 0x322c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:37:31.0166 0x322c vdrvroot - ok
00:37:31.0182 0x322c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
00:37:31.0197 0x322c vds - ok
00:37:31.0197 0x322c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:37:31.0213 0x322c vga - ok
00:37:31.0213 0x322c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:37:31.0229 0x322c VgaSave - ok
00:37:31.0244 0x322c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:37:31.0244 0x322c vhdmp - ok
00:37:31.0275 0x322c [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
00:37:31.0307 0x322c VIAHdAudAddService - ok
00:37:31.0322 0x322c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
00:37:31.0322 0x322c viaide - ok
00:37:31.0322 0x322c [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
00:37:31.0338 0x322c VIAKaraokeService - ok
00:37:31.0338 0x322c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:37:31.0338 0x322c volmgr - ok
00:37:31.0353 0x322c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:37:31.0353 0x322c volmgrx - ok
00:37:31.0369 0x322c [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:37:31.0369 0x322c volsnap - ok
00:37:31.0385 0x322c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:37:31.0385 0x322c vsmraid - ok
00:37:31.0416 0x322c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
00:37:31.0447 0x322c VSS - ok
00:37:31.0463 0x322c [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
00:37:31.0463 0x322c vssbrigde64 - ok
00:37:31.0463 0x322c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:37:31.0478 0x322c vwifibus - ok
00:37:31.0478 0x322c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:37:31.0494 0x322c vwififlt - ok
00:37:31.0494 0x322c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:37:31.0494 0x322c vwifimp - ok
00:37:31.0509 0x322c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
00:37:31.0525 0x322c W32Time - ok
00:37:31.0541 0x322c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:37:31.0541 0x322c WacomPen - ok
00:37:31.0541 0x322c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:37:31.0572 0x322c WANARP - ok
00:37:31.0572 0x322c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:37:31.0587 0x322c Wanarpv6 - ok
00:37:31.0603 0x322c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
00:37:31.0634 0x322c wbengine - ok
00:37:31.0650 0x322c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:37:31.0650 0x322c WbioSrvc - ok
00:37:31.0665 0x322c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:37:31.0681 0x322c wcncsvc - ok
00:37:31.0681 0x322c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:37:31.0681 0x322c WcsPlugInService - ok
00:37:31.0697 0x322c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:37:31.0697 0x322c Wd - ok
00:37:31.0712 0x322c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:37:31.0728 0x322c Wdf01000 - ok
00:37:31.0728 0x322c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:37:31.0743 0x322c WdiServiceHost - ok
00:37:31.0743 0x322c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:37:31.0743 0x322c WdiSystemHost - ok
00:37:31.0759 0x322c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
00:37:31.0759 0x322c WebClient - ok
00:37:31.0775 0x322c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:37:31.0790 0x322c Wecsvc - ok
00:37:31.0806 0x322c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:37:31.0821 0x322c wercplsupport - ok
00:37:31.0821 0x322c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
00:37:31.0837 0x322c WerSvc - ok
00:37:31.0837 0x322c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:37:31.0868 0x322c WfpLwf - ok
00:37:31.0868 0x322c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:37:31.0868 0x322c WIMMount - ok
00:37:31.0868 0x322c WinDefend - ok
00:37:31.0868 0x322c WinHttpAutoProxySvc - ok
00:37:31.0884 0x322c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:37:31.0899 0x322c Winmgmt - ok
00:37:31.0931 0x322c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
00:37:31.0977 0x322c WinRM - ok
00:37:31.0977 0x322c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:37:31.0993 0x322c WinUsb - ok
00:37:32.0009 0x322c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:37:32.0024 0x322c Wlansvc - ok
00:37:32.0071 0x322c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:37:32.0102 0x322c wlidsvc - ok
00:37:32.0118 0x322c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:37:32.0118 0x322c WmiAcpi - ok
00:37:32.0118 0x322c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:37:32.0133 0x322c wmiApSrv - ok
00:37:32.0133 0x322c WMPNetworkSvc - ok
00:37:32.0133 0x322c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:37:32.0149 0x322c WPCSvc - ok
00:37:32.0149 0x322c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:37:32.0165 0x322c WPDBusEnum - ok
00:37:32.0165 0x322c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:37:32.0180 0x322c ws2ifsl - ok
00:37:32.0180 0x322c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
00:37:32.0196 0x322c wscsvc - ok
00:37:32.0196 0x322c WSearch - ok
00:37:32.0243 0x322c [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\Windows\system32\wuaueng.dll
00:37:32.0274 0x322c wuauserv - ok
00:37:32.0289 0x322c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:37:32.0289 0x322c WudfPf - ok
00:37:32.0289 0x322c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:37:32.0305 0x322c WUDFRd - ok
00:37:32.0305 0x322c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:37:32.0321 0x322c wudfsvc - ok
00:37:32.0321 0x322c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
00:37:32.0336 0x322c WwanSvc - ok
00:37:32.0336 0x322c [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
00:37:32.0336 0x322c xusb21 - ok
00:37:32.0352 0x322c [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
00:37:32.0352 0x322c {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
00:37:32.0367 0x322c ================ Scan global ===============================
00:37:32.0367 0x322c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
00:37:32.0367 0x322c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
00:37:32.0383 0x322c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
00:37:32.0383 0x322c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:37:32.0383 0x322c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
00:37:32.0399 0x322c [ Global ] - ok
00:37:32.0399 0x322c ================ Scan MBR ==================================
00:37:32.0399 0x322c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:37:32.0461 0x322c \Device\Harddisk0\DR0 - ok
00:37:32.0477 0x322c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
00:37:32.0539 0x322c \Device\Harddisk1\DR1 - ok
00:37:32.0539 0x322c ================ Scan VBR ==================================
00:37:32.0539 0x322c [ 0EDDB0563EBB6664FDD9B36B12BA3972 ] \Device\Harddisk0\DR0\Partition1
00:37:32.0539 0x322c \Device\Harddisk0\DR0\Partition1 - ok
00:37:32.0539 0x322c [ DD76C446553CA100E8AEE6B640F97EEC ] \Device\Harddisk0\DR0\Partition2
00:37:32.0555 0x322c \Device\Harddisk0\DR0\Partition2 - ok
00:37:32.0555 0x322c [ 3498C5493DE312BCF711DCBB60CFC256 ] \Device\Harddisk1\DR1\Partition1
00:37:32.0664 0x322c \Device\Harddisk1\DR1\Partition1 - ok
00:37:32.0664 0x322c ================ Scan generic autorun ======================
00:37:32.0898 0x30d4 Object send P2P result: true
00:37:32.0913 0x322c [ 19ECAAEA3CC248489FE987C10B688C0D, 967CB23A8176B3181EE2A55DFBB04A69988AB22105D4C450C5B5E729B91FAD5A ] C:\Program Files\Logitech Gaming Software\LCore.exe
00:37:33.0069 0x322c Launch LCore - ok
00:37:33.0116 0x322c [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
00:37:33.0163 0x322c NvBackend - ok
00:37:33.0163 0x322c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
00:37:33.0179 0x322c ShadowPlay - ok
00:37:33.0179 0x322c [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
00:37:33.0179 0x322c iTunesHelper - ok
00:37:33.0257 0x322c [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
00:37:33.0335 0x322c HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
00:37:36.0111 0x322c Detect skipped due to KSN trusted
00:37:36.0111 0x322c HDAudDeck - ok
00:37:36.0111 0x322c [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
00:37:36.0127 0x322c IAStorIcon - ok
00:37:36.0127 0x322c [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
00:37:36.0143 0x322c USB3MON - ok
00:37:36.0143 0x322c [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
00:37:36.0143 0x322c amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
00:37:38.0888 0x322c Detect skipped due to KSN trusted
00:37:38.0888 0x322c amd_dc_opt - ok
00:37:38.0919 0x322c [ 9AC10DF42CC1E811BB8608A0B609A7D0, 8337D83D40E5FA5A38109F3C4E6AF217AA4D112E9174FC2E5662A0DE77249F63 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:37:38.0951 0x322c SunJavaUpdateSched - ok
00:37:38.0982 0x322c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:37:38.0997 0x322c Sidebar - ok
00:37:39.0013 0x322c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:37:39.0013 0x322c mctadmin - ok
00:37:39.0044 0x322c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:37:39.0060 0x322c Sidebar - ok
00:37:39.0060 0x322c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:37:39.0075 0x322c mctadmin - ok
00:37:39.0075 0x322c [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
00:37:39.0091 0x322c Dropbox Update - ok
00:37:39.0122 0x322c [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
00:37:39.0138 0x322c Spotify Web Helper - ok
00:37:39.0153 0x322c Waiting for KSN requests completion. In queue: 9
00:37:40.0167 0x322c Waiting for KSN requests completion. In queue: 9
00:37:41.0181 0x322c Waiting for KSN requests completion. In queue: 9
00:37:42.0211 0x322c AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
00:37:42.0211 0x322c FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
00:37:44.0957 0x322c ============================================================
00:37:44.0957 0x322c Scan finished
00:37:44.0957 0x322c ============================================================
00:37:44.0957 0x18cc Detected object count: 0
00:37:44.0957 0x18cc Actual detected object count: 0
|
|
31.12.2015, 04:14
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Pishing-Mail Paypal link angeklickt ohne Daten einzugeben Hi, Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
31.12.2015, 09:20
| #5 |
| | Pishing-Mail Paypal link angeklickt ohne Daten einzugebenCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.12.31.01
rootkit: v2015.12.26.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18124
Philip :: PHILIP-PC [administrator]
31.12.2015 08:45:06
mbar-log-2015-12-31 (08-45-06).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 414592
Time elapsed: 15 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
31.12.2015, 09:23
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pishing-Mail Paypal link angeklickt ohne Daten einzugeben Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Pishing-Mail Paypal link angeklickt ohne Daten einzugeben |
|
31.12.2015, 10:19
| #7 |
| | Pishing-Mail Paypal link angeklickt ohne Daten einzugebenCode:
ATTFilter # AdwCleaner v5.027 - Bericht erstellt am 31/12/2015 um 09:53:50
# Aktualisiert am 30/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Philip - PHILIP-PC
# Gestartet von : C:\Users\Philip\Desktop\adwcleaner_5.027.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\BrowseMark
[!] Ordner Nicht Gelöscht : C:\Program Files (x86)\BrowseMark
[-] Ordner Gelöscht : C:\Users\Philip\Save
[-] Ordner Gelöscht : C:\Users\Philip\AppData\Local\28050
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Geplante Aufgabe Gelöscht : MySearchDial
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\BrowseMark
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : HKCU\Software\BrowseMark
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\BrowseMark
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\BrowseMark
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2223 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Philip (Administrator) on 31.12.2015 at 9:57:35,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\Users\Philip\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Program Files (x86)\GUTEAAD.tmp (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.12.2015 at 9:59:27,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-12-2015
durchgeführt von Philip (Administrator) auf PHILIP-PC (31-12-2015 10:15:57)
Gestartet von D:\Downloads
Geladene Profile: Philip (Verfügbare Profile: Philip)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Run: [Dropbox Update] => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-21] (Dropbox, Inc.)
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Run: [Spotify Web Helper] => C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-21] (Spotify Ltd)
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\MountPoints2: {66e52a31-a04e-11e2-b6b3-806e6f6e6963} - F:\Bin\ASSETUP.exe
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-08] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk [2013-04-08]
ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 192.168.5.1
Tcpip\..\Interfaces\{038D747B-E372-47DC-BD77-93ACCAC2AF22}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{A7446BE3-4664-4327-967C-AF964981366F}: [DhcpNameServer] 192.168.5.1 192.168.5.1
Tcpip\..\Interfaces\{C54E0121-7C09-43CE-93EC-D17F0B216E6F}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-12-13] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-21] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll => Keine Datei
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-13] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\o9p1vvy5.default-1446752911483
FF Homepage: google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-17] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-10-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1043415761-1617859271-1540384589-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Philip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1043415761-1617859271-1540384589-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1043415761-1617859271-1540384589-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-05-28] ()
FF Extension: WOT - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\o9p1vvy5.default-1446752911483\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-12-03]
FF Extension: Adblock Plus - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\o9p1vvy5.default-1446752911483\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => Keine Datei
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Store) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Erwecke die Macht in dir) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeojddkbfhdgnnicgkgogjnbkdljibb [2015-11-28]
CHR Extension: (Store) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]
CHR Extension: (Google-Suche) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-10-01]
CHR Extension: (Google Docs Offline) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Proxmate) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2015-12-18]
CHR Extension: (Google Wallet) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Google Mail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-02] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-06] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-19] (GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-10-03] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-10-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-10-03] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-05] (Electronic Arts)
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ArcService; D:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-20] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940928 2015-12-03] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-10-03] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2012-08-15] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\Philip\AppData\Local\Temp\ALSysIO64.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-31 09:59 - 2015-12-31 09:59 - 00000693 _____ C:\Users\Philip\Desktop\JRT.txt
2015-12-31 09:57 - 2015-12-31 09:56 - 01599336 _____ (Malwarebytes) C:\Users\Philip\Desktop\JRT.exe
2015-12-31 09:48 - 2015-12-31 09:48 - 01745920 _____ C:\Users\Philip\Desktop\adwcleaner_5.027.exe
2015-12-31 08:45 - 2015-12-31 09:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-31 08:45 - 2015-12-31 08:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-31 08:45 - 2015-12-31 08:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-31 08:43 - 2015-12-31 09:46 - 00000000 ____D C:\Users\Philip\Desktop\mbar
2015-12-31 08:43 - 2015-12-31 08:43 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-31 00:37 - 2015-12-31 00:38 - 00218786 _____ C:\TDSSKiller.3.1.0.9_31.12.2015_00.37.04_log.txt
2015-12-31 00:19 - 2015-12-31 10:15 - 00000000 ____D C:\FRST
2015-12-31 00:10 - 2015-12-31 00:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-12-31 00:01 - 2015-12-31 00:18 - 00433224 _____ C:\TDSSKiller.3.1.0.9_31.12.2015_00.01.36_log.txt
2015-12-31 00:00 - 2015-12-31 00:00 - 00000364 _____ C:\TDSSKiller.3.1.0.5_31.12.2015_00.00.56_log.txt
2015-12-28 23:20 - 2015-12-28 23:20 - 00000000 ____D C:\Users\Philip\AppData\LocalLow\Thunder Lotus Games
2015-12-28 20:58 - 2015-12-28 20:58 - 00000000 ____D C:\Users\Philip\AppData\Local\Ori and the Blind Forest
2015-12-28 17:18 - 2015-12-29 20:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 11:35 - 2015-12-20 11:35 - 00002251 _____ C:\Users\Philip\Desktop\Google Chrome.lnk
2015-12-13 23:40 - 2015-12-13 23:40 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 18:08 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 18:08 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 18:08 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 18:08 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 18:08 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 18:08 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 18:08 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 18:08 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 18:08 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 18:08 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 18:08 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 18:08 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 18:08 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 18:08 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 18:08 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 18:08 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 18:08 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 18:08 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 18:08 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 18:08 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 18:08 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 18:08 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 18:08 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 18:08 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 18:08 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 18:08 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 18:08 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 18:08 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 18:08 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 18:08 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 18:08 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 18:08 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 18:08 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 18:08 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 18:08 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 18:08 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 18:08 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 18:08 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 18:08 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 18:08 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 18:08 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 18:08 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 18:08 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 18:08 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 18:08 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 18:08 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 18:08 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 18:08 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 18:08 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 18:08 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 18:08 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 18:08 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 18:08 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 18:08 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 18:08 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 18:08 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 18:08 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 18:08 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 18:08 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 18:08 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 18:08 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 18:08 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 18:08 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 18:08 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 18:08 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 18:08 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 18:08 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 18:08 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 18:08 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 18:08 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 18:08 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 18:08 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 18:08 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 18:08 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 18:08 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 18:08 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 18:08 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 18:08 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 18:08 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 18:08 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 18:08 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 18:08 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 18:08 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 18:08 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 18:08 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 18:08 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 18:08 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 18:08 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 18:08 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 18:08 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 18:08 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 18:08 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 18:08 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 18:08 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 18:08 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 18:08 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 18:08 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 18:08 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 18:08 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 18:08 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 18:04 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 18:04 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 21:23 - 2015-12-07 21:23 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Arrowhead
2015-12-06 16:23 - 2015-12-06 16:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Notepad++
2015-12-06 16:23 - 2015-12-06 16:23 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-06 16:23 - 2015-12-06 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-06 16:23 - 2015-12-06 16:23 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-12-06 16:22 - 2015-12-06 16:13 - 00003920 _____ C:\Users\Philip\Fallout4Prefs.ini
2015-12-06 16:22 - 2015-12-06 16:13 - 00000041 _____ C:\Users\Philip\Fallout4Custom.ini
2015-12-06 16:22 - 2015-11-10 00:39 - 00002465 _____ C:\Users\Philip\Fallout4.ini
2015-12-06 16:16 - 2015-12-19 11:39 - 00000741 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-12-06 11:55 - 2015-12-20 21:02 - 00000000 ____D C:\Users\Philip\AppData\Roaming\PJShooterUltimate
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-31 10:13 - 2013-04-08 18:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-31 10:03 - 2013-04-15 18:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-31 10:03 - 2013-04-15 18:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-31 10:02 - 2009-07-14 05:45 - 00023344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-31 10:02 - 2009-07-14 05:45 - 00023344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-31 10:01 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-12-31 10:01 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-12-31 10:01 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-31 10:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-31 09:57 - 2014-04-21 19:36 - 00000000 ____D C:\AdwCleaner
2015-12-31 09:56 - 2013-12-16 23:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-31 09:55 - 2013-12-16 23:33 - 00000000 ____D C:\Users\Philip\AppData\Local\Battle.net
2015-12-31 09:54 - 2015-06-23 11:24 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-31 09:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-31 09:53 - 2013-04-08 14:19 - 00000000 ____D C:\Users\Philip
2015-12-31 09:46 - 2015-08-21 10:41 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000UA.job
2015-12-31 00:43 - 2015-11-08 01:01 - 00003026 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-12-31 00:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-31 00:11 - 2014-11-06 22:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-12-31 00:11 - 2013-04-08 20:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-30 20:36 - 2013-04-08 20:19 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-12-29 23:23 - 2013-04-08 20:34 - 00000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2015-12-29 20:10 - 2015-11-05 21:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-28 23:00 - 2015-07-15 16:37 - 00000000 ____D C:\Users\Philip\AppData\Local\JDownloader 2.0
2015-12-20 11:46 - 2015-08-21 10:41 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000Core.job
2015-12-19 11:39 - 2015-01-12 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-12-19 00:21 - 2015-04-04 18:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-19 00:21 - 2015-04-04 18:49 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 22:59 - 2013-10-07 21:34 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TS3Client
2015-12-17 16:57 - 2015-09-21 21:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-17 16:57 - 2015-09-21 21:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-13 23:40 - 2013-10-22 19:53 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Dropbox
2015-12-13 17:04 - 2013-10-15 15:05 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-13 17:04 - 2013-10-15 15:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-13 17:04 - 2013-04-08 14:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-13 17:01 - 2013-10-15 16:22 - 00000000 ____D C:\Users\Philip\Documents\Benutzerdefinierte Office-Vorlagen
2015-12-13 13:14 - 2013-09-18 20:58 - 00062464 ___SH C:\Users\Philip\Thumbs.db
2015-12-12 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 16:49 - 2009-07-14 05:45 - 00462312 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 00:48 - 2014-05-17 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 00:48 - 2014-05-17 19:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 00:48 - 2014-05-17 19:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 00:47 - 2013-08-15 23:15 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 00:44 - 2013-04-08 18:18 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-06 16:18 - 2015-11-10 00:29 - 00000000 ____D C:\Users\Philip\AppData\Local\Fallout4
2015-12-05 10:11 - 2013-04-08 14:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-05 10:10 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-05 09:58 - 2013-04-15 18:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 09:58 - 2013-04-15 18:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 22:48 - 2014-05-17 17:34 - 00000000 ____D C:\Users\Philip\AppData\Roaming\DVDVideoSoft
2015-12-03 23:13 - 2015-09-02 11:07 - 00940928 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-12-02 13:18 - 2013-04-08 14:35 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-06-29 17:28 - 2014-06-29 13:20 - 0012005 _____ () C:\Users\Philip\AppData\Roaming\alsoft.ini
2015-11-01 21:36 - 2015-11-01 21:36 - 0000135 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmq8tku.dll
C:\Users\Philip\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Philip\AppData\Local\Temp\GUR1525.exe
C:\Users\Philip\AppData\Local\Temp\i4jdel0.exe
C:\Users\Philip\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.53.1.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.53.2.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.61.2.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.61.3.exe
C:\Users\Philip\AppData\Local\Temp\Nexus Mod Manager-0.61.4.exe
C:\Users\Philip\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\Philip\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\Philip\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Philip\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Philip\AppData\Local\Temp\nvStInst.exe
C:\Users\Philip\AppData\Local\Temp\proxy_vole3781096880749226472.dll
C:\Users\Philip\AppData\Local\Temp\proxy_vole5268617146009629776.dll
C:\Users\Philip\AppData\Local\Temp\proxy_vole8992570765991943043.dll
C:\Users\Philip\AppData\Local\Temp\setup.exe
C:\Users\Philip\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Philip\AppData\Local\Temp\sqlite3.dll
C:\Users\Philip\AppData\Local\Temp\tmd_34014538.exe
C:\Users\Philip\AppData\Local\Temp\tmp33AB.exe
C:\Users\Philip\AppData\Local\Temp\tmp59A9.exe
C:\Users\Philip\AppData\Local\Temp\tmp7C6E.exe
C:\Users\Philip\AppData\Local\Temp\tmpEFBB.exe
C:\Users\Philip\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-31 09:38
==================== Ende von FRST.txt ============================
|
|
31.12.2015, 10:20
| #8 |
| | Pishing-Mail Paypal link angeklickt ohne Daten einzugebenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-12-2015
durchgeführt von Philip (2015-12-31 10:16:10)
Gestartet von D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-04-08 13:19:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1043415761-1617859271-1540384589-500 - Administrator - Disabled)
Gast (S-1-5-21-1043415761-1617859271-1540384589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1043415761-1617859271-1540384589-1002 - Limited - Enabled)
Philip (S-1-5-21-1043415761-1617859271-1540384589-1000 - Administrator - Enabled) => C:\Users\Philip
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
ADRIFT 5 (HKLM-x32\...\{22EEACC9-C06E-45E5-8FBA-C9270989CA13}) (Version: 5.0.31.4 - Campbell Wild)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Amazon Kindle (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Among the Sleep (HKLM-x32\...\Steam App 250620) (Version: - Krillbite Studio)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.11.12 - Atheros Communications Inc.)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version: - Rocksteady Studios)
Battle Worlds Kronos Version 0.4.3 (HKLM-x32\...\C52E2E84-EE31-11E2-9C58-D5676188709B_is1) (Version: 0.4.3 - KING Art Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beneath a Steel Sky (HKLM-x32\...\GOGPACKBENEATH_is1) (Version: 2.0.0.9 - GOG.com)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Broforce (HKLM-x32\...\Steam App 274190) (Version: - Free Lives)
Broken Age (HKLM-x32\...\Steam App 232790) (Version: - Double Fine Productions)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - )
Castlevania: Lords of Shadow – Mirror of Fate HD (HKLM-x32\...\Steam App 282530) (Version: - MercurySteam)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft Montréal)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Crawl (HKLM-x32\...\Steam App 293780) (Version: - Powerhoof)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version: - Brace Yourself Games)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4520.54 - CyberLink Corp.)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version: - Ion Storm)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version: - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Deus Ex: Revision (HKLM-x32\...\Steam App 397550) (Version: - Caustic Creative)
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.0.4.7 - GOG.com)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
Dropbox (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Keeper (HKLM-x32\...\GOGPACKDUNGEONKEEPERDOS_is1) (Version: 2.0.0.2 - GOG.com)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios)
Edimax Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.1.0 - Edimax)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)
Evoland (HKLM-x32\...\GOGPACKEVOLAND_is1) (Version: 2.0.0.3 - GOG.com)
Evoland 2 (HKLM-x32\...\1439275574_is1) (Version: 2.0.0.2 - GOG.com)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version: - Ubisoft Montreal)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.1.1001 - DVDVideoSoft Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Full Combat Rebalance 2 Hotfix version 1.1a (HKLM-x32\...\Full Combat Rebalance 2 Hotfix_is1) (Version: 1.1a - Andrzej Kwiatkowski)
Full Combat Rebalance 2 version 1.1 (HKLM-x32\...\Full Combat Rebalance 2_is1) (Version: 1.1 - Andrzej Kwiatkowski)
Gemini Rue (HKLM-x32\...\GOGPACKGEMINIRUE_is1) (Version: 2.0.0.5 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 1.0 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GraphPad Prism 6 (HKLM-x32\...\{606443B0-9831-11DC-5F90-015CFB7A6952}) (Version: 6.01 - GraphPad Software)
Grim Dawn (HKLM-x32\...\Steam App 219990) (Version: - )
Grim Fandango Remastered (HKLM-x32\...\1207667183_is1) (Version: 2.0.0.2 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HELLDIVERS™ (HKLM-x32\...\Steam App 394510) (Version: - Arrowhead Game Studios)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version: - HEX Entertainment)
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version: - Gearbox Software)
Hotline Miami (HKLM-x32\...\1207659118_is1) (Version: 2.2.0.8 - GOG.com)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.4.0.5 - GOG.com)
IBM SPSS Statistics 23 (HKLM\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.0 - IBM Corp)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Incredipede (HKLM-x32\...\GOGPACKINCREDIPEDE_is1) (Version: 2.2.0.6 - GOG.com)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Invisible Inc (HKLM-x32\...\Invisible Inc_is1) (Version: - )
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jotun (HKLM-x32\...\Steam App 323580) (Version: - Thunder Lotus Games)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Codec Pack 9.8.5 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Legend of Grimrock 2 (HKLM-x32\...\Steam App 251730) (Version: - Almost Human Games)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LOOT Version 0.8.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.0 - LOOT Team)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Magicka 2 (HKLM-x32\...\Steam App 238370) (Version: - Pieces Interactive)
Magicka 2 Sneak Peek (HKLM-x32\...\Steam App 351950) (Version: - )
MASSIVE CHALICE (HKLM-x32\...\Steam App 246110) (Version: - Double Fine Productions)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
Memoria (HKLM-x32\...\{265D60A5-F9D4-4141-A17F-82D4436665DD}) (Version: 1.00 - Deep Silver)
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\Steam App 235460) (Version: - PlatinumGames)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Miasmata (HKLM-x32\...\GOGPACKMIASMATA_is1) (Version: 2.1.0.5 - GOG.com)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Morten242s UI for DSFix (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\bd16ebff8bf348a4) (Version: 1.0.0.30 - Morten242)
Mozilla Firefox 43.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 3.0.0.10 - MSI)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.4 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version: - )
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150311.103813 - Square Enix Ltd)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenXcom 0.9 (HKLM-x32\...\OpenXcom) (Version: 0.9.0.0 - OpenXcom Developers)
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Outland (HKLM-x32\...\Steam App 305050) (Version: - Housemarque)
Outlast (HKLM-x32\...\1207660064_is1) (Version: 2.1.0.8 - GOG.com)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Party Hard (HKLM-x32\...\Steam App 356570) (Version: - Pinokl Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.8.25003 - Grinding Gear Games)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version: - Obsidian Entertainment)
PixelJunk™ Shooter Ultimate (HKLM-x32\...\Steam App 332330) (Version: - Q-Games, Ltd.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Primordia (HKLM-x32\...\GOGPACKPRIMORDIA_is1) (Version: 2.0.0.2 - GOG.com)
Rags Suite (HKLM-x32\...\{1F16A5E0-C0EF-4A37-9C09-8B8A2810BC3B}) (Version: 2.4.14 - RagsGame)
Rags Suite (HKLM-x32\...\{E50D4D29-C7B5-4136-AADE-D85794926840}) (Version: 2.4.0 - RagsGame)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.)
Riffplayer 0.4.3 (HKLM-x32\...\Riffplayer) (Version: 0.4.3 - RVM)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rogue Legacy (HKLM-x32\...\GOGPACKROGUELEGACY_is1) (Version: 2.2.0.10 - GOG.com)
Saints Row: Gat out of Hell (HKLM-x32\...\Steam App 301910) (Version: - Deep Silver Volition)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung SSD Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 3.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Satellite Reign (HKLM-x32\...\Steam App 268870) (Version: - 5 Lives Studios)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
Shadowrun: Dragonfall - Director's Cut (HKLM-x32\...\Steam App 300550) (Version: - Harebrained Schemes)
Shadowrun: Hong Kong (HKLM-x32\...\Steam App 346940) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.10.0.17 - GOG.com)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Small World 2 (HKLM-x32\...\Steam App 235620) (Version: - Days of Wonder)
SOMA (HKLM-x32\...\Steam App 282140) (Version: - Frictional Games)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)
Spotify (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
StarCrawlers (HKLM-x32\...\Steam App 318970) (Version: - Juggernaut Games)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
System Shock - Enhanced Edition (HKLM-x32\...\1439995156_is1) (Version: 2.1.0.4 - GOG.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Adventures of Shuggy (HKLM-x32\...\GOGPACKADVENTURESSHUGGY_is1) (Version: 2.0.0.3 - GOG.com)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Book of Unwritten Tales 2 (HKLM-x32\...\Steam App 279940) (Version: - KING Art)
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version: - Daedalic Entertainment)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version: - Tango Gameworks)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Swapper (HKLM-x32\...\GOGPACKTHESWAPPER_is1) (Version: 2.0.0.2 - GOG.com)
The Vanishing of Ethan Carter (HKLM-x32\...\1207665373_is1) (Version: 2.0.0.2 - GOG.com)
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.11.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher Adventure Game (HKLM-x32\...\1207664653_is1) (Version: 2.0.33.36 - GOG.com)
The Witcher Adventure Game (HKLM-x32\...\1207666883_is1) (Version: 2.1.0.2 - GOG.com)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version: - Days of Wonder)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Transistor (HKLM-x32\...\Steam App 237930) (Version: - Supergiant Games)
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Unity Web Player (HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA)
Velocity 2X (HKLM-x32\...\VmVsb2NpdHkyWA==_is1) (Version: 1 - )
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warhammer: End Times - Vermintide (HKLM-x32\...\Steam App 235540) (Version: - Fatshark)
Wasteland 2 - Director's Cut (HKLM-x32\...\1444386007_is1) (Version: 2.1.0.3 - GOG.com)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
XCom Long War EW Mod version Beta 15d2 (HKLM-x32\...\{860C3266-65B9-4BF2-937A-1778483046B5}_is1) (Version: Beta 15d2 - JohnnyLump)
Xenonauts (HKLM-x32\...\GOGPACKXENONAUTS_is1) (Version: 2.0.0.5 - GOG.com)
YACReader 7.0.1 (HKLM-x32\...\YACReader_is1) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0018AC5C-EDAA-4447-A164-E9DCF7D4FC1E} - System32\Tasks\Herunterfahren => shutdown
Task: {084A8BC2-0419-4C4D-B99C-B642D63D0976} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {0E413C6A-54D7-4323-98B5-74915FEF8B88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2D722023-2200-4C61-980C-BBBC522BB742} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {404177C1-8835-4900-8494-B140BECBA5A6} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-05-27] ()
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {695B82BE-B988-451C-BA2D-2C38E07985C8} - System32\Tasks\{0407E141-AE0F-4231-A78A-88BC0F0F70CD} => pcalua.exe -a "D:\GOG Games\Divinity - Original Sin\LanguageSetup.exe" -d "D:\GOG Games\Divinity - Original Sin"
Task: {9256E0D6-86D9-4802-B172-1D02DDF8900D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {A16A671F-F5DE-4B8F-A697-F464B86D7D30} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000Core => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-21] (Dropbox, Inc.)
Task: {A3672B7B-662B-484B-9D80-02E9077520E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {D62E7081-128F-46B0-9E04-B301CADC1743} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E231F15A-AAD0-444D-BAA5-4F8B0A665C5B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000UA => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-21] (Dropbox, Inc.)
Task: {EE1B3E61-967F-4892-A4B2-7D8962A74795} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {F0CB111A-FF9D-43BD-8928-373A88718B1E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {F24D24F1-04E9-4530-907C-5EABA73799C7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-13] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000Core.job => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1043415761-1617859271-1540384589-1000UA.job => C:\Users\Philip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-22 16:21 - 2012-06-01 16:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-03-20 17:00 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-06-22 16:21 - 2015-12-31 09:54 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-06-22 16:21 - 2010-06-29 09:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-10-16 18:27 - 2014-10-16 18:27 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-04-08 20:12 - 2012-02-01 15:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-06-23 11:28 - 2015-10-03 06:06 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-08 22:18 - 2015-07-08 22:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1043415761-1617859271-1540384589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.5.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Philip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AirPort Base Station Agent => "C:\Program Files (x86)\AirPort\APAgent.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Philip\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8A1C0A10-66CE-40EF-8F12-9041E21AC8E8}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{C335D937-F356-4C53-A842-03C13BDAC706}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{5F82454B-AEF8-4F1A-B155-89C5AEA82E8E}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{36849973-9B66-4168-AFAE-2583199A3191}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{BC4090D7-9397-48FB-87A6-B516FDA71C45}] => (Allow) D:\Program Files\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{2F9D63A4-7BE3-4C61-9E59-624354B384A2}] => (Allow) D:\Program Files\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E13E136D-FDD5-4DC0-BE34-1AF522ED9661}] => (Allow) D:\Program Files\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D670F9E3-C27B-40EB-8C80-FE3DC94419A8}] => (Allow) D:\Program Files\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{19ACA024-9308-48A6-9E78-05BBC945D1FF}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machinarium\machinarium.exe
FirewallRules: [{B3908767-A4FF-4720-96AA-DD395D002528}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machinarium\machinarium.exe
FirewallRules: [{47A76D5F-5E58-43D4-9739-5A8BB91B6E7A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{CED56D3E-AA08-4F5E-910D-A4E067293A3E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{E6C8BE6D-356F-4D72-B134-21DCA947B469}] => (Allow) D:\Program Files\Steam\SteamApps\common\Legend of Grimrock\grimrock.exe
FirewallRules: [{324633F3-1A0E-43A5-A0D0-64B00BFE6D31}] => (Allow) D:\Program Files\Steam\SteamApps\common\Legend of Grimrock\grimrock.exe
FirewallRules: [{F966065E-DBC1-441C-87BB-98BE1BD7EDEA}] => (Allow) D:\Program Files\Steam\SteamApps\common\Botanicula\Botanicula.exe
FirewallRules: [{84355A2E-C52C-42D3-90F3-110B77577C9B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Botanicula\Botanicula.exe
FirewallRules: [{E2AC8BA5-3010-444A-9573-76B4F2855C67}] => (Allow) D:\Program Files\Steam\SteamApps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{6AF10175-B6C4-402A-9155-6E5519AA58B7}] => (Allow) D:\Program Files\Steam\SteamApps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{C29F14EC-9A64-48DC-883B-A2EB0835FCEF}] => (Allow) D:\Program Files\Steam\SteamApps\common\FLYN\Source\Flyn.exe
FirewallRules: [{EB027AE7-2555-4E6F-9D60-9F65618DCD5C}] => (Allow) D:\Program Files\Steam\SteamApps\common\FLYN\Source\Flyn.exe
FirewallRules: [{BC535C57-53B6-454F-BC74-01441DE17CE3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8FBA72EA-519C-4272-8DAC-65D533D89645}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A5441C8E-CF57-4BD7-A856-251F8E3A0526}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F957A579-1A18-4B56-93BB-F699970306D8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{78CBC1AC-6E47-479A-9B3C-900FDEE195AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{649E0D75-7489-4644-881C-E3E881DFB0E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1D92D548-EEC6-4944-805D-EB739CF50688}] => (Allow) D:\Program Files\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{30C7747A-1824-43A0-8FD6-BE6C4C630181}] => (Allow) D:\Program Files\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{B16D6E7F-763E-4F80-AE6D-34E1A2DD3F85}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A78BF878-D988-4F77-A0CA-2F20163F834A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAF27AA5-E342-4C0B-AD98-C3CDA76BE784}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E18B623-5BDC-4879-B131-4F0C6FD21190}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F75C188E-5A8F-4196-996C-35195FB10323}] => (Allow) D:\Program Files\Steam\SteamApps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{69E17936-47AC-48EC-B86F-198821587874}] => (Allow) D:\Program Files\Steam\SteamApps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{2BE227BE-5A56-401C-B0DB-642E80BA6653}] => (Allow) D:\Program Files\Steam\SteamApps\common\Trine\trine_launcher.exe
FirewallRules: [{9BFA7128-3B39-41CA-B417-47D27C3395FC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Trine\trine_launcher.exe
FirewallRules: [{7F90CBE4-B748-4792-9601-9B4651190268}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{5981E54F-59A1-45AC-8BFF-17FEDEB16572}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{5603C234-D800-4414-B408-061E3D716460}] => (Allow) LPort=1542
FirewallRules: [{B43E132C-2962-4872-9FE6-F7F056F0C1BF}] => (Allow) LPort=1542
FirewallRules: [{C5F4CF01-40AC-4F7D-AF1D-063845AD9FB0}] => (Allow) LPort=53
FirewallRules: [{E7C807C9-455D-4D9E-9787-9661865FF8DB}] => (Allow) LPort=67
FirewallRules: [{FD7740F0-7079-4937-8C75-AD77D07FA8AC}] => (Allow) LPort=68
FirewallRules: [{5E9E9D0C-CE0F-49AD-818B-F35D84774449}] => (Allow) LPort=53
FirewallRules: [{5E357BE8-B381-4E8E-855C-B17656F20B95}] => (Allow) LPort=53
FirewallRules: [{FF3C696B-9DA3-48ED-97E9-BD95519A8720}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{E04714B9-88A7-4DD3-980F-3F8DD03F8A88}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{D7955368-BAC8-4308-AF4E-AE3574E03A92}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{71BE0213-C301-4A47-A34C-16F820395387}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{084CFBF9-F34B-4E91-9397-54DB813C57F2}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{8C42DE4F-7E03-452C-A411-ABEFC34F1095}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{8385C0D4-A120-4846-A933-41C80D7003D5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{E68B3037-4D6A-4A7E-9EC8-4D77A38992FE}] => (Allow) D:\Program Files\Steam\SteamApps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{985E3F6F-05EE-41E6-BF0B-DACD0D5AFD7F}] => (Allow) D:\Program Files\Steam\SteamApps\common\the banner saga factions\win32\The Banner Saga Factions.exe
FirewallRules: [{6487DE0E-742E-4171-B057-959F58364F44}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{422B0022-7EC2-4D02-9C2D-A02780D58385}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{464DDE53-CE54-4259-820B-A7B5447481C3}] => (Allow) D:\Program Files\Steam\SteamApps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{CCC3C347-B6F3-45C5-ACCA-07696D980661}] => (Allow) D:\Program Files\Steam\SteamApps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{99E3194D-6D01-44B3-B859-5EB0C91E892F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{4B433F01-4A09-442B-81D2-0951F1C58893}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{CDDC338C-254A-4B2C-BC92-5C40F4B61BE3}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{2FADE017-F87F-46F5-8B78-10C7BC7798E3}] => (Allow) D:\Program Files\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{03CAA25D-52B0-457C-B76D-3BFC59196D50}] => (Allow) D:\Program Files\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{D30C0CF5-15CE-445D-A4D9-75EBAE0F6FE2}] => (Allow) D:\Program Files\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{9216B3B0-EE27-4AA0-863E-56484E7DF97B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{42655C63-D7DD-4104-8C00-236522665E9C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{5F155532-38AF-4DE8-9F42-F2795CAB2DE8}] => (Allow) D:\Program Files\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{6F4FA5D3-C27B-49FC-93AE-36D5D839CE58}] => (Allow) D:\Program Files\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{4450842D-FF12-47C5-98DB-56458A2FF784}] => (Allow) D:\Program Files\Steam\SteamApps\common\DXHRML\dxhrml.exe
FirewallRules: [{3006C72A-9017-4E82-BD82-C66F1CF28190}] => (Allow) D:\Program Files\Steam\SteamApps\common\DXHRML\dxhrml.exe
FirewallRules: [{0A4F5A60-B55A-4959-B07A-B7BA90CD37A5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{99709194-B6E5-4F0E-A68F-D02A841902CE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{9849F33F-DA09-4056-8AC5-2D0A2A379DD1}] => (Allow) C:\Users\Philip\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{0034DBCA-93E1-4ED6-A3D6-5160C6352469}] => (Allow) D:\Program Files\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{504E8C83-EE8F-453A-B454-62D8AC85C782}] => (Allow) D:\Program Files\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{D58B589C-BE55-4F35-93DE-E0028D0EE30F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{D9360C63-8E3B-4682-BDF7-D3079BA1BBFC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A9330567-1535-4E7D-919D-B85EF4A7F310}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{7266F51E-42F3-4B7D-BCD5-6075C4A7BC1B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{327ECC98-9A12-4DD7-9D7A-9BC460E39466}] => (Allow) C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4B048A2D-8A8A-4BF5-AF18-FA573A801EA9}] => (Allow) C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DCD686B4-9F86-44AE-B3BF-02B74679CE51}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Bards Tale\Config\The Bard's Setup.exe
FirewallRules: [{DBC5C6A2-C1B0-43E9-868E-0A1ABDB2E056}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Bards Tale\Config\The Bard's Setup.exe
FirewallRules: [TCP Query User{09459696-823C-42A6-9A55-C3E4CA16CD13}D:\program files\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Block) D:\program files\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{6E7604D0-8A50-4DE6-861C-48CD9AD011CF}D:\program files\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Block) D:\program files\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{CA72A3EB-12A8-4967-8735-ED4E3D679E1D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{AD3A4A40-CAC2-48B0-9A0A-F9701C65EAD5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{DF3E8DFB-E597-4A95-B39A-5256B2B7ACB7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{82ACB426-95E1-4F31-8CCA-5410A625573F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{6EE95592-57DD-4313-8BA7-1A31209DAB03}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{46E58A7D-7CAC-4373-BC24-F95B175EBFC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{B945928B-D4E4-44F2-8CC8-8B9318AF06F5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5D6CE26F-2682-4205-8D12-181CB81A847D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0FED6F8B-4A35-430A-8F27-3A995FD0F057}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{815E9AAB-C931-42E4-87A7-70D7F3D925B5}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{24C713CC-AF5B-422C-BE6E-1A3B8CDF71F1}] => (Allow) D:\Program Files\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{DB26838E-F27E-41AD-9AAD-F83E8D2AC581}] => (Allow) D:\Program Files\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{199D60BA-E9D2-489E-B813-04E1DDDEB5D8}] => (Allow) D:\Program Files\Steam\SteamApps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{6AD1D9D5-738F-4420-AC91-01BD24AEEA24}] => (Allow) D:\Program Files\Steam\SteamApps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{80CBC4E7-802D-4231-8EAA-1C2FB56BD337}] => (Allow) D:\Program Files\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{D3F45CA5-1518-4C68-92DD-F09E66F3710F}] => (Allow) D:\Program Files\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{90714090-5BD0-4545-8E92-900EC4C8C943}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{5F2922CB-1E92-4259-8F54-30BF29EF4040}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{9E68C9A5-973A-43BC-85F9-E8055C815218}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{F8689F6A-6D9C-4E6C-8ADA-AEBE21A7B5D6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{8A4256BE-46C8-44D0-84F8-531FC916734A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{F74B3E1D-285E-4447-A3B7-A7860432A934}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{E5EC3AEF-102A-4167-88D4-B803D6A3A0E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{C675E239-C278-49A7-B897-95E62656987D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{976D8C1C-2A70-49F7-907B-D6803B0A6461}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{619C2B3C-401D-4C27-8CDF-48C325A6D6E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{1E88C240-148F-472A-AE9B-22B680564CE6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{4BF6CA25-E098-492D-A51E-FF8F43046E0D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{D878CD36-63CF-4F57-9B86-49F42FFD2A8A}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{B6E3240C-852B-422D-BDF9-14974C3F39CC}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{8907FFD4-0817-4BEE-9D61-D61974CD5D97}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow 2 Demo\bin\CLOS2DEMO.exe
FirewallRules: [{5464E92B-1A59-46CF-B4C3-20AFB9771A99}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow 2 Demo\bin\CLOS2DEMO.exe
FirewallRules: [{4E4A2723-C102-4AC7-BB84-C93123759DCE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3989D694-C530-4566-BEA4-3637A24698D6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{975CB929-F358-4819-8ECE-4F66761692DB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{820D6522-40E4-4FCF-879A-6A0A238F0D51}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{52066AE0-E2FB-44E4-9B96-90C4378CB32B}] => (Allow) D:\Program Files\Steam\SteamApps\common\BattleWorldsKronos\BattleworldsBuilder\BattleworldsBuilder.exe
FirewallRules: [{D5320418-0427-481A-9A8B-EBAA4E5B5111}] => (Allow) D:\Program Files\Steam\SteamApps\common\BattleWorldsKronos\BattleworldsBuilder\BattleworldsBuilder.exe
FirewallRules: [{7160C884-AC0E-4E40-AAB7-C5FED5A9046F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{BC91F2DA-B773-4982-9F3C-F8563B970FBC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{1F7BB3EA-E86C-40B0-8C47-8CF99013E859}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{382F965C-B85E-4C7D-A414-4DB4447A3718}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{24277499-B306-41A1-B2A9-E792D53BF983}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound_server.exe
FirewallRules: [{E70C633C-F515-4061-8135-9DE71E5A24A1}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound_server.exe
FirewallRules: [{55F22B51-EF6F-4E8E-A4A2-D7CE8BD77133}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound_server.exe
FirewallRules: [{29E1AD31-1EB9-4D18-855D-2C5C7BD49C7B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\starbound_server.exe
FirewallRules: [{D5791240-4FED-40B0-AC28-F5F43CCEA268}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{A9CEB083-50B1-463B-976B-0AE3FBB4B212}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{19671BA6-9DE0-4528-96C8-0B0131C75DDD}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{60FFE87E-96D1-4DBA-BD3C-F3BFCA9DD2F3}] => (Allow) D:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{D88DECD1-6B9C-45ED-8F59-6D07425EE045}] => (Allow) D:\Program Files\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{49BDFC64-0789-42FF-9347-276D5A627F3D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{A1C520A4-B5D4-46A2-9B1C-3FC1652EDC23}] => (Allow) D:\Program Files\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{AA1BE878-FD58-4DF7-946B-4F4D19A8AC57}] => (Allow) D:\Program Files\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{F979E342-06FA-4E43-8FE1-40D926A9365C}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{11EDACD8-D982-4714-BE6B-4755672A7F7E}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{387A61D8-A93A-43A8-819F-4D91D39A8AE0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{DE679DAF-69AC-42E9-99B2-E7FB91E39F23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D8C7FE6A-D8A5-4A43-9389-B93534171F65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{6BF5E364-D3A2-41BC-8C0D-50BE35B5F5CE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow 2\bin\CLOS2.exe
FirewallRules: [{B1795017-7C65-4C04-9750-A2E37A3CE5AB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow 2\bin\CLOS2.exe
FirewallRules: [{88D5303A-EAF8-43D8-9325-B5B4A7C98CEA}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\SupportTool.exe
FirewallRules: [{EC27B2E4-A258-48A0-9603-41124AF5FCDE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\SupportTool.exe
FirewallRules: [{E5424D7D-0C3A-42AA-90ED-911C5168302B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{A56A97D5-DE4C-47AF-BCE7-A822403927AC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{C02B6F82-9048-4FDE-890F-7BB9D9EF18C9}] => (Allow) D:\Program Files\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{25EE0BA0-1A9C-4917-A3B9-C8A92FDE13EF}] => (Allow) D:\Program Files\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{89309CFB-281B-42DB-AEEE-45641C2658B5}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{C98E816F-38DB-46B7-9197-F4B4A40D231B}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{5455F23E-BB72-4F6D-A3D2-FA62F93069A9}] => (Allow) D:\Program Files\Steam\SteamApps\common\Among the Sleep\Among the Sleep.exe
FirewallRules: [{C45BC7A4-A10B-4C19-A3D3-F13BB9F9C1BB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Among the Sleep\Among the Sleep.exe
FirewallRules: [{7130851F-7CC2-4CAF-95B6-22479026D72F}] => (Allow) C:\Program Files (x86)\AirPort\APAgent.exe
FirewallRules: [{46B2072D-9D31-4191-94ED-08B2DF789708}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\SupportTool.exe
FirewallRules: [{2EF68433-33D9-4A23-A3EC-8DD55ABE8277}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\SupportTool.exe
FirewallRules: [{E5DE6F01-D7C8-413B-87C0-BC3EC692C66C}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{023D7FEE-539A-46FD-A029-43B85AED8F6F}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{5664DC3F-0DD2-4898-80D7-9611315730A5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{EDC9C83E-236E-49AB-BCCC-94E273FBE584}] => (Allow) D:\Program Files\Steam\SteamApps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{5CD563D8-D334-401F-9A0B-6B119C86EC8E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{878E9C20-2DFC-4D3F-B1A4-A6D98C5ACC0D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{242147BD-1867-4F94-9566-A3BCE71AA527}] => (Allow) D:\Program Files\Steam\SteamApps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{A42A04C0-6352-4D95-B2EC-C288910606E5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{5E0EC2CA-40CE-4E3D-BE3C-01B8C679B964}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{15CA59F7-1956-4F04-9667-BDD3009617D3}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{1ED1B975-51F7-4B9E-9300-B9B9B5C0405A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{B13DEEB6-204F-4382-92DD-1394437F4541}] => (Allow) D:\Program Files\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{8E5F28C5-A24C-46CB-9F18-C583851E8A4E}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{36721C42-699F-4B08-8C1B-01FF51D1192A}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{4D926746-89D5-44F0-9F87-12FEB362BC52}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [{37433E1A-AE7D-4542-8192-A75438EFC9F6}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [TCP Query User{0643A6B7-9126-43A1-8876-5A8947B8D2C0}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3B511FA1-8406-4933-B3D9-3627A76B9209}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1B4343F7-2BAA-4A3B-A1BF-B47306253A63}] => (Allow) D:\Program Files\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{1DCD884B-F1BD-45A3-B6A7-BE46037798BA}] => (Allow) D:\Program Files\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{63E87E9D-748F-49A2-89C4-2CB1EA9966DB}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{16E49298-B36E-4B20-85B6-A5A177363AA5}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{8F8916EA-964D-45C7-92F0-22E0609B23EF}] => (Allow) D:\Program Files\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{DFE7D931-28B3-49D1-B61F-6EC87E75C5DA}] => (Allow) D:\Program Files\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{79EFEEDD-66EF-4ECA-8BE8-1BE3D101C7E6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{F506AACC-D60A-47DA-81D6-3B0DAE0CBEEE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{C406BB96-88E5-42C1-9814-3428FA3C47AA}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{B6254CA8-846C-468D-AE76-198190E2CE23}] => (Allow) D:\Program Files\Steam\SteamApps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{CF1D1183-EDEB-44A6-92C0-889BA928C82A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Legend of Grimrock 2\grimrock2.exe
FirewallRules: [{6C4145C6-9511-4C2F-906A-140936E73F3D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Legend of Grimrock 2\grimrock2.exe
FirewallRules: [{907FBD19-1221-48C3-AFFF-870DE9BBAD0B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{1CD7DADC-DCF3-4C7D-A11C-0071FE51982F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{A730F81A-31D6-46B2-A43C-42006AA27A2F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{4357E118-49EC-4F74-9015-7569915E3335}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{BCB0887F-6F88-4A59-BF85-63D4C7790F89}] => (Allow) D:\Program Files\Steam\SteamApps\common\ODP\ourdarkerpurpose.exe
FirewallRules: [{F94356F2-1656-414A-A2FB-A956E6EF9799}] => (Allow) D:\Program Files\Steam\SteamApps\common\ODP\ourdarkerpurpose.exe
FirewallRules: [{107A5789-E543-4A62-9158-44AE4314D0D2}] => (Allow) D:\Program Files\Steam\SteamApps\common\Massive Chalice\MC.exe
FirewallRules: [{30156E9F-FDC4-446B-99B6-8D7EF8751429}] => (Allow) D:\Program Files\Steam\SteamApps\common\Massive Chalice\MC.exe
FirewallRules: [{7E2E5569-8802-4DDB-B730-A11615F000D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{AE10A9AA-71E1-451A-9B13-ACC58BB33557}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{C43851B4-7FA4-4157-A349-4DA6542942AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{4AB5E18D-5CE8-47E2-8C4D-5BB3C2370929}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{8AE85B7F-D30D-4057-9988-3808DA5B8D7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{F3CF3261-3E12-4645-9CBE-1AE14E5BB5C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{5A2EC408-8A0C-471A-80D4-59F15CA6317D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{5476676F-DD45-4783-91D1-32314DACF5A7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{3005C0EB-0BB9-4220-B542-4A1572CC3849}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{A70E6740-249A-4B37-BF18-5AF236946495}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{B6890E2A-202E-4DCB-9573-F248BD9BBF2C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{F01AF7CE-8E10-40B1-A5FB-7DDD36216552}] => (Allow) D:\Program Files\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{DF47AFC5-BD3E-45F5-9D84-5E01AB43B55F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{F7701F8D-B90A-4AED-B078-D9AC89A85B21}] => (Allow) D:\Program Files\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{2C1DF266-254C-4BAD-A145-7C197B9E28C6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{B74D82AE-0A42-4FF0-8E2F-62F09A3D9E2F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{A8658D6B-9D8E-4517-ABA9-A40FBE5F39A8}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{D1CA11BE-870A-4A26-8D8A-9A3B1CE41BBF}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{C1E7CC6A-C030-44EB-A011-C5D431F1FC2C}] => (Allow) D:\Program Files\Steam\SteamApps\common\BattleWorldsKronos\Battleworlds Builder\BattleworldsBuilder.exe
FirewallRules: [{6E83CF89-112B-4731-A27E-EE4EB2112068}] => (Allow) D:\Program Files\Steam\SteamApps\common\BattleWorldsKronos\Battleworlds Builder\BattleworldsBuilder.exe
FirewallRules: [{4DDF7D2D-3A04-4F88-947F-51667B82C5E1}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{08321D96-E765-42CA-B5E1-AB733C977576}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{6A6674D6-F0EC-4EBB-B7E4-38AC0ACFFD9A}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{78CE12D6-078F-43DF-B647-D01EE6605945}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{D355552C-5BC5-48A1-BF37-CE04A9352551}] => (Allow) D:\Program Files\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{DCDDBE16-11F3-482F-A14A-5AD63BD3FE94}] => (Allow) D:\Program Files\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{062E7B51-EA45-483F-A4A6-AC51AC4F04FB}] => (Allow) D:\Program Files\Steam\SteamApps\common\StarCrawlers\StarCrawlers.exe
FirewallRules: [{2C5383F9-73BB-4C80-9D3E-C1A6AA882B17}] => (Allow) D:\Program Files\Steam\SteamApps\common\StarCrawlers\StarCrawlers.exe
FirewallRules: [{BA2D6204-25FD-4470-9ADF-5C7ECFFDC459}] => (Allow) D:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{407D3310-64C0-404A-A974-2ADDCC2F9F1B}] => (Allow) D:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [TCP Query User{FBC9F27A-8AA6-4E08-93A8-68BDFB6F24FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DFAA0A15-DD43-4CA9-A847-884F7D63CD97}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6CAF526F-7C58-4250-933A-5DCDBD2D9180}] => (Allow) D:\Program Files\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{115D9763-FB2F-4E85-84E6-FEC0756F3FEC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{387DA867-6F2B-4E02-B17B-146D10B9CFBC}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{48E4BC80-18D2-4E99-A415-1846C6669DB5}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{2344EE3B-8656-4EAF-A13B-3CC26D4178D6}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{5BD6AA2C-0C2B-4B44-9110-8DCA948C5777}] => (Allow) D:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{60FA15AD-33D2-41B3-9CB1-B6941B162CE7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magicka 2 Sneak Peek\engine\Magicka2.exe
FirewallRules: [{0990C566-D5A7-4239-9845-9531E97BB942}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magicka 2 Sneak Peek\engine\Magicka2.exe
FirewallRules: [{6C223F62-39E4-4D8E-8F27-B0867A3ACE5B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{886FAD59-7A10-463F-A2B5-5366DFC0E17E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{439DF99C-5689-430F-926A-38CF870EA534}] => (Allow) D:\Program Files\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{E1A7C312-646D-42A8-952F-51891531E6BE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{39F58A31-65E4-475F-A04E-8963F2FFC522}] => (Allow) D:\Program Files\Steam\SteamApps\common\Outland\Outland.exe
FirewallRules: [{CAAFA632-64B2-48A6-9E57-1AB8631D280C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Outland\Outland.exe
FirewallRules: [{7B4021D1-0151-483B-B2B6-1A28ED0BC2DC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{08F0F24A-4555-4771-B853-76695B58B7E9}] => (Allow) D:\Program Files\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{53775119-2804-47AD-B43C-EB30253A7414}] => (Allow) D:\Program Files\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{22F65293-044B-4B93-8A5C-7103574C1966}] => (Allow) D:\Program Files\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B7FCACD0-C604-414A-84D8-65BC296AB32C}] => (Allow) D:\Program Files\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{361DDD61-9641-468B-89C7-D6D165BE4DFD}] => (Allow) D:\Program Files\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{8794B96E-99F5-471E-A993-A98F76FFC1E0}] => (Allow) D:\Program Files\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{CCF08EF0-737E-4370-9FEC-F312ABB5106E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{83D75DDB-F210-4FAF-871D-001C56E178BB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{9018C160-C4FA-4172-AD53-2194068809D1}] => (Allow) D:\Program Files\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{400E8CA4-94EC-44D6-8146-7CB3409ACCC5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{F28A7EB8-5C6C-444A-B769-9FD39763C8F0}] => (Allow) D:\Program Files\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{74336F9F-5D4E-4D3F-8C5F-14FEF44FDF78}] => (Allow) D:\Program Files\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{E8DED508-36D6-4D37-B4F8-C6AB8A2691DD}] => (Allow) D:\Program Files\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{D53DE7B9-AE7B-4117-96AB-18233F1B4323}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow - Mirror of Fate HD\CMOF.exe
FirewallRules: [{63F10F44-5761-4CCE-A251-F1FD965A671A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Castlevania Lords of Shadow - Mirror of Fate HD\CMOF.exe
FirewallRules: [{07EC44E5-8AE9-4B70-B3A0-AD00037EF19B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Saints Row Gat out of Hell\SaintsRowGatOutOfHell.exe
FirewallRules: [{0987B328-25F9-4E93-A7C8-7A60297DEE1A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Saints Row Gat out of Hell\SaintsRowGatOutOfHell.exe
FirewallRules: [{E0451930-A36C-4802-A70D-4E4F8FB14061}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CFC50EA0-D18A-4DF5-8000-6C1E772090A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D1F3FFFC-3238-4E3C-B80F-CB055E8D84A7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{ED4A6305-4498-486B-B244-9F413577BCF8}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{A1D39482-999F-4488-82EA-759F0D07B750}] => (Allow) D:\Program Files\Steam\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{AE680E31-1EAF-42C3-A642-83F5CAA219E5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{D9349B5D-C21D-4835-9247-9B84DBDD2B15}] => (Allow) D:\Program Files\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{A7D747CD-F8C6-47C1-9F41-D0060750D763}] => (Allow) D:\Program Files\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{3524F848-113A-468E-B472-59C73A8CD75D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{A2B1B3C7-D7D9-4AE0-A242-B24453E6245C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{8EDA7CFB-AC61-4E40-97F8-FBB60A138F27}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{68189B20-04AD-47B7-9156-A4C7AD37EFEC}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{78F1F98B-9040-43D6-82D7-8E8D6169B377}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{354B6710-9607-4046-83BC-E706624C5B07}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{3B9C55AB-9608-4E7A-8F29-BB28F72DDAB8}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{5CB95ABC-DB30-41FA-8BDF-BB792E672701}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{5984F958-B578-42E6-BA84-BC6C85C04F6A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7FD3BC08-CC3C-43DD-B104-4F38EB14EA5E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0AD851BB-AFA8-4FF2-84C1-DF56627CABC4}] => (Allow) D:\Program Files\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{F653D05A-D164-415A-BC8E-7E66C06D3A31}] => (Allow) D:\Program Files\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{C8BDFB98-AC68-47D6-BD2F-D7165F9333A2}] => (Allow) D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{E964974C-5411-48BD-8520-6624A3C2FF7C}] => (Allow) D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{8311A531-A56F-418B-ACC4-E80348193575}] => (Allow) D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{DD4C0C21-E6A6-4F8D-811F-FC8E5EE148DF}] => (Allow) D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{EBAE42E0-FBF1-4C48-9199-6B7EC4DD1A55}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{E1361908-D55B-424E-B932-336353394D79}] => (Allow) D:\Program Files\Steam\SteamApps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{39906BB8-A86B-4E27-940B-DAFE9BD32F2F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{4A538A70-E378-4EF4-A08A-70887128A21A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{30C66EAB-EEA3-4F00-B240-6848848D9B8F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{4256FF9F-D8B1-47A7-B090-89E5FCFF4AD5}] => (Allow) D:\Program Files\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{A7996F6B-D0DB-4ED5-97F2-24F95CB6FECC}] => (Allow) D:\Program Files\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{4E525DE8-7E12-48DF-AA05-ECE5AD64BF3F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{F1553B15-E8BF-4298-8B8B-EC8707031C9F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Crawl\Crawl.exe
FirewallRules: [{0C92F38F-03B8-49DB-80AE-76383D344D96}] => (Allow) D:\Program Files\Steam\SteamApps\common\Crawl\Crawl.exe
FirewallRules: [{1801CA36-2F1D-42A8-B019-44A80B82F6C8}] => (Allow) D:\Program Files\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{F10A6782-EBD8-4377-9E5D-21A4CB931B01}] => (Allow) D:\Program Files\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{6DBB2DEA-EA7D-4DEB-A8E6-0E74186B97FD}] => (Allow) D:\Program Files\Steam\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{8B305339-DCE5-425E-BC29-1A0B5A4BDCA2}] => (Allow) D:\Program Files\Steam\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{106FB401-0968-4E4E-A74B-45356EE376CA}] => (Allow) D:\Program Files\Steam\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{6BCC81FA-750B-4C77-BA67-BF928A7E318B}] => (Allow) D:\Program Files\Steam\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{42868D0B-4A6F-4528-8344-25AF5E66832E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{7AD1F1A4-A9B7-4DF9-B916-C48FEBF561C6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{E163CBB7-1672-4F5F-8B3F-F97245B2A8D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B4F0718F-0F61-4485-A2E2-D40AE56C254D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FF950A6F-DDA6-42E0-AB56-5AB4FD4A587F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4E22C913-36BF-4CEE-A573-D82C97194394}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{523F7204-53CE-4439-B9C2-7AB774541DEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BD3DB9EC-5A6C-4AD7-BD33-98654F8E22B0}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex\System\Revision.exe
FirewallRules: [{D54618DF-D5A0-49B0-B50B-3067BEEC3D8D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Deus Ex\System\Revision.exe
FirewallRules: [{A186EE9E-B127-4FB7-91F1-A44884C2F045}] => (Allow) D:\Program Files\Steam\SteamApps\common\Broforce\Broforce_beta.exe
FirewallRules: [{FADD1C36-A3B5-40CA-AD99-FB4B79ED8710}] => (Allow) D:\Program Files\Steam\SteamApps\common\Broforce\Broforce_beta.exe
FirewallRules: [{52B936A0-C88C-4226-881D-F9E4E4EEF940}] => (Allow) D:\Program Files\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{8263295D-36E5-4AF2-A933-038EF7A49E9D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B87B1DA4-2D01-4A6B-BCB8-80E1E9D4AA03}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{F494E864-1B65-40FD-BC31-EAA4EB2D0370}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{DC6F41FB-669F-46D9-BA5A-C13816ABB289}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{DB8397C6-54E0-4131-B8FF-3E48432C28EE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{620827C1-9764-44AC-89F8-0F851B71ADD7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Skyshine\win32\Skyshines BEDLAM.exe
FirewallRules: [{291416E6-0B23-48C4-A980-F824C14137E7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Skyshine\win32\Skyshines BEDLAM.exe
FirewallRules: [{73C54003-0B92-4A5A-92EA-8E8DEBFD820B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4B089A4-3652-49AB-937A-D942871D0D00}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8012314E-4F94-4A1C-8F50-2DA5B8045070}] => (Allow) D:\Program Files\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{47D28776-DE8D-43BC-88E5-640A23B5A4FD}] => (Allow) D:\Program Files\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{83EDCC21-6570-4496-8FD0-E40C2016F239}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{AF9607B4-038B-4F8D-8B83-69EA7CCD5599}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{26BAE4C6-4FAD-40F0-A490-786F02E4BA31}] => (Allow) D:\Program Files\Steam\SteamApps\common\ShooterUltimate\ShooterUltimate.exe
FirewallRules: [{1A7A0822-69CC-48D4-8792-533A66C060BD}] => (Allow) D:\Program Files\Steam\SteamApps\common\ShooterUltimate\ShooterUltimate.exe
FirewallRules: [{64F14642-E220-4715-8BBD-E636B5947364}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{AF0660E1-97B8-472B-809D-E91659D0BDC3}] => (Allow) D:\Program Files\Steam\SteamApps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{43C440E3-BDC9-4C6D-B6A0-58BD76C355C8}] => (Allow) D:\Program Files\Steam\SteamApps\common\StarCrawlers\StarCrawlers_x86_64.exe
FirewallRules: [{85B831E4-2DFC-4373-A873-32CD2C659823}] => (Allow) D:\Program Files\Steam\SteamApps\common\StarCrawlers\StarCrawlers_x86_64.exe
FirewallRules: [{E0AF0248-AB0E-44BF-AEC8-FE87F313B38F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{809FE91F-2157-4B0B-8924-B200B92A6DDB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{AD50BBF5-BD78-44BA-A7F5-B1F1D993E53F}] => (Allow) D:\Program Files\Steam\SteamApps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{95BD4387-FBAC-41C8-975C-CC3C68017F92}] => (Allow) D:\Program Files\Steam\SteamApps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{C999DC6A-13F6-4E84-9F94-CA9F0CC3F19E}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{4A85679E-51EA-4CE7-83F1-3A9D5BF0013C}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{2274D31E-A565-492F-B447-51F64D6F6882}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{14A6C098-C6BA-451E-940D-F94E18D00891}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{112235EB-72C0-422E-A7FB-EDC0656F1E76}] => (Allow) D:\Program Files\Steam\SteamApps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{C58AC9DA-7A21-4ED8-B0BD-94B9D021D432}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{05789D91-4C93-48F9-BE30-307CCDF25E5A}] => (Allow) D:\Program Files\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{7B90EEC3-F1E1-4982-810D-579BFBE98C0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D07AEF7-156B-4E2E-BACF-A20B4DFF1203}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{27400842-05C2-4145-BE06-85A98291528B}] => (Allow) D:\Program Files\Steam\SteamApps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{6FAB26CE-C80A-4314-9973-CAB71F8B988B}] => (Allow) D:\Program Files\Steam\SteamApps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{5509ABA6-DF9D-4EAC-9AC8-B65FD1C85127}] => (Allow) D:\Program Files\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{A8D33DE2-4C5E-4E06-B228-E3F66466541F}] => (Allow) D:\Program Files\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{1172BAEE-4CC3-419B-9294-DE85ABBD5012}] => (Allow) D:\Program Files\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{EC5DDBB1-34E7-4E0F-A2A0-555D9AA2526E}] => (Allow) D:\Program Files\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{3409D4F8-677A-4F64-BE17-198015F18822}] => (Allow) D:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B0E8AE08-3C6C-4889-B9D9-07DABFBB4308}] => (Allow) D:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{73FA8B1A-4FBE-4039-AC56-5477E9D4042C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Jotun\Jotun.exe
FirewallRules: [{F1C6FE85-89CB-45BB-8A7D-E23A433D135B}] => (Allow) D:\Program Files\Steam\SteamApps\common\Jotun\Jotun.exe
==================== Wiederherstellungspunkte =========================
18-12-2015 17:46:46 Windows Update
19-12-2015 00:21:23 Windows Update
22-12-2015 18:28:46 Windows Update
27-12-2015 23:17:30 Windows Update
31-12-2015 00:11:05 Entfernt Hi-Rez Studios Games
31-12-2015 09:57:36 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/27/2015 11:15:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 5.9.9.F.6.6.A.4.E.C.D.1.3.6.4.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Philip-PC-2.local.
Error: (12/27/2015 11:15:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.5.110:5353 17 5.9.9.F.6.6.A.4.E.C.D.1.3.6.4.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Philip-PC.local.
Error: (12/27/2015 11:15:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 110.5.168.192.in-addr.arpa. PTR Philip-PC-2.local.
Error: (12/27/2015 11:15:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.5.110:5353 17 110.5.168.192.in-addr.arpa. PTR Philip-PC.local.
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Philip-PC.local already in use; will try Philip-PC-2.local instead
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Philip-PC.local. Addr 192.168.5.110
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.5.110:5353 16 Philip-PC.local. AAAA 2003:0045:4971:DCE3:7463:1DCE:4A66:F995
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Philip-PC.local. AAAA FE80:0000:0000:0000:7463:1DCE:4A66:F995
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.5.110:5353 16 Philip-PC.local. AAAA 2003:0045:4971:DCE3:7463:1DCE:4A66:F995
Error: (12/27/2015 11:15:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Philip-PC.local. Addr 192.168.5.110
Systemfehler:
=============
Error: (12/31/2015 09:57:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VIA Karaoke digital mixer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Realtek11nSU" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/31/2015 09:53:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2014-09-13 20:04:04.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 20:04:04.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 20:04:04.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 20:04:04.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 19:58:47.843
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-13 19:58:47.763
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:22:58.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:22:58.668
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:22:58.665
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:22:58.664
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3550 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 8147.52 MB
Verfügbarer physikalischer RAM: 6468.62 MB
Summe virtueller Speicher: 16293.24 MB
Verfügbarer virtueller Speicher: 14362.75 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:7.02 GB) NTFS
Drive d: (Games) (Fixed) (Total:1863.01 GB) (Free:202.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 41AC5349)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 41AC5336)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
31.12.2015, 11:12
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pishing-Mail Paypal link angeklickt ohne Daten einzugeben FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.12.2015, 11:26
| #10 |
| | Pishing-Mail Paypal link angeklickt ohne Daten einzugebenCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-12-2015
durchgeführt von Philip (2015-12-31 11:24:16) Run:1
Gestartet von D:\Downloads
Geladene Profile: Philip (Verfügbare Profile: Philip)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
emptytemp:
*****************
EmptyTemp: => 2.7 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:24:32 ====
|
|
31.12.2015, 11:35
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pishing-Mail Paypal link angeklickt ohne Daten einzugeben Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.12.2015, 20:03
| #12 |
| | Pishing-Mail Paypal link angeklickt ohne Daten einzugebenCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 31.12.2015 Suchlaufzeit: 13:38 Protokolldatei: mbamlog.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.31.03 Rootkit-Datenbank: v2015.12.26.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Philip Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 398457 Abgelaufene Zeit: 5 Min., 29 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f7fd74733792674ab4efb82c5cd2a8ff
# end=init
# utc_time=2015-12-31 12:46:06
# local_time=2015-12-31 01:46:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27441
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f7fd74733792674ab4efb82c5cd2a8ff
# end=updated
# utc_time=2015-12-31 12:53:47
# local_time=2015-12-31 01:53:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f7fd74733792674ab4efb82c5cd2a8ff
# engine=27441
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-31 05:45:23
# local_time=2015-12-31 06:45:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 18597 15806175 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 31121 203213773 0 0
# scanned=980673
# found=0
# cleaned=0
# scan_time=17495
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 20.0.0.235
Mozilla Firefox (43.0.2)
Google Chrome (47.0.2526.106)
Google Chrome (47.0.2526.80)
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 16.0.0 avp.exe
Kaspersky Lab Kaspersky Internet Security 16.0.0 avpui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
01.01.2016, 21:16
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pishing-Mail Paypal link angeklickt ohne Daten einzugeben Java am besten deinstallieren, es wird im Prinzip nicht mehr gebraucht. Sieht soweit ok aus  Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.01.2016, 11:45
| #14 |
| | Pishing-Mail Paypal link angeklickt ohne Daten einzugeben Nein wenn ihr sagt, dass alles okay ist, kein Test hat ja angeschlagen! Viel Arbeit für nix, aber besser so als anders! Ich lasse euch eine kleine Spende da. Vielen Dank! |
|
02.01.2016, 21:25
| #15 | ||||||||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pishing-Mail Paypal link angeklickt ohne Daten einzugeben Nur ein wenig Junkware wurde gefunden  Dann wären wir durch! Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Abschließend müssen wir noch ein paar Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden. Alternativen zu NoScript (wenn um das das Verhindern von Usertracking und Werbung auf Webseiten) geht wären da Ghostery oder uBlock. Ghostery ist eine sehr bekannte Erweiterung, die aber auch in Kritik geraten ist, vgl. dazu bitte diesen Thread => Ghostery schleift Werbung durch Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Pishing-Mail Paypal link angeklickt ohne Daten einzugeben |
| bonjour, browser, computer, desktop, dnsapi.dll, email, firefox, home, homepage, installation, kaspersky, launch, mozilla, onedrive, prozesse, realtek, registry, rundll, scan, schutz, security, services.exe, software, spam, svchost.exe, system, usb, windows |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
