| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: McAfee entdeckt Artemis!D.....Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.01.2016, 16:45
| #1 |
 |  McAfee entdeckt Artemis!D..... Hallo Trojaner Board  mein MCAfee hat folgendes Programm gefunden Artemis!D8CC2F9DA20C McAfee scheint es zwar noch zu blockieren aber ich mache mir schon sorgen Ich hoffe Ihr könnt mir wiedereinmal aus der Patsche helfen  Vielen Dank im Vorraus Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-01-2016
durchgeführt von Blutrunstjack (Administrator) auf KABELJAU (25-01-2016 17:19:23)
Gestartet von C:\Users\Blutrunstjack\Downloads
Geladene Profile: Blutrunstjack (Verfügbare Profile: Blutrunstjack)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\DAODx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ICQ) C:\Users\Blutrunstjack\AppData\Roaming\ICQM\icq.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613024 2010-09-27] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-09-27] (Atheros Commnucations)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [723392 2015-12-03] (McAfee, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1699400 2016-01-05] (APN)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [SL-6397 Gaming Mouse] => C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe [3587584 2013-09-30] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [icq] => C:\Users\Blutrunstjack\AppData\Roaming\ICQM\icq.exe [28698984 2013-09-26] (ICQ)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2015-12-17] (Electronic Arts)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-10] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [249104 2016-01-14] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [221456 2016-01-14] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-09-29]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{92AFD7D6-B5F1-4D39-8E0F-49918F6CBEBD}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CE2A24CB-B01C-4EDD-8EEB-1441741BFBB6}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0&ocid=iehp
URLSearchHook: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 -> DefaultScope {C6F85299-3F43-4331-9B4A-191B93AE797A} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE544D20151108&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 -> {5F2B4220-82A3-4874-BD29-F35282E25615} URL = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 -> {C6F85299-3F43-4331-9B4A-191B93AE797A} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE544D20151108&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-09-27] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-22] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-12-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-12-03] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: hxxp://www.google.de/
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=mcafee&type=B111DE544D20130105&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-22] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3928150652-2756980015-3035233101-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Blutrunstjack\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\searchplugins\ask-search.xml [2014-04-21]
FF SearchPlugin: C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\searchplugins\BrowserDefender.xml [2013-06-26]
FF SearchPlugin: C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\searchplugins\McSiteAdvisor.xml [2016-01-25]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-10-24]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]
FF Extension: WEB.DE MailCheck - C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\extensions\browser-mailcheck@web.de [2015-12-15]
FF Extension: New Tab by Yahoo - C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-09-24] [ist nicht signiert]
FF Extension: Ask Toolbar - C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\Extensions\toolbar_ORJ-V7C@apn.ask.com.xpi [2016-01-14]
FF Extension: Adblock Plus - C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-01-16] [ist nicht signiert]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-08-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-22]
CHR Extension: (Yahoo Web) - C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2015-08-22]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-01-05] (APN LLC.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-09-27] (Atheros Commnucations) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-22] ()
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3246864 2016-01-14] (Client Connect LTD)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-18] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-12-03] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-05] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] ()
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ArvoFltr; C:\Windows\System32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
S0 symsnap; system32\DRIVERS\symsnap.sys [X]
U2 V2iMount; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-25 17:19 - 2016-01-25 17:23 - 00025618 _____ C:\Users\Blutrunstjack\Downloads\FRST.txt
2016-01-25 17:19 - 2016-01-25 17:19 - 00000000 ____D C:\FRST
2016-01-25 17:18 - 2016-01-25 17:18 - 02370560 _____ (Farbar) C:\Users\Blutrunstjack\Downloads\FRST64.exe
2016-01-25 16:54 - 2016-01-25 16:54 - 00602112 _____ (OldTimer Tools) C:\Users\Blutrunstjack\Downloads\OTL.exe
2016-01-25 16:52 - 2016-01-25 16:53 - 22908888 _____ (Malwarebytes ) C:\Users\Blutrunstjack\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-24 18:50 - 2016-01-24 18:50 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-01-24 16:42 - 2016-01-25 16:27 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa
2016-01-24 16:42 - 2016-01-24 16:42 - 00003514 _____ C:\Windows\System32\Tasks\bvxvbxxvaa
2016-01-14 23:27 - 2016-01-25 16:26 - 00003846 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-01-14 21:04 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-14 21:04 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-14 21:04 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-14 21:04 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-14 21:04 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-14 21:04 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-14 21:04 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-14 21:04 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-14 21:04 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-14 21:04 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-14 21:04 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-14 21:04 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-14 21:04 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-14 21:04 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-14 21:04 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-14 21:04 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-14 21:04 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-14 21:04 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-14 21:04 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-14 21:04 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-14 21:04 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-14 21:04 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-14 21:04 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-14 21:04 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-14 21:04 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-14 21:04 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-14 21:04 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-14 21:04 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-14 21:04 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-14 21:04 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-14 21:04 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-14 21:04 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-14 21:04 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-14 21:04 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-14 21:04 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-14 21:04 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-14 21:04 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-14 21:04 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-14 21:04 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-14 21:04 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-14 21:04 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-14 21:04 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-14 21:04 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-14 21:04 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-14 21:04 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-14 21:04 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-14 21:04 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-14 21:04 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-14 21:04 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-14 21:04 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-14 21:04 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-14 21:04 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-14 21:04 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-14 21:04 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-14 21:04 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-14 21:04 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-14 21:04 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-14 21:04 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-14 21:04 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-14 21:04 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-14 21:04 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-14 21:04 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-14 21:04 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-14 21:04 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-14 21:04 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-14 21:04 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-14 21:04 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-14 21:04 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-14 21:04 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-14 21:04 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-14 21:04 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-14 21:04 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-14 21:04 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-14 21:04 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-14 21:04 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-14 21:04 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-14 21:04 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-14 21:04 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-14 21:04 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-14 21:04 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-14 21:04 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-14 21:04 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-14 21:04 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-14 21:04 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-14 21:04 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-14 21:04 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-14 21:03 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-14 21:03 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-14 21:03 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-14 21:03 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-14 21:03 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-14 21:03 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-14 21:03 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-14 21:03 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-14 21:03 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-14 21:03 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-14 21:03 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-14 21:02 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-14 21:02 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-14 21:02 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-14 21:02 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-14 21:02 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-14 21:02 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-14 21:02 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-14 21:02 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-14 21:02 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-14 21:02 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-14 21:02 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-14 21:02 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-14 21:02 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-14 21:02 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-14 21:02 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-14 21:02 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-14 21:02 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-14 21:02 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-14 21:02 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-14 21:02 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-14 21:02 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-14 21:02 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-14 21:02 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-14 21:02 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-14 21:02 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-14 21:02 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-14 21:02 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-14 21:02 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-14 21:02 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-14 21:02 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-14 21:02 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-14 21:02 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-14 21:02 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-14 21:02 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-14 21:02 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-14 21:02 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-14 21:02 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-14 21:02 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-14 21:02 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-14 21:02 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-14 19:01 - 2016-01-14 19:01 - 00000222 _____ C:\Users\Blutrunstjack\Desktop\Neverwinter.url
2016-01-14 18:56 - 2016-01-14 18:56 - 00002545 _____ C:\Users\Blutrunstjack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2016-01-14 18:56 - 2016-01-14 18:56 - 00002515 _____ C:\Users\Blutrunstjack\Desktop\DC Universe Online.lnk
2016-01-14 18:56 - 2016-01-14 18:56 - 00000000 ____D C:\Users\Public\Daybreak Game Company
2016-01-14 18:54 - 2016-01-14 18:55 - 33430408 _____ C:\Users\Blutrunstjack\Downloads\DCUO_setup(1).exe
2016-01-14 18:51 - 2016-01-14 22:19 - 00000000 ____D C:\Users\Blutrunstjack\AppData\LocalLow\Daybreak Game Company
2016-01-14 18:51 - 2016-01-14 18:57 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\Daybreak Game Company
2016-01-14 16:15 - 2016-01-14 16:15 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-01-14 16:07 - 2016-01-14 19:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-25 17:23 - 2009-07-14 05:45 - 00026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-25 17:23 - 2009-07-14 05:45 - 00026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-25 17:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-25 17:10 - 2014-01-24 15:21 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\Battle.net
2016-01-25 17:09 - 2014-01-24 15:20 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-01-25 17:04 - 2013-01-04 19:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-25 16:56 - 2013-01-05 15:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-25 16:42 - 2013-01-04 15:27 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-25 16:27 - 2015-09-05 09:23 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2016-01-25 16:15 - 2014-03-14 14:23 - 00000000 ____D C:\ProgramData\Origin
2016-01-25 16:15 - 2013-01-05 15:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-25 16:15 - 2012-12-28 15:26 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-25 16:15 - 2011-06-26 21:08 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-01-25 16:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-23 15:17 - 2013-11-20 12:09 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\Warframe
2016-01-23 01:09 - 2015-03-12 23:19 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-01-22 21:54 - 2013-10-22 12:18 - 00000000 ____D C:\ProgramData\Oracle
2016-01-22 21:53 - 2014-10-18 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-22 21:53 - 2014-10-18 11:07 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-22 21:52 - 2015-08-21 19:22 - 00000000 ____D C:\Users\Blutrunstjack\.oracle_jre_usage
2016-01-22 21:52 - 2014-10-18 11:07 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-22 14:22 - 2015-08-28 22:24 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\ElevatedDiagnostics
2016-01-21 16:04 - 2013-01-05 15:21 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-20 19:04 - 2013-01-04 19:17 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 19:04 - 2013-01-04 19:17 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 19:04 - 2013-01-04 19:17 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-20 15:57 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2016-01-20 15:57 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2016-01-20 15:57 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-20 15:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-18 16:54 - 2015-12-21 15:04 - 00000073 _____ C:\Users\Blutrunstjack\Desktop\Neues Textdokument (2).txt
2016-01-17 11:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-16 13:04 - 2009-07-14 05:45 - 00278112 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-16 12:59 - 2014-12-13 09:22 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-16 12:59 - 2014-05-06 21:45 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-16 12:57 - 2014-01-13 15:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-16 12:57 - 2014-01-13 15:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-16 12:57 - 2013-01-08 16:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-15 13:28 - 2014-01-13 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-15 13:27 - 2013-11-09 16:30 - 00000000 ____D C:\Windows\system32\MRT
2016-01-15 13:21 - 2013-11-09 16:30 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-15 11:24 - 2013-01-17 19:42 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-01-14 23:27 - 2013-01-05 14:38 - 00000000 ____D C:\ProgramData\McAfee
2016-01-14 22:18 - 2013-01-04 19:32 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-01-14 22:17 - 2013-01-04 19:32 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-01-14 16:19 - 2013-01-05 14:54 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-01-14 15:47 - 2014-12-23 21:09 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 15:36 - 2013-02-09 12:59 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\CrashDumps
2016-01-03 20:09 - 2015-04-18 20:30 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Roaming\TS3Client
2015-12-29 12:23 - 2014-01-24 15:26 - 00000000 ____D C:\Program Files (x86)\Hearthstone
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-06-25 12:15 - 2014-06-25 12:15 - 0000000 _____ () C:\Users\Blutrunstjack\AppData\Local\{1125B769-203C-4C79-93A4-DC1F6E32B23F}
2014-08-01 18:01 - 2014-08-01 18:01 - 0000000 _____ () C:\Users\Blutrunstjack\AppData\Local\{646AAE1F-C245-4289-B08B-112E9E68EB8E}
2014-07-18 15:16 - 2014-07-18 15:16 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Blutrunstjack\AppData\Local\Temp\APNSetup.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\APNStub.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\AskSLib.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\DivXSetup.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\Gw2.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\ieacafs4.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jwl4y9oi.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvStInst.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\SRLDetectionLibrary2229328789752113784.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\stubhelper.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\tmd_34019578.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\vry5kp9j.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\ytb.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_is2AE6.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_is59B3.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_is63E0.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_is8A7.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_isC792.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-20 19:10
==================== Ende von FRST.txt ============================
Geändert von Mario1990 (25.01.2016 um 17:29 Uhr) |
|
25.01.2016, 19:07
| #2 |
| /// TB-Ausbilder   | McAfee entdeckt Artemis!D..... Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Bitte die genaue Fundmeldung von McAfee posten, mit "Artemis!D8CC2F9DA20C" kann man nichts anfangen. Wo hat McAfee die Schadsoftware gefunden (Pfad, Dateiname)? Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
25.01.2016, 19:45
| #3 |
| | McAfee entdeckt Artemis!D..... Ok vielen Dank
__________________McAfee Scant gerade noch irgendwie finde ich den Dateipfad nicht mehr welcher angezeigt wurde :/ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-01-2016
durchgeführt von Blutrunstjack (2016-01-25 17:24:41)
Gestartet von C:\Users\Blutrunstjack\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-01-04 20:42:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3928150652-2756980015-3035233101-500 - Administrator - Disabled)
Blutrunstjack (S-1-5-21-3928150652-2756980015-3035233101-1001 - Administrator - Enabled) => C:\Users\Blutrunstjack
Gast (S-1-5-21-3928150652-2756980015-3035233101-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3928150652-2756980015-3035233101-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Out of date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Out of date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeblade (HKLM-x32\...\Steam App 207230) (Version: - CodeBrush Games)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C2600}) (Version: 12.38.0.404 - APN, LLC) <==== ACHTUNG
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.34 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2568 - CDBurnerXP)
Conquest of Champions (HKLM-x32\...\Steam App 266450) (Version: - Kihon Inc.)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DC Universe Online (HKLM-x32\...\Steam App 24200) (Version: - Sony Online Entertainment)
DC Universe Online (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\DGC-DC Universe Online) (Version: 1.0.3.191 - Daybreak Game Company)
DC Universe Online Live (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
DC Universe Online PSG (2) (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\soe-DC Universe Online PSG (2)) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online PSG (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
Dethroned! (HKLM-x32\...\Steam App 269390) (Version: - Treehouse Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dizzel (HKLM-x32\...\Steam App 315640) (Version: - NSStudio)
Dogs of War Online - Beta (HKLM-x32\...\Steam App 219700) (Version: - Cyanide Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
Free M4a to MP3 Converter 9.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube Download version 3.2.46.1009 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.1009 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.82 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Guns and Robots (HKLM-x32\...\Steam App 293540) (Version: - Masthead Studios Ltd)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - Square Enix)
HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{7B732633-C9ED-44DF-98E7-BBBE3D9220C9}) (Version: 31.0.1176.42778 - Hewlett-Packard Co.)
HP Officejet 2620 series Hilfe (HKLM-x32\...\{B356F70C-F1AD-4B24-B2DD-6EAABFCB1B33}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{95CECD78-72C9-4C03-8693-4C97A02AE702}) (Version: 5.005.001.002 - Hewlett-Packard)
ICQ 8.1 (build 6337) (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version: - Lightmare Studios)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2219 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6136 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.207 - McAfee, Inc.)
MechWarrior Online (HKLM-x32\...\{73bcb521-8936-42d7-ad00-ec2bb399e26c}) (Version: 1.4.3.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.3.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Might & Magic: Duel of Champions (HKLM-x32\...\Steam App 256410) (Version: - Ubisoft Quebec)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.4 - NETGEAR)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version: - Cryptic Studios)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version: - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Perpetuum (HKLM-x32\...\Steam App 223410) (Version: - Avatar Creations)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 3.0.300.22 - Client Connect LTD) <==== ACHTUNG
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2215.6 - Hi-Rez Studios)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.4.28745 - Electronic Arts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version: - FireFly Studios)
Stronghold Kingdoms (HKLM-x32\...\Steam App 47410) (Version: - FireFly Studios)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{D50F73B5-2FD6-4ADB-895A-852533FDAC37}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.9.6 - Electronic Arts)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version: - Haemimont Games)
Unity Web Player (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
War of the Roses (HKLM-x32\...\Steam App 42160) (Version: - Fatshark)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version: - Relic)
Warhammer 40,000: Storm of Vengeance (HKLM-x32\...\Steam App 254650) (Version: - Eutechnyx)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinMend Folder Hidden 1.4.9 (HKLM-x32\...\WinMend Folder Hidden_is1) (Version: - WinMend.com)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {012F02A6-5F76-4CA4-BD5E-2EE1659CFA51} - System32\Tasks\{4D68B7D7-9EF1-434A-B908-501C0018BB07} => pcalua.exe -a C:\Users\BLUTRU~1\AppData\Local\Temp\jre-8u66-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {0F86FD89-385C-4576-9250-B2252F9591CF} - System32\Tasks\RealCreateProcessScheduledTask39241786S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {21B1F005-8405-484C-A734-BAFA294ED322} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {21B244F7-DA9D-4316-9FEF-FE675754ADE3} - System32\Tasks\{1EC43058-A315-40B4-8C56-92C797F0DD42} => pcalua.exe -a C:\Users\Blutrunstjack\Downloads\jxpiinstall(2).exe -d C:\Users\Blutrunstjack\Downloads
Task: {24A131ED-BC65-493C-A22C-CE6CC5BD8AF5} - System32\Tasks\RealCreateProcessScheduledTask36274148S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {28CC714A-7AA0-4E59-8B4F-C128F8FA2346} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2E55A66F-4BF0-44AC-9F4D-433CA6511574} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {3F5F40D9-249E-4E18-BBC3-F0CF017539BE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {4107F2A4-67F0-4CB9-AE85-F83E7361B7C3} - System32\Tasks\RealCreateProcessScheduledTask26151882S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {434740BC-A688-4623-BF61-D84CFD24B1F3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {4CD716C1-D7EE-49A4-B204-74F4D2E36AD0} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ACHTUNG
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5D415DAC-9095-4E80-8E64-748060FF1A32} - System32\Tasks\RealCreateProcessScheduledTask67423S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {75BEA835-4A42-45C1-8C63-58725CB27B5F} - System32\Tasks\RealCreateProcessScheduledTask16677240S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {76C7E38F-BD45-42EA-AEE3-2BC295676FB0} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2016-01-14] (McAfee, Inc.)
Task: {82A0A3BE-9F86-4B3F-BC15-62A68FBEC495} - System32\Tasks\RealCreateProcessScheduledTask19374247S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {91358CF9-BD3F-49A5-86C7-BCF629B88029} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {95257B9B-8716-466B-93B7-1471593DB85C} - System32\Tasks\bvxvbxxvaa => C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\bvxvbxxvaa.exe [2016-01-14] () <==== ACHTUNG
Task: {957CD9E6-A833-453C-B34E-0772E063A26C} - System32\Tasks\RealCreateProcessScheduledTask118600352S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {9D759583-D093-4D62-8787-AA5A33B65F8F} - \ASUS\i-Setup042718 -> Keine Datei <==== ACHTUNG
Task: {9FBCAB26-52DC-4B3A-95D5-AEBCBD50E7D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A15D45DD-3698-4408-8A7B-0E65B994C413} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A629919E-428E-4AEA-88D9-29F8CE0B561F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {A6E072A3-1C6A-4049-A453-2FD09AC29A7C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {C46805CC-C392-4C2B-96DA-80061FE16327} - System32\Tasks\RealCreateProcessScheduledTask15357814S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {C7FD14C0-FE11-49CE-B965-542E6191E5C3} - System32\Tasks\RealCreateProcessScheduledTask15677632S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {CA3C8B03-C936-417F-A5F8-895471F72E96} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {CD720D9C-1C84-4452-B146-65B7FE9A841E} - System32\Tasks\RealCreateProcessScheduledTask26482916S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DF0A6B1A-BD34-42FA-AD8E-D20F01A86F8C} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {ECD351D5-83B2-49F3-A526-0B6A1247F069} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {F79A0F60-21F9-4BAD-B5F1-7870B7DC22F0} - System32\Tasks\RealCreateProcessScheduledTask1801374S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {F95668A2-0DD1-4753-A9EA-C89D93ED87B6} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2016-01-14] (McAfee, Inc.)
Task: {F95F5575-7B94-45C1-A87A-7862F3C26F3D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-11-25 17:02 - 2015-11-14 07:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-03-30 07:32 - 2009-03-30 07:32 - 00032768 ____R () C:\Windows\DAODx.exe
2015-09-29 17:21 - 2014-08-18 16:49 - 08274648 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2014-08-01 18:26 - 2013-09-30 12:40 - 03587584 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-12-02 20:24 - 2013-12-05 08:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-09-29 17:21 - 2014-08-18 16:50 - 00316120 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-04 09:28 - 2015-11-16 04:35 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 17:10 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-30 14:46 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-30 14:46 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-30 14:46 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 10:50 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 12:32 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 12:32 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 12:32 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 12:32 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 12:32 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-01-04 15:30 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-25 08:25 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2013-09-26 10:39 - 2013-09-26 10:39 - 00851456 _____ () C:\Users\Blutrunstjack\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2015-04-10 15:09 - 2015-12-17 08:04 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-03-14 14:28 - 2015-12-17 08:03 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-03-14 14:28 - 2015-12-17 08:03 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-03-14 14:28 - 2015-12-17 08:03 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-03-14 14:28 - 2015-12-17 08:03 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-03-14 14:28 - 2015-12-17 08:03 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-03-14 14:28 - 2015-12-17 08:03 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-03-14 14:28 - 2015-12-17 08:03 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-03-14 14:28 - 2015-12-17 08:04 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2015-09-29 17:21 - 2014-07-22 09:18 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2014-08-01 18:26 - 2013-09-30 12:39 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Lang.dll
2014-08-01 18:26 - 2013-01-29 15:15 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\hiddriver.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-09-29 17:21 - 2015-02-26 19:19 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2013-01-04 15:30 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-01-20 19:04 - 2016-01-20 19:04 - 17882304 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
2015-01-30 14:46 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-12-17 14:43 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7ED12462-E64A-4003-9C8A-B99913EB06C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{311BD890-90CA-4608-B3EA-666B9405E17A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A650861E-7725-4ADA-8CFB-9E109BFF2B2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0D1B225E-F07C-4D83-81CE-182A9240D59D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3464061F-3B7E-47EE-9FB5-5356E8DD7C35}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{75AA163E-7F5D-461F-80E2-F7055BDFF097}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{619CF930-A46E-4681-A73D-439DFB992D59}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{70BD3EE5-5A28-445E-9109-9C1D33F9814A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D4B7B7D6-7BFC-4A24-91B6-D9B586D45271}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{E80E8E10-1888-4E53-9ABC-3711873E55EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{6C909CC0-7B86-4D28-83BE-567E582B686A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{11EDBDF8-71BE-4B98-A18E-B14F9EDB56A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{2E209728-DE59-401F-BEA9-25E056D847BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{16E4CAF0-31E3-4331-8564-EB205DD3C052}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{FD872D13-7CD5-4F62-9D06-BD9B5664049B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{311BA93D-F0E6-42DC-A7C2-2A8F74545EDB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{4F562327-E5F0-4B8C-BBC9-5072D72FCA8A}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{380F1DA4-00A2-4231-B85A-265C5BCD8240}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{64F0ECD3-80F6-47F3-B4E6-4CB3A3F51B64}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F61032F2-22F8-4D2D-AD49-8218378DDAAD}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{6B78F790-9597-4AA1-A5E1-027898B6A445}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{85F6A5EC-1FCA-4CDD-88D5-A9857F1535B6}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{0E8CED77-2698-4DD7-A8B1-52AA06E464AA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2AF101AF-49DA-46BA-B926-B515B6748EE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{8DE57E13-6FD8-48B8-968E-9CF83A296605}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{128E2AF9-EE00-41E5-9877-65F551C93498}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{8D2E0879-898C-4809-A086-0990BDFE5C52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{07B11F41-2A35-4A8E-A227-C20598613731}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{29B0C52E-2597-4A3E-9B88-C97B6F9A23F7}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{F0B8DA67-299F-4B3E-8059-5469B469C4DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{0E9C9C53-2419-4512-A8BC-EDBBE3230E44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{C4ECC65A-5AF6-496C-AA35-121AF7D07001}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{D3820B1C-4BCA-4FF4-B234-7FC653BEEE85}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{E21C63E1-5B90-41D1-9C79-26855E3678D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dawn of war 2\DOW2.exe
FirewallRules: [{E899071D-C267-42ED-A59B-001FCC260DD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dawn of war 2\DOW2.exe
FirewallRules: [{BF3134A6-B751-4C89-92A4-8D77A512D22F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{22717D9C-88FB-42DF-B332-26768B09A3BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{B9DAFC55-CCE1-4E46-AF71-E739A0A791A7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe
FirewallRules: [{B7CDF6FD-593C-40E8-921C-6ADD77A3A95D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe
FirewallRules: [{DFFBB0F4-A519-4999-98A9-8172C8F5A886}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{D2A10D36-2E63-469D-B8B7-65790CE17320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{BB3E40A5-5D90-4F0D-A11E-1E77EE2CEB85}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{297FB6F4-17DE-4E64-9726-EBA45FE5A200}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{F6930E0E-BEE0-474F-A0DE-06D42D0FDF97}] => (Allow) C:\Users\Blutrunstjack\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{1DEFDD45-BCEB-49F5-AD35-028F7CC4B426}] => (Allow) C:\Users\Blutrunstjack\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{DCA27E01-1E84-4719-8670-F8B9DF95CE57}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{D6768129-714D-4C43-8766-DFD998F76588}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B39195BD-F09F-4666-8F93-C33C8BE038A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1C6AA317-4D2E-4D63-A7C5-2FF7D1394CB7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{BBA08C89-BFD1-441E-97EE-811714D4EE34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9F3D8194-6426-4D0E-BCEC-D7A0B10D38B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{8ABBD1F9-D294-4258-B01F-8D80A97C026D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers.exe
FirewallRules: [{26A09BE3-3D0F-440A-8C48-C901F54D5C57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers.exe
FirewallRules: [{17DBF1F9-E284-42DB-BE12-0A9B4007CBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B4D31C7D-AA4E-4217-9B78-4266FA19AA16}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CCF34EDF-FA04-4B27-A31D-750BBAA946A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{31EDAEB1-D3F6-41D4-B30A-8617E58DB437}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7BE473B9-3A75-4A6B-B500-D0E542DE721A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{A6692874-B6DB-4A9A-AB4F-0AB7AE7BDF5B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{05F1E94B-D562-40FF-916F-7F927455A62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{377B0272-9BB4-4D0F-8ED7-ACC853F26E8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{363511EC-B247-47D5-95C2-585E72052A51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{554E4377-8786-4EEA-B659-3BE06DBA54E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{D35B9BC2-F5A7-49DC-A17A-597D35063D04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{34ACD0F9-2FDB-4A1B-BFA2-0D3B5B0199A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{A4F443D5-AB89-447A-B343-025C63D24E82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{C731FA29-0C19-4FA3-BC6A-89210D17ADC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{1EAF128A-D22B-41CF-9AEB-3F1A528BA898}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{EED0D3A7-1DAB-4705-A30E-81441A076200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{0FA03B49-E756-45B6-95D2-E43FD7DC37B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5B33B3FC-81D5-46D1-98EB-650E9AEA65AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{93F55907-35DA-4FAB-812C-D543C444492A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{B30A5AFE-8370-47AC-BEBC-9AE5F4F93B28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A5CB3C82-B5DC-4A7C-A62A-A025DDF940D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{4E9B2A38-C1BC-4211-ABF5-32D9ACC3B84D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{24F8C191-98BB-40BA-A775-9CB174E83A39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D90BD7E1-B0BE-433E-8159-BA35FDFEA1A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{93B38D63-11BA-484C-B2A9-BBB8DE7B8719}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6D34AEF2-50BA-4C90-999B-6259DF8403FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D57DB55C-BFEC-4777-BFCB-921CF2284BA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8B6FD5D1-FB6E-46A4-8797-601AC95021B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{91FD2515-23E4-4868-AE6B-5311FA73B28C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4366A481-155F-4D2F-BD04-96466C6F456D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8AD06802-8889-4955-8122-63873D84C02A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{89E1A276-53B8-4E9E-8D82-DB0F337877B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{97ACF1E1-3D42-4771-A575-ECE644139665}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A370FD5B-E18E-439B-B533-85032994FE1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{933DEA6A-9F15-4E51-8BA4-CD5D11E31B3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{604C7887-D371-4628-892B-E4633D0D2A5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F1C05EA1-2F61-43DF-8304-EB735727FC0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FE577B52-155E-4BD7-830A-4CB406A4F862}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CD8DAC9B-5C01-4989-B46C-AF9405707EA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{59A6BCED-8BAA-44B0-A842-F0E1A1CEFFAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{44B6F66F-40C5-4376-AB7C-85748E02497B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8E7850D4-E3F2-47FC-9049-4D8ACDC15B60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BEBF273F-0A59-4EC0-9EC6-2BA5B3742D33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{70DD1C2C-D65F-412B-90E2-EA990C8C985C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{85257022-B88B-493D-BD3B-2287EBBFC0BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{95FA8DB5-535C-44A4-BEBF-F9BDEE4898FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2FCE6944-C8ED-4136-A9B1-BC48BD15CAD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0F927669-91F4-4FDF-A171-22C456B208BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{156A9BA2-6C38-40F2-B334-2A0D185D2E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{635DFE5D-B950-4D8C-8FD0-7401A2F30336}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D3382023-D30F-4ECB-AA8B-41937537172D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{8ED32F50-DBA7-49BC-A564-CEE4B43BD07C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{5E82981E-D60A-4CFA-A49A-DDFC7123F632}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{B8B9F838-60AF-4CB3-872E-36113770C0F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{34CF1DF2-2809-450F-B315-738CFD68F42A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{22669530-5F1E-48C0-B87F-8A7558D68008}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{DE3301B4-A336-457D-B8E2-BD68EF43C1DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4EE85939-EE56-41CB-AD1C-B2E365B37DE9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E6D12876-69E4-4174-8704-3EE02CDA8B5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EFEE55C7-A087-411E-936B-A57C7A21C46C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A32B710D-D653-4474-98CA-57498267A26A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F795C1E0-9B40-4134-BF3A-74C4F06F8A0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{E8BAA8F9-B341-458F-A474-AE3124CADFE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{D52E8240-6662-49DA-A7D7-CDDDD072028D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{10F08039-41D5-4EC3-8D5A-FD4E79B05F1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{122A307C-CCCF-4AB1-8318-56BF653DF1E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D56797DD-0494-4997-8BD0-54AB94DDF788}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{A3B151DB-94AB-41EF-AA1F-00C2CBB27A94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{D4B8D2BF-2BFA-4EB0-B4E9-F120F092698C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{1FC60D1D-F1DF-4005-BA50-3A9D2F5A62F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{B8C0BA7D-C24D-4C8F-B7D8-4CF66680CE39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{72395E9D-2554-4E0E-98B7-1A4CE81A82DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{61582A6A-067E-4633-A33B-19289F1BBCA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{B0BF0D0E-D47A-4EAF-9C0A-CBFF0EF635EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{6D2E1276-2C09-4A8E-8422-80C6D33DB9F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FA0A9477-B899-4C4B-9523-A0FCE161B07F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{15580BC6-6E93-48E8-A8F3-3E34A1159EDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8F9E5FB3-8AE0-4809-9EAE-6DAF5E62B878}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{064C5250-2F98-4E87-A727-3F8E0C2D4D63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{30012A53-23C0-4E0B-9267-727F2C7FC954}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{28B22497-B74E-4816-8FE8-232CCAF7B2F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{FA0E7FCD-365E-4EB8-A179-03EB6280CE9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{43DFB987-3B87-4A5D-B52C-3661EA57F739}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A8B0BC7B-800F-474E-B7D1-BF5E5B5ED54D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{06FAFEAD-2601-400B-B074-9A3E6D4E4F92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{41B3FFD3-56CF-4CB0-A7FA-5BEE620735DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{15D972BD-6530-46E2-B3EC-6DB740455E59}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{807912D7-BC0E-4A27-B451-AE30BF815DE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{4A60CD87-61FA-4AA3-8896-5C2A1C85D25E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{58DADC28-6185-4403-9B1A-A9E6AD388854}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{7ED87CA5-97DF-4469-B993-19FB47386815}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E2B27CC5-4A74-41EB-B3AC-A2249F0D5B17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A33E05A6-4464-4C64-988E-B2B5EFEFE5C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3A8CED90-A5A4-42F8-8F36-977DC6A2666F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3C3982ED-1205-4116-AE57-9E6B6853F6DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{1EE060A5-AEC3-45CC-9B10-0D14B709C107}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{8E2BD633-129B-4D37-8D15-65ECA100BC64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{EA1E45F7-235F-4539-AE31-BF10903001AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{F11B32C0-605B-4CFD-9E71-34180E484FC9}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8DFDCC6A-AE07-420D-A49D-5CA1071D72A0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{89887B69-81A8-4C9C-AA7C-0471B6649DB1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D89471A9-1AC3-4055-862D-FADF4C041022}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7B386E2F-3D2A-48F8-8982-C29E12FAAA8F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84F9C84C-5159-472E-B732-5B540374188A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7C65C29F-C275-40C0-AD0F-50ED8B1E78C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{34E9390D-5F3C-4957-B2D3-10C43C11FAAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{C456FA6E-3892-4335-9723-6B96D4C4D2C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{853C64BF-4604-4AD8-8347-C0B078D9E568}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{0556168F-0D9C-40E6-97BA-33C32C5C3F1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Kingdoms\StrongholdKingdoms.exe
FirewallRules: [{3CA0DF6C-BE63-4C53-8D20-925CFF9E394C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Kingdoms\StrongholdKingdoms.exe
FirewallRules: [{2A65BFFA-1194-4E53-9363-29EF9BEB359B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dogs of War Online\DogsOfWar.exe
FirewallRules: [{21A1E10D-5931-4E3D-8485-286F73686C1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dogs of War Online\DogsOfWar.exe
FirewallRules: [{18EBE6DE-A8AD-4A31-A668-36BE9EEF5D57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InfinityWars\Infinity Wars TCG.exe
FirewallRules: [{22D66E65-1116-452D-B728-6510BC711280}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InfinityWars\Infinity Wars TCG.exe
FirewallRules: [{85410E54-B661-4C66-95FF-30D2AB4DEE05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{62143CB5-8EA0-4037-B4DF-7C84A18AB3B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{5BF8A9E5-BD92-4046-9271-FF537DBF9EEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{3D636DA9-C379-490C-8522-EC5E814FFF8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{41198C38-4BDF-439F-BF26-CA99A00BB27A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{A585B7DB-DA44-42DB-8255-F1CD7D5A3722}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{4EABEA66-A5B3-46DE-AB6B-0A8170270BDD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Storm of Vengeance\SoV.exe
FirewallRules: [{E926B45A-4046-4266-A879-3C16FFF2FCA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Storm of Vengeance\SoV.exe
FirewallRules: [{EE24BE35-5F87-404E-9935-226492FA2345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{3F740BB0-DC54-41AF-8DC1-9BA63FAF5E58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{DFC3088A-D382-4005-B6D7-C9E9BC4F0CC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{8F50FDBA-09D0-4B5A-BF03-F34D55E0D728}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{89B2C14E-674B-43D8-AE71-5DDEEDDA002E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{1C1BAA1D-DB22-44D8-8924-0D51734E9B7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{221224BA-939D-4300-B825-EAD4303E70D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Perpetuum\Perpetuum.exe
FirewallRules: [{909BD46D-38CF-4E9A-8C08-D397D6415415}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Perpetuum\Perpetuum.exe
FirewallRules: [{340B71E1-8F0A-422B-B49B-8B086F67D7DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{C70398C8-128A-4112-A6E8-8F7D6C7E38CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{377BDDE4-CB16-4D45-941E-A3673AE50468}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C26B884E-CF5F-43B4-9D84-7CC594017389}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{0C72E51A-F8B4-4204-A5D0-053B8E576C74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{D90AE94A-DDF3-4418-A10A-3D8DCDB0C371}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{816FF434-FC8E-4A29-B36B-6CD04CB3124B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ConquestOfChampions\ConquestGame.exe
FirewallRules: [{0498711E-3CB0-4218-90FF-84F0296BF8D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ConquestOfChampions\ConquestGame.exe
FirewallRules: [{F142E5E7-CBFC-4181-A22D-01A353392A9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{C6378BC2-C3F4-464B-9B99-60AA38B4F7C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{D629C4B3-7009-4A56-91D5-81D696B2F48C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{7BA580D1-825B-42EE-B518-DD2385F4409C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{AEC02E41-3A6E-40AC-BDB9-7BFCAA079F60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{400BE4A5-DD1B-42DA-A8CB-D76AD1771BF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{64004E08-3966-4E70-BBB7-3881E4A7EA4F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{5A56E878-E665-42B3-A1B3-6BDFE95AB7A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBD60220-65A6-4B5B-95AF-AD022CA82F06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{C41E8B90-7721-4C8D-AF22-8DBF6BDF7241}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{15F0DC62-6449-4E25-ABBA-6E69126DADB1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{EEB4BADB-1611-4E4F-AABA-FF3D1B694084}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{3E532145-364D-465E-9A08-BD0F4C1163B3}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe
FirewallRules: [{0F3BE09D-468D-4D7A-A51E-2A3949E8B1DD}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe
FirewallRules: [{44824D84-03EA-4413-83E0-36DB5625E594}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe
FirewallRules: [{73D8A854-0175-4583-AE60-AB7A00E80690}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe
FirewallRules: [{CAE990B0-52CD-41C4-9F7B-E769CF980213}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C30AE78D-77EF-4F58-A3E3-E5BBF028E4C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{37ECD085-F912-4CC6-87E3-20FD0712D673}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{D3B8F437-5BB4-43CC-9764-D1A7BA318540}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{58C4F3C9-91C2-4CC4-A5E3-25B8B08EEC41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{F53D33D2-CE79-4AB4-AF80-713761122927}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GAR\GAR.exe
FirewallRules: [{B3728071-96ED-410F-BC3C-8D8063D473E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GAR\GAR.exe
FirewallRules: [{214DD4AB-0101-4C90-8521-94A64C5E3FEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{1993A8AD-17FC-4842-88DD-A58F7C24A5BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{B46A5A61-62C6-47C3-B836-947F9404108F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{16345637-8A16-4440-B41A-389A52206D3A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{15979410-9509-44B5-B4BF-F9BB4FFE528C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{753DCCD7-AD43-4774-8E13-60389F2A4D9A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{74259873-387C-40E8-A9F9-16359130DD78}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{222BC650-1294-47BD-863C-4E918E1D7B91}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E477367B-DA5C-4435-B124-0BAFF7ED93E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4FEE247-FB4E-402A-9C7E-1AD0056D3943}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{78DAF38B-4205-4217-BB25-8FF7ED06B0B0}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{C0EDDD69-759E-4198-9519-21BE7C55A3BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{0903543B-8FB5-4200-BB07-F87F49ECB7CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{BFDBEBDD-7947-4BA8-924C-50DFBD42CC5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{EFA23CB5-5503-43EB-90B3-EED779282057}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{83118346-9406-4D53-B058-4392CF1AD92D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{80A9938E-D0CD-4DA9-874C-E7AB9DDC4167}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{BC6FF7AA-38E3-4F50-8A89-A0E6E8BD1D13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{D4AC997F-EAB4-4125-9BCD-84724408DB7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{AE871903-37A5-4D09-BA17-C3B81C9FB66A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{B6ECC6B4-1722-405B-8E43-2568C1CABAAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{37941E9F-877B-4F06-A9FE-F01DB2B6D26B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8C589D14-7D8F-4118-A188-9561A6A7E93A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{F5551FF6-415C-4F11-8AC3-82B9E021C99E}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{D20BB0C8-5EBD-479D-993B-169EBE4E0FF1}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{61BB3501-EC2E-4737-B950-41C72BD1C10D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{5BC8C7E1-6B8F-4497-89F9-3DA2DCE3E1CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{342A9B7F-D684-463F-8848-92AC73D8CF38}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{DB5C5A44-FCC5-4822-A5DB-084FFEC1E7CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{175F9C51-EF09-4CC6-A659-1EC3BDB2932D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{5BD3AC6C-D82F-495F-BCE1-9EE591CA902D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{CC67C538-2F86-414F-9501-9C99DBC11D20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{191AD785-8196-4C10-BEBE-54581A2A43E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{4598EB19-606D-4852-987C-225582524DAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{39F08456-DAA5-4F79-8955-CAEF8D7CFE9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E0E025F9-A450-4C36-8465-9A8CB91D2780}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{E0277CE9-F834-4AEF-A110-C07910C692D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B8B67798-023B-4F23-B79C-AE6E25C49E2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{315404F6-A739-42D5-9474-29400B2728B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{05DDDD12-743B-4DD8-A756-0638C5EE0B10}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{0F309CF3-221B-45A0-8D6F-C0A9C54AFBC3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{A0DFDE58-554D-4B57-877C-E7F528328058}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{88100CFD-7AB4-45D7-B337-55C2204B72FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{D6572E9E-2465-4AD2-AF12-9F91A1D8D9B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{AFA757B3-455C-4043-AE30-9634CA64E3D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{6C7EC189-7D67-4CDD-B78A-ABD2144BC8F2}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{EEF2C963-133C-4214-9AC9-7A8868C5AF2F}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{51F42F40-C49C-4D3D-8656-294E2415DCAC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{4E04B6B2-682E-4A9E-80C3-B12BDD977FB3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{9D5574EE-3518-44D3-A04D-9328A9EB31F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4DBB196-BB57-4F07-B2BA-AEF8D6021033}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D1793099-C187-40CC-9411-BD01FA238556}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{B0717068-6BB7-42BD-B042-1A2A28B70A8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D26AFBBD-290D-4575-B9FD-7F319D06837F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F7A57CDE-5703-4B87-B30D-61CB7CB8CEE5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{466297CE-E50B-422F-A976-2997397F1612}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{5EC6E3C1-8743-42BF-B3F5-6EEE913AC521}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{0B60CC4A-5345-46F5-890F-7E83270E5E2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{4707BCB4-0F4D-4855-9A27-CD6DC71F0466}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AFBFA97D-8C1F-4447-8065-EB9B966E5DAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{9E80E9DF-BED5-43C7-B71D-8ACC00A22E17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{6BC6D35E-E501-447B-B0D6-B641BB31683C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{75B070E0-07DA-4CF5-B4A8-D53424F000FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{ED92DA4A-A3E2-40C1-B632-3A1B040B49FD}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C445CFE5-BFBE-4F06-9DDD-7F950A7CC71B}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{296C6A12-E0CD-4AAD-9407-D15B7E54AC8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{7106C4E5-0B7A-4D05-8413-0BB69BFF0DD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{C24C9DE7-9300-492A-871F-D56D06ED598E}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{A3FE72E9-28FA-4D1F-BE49-04DCE376E396}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base32283\SC2.exe
FirewallRules: [{DF0106CA-508E-4189-B19C-6B6CFC1D87E7}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base32283\SC2.exe
FirewallRules: [{EDF9A0B5-0A79-478C-9B05-DDAB78257D82}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{99497939-BC80-4277-9EFC-204C647201EA}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{E188F26B-B082-4879-B29B-B8A2D4205880}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{367457C5-263B-4F0C-8054-AC03A3A39721}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0EAD664D-33C4-4C2F-8608-71CD07F4A147}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{1C5C8622-7426-4301-A5E2-58B3C0CC1AFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{792523CA-8016-4901-B106-7426B4706E34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{519D521A-62D7-4DC3-A96E-959FE05388FC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{25472F54-5A0F-42A6-A441-BFCDFCBEE284}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D6DE617F-5F1A-4A43-86D0-942BBF0C5AB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8D42356B-1BD0-42C4-8FC7-A508065FEA61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F9FB9AE1-A51C-42E3-816A-0197EEE1B04F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{630FE016-4B63-42F0-9007-0967B5965C51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B778DD1A-5EC5-4DA0-BF0E-E0A0291E6B86}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{7DFFD11B-43BD-469A-9B65-4EC24F177FFF}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{DEBB9AEF-AD82-4DC1-BB34-7D3DA48DF2E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{34DE684F-A880-421F-A564-C033ED18B2F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{E1F92A49-7FF4-450D-A006-1BCFC58E3308}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{B9D819C3-1119-47F1-9640-713C40033B61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{293ED8F9-471B-458A-B406-657884174786}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2819F978-75B7-4547-B7AE-4E07F3FF598A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{71543B98-B7B6-44CB-AD29-5C636F34954A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F1594B47-C0BB-45A3-8358-E85078F542F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5D398179-0533-4EA7-A39A-0D2FBB9C4203}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{469C8D26-7D0E-4703-B4A0-16A89DDAF801}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{951CE275-0D74-43BC-8B8D-4B071BA48962}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{0B85C6CB-4DE8-433F-8C25-8A6FDA73496D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F94FE841-2900-4336-8734-00502A2B13CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{76C7E7A3-BCBA-40F5-9FAF-474ABE201237}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{59100190-0A9A-4206-84ED-E5F520899C06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E0D9056B-C3A8-4D32-B5B6-5399623A8530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{191DEECF-50B4-4452-A35D-44AECC1A9805}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
==================== Wiederherstellungspunkte =========================
23-01-2016 00:36:45 DirectX wurde installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/24/2016 07:18:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 304077
Error: (01/24/2016 07:18:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 304077
Error: (01/24/2016 07:18:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/24/2016 07:18:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 303078
Error: (01/24/2016 07:18:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 303078
Error: (01/24/2016 07:18:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/24/2016 07:18:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 302064
Error: (01/24/2016 07:18:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 302064
Error: (01/24/2016 07:18:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/24/2016 07:18:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 301066
Systemfehler:
=============
Error: (01/25/2016 04:17:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Proxy Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2016 04:17:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2016 04:17:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Firewall Core Service" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070
Error: (01/25/2016 04:17:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee AP Service" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070
Error: (01/25/2016 04:17:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "McAfee Validation Trust Protection Service" wurde nicht richtig gestartet.
Error: (01/25/2016 04:15:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 25.01.2016 um 16:13:28 unerwartet heruntergefahren.
Error: (01/25/2016 03:41:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NVIDIA Streamer Service erreicht.
Error: (01/25/2016 03:41:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Hi-Rez Studios Authenticate and Update Service erreicht.
Error: (01/25/2016 12:14:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (01/24/2016 04:39:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NVIDIA Streamer Service erreicht.
CodeIntegrity:
===================================
Date: 2013-11-08 19:47:06.280
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-08 19:47:06.277
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-08 19:47:06.275
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-6100 Six-Core Processor
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16366.12 MB
Verfügbarer physikalischer RAM: 11610.29 MB
Summe virtueller Speicher: 32730.44 MB
Verfügbarer virtueller Speicher: 27735.79 MB
==================== Laufwerke ================================
Drive c: (Windows7) (Fixed) (Total:931.41 GB) (Free:106.63 GB) NTFS
Drive d: (WNA3100) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FC90DCBF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Geändert von Mario1990 (25.01.2016 um 19:54 Uhr) |
|
25.01.2016, 19:46
| #4 |
| | McAfee entdeckt Artemis!D.....Code:
ATTFilter 19:30:51.0327 0x0d18 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
19:31:18.0931 0x0d18 ============================================================
19:31:18.0931 0x0d18 Current date / time: 2016/01/25 19:31:18.0931
19:31:18.0931 0x0d18 SystemInfo:
19:31:18.0931 0x0d18
19:31:18.0931 0x0d18 OS Version: 6.1.7601 ServicePack: 1.0
19:31:18.0931 0x0d18 Product type: Workstation
19:31:18.0931 0x0d18 ComputerName: KABELJAU
19:31:18.0932 0x0d18 UserName: Blutrunstjack
19:31:18.0932 0x0d18 Windows directory: C:\Windows
19:31:18.0932 0x0d18 System windows directory: C:\Windows
19:31:18.0932 0x0d18 Running under WOW64
19:31:18.0932 0x0d18 Processor architecture: Intel x64
19:31:18.0932 0x0d18 Number of processors: 6
19:31:18.0932 0x0d18 Page size: 0x1000
19:31:18.0932 0x0d18 Boot type: Normal boot
19:31:18.0932 0x0d18 ============================================================
19:31:29.0284 0x0d18 KLMD registered as C:\Windows\system32\drivers\58355917.sys
19:31:31.0331 0x0d18 System UUID: {FE57EF47-BA9A-8745-7445-3F5720120C2F}
19:31:32.0932 0x0d18 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:31:32.0970 0x0d18 ============================================================
19:31:32.0970 0x0d18 \Device\Harddisk0\DR0:
19:31:33.0000 0x0d18 MBR partitions:
19:31:33.0000 0x0d18 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:31:33.0000 0x0d18 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D4000
19:31:33.0000 0x0d18 ============================================================
19:31:33.0175 0x0d18 C: <-> \Device\Harddisk0\DR0\Partition2
19:31:33.0176 0x0d18 ============================================================
19:31:33.0176 0x0d18 Initialize success
19:31:33.0176 0x0d18 ============================================================
19:33:32.0280 0x18c4 ============================================================
19:33:32.0280 0x18c4 Scan started
19:33:32.0280 0x18c4 Mode: Manual; SigCheck; TDLFS;
19:33:32.0280 0x18c4 ============================================================
19:33:32.0281 0x18c4 KSN ping started
19:33:37.0165 0x18c4 KSN ping finished: true
19:33:44.0487 0x18c4 ================ Scan system memory ========================
19:33:44.0487 0x18c4 System memory - ok
19:33:44.0488 0x18c4 ================ Scan services =============================
19:33:46.0047 0x18c4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:33:46.0269 0x18c4 1394ohci - ok
19:33:46.0351 0x18c4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:33:46.0388 0x18c4 ACPI - ok
19:33:46.0449 0x18c4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:33:46.0774 0x18c4 AcpiPmi - ok
19:33:47.0096 0x18c4 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:33:47.0117 0x18c4 AdobeARMservice - ok
19:33:47.0573 0x18c4 [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:33:47.0609 0x18c4 AdobeFlashPlayerUpdateSvc - ok
19:33:47.0835 0x18c4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:33:47.0880 0x18c4 adp94xx - ok
19:33:47.0953 0x18c4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:33:47.0992 0x18c4 adpahci - ok
19:33:48.0021 0x18c4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:33:48.0052 0x18c4 adpu320 - ok
19:33:48.0112 0x18c4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:33:48.0255 0x18c4 AeLookupSvc - ok
19:33:48.0421 0x18c4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
19:33:48.0524 0x18c4 AFD - ok
19:33:48.0587 0x18c4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:33:48.0620 0x18c4 agp440 - ok
19:33:48.0693 0x18c4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:33:48.0772 0x18c4 ALG - ok
19:33:48.0825 0x18c4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:33:48.0861 0x18c4 aliide - ok
19:33:48.0938 0x18c4 [ A359974EAAC83A435497C52F62A2E590, 7A7AFFE1CCE8732C478AE3EA630AA46C94DE0DBFE19EE63E3FB99B0D3338F038 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:33:49.0041 0x18c4 AMD External Events Utility - ok
19:33:49.0104 0x18c4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:33:49.0121 0x18c4 amdide - ok
19:33:49.0137 0x18c4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:33:49.0211 0x18c4 AmdK8 - ok
19:33:49.0740 0x18c4 [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:33:50.0113 0x18c4 amdkmdag - ok
19:33:50.0176 0x18c4 [ 6B4E9261B613B047A9A145F328889968, E5C6611E88381A9D40AD1CE80BFDDBDA733F4A8D3602AAE25A155D2C39B3B7FD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:33:50.0228 0x18c4 amdkmdap - ok
19:33:50.0315 0x18c4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:33:50.0381 0x18c4 AmdPPM - ok
19:33:50.0454 0x18c4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:33:50.0475 0x18c4 amdsata - ok
19:33:50.0552 0x18c4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:33:50.0575 0x18c4 amdsbs - ok
19:33:50.0633 0x18c4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:33:50.0652 0x18c4 amdxata - ok
19:33:51.0001 0x18c4 [ 0B639391B2710A610100490D0CAC3650, D0D4B89F26DAAF11DD7D11736708FBE1536FD9770A17FABC0C098D7B213BAAA7 ] APNMCP C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
19:33:51.0030 0x18c4 APNMCP - ok
19:33:51.0250 0x18c4 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
19:33:51.0422 0x18c4 AppID - ok
19:33:51.0467 0x18c4 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:33:51.0503 0x18c4 AppIDSvc - ok
19:33:51.0759 0x18c4 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
19:33:52.0037 0x18c4 Appinfo - ok
19:33:52.0282 0x18c4 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:33:52.0299 0x18c4 Apple Mobile Device - ok
19:33:52.0438 0x18c4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
19:33:52.0528 0x18c4 AppMgmt - ok
19:33:52.0571 0x18c4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:33:52.0596 0x18c4 arc - ok
19:33:52.0636 0x18c4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:33:52.0660 0x18c4 arcsas - ok
19:33:52.0743 0x18c4 [ 6053C47F327C78F7176D2797BBFA8348, B388A427E61D1738FDED108F4AA7B23363DF59EA19442420CC5988C8FA75560A ] ArvoFltr C:\Windows\system32\drivers\ArvoFltr.sys
19:33:52.0870 0x18c4 ArvoFltr - ok
19:33:52.0964 0x18c4 [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
19:33:53.0114 0x18c4 asmthub3 - ok
19:33:53.0233 0x18c4 [ 01DBB05DB1DB95803E3C9F2B49AFE79C, 286310787F7EB7B237CB0082567BDA2F57D8F88C37015F6637FF6A6775CAA5AE ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
19:33:53.0337 0x18c4 asmtxhci - ok
19:33:53.0558 0x18c4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:33:53.0604 0x18c4 aspnet_state - ok
19:33:53.0647 0x18c4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:33:53.0808 0x18c4 AsyncMac - ok
19:33:53.0866 0x18c4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:33:53.0887 0x18c4 atapi - ok
19:33:53.0955 0x18c4 [ AAAE03F8EDA817EC28C5445193EA8BF3, 5A2ECB66936B87651202CAA7786D58DE6BFD8217B059C88775EB4B07BA2ADB89 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
19:33:53.0971 0x18c4 AthBTPort - ok
19:33:54.0020 0x18c4 [ 4ECC791539F23982411864037D1AC8FC, 063CBA00E453B5FF3CDFDFB5FA2E6A190A0DC3D399EC36F646262BE76F98A60C ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
19:33:54.0036 0x18c4 ATHDFU - ok
19:33:54.0092 0x18c4 [ FB3FF3DB34CB86F2B936B24D96F21F6F, 987686E9B9193F6A12FD0DEF4565B62AAB89C7E0771CAAED0CC6037BEAF827D6 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:33:54.0144 0x18c4 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:33:54.0988 0x0e4c Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
19:33:56.0587 0x18c4 Detect skipped due to KSN trusted
19:33:56.0587 0x18c4 AtherosSvc - ok
19:33:57.0533 0x0e4c Object send P2P result: true
19:33:57.0539 0x0e4c Object required for P2P: [ 0B639391B2710A610100490D0CAC3650 ] APNMCP
19:33:57.0577 0x18c4 [ DACE94C8AB40EFCD819C023F51C60C2E, 6471A423ACA45F8FE35D7D00C20A53340B6905900613652B426E465655B595CB ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:33:57.0795 0x18c4 athr - ok
19:33:57.0909 0x18c4 [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur C:\Windows\system32\DRIVERS\athurx.sys
19:33:58.0086 0x18c4 athur - ok
19:33:59.0548 0x18c4 [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:33:59.0815 0x18c4 atikmdag - ok
19:33:59.0993 0x18c4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:34:00.0042 0x0e4c Object send P2P result: true
19:34:00.0237 0x18c4 AudioEndpointBuilder - ok
19:34:00.0364 0x18c4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:34:00.0401 0x18c4 AudioSrv - ok
19:34:00.0567 0x18c4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:34:01.0421 0x18c4 AxInstSV - ok
19:34:01.0655 0x18c4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:34:01.0782 0x18c4 b06bdrv - ok
19:34:01.0977 0x18c4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:34:02.0072 0x18c4 b57nd60a - ok
19:34:02.0255 0x18c4 [ 8CF336A791A43FA8BCB7C87CCA4F08BA, 1C919354AC46D8B2298EA75B03377F6007B6F0226F44ADE347A72D0C481D2CE9 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
19:34:02.0378 0x18c4 BCMH43XX - ok
19:34:02.0487 0x18c4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:34:02.0696 0x18c4 BDESVC - ok
19:34:02.0716 0x18c4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:34:02.0780 0x18c4 Beep - ok
19:34:03.0727 0x18c4 [ 96E6FDA70874EBB1E616BCF216EE118A, E1DBD5E610457CC2FF5E3DA6426F292C3514C15986E632A4F515E8206E77F7B5 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:34:03.0830 0x18c4 BEService - ok
19:34:04.0302 0x18c4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:34:04.0472 0x18c4 BFE - ok
19:34:04.0709 0x18c4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:34:05.0623 0x18c4 BITS - ok
19:34:05.0691 0x18c4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:34:05.0800 0x18c4 blbdrive - ok
19:34:06.0436 0x18c4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:34:06.0462 0x18c4 Bonjour Service - ok
19:34:06.0774 0x18c4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:34:06.0960 0x18c4 bowser - ok
19:34:07.0139 0x18c4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:34:07.0484 0x18c4 BrFiltLo - ok
19:34:07.0538 0x18c4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:34:07.0609 0x18c4 BrFiltUp - ok
19:34:07.0775 0x18c4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:34:07.0914 0x18c4 Browser - ok
19:34:07.0967 0x18c4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:34:08.0215 0x18c4 Brserid - ok
19:34:08.0335 0x18c4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:34:08.0461 0x18c4 BrSerWdm - ok
19:34:08.0486 0x18c4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:34:08.0644 0x18c4 BrUsbMdm - ok
19:34:08.0718 0x18c4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:34:08.0773 0x18c4 BrUsbSer - ok
19:34:09.0011 0x18c4 [ 3B1B573371B206D1D5F25E0EF5FCD6D6, 9CE8E687F7554FF4AD989015806D3A03A801647C88ECADF08F7404E49517680C ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
19:34:09.0061 0x18c4 BTATH_A2DP - ok
19:34:09.0183 0x18c4 [ 2D0446336D9DB55A742B999EC16ADF15, FBF57CBDCFE4146176ABBD7ACF04240048403143DD380E10AE63B10BA5D4F311 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
19:34:09.0264 0x18c4 BTATH_BUS - ok
19:34:09.0352 0x18c4 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD, 6534E599DDDF04A42E25581BB1CF4507B5F2E332FC74961C7F2CB8F672683C39 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:34:09.0407 0x18c4 BTATH_HCRP - ok
19:34:09.0533 0x18c4 [ FC0A8075DDF2E9C66267AEC91E0676F9, BAEBBA87DE72E996C9466FF15D9FD01DBD5D1A1097FC0FFB4819550830DEBCBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:34:09.0576 0x18c4 BTATH_LWFLT - ok
19:34:09.0697 0x18c4 [ 5EB4815CBDDBA4541F2380DAE6E269AB, DBBB0B1E5946BE5CA0C28F4175DE10613A3E5A89DCE0D6B9EDDF756B08CD274B ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
19:34:09.0742 0x18c4 BTATH_RCP - ok
19:34:09.0925 0x18c4 [ E24FBEFF8FD3BD997AA5E9BD68BD7C74, FF74067340B2CC9CFFA01B9E3BE410FD8D81D49A59544A93EF52D87220E37202 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
19:34:09.0974 0x18c4 BtFilter - ok
19:34:10.0158 0x18c4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:34:10.0568 0x18c4 BthEnum - ok
19:34:10.0625 0x18c4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:34:10.0710 0x18c4 BTHMODEM - ok
19:34:10.0946 0x18c4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:34:11.0056 0x18c4 BthPan - ok
19:34:11.0337 0x18c4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:34:11.0556 0x18c4 BTHPORT - ok
19:34:11.0737 0x18c4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:34:11.0873 0x18c4 bthserv - ok
19:34:11.0934 0x18c4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:34:12.0073 0x18c4 BTHUSB - ok
19:34:12.0133 0x18c4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:34:12.0221 0x18c4 cdfs - ok
19:34:12.0586 0x18c4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:34:12.0861 0x18c4 cdrom - ok
19:34:13.0266 0x18c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:34:13.0374 0x18c4 CertPropSvc - ok
19:34:13.0904 0x18c4 [ D7BB4B5C3339D23901BD6265171918D5, 77F8BD68ED0DC6F5B248A98B424D2F22CDA7EDF515F3B1F6BA02B4FC8BE84DF6 ] cfwids C:\Windows\system32\drivers\cfwids.sys
19:34:13.0936 0x18c4 cfwids - ok
19:34:14.0231 0x18c4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:34:14.0377 0x18c4 circlass - ok
19:34:14.0694 0x18c4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
19:34:14.0786 0x18c4 CLFS - ok
19:34:16.0125 0x18c4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:34:16.0634 0x18c4 clr_optimization_v2.0.50727_32 - ok
19:34:17.0020 0x18c4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:34:17.0060 0x18c4 clr_optimization_v2.0.50727_64 - ok
19:34:17.0588 0x18c4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:34:17.0612 0x18c4 clr_optimization_v4.0.30319_32 - ok
19:34:17.0654 0x18c4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:34:17.0700 0x18c4 clr_optimization_v4.0.30319_64 - ok
19:34:19.0655 0x18c4 [ A5E71327EA1B25767F4FDAB6095E5321, 07934B7C5BE175C11953C5A44133E9ABD0B770B985FC61FCC9B294BC90A40C7A ] CltMngSvc C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
19:34:19.0770 0x18c4 CltMngSvc - ok
19:34:19.0963 0x18c4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:34:20.0097 0x18c4 CmBatt - ok
19:34:20.0289 0x18c4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:34:20.0343 0x18c4 cmdide - ok
19:34:20.0654 0x18c4 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
19:34:20.0745 0x18c4 CNG - ok
19:34:20.0771 0x18c4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:34:20.0869 0x18c4 Compbatt - ok
19:34:21.0031 0x18c4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:34:21.0222 0x18c4 CompositeBus - ok
19:34:21.0294 0x18c4 COMSysApp - ok
19:34:21.0443 0x18c4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:34:21.0543 0x18c4 crcdisk - ok
19:34:21.0913 0x18c4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:34:22.0051 0x18c4 CryptSvc - ok
19:34:22.0415 0x18c4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
19:34:22.0721 0x18c4 CSC - ok
19:34:23.0211 0x18c4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
19:34:23.0340 0x18c4 CscService - ok
19:34:23.0794 0x18c4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:34:23.0965 0x18c4 DcomLaunch - ok
19:34:24.0288 0x18c4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:34:24.0392 0x18c4 defragsvc - ok
19:34:24.0712 0x18c4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:34:24.0834 0x18c4 DfsC - ok
19:34:25.0316 0x18c4 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:34:25.0394 0x18c4 dg_ssudbus - ok
19:34:25.0765 0x18c4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:34:25.0998 0x18c4 Dhcp - ok
19:34:27.0847 0x18c4 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
19:34:28.0074 0x18c4 DiagTrack - ok
19:34:28.0298 0x18c4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:34:28.0386 0x18c4 discache - ok
19:34:28.0567 0x18c4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:34:28.0656 0x18c4 Disk - ok
19:34:28.0855 0x18c4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:34:29.0032 0x18c4 Dnscache - ok
19:34:29.0338 0x18c4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:34:29.0431 0x18c4 dot3svc - ok
19:34:29.0577 0x18c4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:34:29.0713 0x18c4 DPS - ok
19:34:29.0950 0x18c4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:34:30.0129 0x18c4 drmkaud - ok
19:34:30.0822 0x18c4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:34:30.0927 0x18c4 DXGKrnl - ok
19:34:31.0093 0x18c4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:34:31.0234 0x18c4 EapHost - ok
19:34:33.0536 0x18c4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:34:33.0837 0x18c4 ebdrv - ok
19:34:34.0014 0x18c4 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] EFS C:\Windows\System32\lsass.exe
19:34:34.0215 0x18c4 EFS - ok
19:34:34.0597 0x18c4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:34:35.0090 0x18c4 ehRecvr - ok
19:34:35.0218 0x18c4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:34:35.0801 0x18c4 ehSched - ok
19:34:36.0178 0x18c4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:34:36.0282 0x18c4 elxstor - ok
19:34:36.0378 0x18c4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:34:36.0656 0x18c4 ErrDev - ok
19:34:36.0971 0x18c4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:34:37.0105 0x18c4 EventSystem - ok
19:34:37.0259 0x18c4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:34:37.0346 0x18c4 exfat - ok
19:34:37.0502 0x18c4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:34:37.0655 0x18c4 fastfat - ok
19:34:38.0228 0x18c4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:34:38.0523 0x18c4 Fax - ok
19:34:38.0622 0x18c4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:34:38.0679 0x18c4 fdc - ok
19:34:39.0170 0x18c4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:34:39.0325 0x18c4 fdPHost - ok
19:34:39.0523 0x18c4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:34:39.0750 0x18c4 FDResPub - ok
19:34:39.0987 0x18c4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:34:40.0113 0x18c4 FileInfo - ok
19:34:40.0170 0x18c4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:34:40.0358 0x18c4 Filetrace - ok
19:34:40.0526 0x18c4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:34:40.0704 0x18c4 flpydisk - ok
19:34:41.0122 0x18c4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:34:41.0261 0x18c4 FltMgr - ok
19:34:42.0345 0x18c4 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
19:34:42.0836 0x18c4 FontCache - ok
19:34:43.0191 0x18c4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:34:43.0362 0x18c4 FontCache3.0.0.0 - ok
19:34:43.0517 0x18c4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:34:43.0879 0x18c4 FsDepends - ok
19:34:44.0046 0x18c4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:34:44.0205 0x18c4 Fs_Rec - ok
19:34:44.0576 0x18c4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:34:44.0663 0x18c4 fvevol - ok
19:34:44.0819 0x18c4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:34:44.0924 0x18c4 gagp30kx - ok
19:34:45.0085 0x18c4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:34:45.0123 0x18c4 GEARAspiWDM - ok
19:34:45.0598 0x18c4 [ 022807B149127B8FAA3DBEB13A7D9B41, 0D871B7AC3FB37BB5664C0DFE3D4084FB1457BF4FD9E1C338F3CB2F0801EEBD2 ] GenericMount C:\Windows\system32\DRIVERS\GenericMount.sys
19:34:45.0652 0x18c4 GenericMount - ok
19:34:47.0421 0x18c4 [ 5E42BDFF22707E577AD82BE4C43C3BCE, 4C0BBF6AAA7EB30A789D91A4F29726C2A6D941D457B59CF376EF96571F3E1BB4 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:34:47.0511 0x18c4 GfExperienceService - ok
19:34:47.0977 0x18c4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:34:48.0122 0x18c4 gpsvc - ok
19:34:48.0659 0x18c4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:34:48.0743 0x18c4 gupdate - ok
19:34:48.0894 0x18c4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:34:48.0909 0x18c4 gupdatem - ok
19:34:48.0993 0x18c4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:34:49.0172 0x18c4 hcw85cir - ok
19:34:49.0470 0x18c4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:34:49.0562 0x18c4 HdAudAddService - ok
19:34:49.0716 0x18c4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:34:49.0821 0x18c4 HDAudBus - ok
19:34:49.0895 0x18c4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:34:49.0953 0x18c4 HidBatt - ok
19:34:50.0003 0x18c4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:34:50.0055 0x18c4 HidBth - ok
19:34:50.0161 0x18c4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:34:50.0289 0x18c4 HidIr - ok
19:34:50.0483 0x18c4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:34:50.0598 0x18c4 hidserv - ok
19:34:50.0805 0x18c4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:34:50.0989 0x18c4 HidUsb - ok
19:34:51.0367 0x18c4 [ 37711EE112E628942C7970D3959B4F43, C4CDDEE28C933D7B927B6844FF6E4D09071F7A07B150EE173E2E6852DFA42054 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
19:34:51.0404 0x18c4 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
19:34:54.0020 0x18c4 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
19:34:56.0666 0x18c4 [ E7AF59F1E0352F5EBEC4ECD32103D405, 0E02E031799F407A1BCE926D46471E7EFB8820359CBDE73759219B86C1882EB8 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
19:34:56.0696 0x18c4 HipShieldK - ok
19:34:56.0868 0x18c4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:34:56.0938 0x18c4 hkmsvc - ok
19:34:57.0074 0x18c4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:34:57.0295 0x18c4 HomeGroupListener - ok
19:34:57.0416 0x18c4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:34:57.0433 0x1f18 Object required for P2P: [ A5E71327EA1B25767F4FDAB6095E5321 ] CltMngSvc
19:34:57.0478 0x18c4 HomeGroupProvider - ok
19:34:58.0744 0x18c4 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:34:58.0818 0x18c4 HomeNetSvc - ok
19:34:59.0177 0x18c4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:34:59.0296 0x18c4 HpSAMD - ok
19:34:59.0610 0x18c4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:34:59.0898 0x1f18 Object send P2P result: true
19:35:00.0106 0x18c4 HTTP - ok
19:35:00.0241 0x18c4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:35:00.0327 0x18c4 hwpolicy - ok
19:35:00.0524 0x18c4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:35:00.0667 0x18c4 i8042prt - ok
19:35:00.0911 0x18c4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:35:01.0008 0x18c4 iaStorV - ok
19:35:01.0498 0x18c4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:35:01.0628 0x18c4 idsvc - ok
19:35:01.0702 0x18c4 IEEtwCollectorService - ok
19:35:04.0719 0x18c4 [ BC610ABB825504272364EFE4C831E672, 86C101D6D62E0D37DB58C159776C6F527450DFD6452570DAAFAC4F81EC04FD1F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:35:05.0704 0x18c4 igfx - ok
19:35:05.0802 0x18c4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:35:05.0874 0x18c4 iirsp - ok
19:35:06.0358 0x18c4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:35:06.0737 0x18c4 IKEEXT - ok
19:35:06.0927 0x18c4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:35:06.0993 0x18c4 intelide - ok
19:35:07.0185 0x18c4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:35:07.0622 0x18c4 intelppm - ok
19:35:07.0695 0x18c4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:35:07.0861 0x18c4 IPBusEnum - ok
19:35:07.0914 0x18c4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:35:08.0479 0x18c4 IpFilterDriver - ok
19:35:08.0790 0x18c4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:35:09.0059 0x18c4 iphlpsvc - ok
19:35:09.0198 0x18c4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:35:09.0357 0x18c4 IPMIDRV - ok
19:35:09.0418 0x18c4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:35:09.0618 0x18c4 IPNAT - ok
19:35:09.0851 0x18c4 [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:35:09.0940 0x18c4 iPod Service - ok
19:35:10.0044 0x18c4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:35:10.0522 0x18c4 IRENUM - ok
19:35:10.0667 0x18c4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:35:10.0762 0x18c4 isapnp - ok
19:35:10.0899 0x18c4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:35:10.0994 0x18c4 iScsiPrt - ok
19:35:11.0104 0x18c4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:35:11.0169 0x18c4 kbdclass - ok
19:35:11.0394 0x18c4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:35:11.0658 0x18c4 kbdhid - ok
19:35:11.0745 0x18c4 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] KeyIso C:\Windows\system32\lsass.exe
19:35:11.0910 0x18c4 KeyIso - ok
19:35:12.0092 0x18c4 [ 0F776895884B8DC430A307D57FD867BB, F9E8C8A04D757CEAD86938BEEFFAD9750589037E16FB1A2B0A90E4484E1A6B65 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:35:12.0209 0x18c4 KSecDD - ok
19:35:12.0344 0x18c4 [ 28E75F316CCCD79337E4957C53017D4B, 3BABDA50B4CE72F7F9A0FD7A33DDB19463A01F188D46354E0B411FC0389C01BE ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:35:12.0428 0x18c4 KSecPkg - ok
19:35:12.0540 0x18c4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:35:12.0629 0x18c4 ksthunk - ok
19:35:12.0730 0x18c4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:35:13.0029 0x18c4 KtmRm - ok
19:35:13.0191 0x18c4 [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
19:35:13.0282 0x18c4 L1E - ok
19:35:13.0457 0x18c4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:35:13.0599 0x18c4 LanmanServer - ok
19:35:13.0742 0x18c4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:35:13.0897 0x18c4 LanmanWorkstation - ok
19:35:14.0046 0x18c4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:35:14.0296 0x18c4 lltdio - ok
19:35:14.0338 0x18c4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:35:14.0566 0x18c4 lltdsvc - ok
19:35:14.0626 0x18c4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:35:14.0788 0x18c4 lmhosts - ok
19:35:14.0934 0x18c4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:35:15.0024 0x18c4 LSI_FC - ok
19:35:15.0091 0x18c4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:35:15.0188 0x18c4 LSI_SAS - ok
19:35:15.0238 0x18c4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:35:15.0328 0x18c4 LSI_SAS2 - ok
19:35:15.0461 0x18c4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:35:15.0535 0x18c4 LSI_SCSI - ok
19:35:15.0608 0x18c4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:35:15.0822 0x18c4 luafv - ok
19:35:16.0194 0x18c4 [ 5096855DA1FB50A028ACA15B5CC358D9, 15A84A1FD6856CFFF6D9C5D0F5F29A71781033A5E388B3E310306600600D1221 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
19:35:16.0257 0x18c4 McAfee SiteAdvisor Service - ok
19:35:17.0369 0x18c4 [ DB0B5D190F92DE7ED732EC51DCB4D49B, 975A5A63479F5F70F3D384A74C4B0EE5154A6E1627304603ECA5FF34F280E40C ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
19:35:17.0451 0x18c4 McAPExe - ok
19:35:17.0993 0x18c4 [ 3763AFE14AAE525812EB1600B1BB2D51, 277D72523C7B7970F24674BB688D1FE916F28378EC39A31C1132EEA6F4C3BD70 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
19:35:18.0067 0x18c4 McComponentHostService - ok
19:35:18.0851 0x18c4 [ 92D753DC474A4DD78ABB24A32DE53A55, 4BBAF644AB83ADB6AEE74B1A6EF7BA433A43049128C4CF15268825283B0EFB37 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
19:35:18.0997 0x18c4 mccspsvc - ok
19:35:19.0170 0x18c4 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:35:19.0234 0x18c4 McMPFSvc - ok
19:35:19.0484 0x18c4 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:35:19.0568 0x18c4 McNaiAnn - ok
19:35:20.0062 0x18c4 [ 1E911C91938467BC94389711BE4CDFF6, 2FD6679D0AB2982B19A4498ACF1F628FBD7638249D03ADB141308955A86FB288 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
19:35:20.0174 0x18c4 McODS - ok
19:35:20.0397 0x18c4 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:35:20.0478 0x18c4 mcpltsvc - ok
19:35:20.0514 0x18c4 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:35:20.0615 0x18c4 McProxy - ok
19:35:20.0678 0x18c4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:35:20.0793 0x18c4 Mcx2Svc - ok
19:35:20.0914 0x18c4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:35:21.0055 0x18c4 megasas - ok
19:35:21.0295 0x18c4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:35:21.0394 0x18c4 MegaSR - ok
19:35:21.0611 0x18c4 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:35:21.0776 0x18c4 MEIx64 - ok
19:35:22.0485 0x18c4 [ 67CD258ECEA02ADA4D57592AE720F452, D4A1A4CC2749BF2FA798D7A2661D367F45124BE08A31ABBBA58B48BCE83EE62C ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
19:35:22.0586 0x18c4 mfeaack - ok
19:35:23.0346 0x18c4 [ E3084E1F0A542DF32312B7D2FE52D6E1, D0988DAB235A8D1F51C2DCB33BCECB047C3F3CED309267691D750BC41F578B36 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
19:35:23.0464 0x18c4 mfeavfk - ok
19:35:23.0815 0x18c4 [ 0A8120FB835F5FC47609F7C7744343C2, 2748C15997BCF0C47F784C2F037730370B0FCF79FE03CC2ACA8A98B2956D5DC8 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:35:23.0914 0x18c4 mfefire - ok
19:35:24.0323 0x18c4 [ 5203A63B8FDB8E072BDFA036D63589C3, F81601F50DE177D10B804D69321225DCCCD9C61394A43A6EC647F71FCFE4921F ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
19:35:24.0431 0x18c4 mfefirek - ok
19:35:24.0832 0x18c4 [ 578AE1184B6342A06E7020BE866472D5, 53CB9E37EBDFA1137F56860ABE6EE0F82532733254D654A4982087E0D3FE765E ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
19:35:24.0986 0x18c4 mfehidk - ok
19:35:25.0094 0x18c4 [ 29CAAED140D5A9E837E1188FA2EF0FD0, 51E806B927B1F0C0E0FB3DEA9F8ED99350F74285276660FF68F4460D2D8D3E1A ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
19:35:25.0206 0x18c4 mfemms - ok
19:35:25.0370 0x18c4 [ 9DC97E684A0F4AAF726D54B6B252315C, 1420F084ABC20619F9A8D1D5A30ADEA0A21432D0327634C97A58FA62452DC781 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
19:35:25.0496 0x18c4 mfencbdc - ok
19:35:25.0680 0x18c4 [ 984C0003040946578022D3A5405652D9, E52E5EB4F2A50573854BB8BC37326B75138278E6F96E32937AFB01AB359307A9 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
19:35:25.0778 0x18c4 mfencrk - ok
19:35:25.0952 0x18c4 [ FB4F8875C0927BB29EC052D09950AE96, 78B8ECD9A16F94FE1C1FD23B17250A2089789AC9E33B162F0ECAB9893B6B1142 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
19:35:26.0195 0x18c4 mfesapsn - ok
19:35:26.0392 0x18c4 [ C76DEBD4675A90C6A9CECA4E12F9295C, 91AACFC1C1B345D212354C33383A654C6D51BF3F676455C7068B7DD96E8F2476 ] mfevtp C:\Windows\system32\mfevtps.exe
19:35:26.0490 0x18c4 mfevtp - ok
19:35:26.0645 0x18c4 [ F0E1B2EF49D967B17256F2334E93005A, 05A34ED584CD4D4E8722638D76F6E24B3EDAC605ABBBAB7812958AFA0CAA3B88 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
19:35:26.0749 0x18c4 mfewfpk - ok
19:35:26.0856 0x18c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:35:27.0013 0x18c4 MMCSS - ok
19:35:27.0135 0x18c4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:35:27.0266 0x18c4 Modem - ok
19:35:27.0366 0x18c4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:35:27.0547 0x18c4 monitor - ok
19:35:27.0604 0x18c4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:35:27.0689 0x18c4 mouclass - ok
19:35:27.0743 0x18c4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:35:27.0847 0x18c4 mouhid - ok
19:35:27.0964 0x18c4 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:35:28.0076 0x18c4 mountmgr - ok
19:35:28.0343 0x18c4 [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:35:28.0496 0x18c4 MozillaMaintenance - ok
19:35:28.0585 0x18c4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:35:28.0824 0x18c4 mpio - ok
19:35:28.0880 0x18c4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:35:29.0174 0x18c4 mpsdrv - ok
19:35:29.0428 0x18c4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:35:29.0796 0x18c4 MpsSvc - ok
19:35:29.0907 0x18c4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:35:30.0183 0x18c4 MRxDAV - ok
19:35:30.0279 0x18c4 [ 32B85C4923D895B2FB35821A799BA38D, 7A7E5D08F745DB9B498B4BE946325FF7DAA7FA27589D9423FCA4558D20780026 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:35:30.0564 0x18c4 mrxsmb - ok
19:35:30.0717 0x18c4 [ A572BEF41F3C55D7DAF24D2340C91FEC, 1E51EEFEABCDCB664CD39437C2275B160860FB433EAA8DC905D5BC742FD03529 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:35:30.0987 0x18c4 mrxsmb10 - ok
19:35:31.0113 0x18c4 [ C49F1C4CA74FC52AFB2E892D8E50EA39, 9E7A2453627A82AFF4CE3F285AFF105C3F92F423C07E5C43E76BEC523841B8F7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:35:31.0329 0x18c4 mrxsmb20 - ok
19:35:31.0424 0x18c4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:35:31.0836 0x18c4 msahci - ok
19:35:31.0870 0x18c4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:35:32.0094 0x18c4 msdsm - ok
19:35:32.0203 0x18c4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:35:32.0466 0x18c4 MSDTC - ok
19:35:32.0559 0x18c4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:35:33.0141 0x18c4 Msfs - ok
19:35:33.0168 0x18c4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:35:33.0447 0x18c4 mshidkmdf - ok
19:35:33.0467 0x18c4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:35:33.0640 0x18c4 msisadrv - ok
19:35:33.0699 0x18c4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:35:33.0973 0x18c4 MSiSCSI - ok
19:35:33.0983 0x18c4 msiserver - ok
19:35:34.0312 0x18c4 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:35:34.0492 0x18c4 MSK80Service - ok
19:35:34.0678 0x18c4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:35:35.0018 0x18c4 MSKSSRV - ok
19:35:35.0077 0x18c4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:35:35.0361 0x18c4 MSPCLOCK - ok
19:35:35.0370 0x18c4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:35:35.0693 0x18c4 MSPQM - ok
19:35:35.0853 0x18c4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:35:36.0067 0x18c4 MsRPC - ok
19:35:36.0167 0x18c4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:35:36.0376 0x18c4 mssmbios - ok
19:35:36.0477 0x18c4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:35:36.0700 0x18c4 MSTEE - ok
19:35:36.0857 0x18c4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:35:37.0074 0x18c4 MTConfig - ok
19:35:37.0166 0x18c4 [ 2219A3D695405E7BA2186BA6B9EDE14A, 8B99BD22DACB56FF544ED922962FE4EC1172BF90987A46E3A5F62A3B4E720B0C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:35:37.0311 0x18c4 MTsensor - ok
19:35:37.0407 0x18c4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:35:37.0594 0x18c4 Mup - ok
19:35:37.0796 0x18c4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:35:38.0097 0x18c4 napagent - ok
19:35:38.0261 0x18c4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:35:38.0475 0x18c4 NativeWifiP - ok
19:35:38.0723 0x18c4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:35:39.0036 0x18c4 NDIS - ok
19:35:39.0133 0x18c4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:35:39.0432 0x18c4 NdisCap - ok
19:35:39.0532 0x18c4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:35:39.0902 0x18c4 NdisTapi - ok
19:35:40.0101 0x18c4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:35:40.0351 0x18c4 Ndisuio - ok
19:35:40.0510 0x18c4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:35:40.0816 0x18c4 NdisWan - ok
19:35:40.0898 0x18c4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:35:41.0114 0x18c4 NDProxy - ok
19:35:41.0233 0x18c4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:35:41.0525 0x18c4 NetBIOS - ok
19:35:41.0649 0x18c4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:35:41.0921 0x18c4 NetBT - ok
19:35:41.0962 0x18c4 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] Netlogon C:\Windows\system32\lsass.exe
19:35:42.0138 0x18c4 Netlogon - ok
19:35:42.0317 0x18c4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:35:42.0596 0x18c4 Netman - ok
19:35:42.0836 0x18c4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:35:43.0090 0x18c4 NetMsmqActivator - ok
19:35:43.0226 0x18c4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:35:43.0417 0x18c4 NetPipeActivator - ok
19:35:43.0572 0x18c4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:35:43.0932 0x18c4 netprofm - ok
19:35:43.0964 0x18c4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:35:44.0127 0x18c4 NetTcpActivator - ok
19:35:44.0148 0x18c4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:35:44.0331 0x18c4 NetTcpPortSharing - ok
19:35:44.0423 0x18c4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:35:44.0628 0x18c4 nfrd960 - ok
19:35:44.0763 0x18c4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:35:45.0014 0x18c4 NlaSvc - ok
19:35:45.0396 0x18c4 [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF C:\Windows\system32\DRIVERS\npf.sys
19:35:45.0517 0x18c4 NPF - ok
19:35:45.0557 0x18c4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:35:45.0789 0x18c4 Npfs - ok
19:35:45.0910 0x18c4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:35:46.0126 0x18c4 nsi - ok
19:35:46.0425 0x18c4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:35:46.0889 0x18c4 nsiproxy - ok
19:35:47.0668 0x18c4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:35:47.0779 0x18c4 Ntfs - ok
19:35:47.0843 0x18c4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:35:48.0020 0x18c4 Null - ok
19:35:48.0129 0x18c4 [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
19:35:48.0419 0x18c4 nusb3hub - ok
19:35:48.0550 0x18c4 [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:35:48.0756 0x18c4 nusb3xhc - ok
19:35:49.0085 0x18c4 [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
19:35:49.0549 0x18c4 NVENETFD - ok
19:35:49.0848 0x18c4 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:35:49.0943 0x18c4 NVHDA - ok
19:35:53.0039 0x18c4 [ 6DDB922F08C17C342F1FB868D7EB22CD, A62E476FD377EA9974122DC7C426735B6BE5CECCD0D3DA22502DF7CBB208B49E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:35:53.0593 0x18c4 nvlddmkm - ok
19:35:54.0544 0x18c4 [ 2CCD9A74A0F9C7605EAFA3F3AC8DC476, DEE95B0C0CA4525850E06AD3C1233A6C6E88D97EE874F83801686B87FD23F0BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:35:54.0715 0x18c4 NvNetworkService - ok
19:35:54.0885 0x18c4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:35:54.0885 0x1d08 Object required for P2P: [ 5096855DA1FB50A028ACA15B5CC358D9 ] McAfee SiteAdvisor Service
19:35:54.0977 0x18c4 nvraid - ok
19:35:55.0092 0x18c4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:35:55.0172 0x18c4 nvstor - ok
19:35:55.0666 0x18c4 [ 2F61DB46C84CCBB5D9F75065A85D2173, 79049D42F0D82BD3C5A9C8231CF2F412B50C9E6483DB14F41CD48301D85C166C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:35:55.0762 0x18c4 NvStreamKms - ok
19:35:57.0369 0x18c4 [ 6F5AC1C495DA6D19AF99A59DC44BC13F, 61E8C0C0B9EEEF6ADE86AD4BC8D43256A6B20AEEB43BBC3C44B3B6140544259F ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:35:57.0424 0x1d08 Object send P2P result: true
19:35:57.0741 0x18c4 NvStreamNetworkSvc - ok
19:36:00.0028 0x18c4 [ 73FA6B2DF3348AF05E1F98310854BD4F, F0B7CF54495C81EE4C8B44580E399F3B22E190CB553AC7BA8E2DC13A28477566 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:36:00.0359 0x18c4 NvStreamSvc - ok
19:36:01.0395 0x18c4 [ 5A3DE85307FB54C09C0D1D52B97916FE, EAE8FF99337557F60078F94F952BAC48880CA279A763FD14E098E34B4EE8534F ] nvsvc C:\Windows\system32\nvvsvc.exe
19:36:01.0530 0x18c4 nvsvc - ok
19:36:01.0810 0x18c4 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:36:01.0952 0x18c4 nvvad_WaveExtensible - ok
19:36:02.0160 0x18c4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:36:02.0386 0x18c4 nv_agp - ok
19:36:02.0627 0x18c4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:36:02.0823 0x1fe4 Object required for P2P: [ 6F5AC1C495DA6D19AF99A59DC44BC13F ] NvStreamNetworkSvc
19:36:02.0920 0x18c4 ohci1394 - ok
19:36:04.0036 0x18c4 [ 40CB809645F1D0A93C535F9B0402F269, E683ED4ED824CE4E49715F23E3D3E8245B398D7A0D279E1F31470B9D7AF7E223 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:36:04.0201 0x18c4 Origin Client Service - ok
19:36:04.0331 0x18c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:36:04.0650 0x18c4 p2pimsvc - ok
19:36:04.0848 0x18c4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:36:05.0003 0x18c4 p2psvc - ok
19:36:05.0239 0x18c4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:36:05.0379 0x18c4 Parport - ok
19:36:05.0423 0x18c4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:36:05.0513 0x18c4 partmgr - ok
19:36:05.0607 0x18c4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:36:05.0690 0x1fe4 Object send P2P result: true
19:36:05.0858 0x18c4 PcaSvc - ok
19:36:05.0991 0x18c4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:36:06.0211 0x18c4 pci - ok
19:36:06.0312 0x18c4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:36:06.0461 0x18c4 pciide - ok
19:36:06.0600 0x18c4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:36:06.0683 0x18c4 pcmcia - ok
19:36:06.0788 0x18c4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:36:06.0887 0x18c4 pcw - ok
19:36:07.0436 0x18c4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:36:07.0932 0x18c4 PEAUTH - ok
19:36:08.0145 0x18c4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:36:08.0598 0x18c4 PeerDistSvc - ok
19:36:13.0147 0x18c4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:36:13.0351 0x18c4 PerfHost - ok
19:36:13.0734 0x18c4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:36:13.0978 0x18c4 pla - ok
19:36:14.0108 0x18c4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:36:14.0330 0x18c4 PlugPlay - ok
19:36:14.0459 0x18c4 PnkBstrA - ok
19:36:14.0524 0x18c4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:36:14.0622 0x18c4 PNRPAutoReg - ok
19:36:14.0649 0x18c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:36:14.0780 0x18c4 PNRPsvc - ok
19:36:14.0844 0x078c Object required for P2P: [ 73FA6B2DF3348AF05E1F98310854BD4F ] NvStreamSvc
19:36:14.0881 0x18c4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:36:15.0101 0x18c4 PolicyAgent - ok
19:36:15.0205 0x18c4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:36:15.0353 0x18c4 Power - ok
19:36:15.0467 0x18c4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:36:15.0656 0x18c4 PptpMiniport - ok
19:36:15.0716 0x18c4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:36:15.0814 0x18c4 Processor - ok
19:36:16.0007 0x18c4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:36:16.0332 0x18c4 ProfSvc - ok
19:36:16.0393 0x18c4 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] ProtectedStorage C:\Windows\system32\lsass.exe
19:36:16.0446 0x18c4 ProtectedStorage - ok
19:36:16.0615 0x18c4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:36:16.0742 0x18c4 Psched - ok
19:36:17.0200 0x18c4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:36:17.0299 0x18c4 ql2300 - ok
19:36:17.0389 0x18c4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:36:17.0435 0x078c Object send P2P result: true
19:36:17.0437 0x078c Object required for P2P: [ 5A3DE85307FB54C09C0D1D52B97916FE ] nvsvc
19:36:17.0481 0x18c4 ql40xx - ok
19:36:17.0592 0x18c4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:36:17.0768 0x18c4 QWAVE - ok
19:36:17.0836 0x18c4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:36:17.0964 0x18c4 QWAVEdrv - ok
19:36:18.0026 0x18c4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:36:18.0220 0x18c4 RasAcd - ok
19:36:18.0478 0x18c4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:36:18.0652 0x18c4 RasAgileVpn - ok
19:36:18.0725 0x18c4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:36:18.0868 0x18c4 RasAuto - ok
19:36:18.0950 0x18c4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:36:19.0142 0x18c4 Rasl2tp - ok
19:36:19.0292 0x18c4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:36:19.0480 0x18c4 RasMan - ok
19:36:19.0539 0x18c4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:36:19.0922 0x18c4 RasPppoe - ok
19:36:19.0973 0x078c Object send P2P result: true
19:36:20.0002 0x18c4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:36:20.0178 0x18c4 RasSstp - ok
19:36:20.0382 0x18c4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:36:20.0516 0x18c4 rdbss - ok
19:36:20.0571 0x18c4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:36:20.0904 0x18c4 rdpbus - ok
19:36:21.0054 0x18c4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:36:21.0557 0x18c4 RDPCDD - ok
19:36:21.0651 0x18c4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:36:21.0818 0x18c4 RDPDR - ok
19:36:21.0897 0x18c4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:36:22.0090 0x18c4 RDPENCDD - ok
19:36:22.0112 0x18c4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:36:22.0493 0x18c4 RDPREFMP - ok
19:36:22.0595 0x18c4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:36:22.0854 0x18c4 RDPWD - ok
19:36:22.0996 0x18c4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:36:23.0133 0x18c4 rdyboost - ok
19:36:23.0258 0x18c4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:36:23.0509 0x18c4 RemoteAccess - ok
19:36:23.0619 0x18c4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:36:23.0941 0x18c4 RemoteRegistry - ok
19:36:24.0284 0x18c4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:36:24.0680 0x18c4 RFCOMM - ok
19:36:24.0852 0x18c4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:36:25.0052 0x18c4 RpcEptMapper - ok
19:36:25.0156 0x18c4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:36:25.0365 0x18c4 RpcLocator - ok
19:36:25.0644 0x18c4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:36:25.0784 0x18c4 RpcSs - ok
19:36:25.0948 0x18c4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:36:26.0170 0x18c4 rspndr - ok
19:36:26.0523 0x18c4 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:36:26.0652 0x18c4 RTL8167 - ok
19:36:26.0767 0x18c4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:36:27.0496 0x18c4 s3cap - ok
19:36:27.0558 0x18c4 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] SamSs C:\Windows\system32\lsass.exe
19:36:27.0672 0x18c4 SamSs - ok
19:36:27.0792 0x18c4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:36:27.0888 0x18c4 sbp2port - ok
19:36:28.0031 0x18c4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:36:28.0156 0x18c4 SCardSvr - ok
19:36:28.0235 0x18c4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:36:28.0396 0x18c4 scfilter - ok
19:36:28.0862 0x18c4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
19:36:29.0172 0x18c4 Schedule - ok
19:36:29.0503 0x18c4 [ 2A50BE713FAF033420466C25979C028E, 46EAF744B8EB23F5D134D63C4600EE46662FAB28282CD762945DFB448D2463B3 ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
19:36:29.0582 0x18c4 SCMNdisP - ok
19:36:29.0643 0x18c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:36:29.0720 0x18c4 SCPolicySvc - ok
19:36:29.0854 0x18c4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:36:30.0144 0x18c4 SDRSVC - ok
19:36:30.0235 0x18c4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:36:30.0584 0x18c4 secdrv - ok
19:36:30.0659 0x18c4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:36:30.0814 0x18c4 seclogon - ok
19:36:30.0921 0x18c4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:36:31.0123 0x18c4 SENS - ok
19:36:31.0205 0x18c4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:36:31.0485 0x18c4 SensrSvc - ok
19:36:31.0512 0x18c4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:36:31.0942 0x18c4 Serenum - ok
19:36:32.0135 0x18c4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:36:32.0504 0x18c4 Serial - ok
19:36:32.0738 0x18c4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:36:32.0938 0x18c4 sermouse - ok
19:36:33.0014 0x18c4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:36:33.0188 0x18c4 SessionEnv - ok
19:36:33.0267 0x18c4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:36:33.0471 0x18c4 sffdisk - ok
19:36:33.0509 0x18c4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:36:33.0727 0x18c4 sffp_mmc - ok
19:36:33.0758 0x18c4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:36:33.0941 0x18c4 sffp_sd - ok
19:36:34.0041 0x18c4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:36:34.0254 0x18c4 sfloppy - ok
19:36:34.0441 0x18c4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:36:34.0598 0x18c4 SharedAccess - ok
19:36:34.0777 0x18c4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:36:34.0927 0x18c4 ShellHWDetection - ok
19:36:34.0946 0x18c4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:36:35.0070 0x18c4 SiSRaid2 - ok
19:36:35.0096 0x18c4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:36:35.0196 0x18c4 SiSRaid4 - ok
19:36:35.0918 0x18c4 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:36:36.0000 0x18c4 SkypeUpdate - ok
19:36:36.0091 0x18c4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:36:36.0276 0x18c4 Smb - ok
19:36:36.0450 0x18c4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:36:36.0616 0x18c4 SNMPTRAP - ok
19:36:36.0659 0x18c4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:36:36.0750 0x18c4 spldr - ok
19:36:37.0104 0x18c4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:36:37.0429 0x18c4 Spooler - ok
19:36:38.0108 0x18c4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:36:38.0640 0x18c4 sppsvc - ok
19:36:38.0744 0x18c4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:36:38.0909 0x18c4 sppuinotify - ok
19:36:39.0082 0x18c4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:36:39.0203 0x18c4 srv - ok
19:36:39.0458 0x18c4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:36:39.0726 0x18c4 srv2 - ok
19:36:39.0912 0x18c4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:36:40.0243 0x18c4 srvnet - ok
19:36:40.0454 0x18c4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:36:40.0729 0x18c4 SSDPSRV - ok
19:36:40.0793 0x18c4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:36:40.0987 0x18c4 SstpSvc - ok
19:36:41.0211 0x18c4 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:36:41.0309 0x18c4 ssudmdm - ok
19:36:41.0836 0x18c4 [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:36:41.0959 0x18c4 Steam Client Service - ok
19:36:42.0543 0x18c4 [ 937821881026EBE17DA25285CD5461A8, 79C503798BD6CE218598229AAB417EBD43E151A2E821BE99E138BFA9F841103A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:36:42.0624 0x18c4 Stereo Service - ok
19:36:42.0718 0x18c4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:36:42.0795 0x18c4 stexstor - ok
19:36:43.0238 0x18c4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:36:43.0401 0x18c4 stisvc - ok
19:36:43.0553 0x18c4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:36:43.0654 0x18c4 storflt - ok
19:36:43.0705 0x18c4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
19:36:43.0978 0x18c4 StorSvc - ok
19:36:44.0021 0x18c4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:36:44.0168 0x18c4 storvsc - ok
19:36:44.0227 0x18c4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
19:36:44.0311 0x18c4 swenum - ok
19:36:44.0545 0x18c4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:36:44.0742 0x18c4 swprv - ok
19:36:44.0749 0x18c4 symsnap - ok
19:36:45.0207 0x18c4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
19:36:45.0563 0x18c4 SysMain - ok
19:36:45.0670 0x18c4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:36:45.0837 0x18c4 TabletInputService - ok
19:36:46.0077 0x18c4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:36:46.0271 0x18c4 TapiSrv - ok
19:36:46.0358 0x18c4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:36:46.0431 0x18c4 TBS - ok
19:36:47.0259 0x18c4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:36:47.0433 0x18c4 Tcpip - ok
19:36:47.0579 0x18c4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:36:47.0734 0x18c4 TCPIP6 - ok
19:36:47.0834 0x18c4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:36:47.0993 0x18c4 tcpipreg - ok
19:36:48.0127 0x18c4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:36:48.0610 0x18c4 TDPIPE - ok
19:36:48.0695 0x18c4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:36:49.0204 0x18c4 TDTCP - ok
19:36:49.0345 0x18c4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:36:49.0790 0x18c4 tdx - ok
19:36:49.0871 0x18c4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
19:36:50.0057 0x18c4 TermDD - ok
19:36:50.0170 0x18c4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:36:50.0525 0x18c4 TermService - ok
19:36:50.0624 0x18c4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:36:50.0769 0x18c4 Themes - ok
19:36:50.0844 0x18c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:36:50.0987 0x18c4 THREADORDER - ok
19:36:51.0146 0x18c4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:36:51.0326 0x18c4 TrkWks - ok
19:36:51.0491 0x18c4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:36:51.0721 0x18c4 TrustedInstaller - ok
19:36:51.0820 0x18c4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:36:51.0990 0x18c4 tssecsrv - ok
19:36:52.0222 0x18c4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:36:52.0744 0x18c4 TsUsbFlt - ok
19:36:53.0012 0x18c4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:36:53.0218 0x18c4 tunnel - ok
19:36:53.0257 0x18c4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:36:53.0327 0x18c4 uagp35 - ok
19:36:53.0401 0x18c4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:36:53.0539 0x18c4 udfs - ok
19:36:53.0647 0x18c4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:36:53.0786 0x18c4 UI0Detect - ok
19:36:54.0004 0x18c4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:36:54.0094 0x18c4 uliagpkx - ok
19:36:54.0172 0x18c4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
19:36:54.0526 0x18c4 umbus - ok
19:36:54.0581 0x18c4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:36:54.0695 0x18c4 UmPass - ok
19:36:54.0885 0x18c4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
19:36:55.0135 0x18c4 UmRdpService - ok
19:36:55.0300 0x18c4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:36:55.0432 0x18c4 upnphost - ok
19:36:55.0591 0x18c4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:36:56.0052 0x18c4 usbccgp - ok
19:36:56.0120 0x18c4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:36:56.0447 0x18c4 usbcir - ok
19:36:56.0571 0x18c4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:36:56.0743 0x18c4 usbehci - ok
19:36:57.0044 0x18c4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:36:57.0146 0x18c4 usbhub - ok
19:36:57.0261 0x18c4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:36:57.0347 0x18c4 usbohci - ok
19:36:57.0500 0x18c4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:36:57.0716 0x18c4 usbprint - ok
19:36:58.0101 0x18c4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:36:58.0345 0x18c4 usbscan - ok
19:36:58.0438 0x18c4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:36:58.0635 0x18c4 USBSTOR - ok
19:36:58.0743 0x18c4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:36:58.0858 0x18c4 usbuhci - ok
19:36:58.0940 0x18c4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:36:59.0061 0x18c4 UxSms - ok
19:36:59.0157 0x18c4 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] VaultSvc C:\Windows\system32\lsass.exe
19:36:59.0218 0x18c4 VaultSvc - ok
19:36:59.0385 0x18c4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:36:59.0452 0x18c4 vdrvroot - ok
19:36:59.0844 0x18c4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:37:00.0025 0x18c4 vds - ok
19:37:00.0158 0x18c4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:37:00.0236 0x18c4 vga - ok
19:37:00.0258 0x18c4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:37:00.0700 0x18c4 VgaSave - ok
19:37:00.0842 0x18c4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:37:00.0916 0x18c4 vhdmp - ok
19:37:00.0991 0x18c4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:37:01.0053 0x18c4 viaide - ok
19:37:01.0217 0x18c4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:37:01.0291 0x18c4 vmbus - ok
19:37:01.0319 0x18c4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:37:01.0719 0x18c4 VMBusHID - ok
19:37:01.0813 0x18c4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:37:01.0906 0x18c4 volmgr - ok
19:37:02.0156 0x18c4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:37:02.0259 0x18c4 volmgrx - ok
19:37:02.0415 0x18c4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:37:02.0491 0x18c4 volsnap - ok
19:37:02.0592 0x18c4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:37:02.0673 0x18c4 vsmraid - ok
19:37:03.0059 0x18c4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:37:03.0285 0x18c4 VSS - ok
19:37:03.0357 0x18c4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:37:03.0534 0x18c4 vwifibus - ok
19:37:03.0639 0x18c4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:37:03.0810 0x18c4 vwififlt - ok
19:37:04.0001 0x18c4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:37:04.0123 0x18c4 W32Time - ok
19:37:04.0177 0x18c4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:37:04.0455 0x18c4 WacomPen - ok
19:37:04.0668 0x18c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:37:04.0870 0x18c4 WANARP - ok
19:37:04.0901 0x18c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:37:05.0051 0x18c4 Wanarpv6 - ok
19:37:05.0600 0x18c4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:37:05.0793 0x18c4 WatAdminSvc - ok
19:37:06.0394 0x18c4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:37:06.0724 0x18c4 wbengine - ok
19:37:06.0855 0x18c4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:37:06.0969 0x18c4 WbioSrvc - ok
19:37:07.0101 0x18c4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:37:07.0284 0x18c4 wcncsvc - ok
19:37:07.0332 0x18c4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:37:07.0559 0x18c4 WcsPlugInService - ok
19:37:07.0621 0x18c4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:37:07.0747 0x18c4 Wd - ok
19:37:08.0129 0x18c4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:37:08.0261 0x18c4 Wdf01000 - ok
19:37:08.0442 0x18c4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:37:08.0579 0x18c4 WdiServiceHost - ok
19:37:08.0600 0x18c4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:37:08.0688 0x18c4 WdiSystemHost - ok
19:37:08.0807 0x18c4 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
19:37:09.0032 0x18c4 WebClient - ok
19:37:09.0145 0x18c4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:37:09.0253 0x18c4 Wecsvc - ok
19:37:09.0361 0x18c4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:37:09.0524 0x18c4 wercplsupport - ok
19:37:09.0643 0x18c4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:37:09.0824 0x18c4 WerSvc - ok
19:37:10.0154 0x18c4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:37:10.0390 0x18c4 WfpLwf - ok
19:37:10.0466 0x18c4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:37:10.0562 0x18c4 WIMMount - ok
19:37:10.0640 0x18c4 WinDefend - ok
19:37:10.0681 0x18c4 WinHttpAutoProxySvc - ok
19:37:11.0184 0x18c4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:37:11.0371 0x18c4 Winmgmt - ok
19:37:11.0975 0x18c4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
19:37:12.0437 0x18c4 WinRM - ok
19:37:12.0796 0x18c4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:37:13.0217 0x18c4 WinUsb - ok
19:37:13.0449 0x18c4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:37:13.0635 0x18c4 Wlansvc - ok
19:37:14.0833 0x18c4 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:37:14.0979 0x18c4 wlidsvc - ok
19:37:15.0086 0x18c4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:37:15.0194 0x18c4 WmiAcpi - ok
19:37:15.0322 0x18c4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:37:15.0414 0x18c4 wmiApSrv - ok
19:37:15.0759 0x18c4 WMPNetworkSvc - ok
19:37:15.0998 0x18c4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:37:16.0342 0x18c4 WPCSvc - ok
19:37:16.0439 0x18c4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:37:16.0786 0x18c4 WPDBusEnum - ok
19:37:16.0881 0x18c4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:37:17.0213 0x18c4 ws2ifsl - ok
19:37:17.0340 0x18c4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:37:17.0518 0x18c4 wscsvc - ok
19:37:17.0524 0x18c4 WSearch - ok
19:37:17.0923 0x18c4 [ 727D9A2400F499672D1F74761B98CC1C, 6A59094E2B611ACC0572F802D24C4803E3C79EC1D9E7C1CE5909C398375BA43A ] WSWNA3100 C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
19:37:18.0009 0x18c4 WSWNA3100 - ok
19:37:18.0863 0x18c4 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\Windows\system32\wuaueng.dll
19:37:19.0241 0x18c4 wuauserv - ok
19:37:19.0318 0x18c4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:37:19.0656 0x18c4 WudfPf - ok
19:37:19.0809 0x18c4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:37:20.0007 0x18c4 WUDFRd - ok
19:37:20.0081 0x18c4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:37:20.0475 0x18c4 wudfsvc - ok
19:37:20.0617 0x18c4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:37:20.0782 0x18c4 WwanSvc - ok
19:37:21.0212 0x18c4 ================ Scan global ===============================
19:37:21.0281 0x18c4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:37:21.0364 0x18c4 [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
19:37:21.0422 0x18c4 [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
19:37:21.0525 0x18c4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:37:21.0818 0x18c4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:37:21.0871 0x18c4 [ Global ] - ok
19:37:21.0873 0x18c4 ================ Scan MBR ==================================
19:37:21.0908 0x18c4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:37:25.0037 0x18c4 \Device\Harddisk0\DR0 - ok
19:37:25.0039 0x18c4 ================ Scan VBR ==================================
19:37:25.0063 0x18c4 [ 589FCE2AD11B1BFE5BE0FCD277CDAA75 ] \Device\Harddisk0\DR0\Partition1
19:37:25.0478 0x18c4 \Device\Harddisk0\DR0\Partition1 - ok
19:37:25.0537 0x18c4 [ 1CD871DBDAD787F69205B020AD69734C ] \Device\Harddisk0\DR0\Partition2
19:37:25.0751 0x18c4 \Device\Harddisk0\DR0\Partition2 - ok
19:37:25.0751 0x18c4 ================ Scan generic autorun ======================
19:37:25.0980 0x18c4 [ A04D0BDF9433058CE16E391475D88C32, 07E3FE3866A007DAD5CD0B0516A48C4EAC453F1F84924C84616F2463F993D0BC ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
19:37:26.0322 0x18c4 AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
19:37:28.0737 0x18c4 Detect skipped due to KSN trusted
19:37:28.0737 0x18c4 AtherosBtStack - ok
19:37:28.0963 0x18c4 [ E9C7BABF59C91F83115FB5D890364561, EC980F465D0D1F0EAA5DBDA230A626C5AA90678C967A2CBD12789DCE0AB811FF ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
19:37:29.0479 0x18c4 AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
19:37:32.0616 0x18c4 Detect skipped due to KSN trusted
19:37:32.0616 0x18c4 AthBtTray - ok
19:37:32.0708 0x18c4 [ 1BD833293DC78C3C66F55CB31AC27353, D10AB0F9F0073EDCAF8E4C4E82830A2A7F86EEE7F7C408B320F504A76C5ACD11 ] C:\Windows\system32\igfxtray.exe
19:37:32.0780 0x18c4 IgfxTray - ok
19:37:32.0987 0x18c4 [ 1FB519690A010AF3EDCA60FED6F02C20, 84DF42D34415F9B464BDB6559A674EED25A9E3A0A599E51E5D884E2DB71D9867 ] C:\Windows\system32\hkcmd.exe
19:37:33.0101 0x18c4 HotKeysCmds - ok
19:37:33.0294 0x18c4 [ 63AC9EF9DA04681A456497F4C305E49E, 880D42EA08F3F04B8948E91370851E2DB8CFCC23E61C07087CCFBEF7E6EC6C52 ] C:\Windows\system32\igfxpers.exe
19:37:33.0410 0x18c4 Persistence - ok
19:37:33.0411 0x18c4 Nvtmru - ok
19:37:33.0523 0x18c4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:37:33.0651 0x18c4 ShadowPlay - ok
19:37:33.0934 0x18c4 [ DD37DC13DF1224A8719208AE5CDE2B63, EA365A7358637C555D8CDEDD59BCA574C8B6EB8BB3C1B8790FEC7D76A37FC4AB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:37:34.0103 0x18c4 NvBackend - ok
19:37:34.0270 0x18c4 [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
19:37:34.0344 0x18c4 NUSB3MON - ok
19:37:34.0885 0x18c4 [ 27EC2B877B292061B4367F3667F5F0A0, 3D9E35DDF0D4D06B926E37DE81BAAA1B8D75B568915F68CAE0763F62A5BAE24F ] C:\Program Files\McAfee.com\Agent\mcagent.exe
19:37:34.0985 0x18c4 mcui_exe - ok
19:37:35.0312 0x18c4 [ BBCCA29684E7C80B7AE4F5680EDF6FA8, 1101DCCB6CD0C45308F4A23DC4EEF6C6A7EE89C3A0A9FA74F5D2AFBACE6DCC98 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
19:37:35.0399 0x18c4 DivXMediaServer - ok
19:37:36.0012 0x18c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:37:36.0776 0x18c4 Sidebar - ok
19:37:36.0950 0x18c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:37:37.0369 0x18c4 mctadmin - ok
19:37:37.0426 0x18c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:37:37.0581 0x18c4 Sidebar - ok
19:37:37.0621 0x18c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:37:37.0683 0x18c4 mctadmin - ok
19:37:38.0308 0x18c4 [ 7AB06BB56EA5AAB7340CDCED56A0486F, 2992F9DD854ADE90EA734F01B41FEE12C4080A82B564BF3D20B08ED54380AFB9 ] C:\Program Files (x86)\Steam\steam.exe
19:37:38.0499 0x18c4 Steam - ok
19:37:38.0929 0x18c4 icq - ok
19:37:40.0128 0x18c4 [ 8B8E3CEECD3C9709D1E0DAB2E25565F7, C9ACD0669136667157AF433A96C0C00F771122CE4A3BA0D3924DD635C37BF5D0 ] C:\Program Files (x86)\Origin\Origin.exe
19:37:40.0342 0x18c4 EADM - ok
19:37:41.0102 0x18c4 [ F5ED26AB8BDD951BFAC8BBD0D68BA3E9, 418A80F9213A6E830777DE6E8A0F5E5B4BE5B36F4767B056827682EC7F3C8BBF ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
19:37:41.0249 0x18c4 KiesPreload - ok
19:37:41.0255 0x18c4 KiesAirMessage - ok
19:37:41.0263 0x18c4 Waiting for KSN requests completion. In queue: 15
19:37:42.0263 0x18c4 Waiting for KSN requests completion. In queue: 15
19:37:43.0263 0x18c4 Waiting for KSN requests completion. In queue: 15
19:37:43.0677 0x1e5c Object required for P2P: [ 7AB06BB56EA5AAB7340CDCED56A0486F ] C:\Program Files (x86)\Steam\steam.exe
19:37:44.0263 0x18c4 Waiting for KSN requests completion. In queue: 3
19:37:45.0263 0x18c4 Waiting for KSN requests completion. In queue: 3
19:37:46.0137 0x1e5c Object send P2P result: true
19:37:46.0915 0x18c4 AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
19:37:46.0925 0x18c4 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
19:37:49.0337 0x18c4 ============================================================
19:37:49.0337 0x18c4 Scan finished
19:37:49.0337 0x18c4 ============================================================
19:37:49.0347 0x08ac Detected object count: 1
19:37:49.0347 0x08ac Actual detected object count: 1
19:38:29.0844 0x08ac HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
19:38:29.0844 0x08ac HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich hoffe das passt so^^ Geändert von Mario1990 (25.01.2016 um 19:52 Uhr) |
|
26.01.2016, 13:50
| #5 |
| /// TB-Ausbilder | McAfee entdeckt Artemis!D..... Servus, McAfee bitte deaktivieren, wenn es bei einem der Schritte Probleme geben sollte. Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
26.01.2016, 20:38
| #6 |
| | McAfee entdeckt Artemis!D..... Ok AdwCleaner Code:
ATTFilter # AdwCleaner v5.031 - Bericht erstellt am 26/01/2016 um 19:33:45
# Aktualisiert am 25/01/2016 von Xplode
# Datenbank : 2016-01-25.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Blutrunstjack - KABELJAU
# Gestartet von : C:\Users\Blutrunstjack\Downloads\AdwCleaner_5.031.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst Gelöscht : APNMCP
[-] Dienst Gelöscht : CltMngSvc
***** [ Ordner ] *****
[#] Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
[-] Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
[-] Ordner Gelöscht : C:\Users\BLUTRU~1\AppData\Local\Temp\apn
[-] Ordner Gelöscht : C:\Users\BLUTRU~1\AppData\Local\Temp\APN-Stub
[-] Ordner Gelöscht : C:\Users\BLUTRU~1\AppData\Local\Temp\mt_ffx
[-] Ordner Gelöscht : C:\Users\BLUTRU~1\AppData\Local\Temp\OCS
[-] Ordner Gelöscht : C:\Users\Blutrunstjack\AppData\Local\AskPartnerNetwork
[-] Ordner Gelöscht : C:\Users\Blutrunstjack\AppData\Local\SearchProtect
[-] Ordner Gelöscht : C:\Users\Blutrunstjack\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[-] Ordner Gelöscht : C:\Users\Blutrunstjack\AppData\Roaming\AdvertismentImages
[-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
[-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\searchplugins\ask-search.xml
[-] Datei Gelöscht : C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\searchplugins\BrowserDefender.xml
[-] Datei Gelöscht : C:\Windows\apppatch\apppatch64\vcldr64.dll
[-] Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
[-] Datei Gelöscht : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
[-] Datei Gelöscht : C:\Windows\AppPatch\nbin\VC32Loader.dll
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Geplante Aufgabe Gelöscht : Scheduled Update for Ask Toolbar
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F2B4220-82A3-4874-BD29-F35282E25615}
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTBMon]
***** [ Internetbrowser ] *****
[-] [C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.APN_TB.first-previous-keyword-url", "hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE544&p=");
[-] [C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npdicihegicnhaangkdmcgbjceoemeoo
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner[R1].txt - [12767 Bytes] - [11/07/2013 19:07:02]
C:\AdwCleaner[S1].txt - [13044 Bytes] - [11/07/2013 19:07:54]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11707 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Professional x64
Ran by Blutrunstjack (Administrator) on 26.01.2016 at 20:23:46,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 21
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U1KHE2N (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4NZKX4A8 (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8J1O4QLE (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9EDTKUS2 (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6EIRTRI (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CCS8XL63 (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DFE76CEZ (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E7QSVYIC (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EE6D3ESU (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KJRPJTHL (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PEK3QGYN (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRKQLTI0 (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0WUW0K6 (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SHNRU0Z6 (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSQFKP22 (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKWG6IQF (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\US5NYVNZ (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V87PQY77 (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VD4XNXXF (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHMFC15V (Folder)
Successfully deleted: C:\Users\Blutrunstjack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YJWP0B4X (Folder)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.01.2016 at 20:27:59,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 26.01.2016 Suchlaufzeit: 19:51 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.26.06 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Blutrunstjack Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 362120 Abgelaufene Zeit: 19 Min., 11 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 7 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , In Quarantäne, [d965112dedac70c681ef1ed2de25ea16], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [51ed74ca5445c076cfe248eb30d42cd4], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [7cc252ec8712999d3a78161d986c2ed2], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\bvxvbxxvaa, Löschen bei Neustart, [f04ecf6f4752a294b7fc2e0547bd2fd1], PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUserD043F5E6BCFD4F9889BFC20DD3F91B7C, Löschen bei Neustart, [ec52a09ec5d41026427eb12ce3208c74], PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnce426B5F89BF3D491F9751AFC9DE7BE809, Löschen bei Neustart, [37075ce29aff6acc744c06d77093ca36], PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5637-4300-76A7-A758B70C2600}, In Quarantäne, [53ebbf7f64350e28ceae0eecf013c33d], Registrierungswerte: 9 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130982092507194342, In Quarantäne, [cd71bb836a2faf874e2107e9768d8080] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130982092507194342, In Quarantäne, [b08ecd715544171f294659972ad933cd] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130982092507194342, In Quarantäne, [61ddfd41d3c6d363cba4945c1fe4619f] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130982092507194342, In Quarantäne, [a5992d118019cd695b149a56c241bb45] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130982092507194342, In Quarantäne, [c27caa948c0d290d056a7080ab584bb5] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130982092507194342, In Quarantäne, [89b5be80396093a3a0cfdd136c9731cf] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130982092507194342, In Quarantäne, [d965112dedac70c681ef1ed2de25ea16] PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ApnTBMon, "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe", In Quarantäne, [ba84ee50f3a6f244c8e249996e94ac54] PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5637-4300-76A7-A758B70C2600}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ-V7C\, In Quarantäne, [53ebbf7f64350e28ceae0eecf013c33d] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 5 PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.Conduit, C:\Users\Blutrunstjack\AppData\Local\Temp\ct3288691, In Quarantäne, [8cb2da643663cd6999edf6fb19eb34cc], PUP.Optional.Conduit, C:\Users\Blutrunstjack\AppData\Local\Temp\ct3297861, In Quarantäne, [5be35ee08d0cab8b5b2ba1503ec67d83], Dateien: 54 PUP.Optional.APNToolBar, C:\Users\Blutrunstjack\AppData\Local\Temp\APNSetup.exe, In Quarantäne, [7dc199a50297d0661038c36fb15028d8], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\Setup.exe, In Quarantäne, [51eda797f7a288ae08c0d4dcaf5220e0], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\bvxvbxxvaa.exe, In Quarantäne, [e35bb88607920531e4e63c74d42dac54], PUP.Optional.WinYahoo, C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi, In Quarantäne, [bb839ea00396a98dae058a6b976cb848], PUP.Optional.ASK.Gen, C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\extensions\toolbar_ORJ-V7C@apn.ask.com.xpi, In Quarantäne, [74ca0b33d1c882b4720644b66f948977], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\System32\Tasks\bvxvbxxvaa, In Quarantäne, [231b71cde9b0072fdcbfdd56659fe51b], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msibb83c53b-a2a0-44a7-9332-68009e1aa902.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb496b6681-53c0-4f9d-a50d-216ae19524c3.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi05ef7ddc-1694-4aa7-b44a-ebc85b63fa8e.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi0ef27160-fb0c-4b8e-9b69-63045837b476.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi3d947fed-d1ab-42f8-8c18-03f7ed47b4d2.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi4d173bc1-148b-468c-ab89-9f91adeeb5c4.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi695272df-21fe-4aa6-98c7-fc532951b608.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi69acd41d-b3cd-4b33-9a6d-8205fedf3f00.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi7234ec8a-b9db-417a-9ae6-3d43903839c5.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi80bbc486-4c0f-40ff-b61f-ec1309ff4a41.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi8f81d751-53fc-43d8-914b-169ad09eed2b.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msi952e9ab7-c16c-4891-b561-1928e6c6261b.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msib1731b88-b4af-4d38-9e83-5eb3ad7f4e23.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb4d173bc1-148b-468c-ab89-9f91adeeb5c4.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb695272df-21fe-4aa6-98c7-fc532951b608.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb69acd41d-b3cd-4b33-9a6d-8205fedf3f00.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb7234ec8a-b9db-417a-9ae6-3d43903839c5.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb80bbc486-4c0f-40ff-b61f-ec1309ff4a41.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb8f81d751-53fc-43d8-914b-169ad09eed2b.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb952e9ab7-c16c-4891-b561-1928e6c6261b.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msicea76505-f42d-4fd9-b3e2-c23b80e27b4d.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msid5e95e34-4061-4dec-b613-1c100d44da4f.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msie2e8bb7e-8761-46a4-b69f-bf22d98d944b.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msie3d977ba-a8e1-4522-8785-60e8d1d17708.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Msif6b9ce47-ad77-4d87-861c-39f738db9f54.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb04ea4bc5-15e1-409b-ab28-afefe2322ae1.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb05ef7ddc-1694-4aa7-b44a-ebc85b63fa8e.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb0ef27160-fb0c-4b8e-9b69-63045837b476.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stb3d947fed-d1ab-42f8-8c18-03f7ed47b4d2.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stbb1731b88-b4af-4d38-9e83-5eb3ad7f4e23.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stbbb83c53b-a2a0-44a7-9332-68009e1aa902.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stbcea76505-f42d-4fd9-b3e2-c23b80e27b4d.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stbd5e95e34-4061-4dec-b613-1c100d44da4f.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stbe2e8bb7e-8761-46a4-b69f-bf22d98d944b.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stbe3d977ba-a8e1-4522-8785-60e8d1d17708.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7C\Stbf6b9ce47-ad77-4d87-861c-39f738db9f54.log, In Quarantäne, [08360b336c2ddc5aece5ede8857dc43c], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\bahvxfk, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\mkfvxfk, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\pvpqbjobmlpfqlovvawq, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\qokvxfk, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\rfobmlpfqlovvawq, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\rpboobmlpfqlovvawq, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\stb.dat, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Blutrunstjack\AppData\Local\bvxvbxxvaa\ycfvxfk, In Quarantäne, [97a7a6984851f73f2f33c611d032c040], PUP.Optional.Conduit, C:\Users\Blutrunstjack\AppData\Local\Temp\ct3288691\setup.ini.txt, In Quarantäne, [8cb2da643663cd6999edf6fb19eb34cc], PUP.Optional.Conduit, C:\Users\Blutrunstjack\AppData\Local\Temp\ct3288691\chromeid.txt, In Quarantäne, [8cb2da643663cd6999edf6fb19eb34cc], PUP.Optional.Conduit, C:\Users\Blutrunstjack\AppData\Local\Temp\ct3297861\setup.ini.txt, In Quarantäne, [5be35ee08d0cab8b5b2ba1503ec67d83], PUP.Optional.Conduit, C:\Users\Blutrunstjack\AppData\Local\Temp\ct3297861\chromeid.txt, In Quarantäne, [5be35ee08d0cab8b5b2ba1503ec67d83], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-01-2016
durchgeführt von Blutrunstjack (Administrator) auf KABELJAU (26-01-2016 20:32:27)
Gestartet von C:\Users\Blutrunstjack\Downloads
Geladene Profile: Blutrunstjack (Verfügbare Profile: Blutrunstjack)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613024 2010-09-27] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-09-27] (Atheros Commnucations)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [723392 2015-12-03] (McAfee, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [SL-6397 Gaming Mouse] => C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe [3587584 2013-09-30] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [icq] => C:\Users\Blutrunstjack\AppData\Roaming\ICQM\icq.exe [28698984 2013-09-26] (ICQ)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2015-12-17] (Electronic Arts)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-10] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-09-29]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{92AFD7D6-B5F1-4D39-8E0F-49918F6CBEBD}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CE2A24CB-B01C-4EDD-8EEB-1441741BFBB6}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0&ocid=iehp
URLSearchHook: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 -> DefaultScope {C6F85299-3F43-4331-9B4A-191B93AE797A} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE544D20151108&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001 -> {C6F85299-3F43-4331-9B4A-191B93AE797A} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE544D20151108&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-09-27] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-22] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-12-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-12-03] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: hxxp://www.google.de/
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=mcafee&type=B111DE544D20130105&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-22] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3928150652-2756980015-3035233101-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Blutrunstjack\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\searchplugins\McSiteAdvisor.xml [2016-01-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-10-24]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]
FF Extension: WEB.DE MailCheck - C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\extensions\browser-mailcheck@web.de [2015-12-15]
FF Extension: Adblock Plus - C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Profiles\ee78iupo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-01-16] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-08-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Blutrunstjack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-22]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-09-27] (Atheros Commnucations) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-22] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-18] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-12-03] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-05] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] ()
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ArvoFltr; C:\Windows\System32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
S0 symsnap; system32\DRIVERS\symsnap.sys [X]
U2 V2iMount; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-26 20:27 - 2016-01-26 20:27 - 00003509 _____ C:\Users\Blutrunstjack\Desktop\JRT.txt
2016-01-26 20:21 - 2016-01-26 20:21 - 01600184 _____ (Malwarebytes) C:\Users\Blutrunstjack\Downloads\JRT.exe
2016-01-26 20:11 - 2016-01-26 20:11 - 00011974 _____ C:\Users\Blutrunstjack\Desktop\AdwCleaner[C1].txt
2016-01-26 19:45 - 2016-01-26 19:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-26 19:43 - 2016-01-26 19:43 - 00001114 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-26 19:43 - 2016-01-26 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-01-26 19:43 - 2016-01-26 19:43 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-01-26 19:43 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-26 19:43 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-26 19:25 - 2016-01-26 19:33 - 00000000 ____D C:\AdwCleaner
2016-01-26 19:23 - 2016-01-26 19:23 - 01507840 _____ C:\Users\Blutrunstjack\Downloads\AdwCleaner_5.031.exe
2016-01-26 18:08 - 2016-01-26 18:08 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-01-26 16:02 - 2016-01-26 19:48 - 00003846 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-01-25 19:30 - 2016-01-25 19:38 - 00229112 _____ C:\TDSSKiller.3.1.0.9_25.01.2016_19.30.51_log.txt
2016-01-25 19:29 - 2016-01-25 19:29 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Blutrunstjack\Downloads\tdsskiller.exe
2016-01-25 18:15 - 2016-01-25 18:15 - 00000222 _____ C:\Users\Blutrunstjack\Desktop\Royal Quest.url
2016-01-25 17:24 - 2016-01-25 17:26 - 00085782 _____ C:\Users\Blutrunstjack\Downloads\Addition.txt
2016-01-25 17:19 - 2016-01-26 20:32 - 00021523 _____ C:\Users\Blutrunstjack\Downloads\FRST.txt
2016-01-25 17:19 - 2016-01-26 20:32 - 00000000 ____D C:\FRST
2016-01-25 17:18 - 2016-01-25 17:18 - 02370560 _____ (Farbar) C:\Users\Blutrunstjack\Downloads\FRST64.exe
2016-01-25 16:54 - 2016-01-25 16:54 - 00602112 _____ (OldTimer Tools) C:\Users\Blutrunstjack\Downloads\OTL.exe
2016-01-25 16:52 - 2016-01-25 16:53 - 22908888 _____ (Malwarebytes ) C:\Users\Blutrunstjack\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-14 21:04 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-14 21:04 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-14 21:04 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-14 21:04 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-14 21:04 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-14 21:04 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-14 21:04 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-14 21:04 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-14 21:04 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-14 21:04 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-14 21:04 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-14 21:04 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-14 21:04 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-14 21:04 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-14 21:04 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-14 21:04 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-14 21:04 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-14 21:04 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-14 21:04 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-14 21:04 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-14 21:04 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-14 21:04 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-14 21:04 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-14 21:04 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-14 21:04 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-14 21:04 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-14 21:04 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-14 21:04 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-14 21:04 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-14 21:04 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-14 21:04 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-14 21:04 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-14 21:04 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-14 21:04 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-14 21:04 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-14 21:04 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-14 21:04 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-14 21:04 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-14 21:04 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-14 21:04 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-14 21:04 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-14 21:04 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-14 21:04 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-14 21:04 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-14 21:04 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-14 21:04 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-14 21:04 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-14 21:04 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-14 21:04 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-14 21:04 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-14 21:04 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-14 21:04 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-14 21:04 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-14 21:04 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-14 21:04 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-14 21:04 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-14 21:04 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-14 21:04 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-14 21:04 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-14 21:04 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-14 21:04 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-14 21:04 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-14 21:04 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-14 21:04 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-14 21:04 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-14 21:04 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-14 21:04 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-14 21:04 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-14 21:04 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-14 21:04 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-14 21:04 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-14 21:04 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-14 21:04 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-14 21:04 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-14 21:04 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-14 21:04 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-14 21:04 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-14 21:04 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-14 21:04 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-14 21:04 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-14 21:04 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-14 21:04 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-14 21:04 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-14 21:04 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-14 21:04 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-14 21:04 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-14 21:04 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-14 21:04 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-14 21:04 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-14 21:04 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-14 21:04 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-14 21:03 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-14 21:03 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-14 21:03 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-14 21:03 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-14 21:03 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-14 21:03 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-14 21:03 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-14 21:03 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-14 21:03 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-14 21:03 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-14 21:03 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-14 21:02 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-14 21:02 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-14 21:02 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-14 21:02 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-14 21:02 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-14 21:02 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-14 21:02 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-14 21:02 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-14 21:02 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-14 21:02 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-14 21:02 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-14 21:02 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-14 21:02 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-14 21:02 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-14 21:02 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-14 21:02 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-14 21:02 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-14 21:02 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-14 21:02 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-14 21:02 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-14 21:02 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-14 21:02 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-14 21:02 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-14 21:02 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-14 21:02 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-14 21:02 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-14 21:02 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-14 21:02 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-14 21:02 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-14 21:02 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-14 21:02 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-14 21:02 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-14 21:02 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-14 21:02 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-14 21:02 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-14 21:02 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-14 21:02 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-14 21:02 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-14 21:02 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-14 21:02 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-14 21:02 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-14 21:02 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-14 21:02 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-14 21:02 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-14 19:01 - 2016-01-14 19:01 - 00000222 _____ C:\Users\Blutrunstjack\Desktop\Neverwinter.url
2016-01-14 18:56 - 2016-01-14 18:56 - 00002545 _____ C:\Users\Blutrunstjack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2016-01-14 18:56 - 2016-01-14 18:56 - 00002515 _____ C:\Users\Blutrunstjack\Desktop\DC Universe Online.lnk
2016-01-14 18:56 - 2016-01-14 18:56 - 00000000 ____D C:\Users\Public\Daybreak Game Company
2016-01-14 18:54 - 2016-01-14 18:55 - 33430408 _____ C:\Users\Blutrunstjack\Downloads\DCUO_setup(1).exe
2016-01-14 18:51 - 2016-01-14 22:19 - 00000000 ____D C:\Users\Blutrunstjack\AppData\LocalLow\Daybreak Game Company
2016-01-14 18:51 - 2016-01-14 18:57 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\Daybreak Game Company
2016-01-14 16:15 - 2016-01-14 16:15 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-01-14 16:07 - 2016-01-14 19:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-26 20:23 - 2009-07-14 05:45 - 00026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-26 20:23 - 2009-07-14 05:45 - 00026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-26 20:15 - 2014-03-14 14:23 - 00000000 ____D C:\ProgramData\Origin
2016-01-26 20:14 - 2013-01-05 15:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-26 20:14 - 2013-01-04 15:27 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-26 20:14 - 2012-12-28 15:26 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-26 20:14 - 2011-06-26 21:08 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-01-26 20:14 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Offline Web Pages
2016-01-26 20:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-26 20:10 - 2014-01-24 15:21 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\Battle.net
2016-01-26 20:04 - 2013-01-04 19:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-26 19:56 - 2013-01-05 15:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-26 19:55 - 2014-01-24 15:20 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-01-26 19:43 - 2013-11-08 19:33 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Roaming\Malwarebytes
2016-01-26 19:43 - 2013-11-08 19:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-26 16:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-25 20:12 - 2015-12-21 15:04 - 00000085 _____ C:\Users\Blutrunstjack\Desktop\Neues Textdokument (2).txt
2016-01-25 17:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-23 15:17 - 2013-11-20 12:09 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\Warframe
2016-01-23 01:09 - 2015-03-12 23:19 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-01-22 21:54 - 2013-10-22 12:18 - 00000000 ____D C:\ProgramData\Oracle
2016-01-22 21:53 - 2014-10-18 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-22 21:53 - 2014-10-18 11:07 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-22 21:52 - 2015-08-21 19:22 - 00000000 ____D C:\Users\Blutrunstjack\.oracle_jre_usage
2016-01-22 21:52 - 2014-10-18 11:07 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-22 14:22 - 2015-08-28 22:24 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\ElevatedDiagnostics
2016-01-21 16:04 - 2013-01-05 15:21 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-20 19:04 - 2013-01-04 19:17 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 19:04 - 2013-01-04 19:17 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 19:04 - 2013-01-04 19:17 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-20 15:57 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2016-01-20 15:57 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2016-01-20 15:57 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-17 11:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-16 13:04 - 2009-07-14 05:45 - 00278112 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-16 12:59 - 2014-12-13 09:22 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-16 12:59 - 2014-05-06 21:45 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-16 12:57 - 2014-01-13 15:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-16 12:57 - 2014-01-13 15:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-16 12:57 - 2013-01-08 16:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-15 13:28 - 2014-01-13 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-15 13:27 - 2013-11-09 16:30 - 00000000 ____D C:\Windows\system32\MRT
2016-01-15 13:21 - 2013-11-09 16:30 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-15 11:24 - 2013-01-17 19:42 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-01-14 23:27 - 2013-01-05 14:38 - 00000000 ____D C:\ProgramData\McAfee
2016-01-14 22:18 - 2013-01-04 19:32 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-01-14 22:17 - 2013-01-04 19:32 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-01-14 16:19 - 2013-01-05 14:54 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-01-14 15:47 - 2014-12-23 21:09 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 15:36 - 2013-02-09 12:59 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Local\CrashDumps
2016-01-03 20:09 - 2015-04-18 20:30 - 00000000 ____D C:\Users\Blutrunstjack\AppData\Roaming\TS3Client
2015-12-29 12:23 - 2014-01-24 15:26 - 00000000 ____D C:\Program Files (x86)\Hearthstone
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-06-25 12:15 - 2014-06-25 12:15 - 0000000 _____ () C:\Users\Blutrunstjack\AppData\Local\{1125B769-203C-4C79-93A4-DC1F6E32B23F}
2014-08-01 18:01 - 2014-08-01 18:01 - 0000000 _____ () C:\Users\Blutrunstjack\AppData\Local\{646AAE1F-C245-4289-B08B-112E9E68EB8E}
2014-07-18 15:16 - 2014-07-18 15:16 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Blutrunstjack\AppData\Local\Temp\APNStub.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\AskSLib.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\DivXSetup.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\Gw2.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\ieacafs4.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\jwl4y9oi.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\nvStInst.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\sqlite3.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\SRLDetectionLibrary2229328789752113784.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\stubhelper.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\tmd_34019578.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\vry5kp9j.dll
C:\Users\Blutrunstjack\AppData\Local\Temp\ytb.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_is2AE6.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_is59B3.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_is63E0.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_is8A7.exe
C:\Users\Blutrunstjack\AppData\Local\Temp\_isC792.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-20 19:10
==================== Ende von FRST.txt ============================
|
|
26.01.2016, 20:40
| #7 |
| | McAfee entdeckt Artemis!D..... und hier das letzte Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-01-2016
durchgeführt von Blutrunstjack (2016-01-26 20:33:08)
Gestartet von C:\Users\Blutrunstjack\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-01-04 20:42:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3928150652-2756980015-3035233101-500 - Administrator - Disabled)
Blutrunstjack (S-1-5-21-3928150652-2756980015-3035233101-1001 - Administrator - Enabled) => C:\Users\Blutrunstjack
Gast (S-1-5-21-3928150652-2756980015-3035233101-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3928150652-2756980015-3035233101-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Out of date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Out of date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeblade (HKLM-x32\...\Steam App 207230) (Version: - CodeBrush Games)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.34 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2568 - CDBurnerXP)
Conquest of Champions (HKLM-x32\...\Steam App 266450) (Version: - Kihon Inc.)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DC Universe Online (HKLM-x32\...\Steam App 24200) (Version: - Sony Online Entertainment)
DC Universe Online (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\DGC-DC Universe Online) (Version: 1.0.3.191 - Daybreak Game Company)
DC Universe Online Live (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
DC Universe Online PSG (2) (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\soe-DC Universe Online PSG (2)) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online PSG (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
Dethroned! (HKLM-x32\...\Steam App 269390) (Version: - Treehouse Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dizzel (HKLM-x32\...\Steam App 315640) (Version: - NSStudio)
Dogs of War Online - Beta (HKLM-x32\...\Steam App 219700) (Version: - Cyanide Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
Free M4a to MP3 Converter 9.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube Download version 3.2.46.1009 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.1009 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.82 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Guns and Robots (HKLM-x32\...\Steam App 293540) (Version: - Masthead Studios Ltd)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - Square Enix)
HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{7B732633-C9ED-44DF-98E7-BBBE3D9220C9}) (Version: 31.0.1176.42778 - Hewlett-Packard Co.)
HP Officejet 2620 series Hilfe (HKLM-x32\...\{B356F70C-F1AD-4B24-B2DD-6EAABFCB1B33}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{95CECD78-72C9-4C03-8693-4C97A02AE702}) (Version: 5.005.001.002 - Hewlett-Packard)
ICQ 8.1 (build 6337) (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version: - Lightmare Studios)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2219 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6136 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.207 - McAfee, Inc.)
MechWarrior Online (HKLM-x32\...\{73bcb521-8936-42d7-ad00-ec2bb399e26c}) (Version: 1.4.3.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.3.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Might & Magic: Duel of Champions (HKLM-x32\...\Steam App 256410) (Version: - Ubisoft Quebec)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.4 - NETGEAR)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version: - Cryptic Studios)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version: - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Perpetuum (HKLM-x32\...\Steam App 223410) (Version: - Avatar Creations)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Royal Quest (HKLM-x32\...\Steam App 295550) (Version: - Katauri)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2215.6 - Hi-Rez Studios)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.4.28745 - Electronic Arts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version: - FireFly Studios)
Stronghold Kingdoms (HKLM-x32\...\Steam App 47410) (Version: - FireFly Studios)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{D50F73B5-2FD6-4ADB-895A-852533FDAC37}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.9.6 - Electronic Arts)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version: - Haemimont Games)
Unity Web Player (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
War of the Roses (HKLM-x32\...\Steam App 42160) (Version: - Fatshark)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version: - Relic)
Warhammer 40,000: Storm of Vengeance (HKLM-x32\...\Steam App 254650) (Version: - Eutechnyx)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinMend Folder Hidden 1.4.9 (HKLM-x32\...\WinMend Folder Hidden_is1) (Version: - WinMend.com)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {012F02A6-5F76-4CA4-BD5E-2EE1659CFA51} - System32\Tasks\{4D68B7D7-9EF1-434A-B908-501C0018BB07} => pcalua.exe -a C:\Users\BLUTRU~1\AppData\Local\Temp\jre-8u66-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {0742059A-CBD8-4AA4-9647-96B5E3F00DA6} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2016-01-14] (McAfee, Inc.)
Task: {0F86FD89-385C-4576-9250-B2252F9591CF} - System32\Tasks\RealCreateProcessScheduledTask39241786S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {21B1F005-8405-484C-A734-BAFA294ED322} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {21B244F7-DA9D-4316-9FEF-FE675754ADE3} - System32\Tasks\{1EC43058-A315-40B4-8C56-92C797F0DD42} => pcalua.exe -a C:\Users\Blutrunstjack\Downloads\jxpiinstall(2).exe -d C:\Users\Blutrunstjack\Downloads
Task: {24A131ED-BC65-493C-A22C-CE6CC5BD8AF5} - System32\Tasks\RealCreateProcessScheduledTask36274148S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {28CC714A-7AA0-4E59-8B4F-C128F8FA2346} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2E55A66F-4BF0-44AC-9F4D-433CA6511574} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {3F5F40D9-249E-4E18-BBC3-F0CF017539BE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {4107F2A4-67F0-4CB9-AE85-F83E7361B7C3} - System32\Tasks\RealCreateProcessScheduledTask26151882S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {434740BC-A688-4623-BF61-D84CFD24B1F3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5D415DAC-9095-4E80-8E64-748060FF1A32} - System32\Tasks\RealCreateProcessScheduledTask67423S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {632C3BA6-F965-40B2-AEEB-27655A3C0FA6} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2016-01-14] (McAfee, Inc.)
Task: {75BEA835-4A42-45C1-8C63-58725CB27B5F} - System32\Tasks\RealCreateProcessScheduledTask16677240S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {82A0A3BE-9F86-4B3F-BC15-62A68FBEC495} - System32\Tasks\RealCreateProcessScheduledTask19374247S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {878712CC-BF30-4ED5-BFC0-DB3F0D5FEDF5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {91358CF9-BD3F-49A5-86C7-BCF629B88029} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {95257B9B-8716-466B-93B7-1471593DB85C} - \bvxvbxxvaa -> Keine Datei <==== ACHTUNG
Task: {957CD9E6-A833-453C-B34E-0772E063A26C} - System32\Tasks\RealCreateProcessScheduledTask118600352S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {9D759583-D093-4D62-8787-AA5A33B65F8F} - \ASUS\i-Setup042718 -> Keine Datei <==== ACHTUNG
Task: {9FBCAB26-52DC-4B3A-95D5-AEBCBD50E7D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A15D45DD-3698-4408-8A7B-0E65B994C413} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A629919E-428E-4AEA-88D9-29F8CE0B561F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {A6E072A3-1C6A-4049-A453-2FD09AC29A7C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {BFDE4DEB-A9DC-4FAA-A062-B7F3DC089A64} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C46805CC-C392-4C2B-96DA-80061FE16327} - System32\Tasks\RealCreateProcessScheduledTask15357814S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {C7FD14C0-FE11-49CE-B965-542E6191E5C3} - System32\Tasks\RealCreateProcessScheduledTask15677632S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {CD720D9C-1C84-4452-B146-65B7FE9A841E} - System32\Tasks\RealCreateProcessScheduledTask26482916S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DF0A6B1A-BD34-42FA-AD8E-D20F01A86F8C} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {ECD351D5-83B2-49F3-A526-0B6A1247F069} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {F79A0F60-21F9-4BAD-B5F1-7870B7DC22F0} - System32\Tasks\RealCreateProcessScheduledTask1801374S-1-5-21-3928150652-2756980015-3035233101-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-12-02 20:24 - 2013-12-05 08:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-09-29 17:21 - 2014-08-18 16:50 - 00316120 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-29 17:21 - 2015-02-26 19:19 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2015-07-04 09:28 - 2015-11-16 04:35 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-12-17 14:43 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Blutrunstjack\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7ED12462-E64A-4003-9C8A-B99913EB06C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{311BD890-90CA-4608-B3EA-666B9405E17A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A650861E-7725-4ADA-8CFB-9E109BFF2B2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0D1B225E-F07C-4D83-81CE-182A9240D59D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3464061F-3B7E-47EE-9FB5-5356E8DD7C35}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{75AA163E-7F5D-461F-80E2-F7055BDFF097}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{619CF930-A46E-4681-A73D-439DFB992D59}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{70BD3EE5-5A28-445E-9109-9C1D33F9814A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D4B7B7D6-7BFC-4A24-91B6-D9B586D45271}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{E80E8E10-1888-4E53-9ABC-3711873E55EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{6C909CC0-7B86-4D28-83BE-567E582B686A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{11EDBDF8-71BE-4B98-A18E-B14F9EDB56A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{2E209728-DE59-401F-BEA9-25E056D847BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{16E4CAF0-31E3-4331-8564-EB205DD3C052}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{FD872D13-7CD5-4F62-9D06-BD9B5664049B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{311BA93D-F0E6-42DC-A7C2-2A8F74545EDB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{4F562327-E5F0-4B8C-BBC9-5072D72FCA8A}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{380F1DA4-00A2-4231-B85A-265C5BCD8240}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{64F0ECD3-80F6-47F3-B4E6-4CB3A3F51B64}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F61032F2-22F8-4D2D-AD49-8218378DDAAD}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{6B78F790-9597-4AA1-A5E1-027898B6A445}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{85F6A5EC-1FCA-4CDD-88D5-A9857F1535B6}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{0E8CED77-2698-4DD7-A8B1-52AA06E464AA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2AF101AF-49DA-46BA-B926-B515B6748EE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{8DE57E13-6FD8-48B8-968E-9CF83A296605}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{128E2AF9-EE00-41E5-9877-65F551C93498}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{8D2E0879-898C-4809-A086-0990BDFE5C52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{07B11F41-2A35-4A8E-A227-C20598613731}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{29B0C52E-2597-4A3E-9B88-C97B6F9A23F7}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{F0B8DA67-299F-4B3E-8059-5469B469C4DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{0E9C9C53-2419-4512-A8BC-EDBBE3230E44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{C4ECC65A-5AF6-496C-AA35-121AF7D07001}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{D3820B1C-4BCA-4FF4-B234-7FC653BEEE85}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{E21C63E1-5B90-41D1-9C79-26855E3678D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dawn of war 2\DOW2.exe
FirewallRules: [{E899071D-C267-42ED-A59B-001FCC260DD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dawn of war 2\DOW2.exe
FirewallRules: [{BF3134A6-B751-4C89-92A4-8D77A512D22F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{22717D9C-88FB-42DF-B332-26768B09A3BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{B9DAFC55-CCE1-4E46-AF71-E739A0A791A7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe
FirewallRules: [{B7CDF6FD-593C-40E8-921C-6ADD77A3A95D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe
FirewallRules: [{DFFBB0F4-A519-4999-98A9-8172C8F5A886}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{D2A10D36-2E63-469D-B8B7-65790CE17320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{BB3E40A5-5D90-4F0D-A11E-1E77EE2CEB85}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{297FB6F4-17DE-4E64-9726-EBA45FE5A200}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{F6930E0E-BEE0-474F-A0DE-06D42D0FDF97}] => (Allow) C:\Users\Blutrunstjack\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{1DEFDD45-BCEB-49F5-AD35-028F7CC4B426}] => (Allow) C:\Users\Blutrunstjack\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{DCA27E01-1E84-4719-8670-F8B9DF95CE57}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{D6768129-714D-4C43-8766-DFD998F76588}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B39195BD-F09F-4666-8F93-C33C8BE038A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1C6AA317-4D2E-4D63-A7C5-2FF7D1394CB7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{BBA08C89-BFD1-441E-97EE-811714D4EE34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9F3D8194-6426-4D0E-BCEC-D7A0B10D38B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{8ABBD1F9-D294-4258-B01F-8D80A97C026D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers.exe
FirewallRules: [{26A09BE3-3D0F-440A-8C48-C901F54D5C57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers.exe
FirewallRules: [{17DBF1F9-E284-42DB-BE12-0A9B4007CBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B4D31C7D-AA4E-4217-9B78-4266FA19AA16}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CCF34EDF-FA04-4B27-A31D-750BBAA946A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{31EDAEB1-D3F6-41D4-B30A-8617E58DB437}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7BE473B9-3A75-4A6B-B500-D0E542DE721A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{A6692874-B6DB-4A9A-AB4F-0AB7AE7BDF5B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{05F1E94B-D562-40FF-916F-7F927455A62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{377B0272-9BB4-4D0F-8ED7-ACC853F26E8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{363511EC-B247-47D5-95C2-585E72052A51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{554E4377-8786-4EEA-B659-3BE06DBA54E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{D35B9BC2-F5A7-49DC-A17A-597D35063D04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{34ACD0F9-2FDB-4A1B-BFA2-0D3B5B0199A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{A4F443D5-AB89-447A-B343-025C63D24E82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{C731FA29-0C19-4FA3-BC6A-89210D17ADC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{1EAF128A-D22B-41CF-9AEB-3F1A528BA898}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{EED0D3A7-1DAB-4705-A30E-81441A076200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\SpaceEngineers64.exe
FirewallRules: [{0FA03B49-E756-45B6-95D2-E43FD7DC37B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5B33B3FC-81D5-46D1-98EB-650E9AEA65AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{93F55907-35DA-4FAB-812C-D543C444492A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{B30A5AFE-8370-47AC-BEBC-9AE5F4F93B28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A5CB3C82-B5DC-4A7C-A62A-A025DDF940D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{4E9B2A38-C1BC-4211-ABF5-32D9ACC3B84D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{24F8C191-98BB-40BA-A775-9CB174E83A39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D90BD7E1-B0BE-433E-8159-BA35FDFEA1A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{93B38D63-11BA-484C-B2A9-BBB8DE7B8719}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6D34AEF2-50BA-4C90-999B-6259DF8403FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D57DB55C-BFEC-4777-BFCB-921CF2284BA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8B6FD5D1-FB6E-46A4-8797-601AC95021B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{91FD2515-23E4-4868-AE6B-5311FA73B28C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4366A481-155F-4D2F-BD04-96466C6F456D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8AD06802-8889-4955-8122-63873D84C02A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{89E1A276-53B8-4E9E-8D82-DB0F337877B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{97ACF1E1-3D42-4771-A575-ECE644139665}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A370FD5B-E18E-439B-B533-85032994FE1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{933DEA6A-9F15-4E51-8BA4-CD5D11E31B3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{604C7887-D371-4628-892B-E4633D0D2A5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F1C05EA1-2F61-43DF-8304-EB735727FC0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FE577B52-155E-4BD7-830A-4CB406A4F862}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CD8DAC9B-5C01-4989-B46C-AF9405707EA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{59A6BCED-8BAA-44B0-A842-F0E1A1CEFFAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{44B6F66F-40C5-4376-AB7C-85748E02497B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8E7850D4-E3F2-47FC-9049-4D8ACDC15B60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BEBF273F-0A59-4EC0-9EC6-2BA5B3742D33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{70DD1C2C-D65F-412B-90E2-EA990C8C985C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{85257022-B88B-493D-BD3B-2287EBBFC0BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{95FA8DB5-535C-44A4-BEBF-F9BDEE4898FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2FCE6944-C8ED-4136-A9B1-BC48BD15CAD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0F927669-91F4-4FDF-A171-22C456B208BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{156A9BA2-6C38-40F2-B334-2A0D185D2E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{635DFE5D-B950-4D8C-8FD0-7401A2F30336}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D3382023-D30F-4ECB-AA8B-41937537172D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{8ED32F50-DBA7-49BC-A564-CEE4B43BD07C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{5E82981E-D60A-4CFA-A49A-DDFC7123F632}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{B8B9F838-60AF-4CB3-872E-36113770C0F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{34CF1DF2-2809-450F-B315-738CFD68F42A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{22669530-5F1E-48C0-B87F-8A7558D68008}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{DE3301B4-A336-457D-B8E2-BD68EF43C1DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4EE85939-EE56-41CB-AD1C-B2E365B37DE9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E6D12876-69E4-4174-8704-3EE02CDA8B5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EFEE55C7-A087-411E-936B-A57C7A21C46C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A32B710D-D653-4474-98CA-57498267A26A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F795C1E0-9B40-4134-BF3A-74C4F06F8A0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{E8BAA8F9-B341-458F-A474-AE3124CADFE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{D52E8240-6662-49DA-A7D7-CDDDD072028D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{10F08039-41D5-4EC3-8D5A-FD4E79B05F1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{122A307C-CCCF-4AB1-8318-56BF653DF1E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D56797DD-0494-4997-8BD0-54AB94DDF788}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{A3B151DB-94AB-41EF-AA1F-00C2CBB27A94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{D4B8D2BF-2BFA-4EB0-B4E9-F120F092698C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{1FC60D1D-F1DF-4005-BA50-3A9D2F5A62F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{B8C0BA7D-C24D-4C8F-B7D8-4CF66680CE39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{72395E9D-2554-4E0E-98B7-1A4CE81A82DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{61582A6A-067E-4633-A33B-19289F1BBCA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{B0BF0D0E-D47A-4EAF-9C0A-CBFF0EF635EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{6D2E1276-2C09-4A8E-8422-80C6D33DB9F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FA0A9477-B899-4C4B-9523-A0FCE161B07F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{15580BC6-6E93-48E8-A8F3-3E34A1159EDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8F9E5FB3-8AE0-4809-9EAE-6DAF5E62B878}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{064C5250-2F98-4E87-A727-3F8E0C2D4D63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{30012A53-23C0-4E0B-9267-727F2C7FC954}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{28B22497-B74E-4816-8FE8-232CCAF7B2F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{FA0E7FCD-365E-4EB8-A179-03EB6280CE9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{43DFB987-3B87-4A5D-B52C-3661EA57F739}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A8B0BC7B-800F-474E-B7D1-BF5E5B5ED54D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{06FAFEAD-2601-400B-B074-9A3E6D4E4F92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{41B3FFD3-56CF-4CB0-A7FA-5BEE620735DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{15D972BD-6530-46E2-B3EC-6DB740455E59}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{807912D7-BC0E-4A27-B451-AE30BF815DE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{4A60CD87-61FA-4AA3-8896-5C2A1C85D25E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{58DADC28-6185-4403-9B1A-A9E6AD388854}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{7ED87CA5-97DF-4469-B993-19FB47386815}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E2B27CC5-4A74-41EB-B3AC-A2249F0D5B17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A33E05A6-4464-4C64-988E-B2B5EFEFE5C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3A8CED90-A5A4-42F8-8F36-977DC6A2666F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3C3982ED-1205-4116-AE57-9E6B6853F6DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{1EE060A5-AEC3-45CC-9B10-0D14B709C107}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{8E2BD633-129B-4D37-8D15-65ECA100BC64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{EA1E45F7-235F-4539-AE31-BF10903001AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{F11B32C0-605B-4CFD-9E71-34180E484FC9}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8DFDCC6A-AE07-420D-A49D-5CA1071D72A0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{89887B69-81A8-4C9C-AA7C-0471B6649DB1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D89471A9-1AC3-4055-862D-FADF4C041022}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7B386E2F-3D2A-48F8-8982-C29E12FAAA8F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84F9C84C-5159-472E-B732-5B540374188A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7C65C29F-C275-40C0-AD0F-50ED8B1E78C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{34E9390D-5F3C-4957-B2D3-10C43C11FAAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{C456FA6E-3892-4335-9723-6B96D4C4D2C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{853C64BF-4604-4AD8-8347-C0B078D9E568}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{0556168F-0D9C-40E6-97BA-33C32C5C3F1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Kingdoms\StrongholdKingdoms.exe
FirewallRules: [{3CA0DF6C-BE63-4C53-8D20-925CFF9E394C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Kingdoms\StrongholdKingdoms.exe
FirewallRules: [{2A65BFFA-1194-4E53-9363-29EF9BEB359B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dogs of War Online\DogsOfWar.exe
FirewallRules: [{21A1E10D-5931-4E3D-8485-286F73686C1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dogs of War Online\DogsOfWar.exe
FirewallRules: [{18EBE6DE-A8AD-4A31-A668-36BE9EEF5D57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InfinityWars\Infinity Wars TCG.exe
FirewallRules: [{22D66E65-1116-452D-B728-6510BC711280}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InfinityWars\Infinity Wars TCG.exe
FirewallRules: [{85410E54-B661-4C66-95FF-30D2AB4DEE05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{62143CB5-8EA0-4037-B4DF-7C84A18AB3B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{5BF8A9E5-BD92-4046-9271-FF537DBF9EEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{3D636DA9-C379-490C-8522-EC5E814FFF8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{41198C38-4BDF-439F-BF26-CA99A00BB27A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{A585B7DB-DA44-42DB-8255-F1CD7D5A3722}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{4EABEA66-A5B3-46DE-AB6B-0A8170270BDD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Storm of Vengeance\SoV.exe
FirewallRules: [{E926B45A-4046-4266-A879-3C16FFF2FCA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Storm of Vengeance\SoV.exe
FirewallRules: [{EE24BE35-5F87-404E-9935-226492FA2345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{3F740BB0-DC54-41AF-8DC1-9BA63FAF5E58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{DFC3088A-D382-4005-B6D7-C9E9BC4F0CC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{8F50FDBA-09D0-4B5A-BF03-F34D55E0D728}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{89B2C14E-674B-43D8-AE71-5DDEEDDA002E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{1C1BAA1D-DB22-44D8-8924-0D51734E9B7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{221224BA-939D-4300-B825-EAD4303E70D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Perpetuum\Perpetuum.exe
FirewallRules: [{909BD46D-38CF-4E9A-8C08-D397D6415415}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Perpetuum\Perpetuum.exe
FirewallRules: [{340B71E1-8F0A-422B-B49B-8B086F67D7DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{C70398C8-128A-4112-A6E8-8F7D6C7E38CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{377BDDE4-CB16-4D45-941E-A3673AE50468}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C26B884E-CF5F-43B4-9D84-7CC594017389}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{0C72E51A-F8B4-4204-A5D0-053B8E576C74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{D90AE94A-DDF3-4418-A10A-3D8DCDB0C371}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{816FF434-FC8E-4A29-B36B-6CD04CB3124B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ConquestOfChampions\ConquestGame.exe
FirewallRules: [{0498711E-3CB0-4218-90FF-84F0296BF8D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ConquestOfChampions\ConquestGame.exe
FirewallRules: [{F142E5E7-CBFC-4181-A22D-01A353392A9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{C6378BC2-C3F4-464B-9B99-60AA38B4F7C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{D629C4B3-7009-4A56-91D5-81D696B2F48C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{7BA580D1-825B-42EE-B518-DD2385F4409C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{AEC02E41-3A6E-40AC-BDB9-7BFCAA079F60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{400BE4A5-DD1B-42DA-A8CB-D76AD1771BF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{64004E08-3966-4E70-BBB7-3881E4A7EA4F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{5A56E878-E665-42B3-A1B3-6BDFE95AB7A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBD60220-65A6-4B5B-95AF-AD022CA82F06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{C41E8B90-7721-4C8D-AF22-8DBF6BDF7241}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{15F0DC62-6449-4E25-ABBA-6E69126DADB1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{EEB4BADB-1611-4E4F-AABA-FF3D1B694084}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{3E532145-364D-465E-9A08-BD0F4C1163B3}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe
FirewallRules: [{0F3BE09D-468D-4D7A-A51E-2A3949E8B1DD}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe
FirewallRules: [{44824D84-03EA-4413-83E0-36DB5625E594}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe
FirewallRules: [{73D8A854-0175-4583-AE60-AB7A00E80690}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe
FirewallRules: [{CAE990B0-52CD-41C4-9F7B-E769CF980213}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C30AE78D-77EF-4F58-A3E3-E5BBF028E4C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{37ECD085-F912-4CC6-87E3-20FD0712D673}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{D3B8F437-5BB4-43CC-9764-D1A7BA318540}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{58C4F3C9-91C2-4CC4-A5E3-25B8B08EEC41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{F53D33D2-CE79-4AB4-AF80-713761122927}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GAR\GAR.exe
FirewallRules: [{B3728071-96ED-410F-BC3C-8D8063D473E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GAR\GAR.exe
FirewallRules: [{214DD4AB-0101-4C90-8521-94A64C5E3FEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{1993A8AD-17FC-4842-88DD-A58F7C24A5BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{B46A5A61-62C6-47C3-B836-947F9404108F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{16345637-8A16-4440-B41A-389A52206D3A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{15979410-9509-44B5-B4BF-F9BB4FFE528C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{753DCCD7-AD43-4774-8E13-60389F2A4D9A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{74259873-387C-40E8-A9F9-16359130DD78}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{222BC650-1294-47BD-863C-4E918E1D7B91}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E477367B-DA5C-4435-B124-0BAFF7ED93E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4FEE247-FB4E-402A-9C7E-1AD0056D3943}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{78DAF38B-4205-4217-BB25-8FF7ED06B0B0}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{C0EDDD69-759E-4198-9519-21BE7C55A3BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{0903543B-8FB5-4200-BB07-F87F49ECB7CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{BFDBEBDD-7947-4BA8-924C-50DFBD42CC5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{EFA23CB5-5503-43EB-90B3-EED779282057}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{83118346-9406-4D53-B058-4392CF1AD92D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{80A9938E-D0CD-4DA9-874C-E7AB9DDC4167}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{BC6FF7AA-38E3-4F50-8A89-A0E6E8BD1D13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{D4AC997F-EAB4-4125-9BCD-84724408DB7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{AE871903-37A5-4D09-BA17-C3B81C9FB66A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{B6ECC6B4-1722-405B-8E43-2568C1CABAAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{37941E9F-877B-4F06-A9FE-F01DB2B6D26B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8C589D14-7D8F-4118-A188-9561A6A7E93A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{F5551FF6-415C-4F11-8AC3-82B9E021C99E}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{D20BB0C8-5EBD-479D-993B-169EBE4E0FF1}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{61BB3501-EC2E-4737-B950-41C72BD1C10D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{5BC8C7E1-6B8F-4497-89F9-3DA2DCE3E1CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{342A9B7F-D684-463F-8848-92AC73D8CF38}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{DB5C5A44-FCC5-4822-A5DB-084FFEC1E7CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{175F9C51-EF09-4CC6-A659-1EC3BDB2932D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{5BD3AC6C-D82F-495F-BCE1-9EE591CA902D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{CC67C538-2F86-414F-9501-9C99DBC11D20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{191AD785-8196-4C10-BEBE-54581A2A43E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{4598EB19-606D-4852-987C-225582524DAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{39F08456-DAA5-4F79-8955-CAEF8D7CFE9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E0E025F9-A450-4C36-8465-9A8CB91D2780}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{E0277CE9-F834-4AEF-A110-C07910C692D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B8B67798-023B-4F23-B79C-AE6E25C49E2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{315404F6-A739-42D5-9474-29400B2728B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{05DDDD12-743B-4DD8-A756-0638C5EE0B10}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{0F309CF3-221B-45A0-8D6F-C0A9C54AFBC3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{A0DFDE58-554D-4B57-877C-E7F528328058}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{88100CFD-7AB4-45D7-B337-55C2204B72FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{D6572E9E-2465-4AD2-AF12-9F91A1D8D9B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{AFA757B3-455C-4043-AE30-9634CA64E3D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{6C7EC189-7D67-4CDD-B78A-ABD2144BC8F2}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{EEF2C963-133C-4214-9AC9-7A8868C5AF2F}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{51F42F40-C49C-4D3D-8656-294E2415DCAC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{4E04B6B2-682E-4A9E-80C3-B12BDD977FB3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{9D5574EE-3518-44D3-A04D-9328A9EB31F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4DBB196-BB57-4F07-B2BA-AEF8D6021033}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D1793099-C187-40CC-9411-BD01FA238556}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{B0717068-6BB7-42BD-B042-1A2A28B70A8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D26AFBBD-290D-4575-B9FD-7F319D06837F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F7A57CDE-5703-4B87-B30D-61CB7CB8CEE5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{466297CE-E50B-422F-A976-2997397F1612}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{5EC6E3C1-8743-42BF-B3F5-6EEE913AC521}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{0B60CC4A-5345-46F5-890F-7E83270E5E2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{4707BCB4-0F4D-4855-9A27-CD6DC71F0466}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AFBFA97D-8C1F-4447-8065-EB9B966E5DAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{9E80E9DF-BED5-43C7-B71D-8ACC00A22E17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{6BC6D35E-E501-447B-B0D6-B641BB31683C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{75B070E0-07DA-4CF5-B4A8-D53424F000FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{ED92DA4A-A3E2-40C1-B632-3A1B040B49FD}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C445CFE5-BFBE-4F06-9DDD-7F950A7CC71B}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{296C6A12-E0CD-4AAD-9407-D15B7E54AC8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{7106C4E5-0B7A-4D05-8413-0BB69BFF0DD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{C24C9DE7-9300-492A-871F-D56D06ED598E}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{A3FE72E9-28FA-4D1F-BE49-04DCE376E396}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base32283\SC2.exe
FirewallRules: [{DF0106CA-508E-4189-B19C-6B6CFC1D87E7}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base32283\SC2.exe
FirewallRules: [{EDF9A0B5-0A79-478C-9B05-DDAB78257D82}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{99497939-BC80-4277-9EFC-204C647201EA}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{E188F26B-B082-4879-B29B-B8A2D4205880}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{367457C5-263B-4F0C-8054-AC03A3A39721}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0EAD664D-33C4-4C2F-8608-71CD07F4A147}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{1C5C8622-7426-4301-A5E2-58B3C0CC1AFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{792523CA-8016-4901-B106-7426B4706E34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{519D521A-62D7-4DC3-A96E-959FE05388FC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{25472F54-5A0F-42A6-A441-BFCDFCBEE284}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D6DE617F-5F1A-4A43-86D0-942BBF0C5AB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8D42356B-1BD0-42C4-8FC7-A508065FEA61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F9FB9AE1-A51C-42E3-816A-0197EEE1B04F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{630FE016-4B63-42F0-9007-0967B5965C51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B778DD1A-5EC5-4DA0-BF0E-E0A0291E6B86}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{7DFFD11B-43BD-469A-9B65-4EC24F177FFF}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{DEBB9AEF-AD82-4DC1-BB34-7D3DA48DF2E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{34DE684F-A880-421F-A564-C033ED18B2F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{E1F92A49-7FF4-450D-A006-1BCFC58E3308}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{B9D819C3-1119-47F1-9640-713C40033B61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{293ED8F9-471B-458A-B406-657884174786}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2819F978-75B7-4547-B7AE-4E07F3FF598A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{71543B98-B7B6-44CB-AD29-5C636F34954A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F1594B47-C0BB-45A3-8358-E85078F542F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5D398179-0533-4EA7-A39A-0D2FBB9C4203}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{469C8D26-7D0E-4703-B4A0-16A89DDAF801}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{951CE275-0D74-43BC-8B8D-4B071BA48962}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{0B85C6CB-4DE8-433F-8C25-8A6FDA73496D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F94FE841-2900-4336-8734-00502A2B13CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{76C7E7A3-BCBA-40F5-9FAF-474ABE201237}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{59100190-0A9A-4206-84ED-E5F520899C06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E0D9056B-C3A8-4D32-B5B6-5399623A8530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{191DEECF-50B4-4452-A35D-44AECC1A9805}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{03770367-FC37-451D-83D5-BFEEC1D711B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Royal Quest\rqlauncher.exe
FirewallRules: [{B51A6ABB-8C40-441B-A6D7-B7F48A68EA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Royal Quest\rqlauncher.exe
FirewallRules: [{9EDF5975-8CEA-4C7A-A735-37C1F7660F1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Royal Quest\rqmain.exe
FirewallRules: [{7FD9974F-3205-4FB0-97B7-57CB5CD28D07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Royal Quest\rqmain.exe
==================== Wiederherstellungspunkte =========================
23-01-2016 00:36:45 DirectX wurde installiert
26-01-2016 20:23:51 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/26/2016 07:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Kabeljau.local already in use; will try Kabeljau-2.local instead
Error: (01/26/2016 07:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Kabeljau.local. Addr 192.168.0.11
Error: (01/26/2016 07:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.11:5353 16 Kabeljau.local. AAAA 2A02:810A:13C0:8ADC:E5D3:0007:BBB3:5CB8
Error: (01/26/2016 07:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Kabeljau.local. AAAA FE80:0000:0000:0000:E5D3:0007:BBB3:5CB8
Error: (01/26/2016 07:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.11:5353 16 Kabeljau.local. AAAA 2A02:810A:13C0:8ADC:E5D3:0007:BBB3:5CB8
Error: (01/26/2016 07:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Kabeljau.local. Addr 192.168.0.11
Error: (01/26/2016 07:37:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.11:5353 16 Kabeljau.local. AAAA 2A02:810A:13C0:8ADC:E5D3:0007:BBB3:5CB8
Error: (01/26/2016 04:53:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 65521
Error: (01/26/2016 04:53:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 65521
Error: (01/26/2016 04:53:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (01/26/2016 08:24:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/26/2016 08:13:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (01/26/2016 07:40:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "McAfee Home Network" wurde nicht richtig gestartet.
Error: (01/26/2016 07:34:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/26/2016 07:34:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/26/2016 07:34:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/26/2016 07:34:14 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (01/26/2016 07:33:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Erkennung interaktiver Dienste" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/26/2016 07:33:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/26/2016 07:33:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2013-11-08 19:47:06.280
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-08 19:47:06.277
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-08 19:47:06.275
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-6100 Six-Core Processor
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16366.12 MB
Verfügbarer physikalischer RAM: 13316.07 MB
Summe virtueller Speicher: 32730.44 MB
Verfügbarer virtueller Speicher: 29603.54 MB
==================== Laufwerke ================================
Drive c: (Windows7) (Fixed) (Total:931.41 GB) (Free:101.93 GB) NTFS
Drive d: (WNA3100) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FC90DCBF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
27.01.2016, 16:30
| #8 |
| /// TB-Ausbilder | McAfee entdeckt Artemis!D..... Servus, Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
|
|
27.01.2016, 17:18
| #9 |
| | McAfee entdeckt Artemis!D.....Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 16:58 on 27/01/2016 by Blutrunstjack
Administrator - Elevation successful
========== filefind ==========
Searching for "*ApnTB*"
No files found.
Searching for "*AskPartnerNetwork*"
No files found.
Searching for "*SearchProtect*"
No files found.
Searching for "*YSearchUtil*"
C:\Program Files (x86)\Yahoo!\yset\{7B22F6E2-8D97-EB4F-9F77-FA58FCAE7773}\YSearchUtil.dll --a---- 350488 bytes [01:50 07/08/2015] [01:50 07/08/2015] 19C40C67B77D5CE1489E2221CE9A937B
C:\Program Files (x86)\Yahoo!\yset\{7B22F6E2-8D97-EB4F-9F77-FA58FCAE7773}\YSearchUtilSVC.exe --a---- 151832 bytes [01:50 07/08/2015] [01:50 07/08/2015] CA8CEE913C0B177F85DDDB16622563C5
Searching for "*Ask Toolbar*"
No files found.
Searching for "*Conduit*"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll --a---- 1322368 bytes [19:51 10/06/2014] [19:51 10/06/2014] 5A2B082A760722E08042E3892D07690E
C:\Program Files (x86)\Steam\SteamApps\common\DC Universe Online\UNREAL3\DCGAME\COOKEDPC\DCFXGROUPS\ENVIRONMENT\GENERIC\ELECTRICAL\DCFXENVELE_BIGCONDUIT_EXPL.UPK --a---- 28199 bytes [19:36 11/07/2013] [03:59 08/05/2012] 2E123BFD2AC5E4C85CC904B834A7E394
C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\MarvelGame\CookedPCConsole\UC__MarvelItem_RepQuest_GoldConduit_SF.upk --a---- 45555 bytes [17:36 05/04/2015] [05:23 28/12/2015] 0B7A44F44E6426EBDED1576438287D03
C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\ns2\models\props\refining\refining_signs_01_conduit.model --a---- 48287 bytes [23:08 01/01/2014] [22:40 31/07/2015] ABEE58DE50FC88994F43E3BC91813A98
C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\CommonData\Collision\Common_AmpStation_Conduits01.cdt --a---- 95126 bytes [17:21 25/03/2013] [15:03 21/12/2011] A7C5B077D1029D46C665D53A6C7E0B09
C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\CommonData\Collision\Common_AmpStation_Conduits02.cdt --a---- 95126 bytes [17:22 25/03/2013] [15:03 21/12/2011] 277F72618BFB15B9A699DCD6AA82FE4C
C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\CommonData\Collision\Common_Props_SnapOns_Control_Boxes_Conduit_A.cdt --a---- 804 bytes [17:23 25/03/2013] [14:29 21/12/2011] 5AF6B179B4AF587FB5D422DDEEF00553
C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\CommonData\Collision\Common_Props_SnapOns_Control_Boxes_Conduit_B.cdt --a---- 1203 bytes [17:23 25/03/2013] [14:29 21/12/2011] 76C74395BF8ED6A6EA1A2C6B2154AEAD
C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\data\chunks\part_02_04__s_008_r950_conduit.oppc --a---- 25691959 bytes [16:25 10/01/2013] [16:25 10/01/2013] A3CE7F18B4BD159D8C7D70CF6B388E32
C:\Users\Blutrunstjack\AppData\Roaming\Natural Selection 2\Workshop\mf9f6aed_1431383070\materials\ora\ora_conduit_croisement_001.dds --a---- 524416 bytes [20:59 03/06/2015] [20:59 03/06/2015] 1B4DB8F5AC444C35CB8A892A3F47FE03
C:\Users\Blutrunstjack\AppData\Roaming\Natural Selection 2\Workshop\mf9f6aed_1431383070\materials\ora\ora_conduit_croisement_001.material --a---- 168 bytes [20:59 03/06/2015] [20:59 03/06/2015] 4A4ECA8930297D45460BE12823AC3433
C:\Users\Blutrunstjack\AppData\Roaming\Natural Selection 2\Workshop\mf9f6aed_1431383070\materials\ora\ora_conduit_croisement_001_normal.dds --a---- 524416 bytes [20:59 03/06/2015] [20:59 03/06/2015] DB426481BFEC4A4E60391C6D6F7F03CD
C:\Users\Blutrunstjack\AppData\Roaming\Natural Selection 2\Workshop\mf9f6aed_1431383070\materials\ora\ora_conduit_pavage_plat_001.dds --a---- 524416 bytes [20:59 03/06/2015] [20:59 03/06/2015] 11904AF8887E2A9C9167537552559948
C:\Users\Blutrunstjack\AppData\Roaming\Natural Selection 2\Workshop\mf9f6aed_1431383070\materials\ora\ora_conduit_pavage_plat_001.material --a---- 170 bytes [20:59 03/06/2015] [20:59 03/06/2015] 3210EDE2571CA526D7E6511BE019484A
C:\Users\Blutrunstjack\AppData\Roaming\Natural Selection 2\Workshop\mf9f6aed_1431383070\materials\ora\ora_conduit_pavage_plat_001_normal.dds --a---- 524416 bytes [20:59 03/06/2015] [20:59 03/06/2015] C0CA970755106C7A3C2830C8ADD8D28A
C:\Users\Blutrunstjack\AppData\Roaming\Natural Selection 2\Workshop\mf9f6aed_1431383070\materials\ora\ora_conduit_pavage_plat_002.dds --a---- 524416 bytes [20:59 03/06/2015] [20:59 03/06/2015] DEBD33CBF7EE13E991DF664BDC7FFE28
C:\Users\Blutrunstjack\AppData\Roaming\Natural Selection 2\Workshop\mf9f6aed_1431383070\materials\ora\ora_conduit_pavage_plat_002.material --a---- 170 bytes [20:59 03/06/2015] [20:59 03/06/2015] 9070C6917619DBDA4F79F68C6DDC270A
C:\Users\Public\Daybreak Game Company\Installed Games\DC Universe Online\UNREAL3\DCGAME\COOKEDPC\DCFXGROUPS\ENVIRONMENT\GENERIC\ELECTRICAL\DCFXENVELE_BIGCONDUIT_EXPL.UPK --a---- 28337 bytes [18:26 18/01/2016] [04:12 01/10/2013] D068685BBBB31EBE841F4F459DFAD8F5
C:\Users\Public\Sony Online Entertainment\Installed Games\DC Universe Online PSG\UNREAL3\DCGAME\COOKEDPC\DCFXGROUPS\ENVIRONMENT\GENERIC\ELECTRICAL\DCFXENVELE_BIGCONDUIT_EXPL.UPK --a---- 28199 bytes [17:42 14/07/2013] [03:59 08/05/2012] 2E123BFD2AC5E4C85CC904B834A7E394
Searching for "*Yahoo! SearchSet*"
No files found.
========== folderfind ==========
Searching for "*ApnTB*"
No folders found.
Searching for "*AskPartnerNetwork*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\common appdata\AskPartnerNetwork d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\ProgramData\AskPartnerNetwork d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\Users\Blutrunstjack\AppData\Local\AskPartnerNetwork d------ [18:33 26/01/2016]
Searching for "*SearchProtect*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\Users\Blutrunstjack\AppData\Local\SearchProtect d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\Users\Blutrunstjack\AppData\Local\SearchProtect\SearchProtect d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect d------ [18:33 26/01/2016]
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect\SearchProtect d------ [18:33 26/01/2016]
Searching for "*YSearchUtil*"
No folders found.
Searching for "*Ask Toolbar*"
No folders found.
Searching for "*Conduit*"
No folders found.
Searching for "*Yahoo! SearchSet*"
No folders found.
========== regfind ==========
Searching for "ApnTB"
No data found.
Searching for "AskPartnerNetwork"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F473650034677A7A857BC06200\SourceList\Net]
"2"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\Updater\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ-V7C\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\148001CCEE957624D8A163A8088D9709]
"D2A425F473650034677A7A857BC06200"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\235CDDD4FAA2BCE4C9E578A53866F91E]
"D2A425F473650034677A7A857BC06200"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\tbnhlpr_x64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0850AB4748E6]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\timeinstalled"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0850AB4748FF]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\timeinstalled_ff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0850AB477508]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\lastInstallOperation"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0850AB478757]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\Reporting_URL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0850AB47877E]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\ProductVersion"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0850AB47C77A]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\productguid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0850AB47F670]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0850AB67CA07]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Macro\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A0CF64469657A]
"D2A425F473650034677A7A857BC06200"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ-V7C\config.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A7A8684D4677A]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\Updater\ORJ-V7C\Macro\apnuguid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677A7B7987A75C7A]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\Browsers"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677AA75C6CAD4777]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\ORJ-V7C\CmdArgs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677AA75CE8770476]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\ORJ-V7C\Version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677AB8640FD798E7]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\ProductType"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677AB8640FFF7477]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\hpr_ff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677AB8640FFFA77A]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\sa_ff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F473650034677AB8649F47587E]
"D2A425F473650034677A7A857BC06200"="02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7C\Info\XPITitle"
Searching for "SearchProtect"
No data found.
Searching for "YSearchUtil"
No data found.
Searching for "Ask Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F473650034677A7A857BC06200]
"ProductName"="Ask Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F473650034677A7A857BC06200\InstallProperties]
"DisplayName"="Ask Toolbar"
Searching for "Conduit"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966]
"A2CA2FA62353DF34F9D4DB9C0C7D427C"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll"
Searching for "Yahoo! SearchSet"
No data found.
-= EOF =-
|
|
28.01.2016, 16:52
| #10 |
| /// TB-Ausbilder | McAfee entdeckt Artemis!D..... Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F473650034677A7A857BC06200
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F473650034677A7A857BC06200
Task: {95257B9B-8716-466B-93B7-1471593DB85C} - \bvxvbxxvaa -> Keine Datei <==== ACHTUNG
Task: {9D759583-D093-4D62-8787-AA5A33B65F8F} - \ASUS\i-Setup042718 -> Keine Datei <==== ACHTUNG
Unlock: C:\Windows\system32\Drivers\etc\hosts
C:\Windows\system32\Drivers\etc\hosts
Hosts:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
31.01.2016, 10:51
| #11 |
| /// TB-Ausbilder | McAfee entdeckt Artemis!D..... Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
11.02.2016, 16:28
| #12 |
| /// TB-Ausbilder | McAfee entdeckt Artemis!D..... Thema auf Wunsch wieder in die Abos aufgenommen. |
|
14.02.2016, 20:21
| #13 |
| /// TB-Ausbilder | McAfee entdeckt Artemis!D..... Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. |
|
| Themen zu McAfee entdeckt Artemis!D..... |
| artemis, blockieren, board, dnsapi.dll, entdeck, entdeckt, folge, folgendes, gefunde, hoffe, mcafee, npdicihegicnhaangkdmcgbjceoemeoo, programm, schei, sorge, troja, trojaner, trojaner board, webadvisor |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
