| |
| |||||||
Log-Analyse und Auswertung: Virenprogramm lässt sich nicht mehr installierenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.02.2016, 20:51
| #1 |
 |  Virenprogramm lässt sich nicht mehr installieren Guten Abend, heute Morgen hat sich mein Computer ohne Vorwarnung von selbst ausgeschaltet. Danach lies sich mein Virenprogramm (benutze Norton Security) nicht mehr öffnen bzw. ich konnte mich nicht mehr anmelden. Also habe ich den Support von Norton kontaktiert. Dort hat sich ein Mitarbeiter Zugang zu meinem Desktop verschafft um das Problem zu lösen. Nach mehrmaligen Versuchen das Programm neu zu installieren kam immer eine Fehlermeldung, dass mein PC evtl. infiziert ist und deshalb keine Neuinstallation möglich ist. Ein Techniker von Norton will sich morgen nochmal bei mir melden. Aber vielleicht lässt sich das Problem ja von euch irgendwie lösen, befürchte mittlerweile auch mein PC hat sich irgendwas eingefangen, auch wenn ich sonst eigentlich keine weiteren Probleme habe. Danke schonmal für die Hilfe. Gruß Kanso |
|
26.02.2016, 07:46
| #2 |
| /// Selecta Jahrusso   | Virenprogramm lässt sich nicht mehr installieren__________________
__________________ |
|
26.02.2016, 09:47
| #3 |
| | Virenprogramm lässt sich nicht mehr installieren Alles klar hier die Logfiles.
__________________FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
durchgeführt von Admin (Administrator) auf ADMIN-PC (26-02-2016 09:37:05)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.16941.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [175368 2016-02-09] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-02-28]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{38fa8d64-1429-4eb3-94d0-479866b2cb77}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-988284940-210793992-766847566-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-988284940-210793992-766847566-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-988284940-210793992-766847566-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll => Keine Datei
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll => Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2015-06-19] (Pando Networks)
FF Plugin HKU\S-1-5-21-988284940-210793992-766847566-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-988284940-210793992-766847566-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-10] ()
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\searchplugins\safesearch.xml [2015-06-25]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-29]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-12]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-01-30] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2016-02-25] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-06-19] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
R4 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 condrv; System32\drivers\condrv.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-26 09:37 - 2016-02-26 09:37 - 00015621 _____ C:\Users\Admin\Desktop\FRST.txt
2016-02-26 09:35 - 2016-02-26 09:37 - 00000000 ____D C:\FRST
2016-02-26 09:34 - 2016-02-26 09:34 - 02371072 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2016-02-26 05:36 - 2016-02-26 05:38 - 00000000 ____D C:\Program Files (x86)\Norton Security
2016-02-26 05:36 - 2016-02-26 05:36 - 00001364 _____ C:\Users\Admin\Desktop\Norton-Installationsdateien.lnk
2016-02-26 05:36 - 2016-02-26 05:36 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2016-02-26 05:35 - 2016-02-26 05:36 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader(2).exe
2016-02-26 05:30 - 2016-02-26 09:36 - 00362550 _____ C:\WINDOWS\ntbtlog.txt
2016-02-26 05:28 - 2016-02-26 05:28 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE (2).exe
2016-02-26 05:12 - 2016-02-26 05:14 - 00412020 _____ C:\WINDOWS\Minidump\022616-17640-01.dmp
2016-02-25 11:37 - 2016-02-25 11:37 - 00000432 _____ C:\Users\Admin\AppData\Local\LMIR0001.tmp.bat
2016-02-25 11:37 - 2016-02-25 11:37 - 00000357 _____ C:\Users\Admin\AppData\Local\LMIR0001.tmp_r.bat
2016-02-25 11:33 - 2016-02-25 11:36 - 00000000 ____D C:\Program Files (x86)\LogMeIn Rescue RC - 0bfdcd33-f52c-4b3b-a4a7-71770fabb626
2016-02-25 11:28 - 2016-02-26 05:42 - 00000000 ____D C:\ProgramData\Norton
2016-02-25 11:28 - 2016-02-26 05:42 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-02-25 11:28 - 2016-02-26 05:38 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-02-25 11:22 - 2016-02-25 11:23 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool(2).exe
2016-02-25 11:17 - 2016-02-25 11:17 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (10).lnk
2016-02-25 11:15 - 2016-02-25 11:15 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE (1).exe
2016-02-25 11:13 - 2016-02-25 11:13 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool(1).exe
2016-02-25 11:10 - 2016-02-25 11:10 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (9).lnk
2016-02-25 10:51 - 2016-02-25 10:51 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (8).lnk
2016-02-25 10:48 - 2016-02-25 10:48 - 00000000 __SHD C:\found.000
2016-02-25 10:40 - 2016-02-25 10:40 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (7).lnk
2016-02-25 10:37 - 2016-02-25 10:37 - 00002286 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (6).lnk
2016-02-25 10:29 - 2016-02-25 11:26 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-25 10:29 - 2016-02-25 10:29 - 00002286 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (5).lnk
2016-02-25 10:28 - 2016-02-25 10:28 - 00000000 ____D C:\WINDOWS\pss
2016-02-25 10:17 - 2016-02-25 10:17 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (4).lnk
2016-02-25 10:07 - 2016-02-26 05:31 - 00000000 ____D C:\NPE
2016-02-25 10:07 - 2016-02-25 10:07 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (3).lnk
2016-02-25 10:05 - 2016-02-26 05:33 - 00000000 ____D C:\Users\Admin\AppData\Local\NPE
2016-02-25 10:05 - 2016-02-25 10:05 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE.exe
2016-02-25 10:02 - 2016-02-25 10:02 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader (1).exe
2016-02-25 09:58 - 2016-02-26 05:21 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3CF3C132-6859-4994-8DAC-3B31CD8D194C}
2016-02-25 09:57 - 2016-02-25 09:57 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (2).lnk
2016-02-25 09:54 - 2016-02-25 09:55 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool.exe
2016-02-25 09:48 - 2016-02-25 09:48 - 00000248 _____ C:\rescue.info
2016-02-25 09:46 - 2016-02-25 09:46 - 01857576 _____ (LogMeIn, Inc.) C:\Users\Admin\Downloads\Support-LogMeInRescue.exe
2016-02-25 09:46 - 2016-02-25 09:46 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec.lnk
2016-02-25 09:46 - 2016-02-25 09:46 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Rescue Applet
2016-02-24 21:57 - 2016-02-24 21:57 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\HuniePot
2016-02-24 21:55 - 2016-02-24 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HuniePop [GOG.com]
2016-02-16 00:11 - 2016-02-16 00:11 - 00002202 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-02-16 00:10 - 2016-02-16 00:10 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-02-16 00:10 - 2016-02-09 06:04 - 00111672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-02-16 00:09 - 2016-02-09 09:25 - 42983480 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 37616184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 31119296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 24944064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 21201784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17631304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17175248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17116936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 02541504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436191.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436191.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00950328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00383424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00378968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00317144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-02-14 10:24 - 2016-02-14 10:26 - 00353028 _____ C:\WINDOWS\Minidump\021416-29546-01.dmp
2016-02-12 06:29 - 2016-02-24 09:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-09 19:52 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 19:52 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 19:52 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 19:52 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 19:52 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 19:52 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 19:52 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 19:52 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 19:52 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 19:52 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 19:52 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 19:52 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 19:52 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 19:52 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 19:52 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 19:52 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 19:52 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 19:52 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 19:52 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 19:52 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 19:52 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 19:52 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 19:52 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 19:52 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 19:52 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 19:52 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 19:52 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 19:52 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 19:52 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 19:52 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 19:52 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 19:52 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 19:52 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 19:52 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 19:52 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 19:52 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 19:52 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 19:52 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 19:52 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 19:52 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 19:52 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 19:52 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 19:52 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 19:52 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 19:52 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 19:52 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 19:52 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 19:52 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 19:52 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 19:52 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 19:52 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 19:52 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 19:52 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 19:52 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 19:52 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 19:52 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 19:52 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 19:52 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-03 19:18 - 2016-02-03 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2016-02-02 19:33 - 2016-02-02 19:35 - 10026464 _____ C:\Users\Admin\Downloads\Worlds Apart (Sami Zayn)_Megalouis100v4.m4a
2016-01-31 12:53 - 2016-02-08 00:23 - 00000000 ____D C:\Users\Admin\Documents\Broken Sword - Director's Cut
2016-01-31 12:19 - 2016-01-31 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword - Director's Cut [GOG.com]
2016-01-31 01:02 - 2016-01-23 04:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-31 01:02 - 2016-01-23 04:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-29 19:10 - 2016-01-29 19:10 - 00000000 ____D C:\Users\Admin\Documents\League of Legends
2016-01-29 19:03 - 2016-02-25 09:55 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-01-29 18:55 - 2016-01-29 18:55 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader(1).exe
2016-01-29 17:44 - 2016-01-29 17:44 - 00102616 _____ (Symantec Corporation) C:\WINDOWS\SMSS-PFRO5d7c.tmp
2016-01-27 19:53 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-27 19:53 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-27 19:53 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-27 19:53 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-27 19:53 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-27 19:53 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-27 19:53 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-27 19:53 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-27 19:53 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-27 19:53 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-27 19:53 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-27 19:53 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-27 19:53 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-27 19:53 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-27 19:53 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-27 19:53 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-27 19:53 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-27 19:53 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-27 19:53 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-27 19:53 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-27 19:53 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-27 19:53 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-27 19:53 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-27 19:53 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-27 19:53 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-27 19:53 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-27 19:53 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-27 19:53 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-27 19:53 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-27 19:53 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-27 19:53 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-27 19:53 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-27 19:53 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-27 19:53 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-27 19:53 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-27 19:53 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-27 19:53 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-27 19:53 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-27 19:53 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-27 19:53 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-27 19:53 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-27 19:53 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-27 19:53 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-27 19:53 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-27 19:53 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-27 19:53 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-27 19:53 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-27 19:53 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-27 19:53 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-27 19:53 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-27 19:53 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-27 19:53 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-27 19:53 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-27 19:53 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-27 19:53 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-27 19:53 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-27 19:53 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-27 19:53 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-27 19:53 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-27 19:53 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-27 19:53 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-27 19:53 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-27 19:53 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-27 19:53 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-27 19:53 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-27 19:53 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-27 19:53 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-27 19:53 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-27 19:53 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-27 19:53 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-27 19:53 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-27 19:53 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-27 19:53 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-27 19:53 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-27 19:53 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-27 19:53 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-27 19:53 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-27 19:53 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-27 19:53 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-27 19:53 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-27 19:53 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-27 19:53 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-27 19:53 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-27 19:53 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-27 19:53 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-27 19:53 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-27 19:53 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-27 19:53 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-27 19:53 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-27 19:53 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-27 19:53 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-27 19:53 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-27 19:53 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-27 19:53 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-27 19:53 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-27 19:53 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-27 19:53 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-26 05:36 - 2015-12-03 04:01 - 02091230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-26 05:36 - 2015-10-30 19:35 - 00889534 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-26 05:36 - 2015-10-30 19:35 - 00197858 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-26 05:36 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-26 05:31 - 2015-12-03 03:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-26 05:30 - 2015-12-03 04:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-26 05:30 - 2015-12-03 03:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-26 05:30 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-26 05:30 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-26 05:12 - 2015-12-04 19:37 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-26 05:12 - 2014-03-07 16:29 - 890432205 _____ C:\WINDOWS\MEMORY.DMP
2016-02-25 20:43 - 2014-10-15 18:28 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-02-25 20:39 - 2015-03-05 20:41 - 00000000 ____D C:\GOG Games
2016-02-25 20:39 - 2015-03-05 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-02-25 20:39 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-25 20:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-25 09:59 - 2014-11-29 21:19 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2016-02-25 09:59 - 2014-11-29 21:19 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2016-02-25 09:58 - 2015-02-05 18:42 - 00000000 __SHD C:\Users\Admin\AppData\LocalLow\EmieUserList
2016-02-25 09:58 - 2015-02-05 18:42 - 00000000 __SHD C:\Users\Admin\AppData\LocalLow\EmieSiteList
2016-02-25 09:03 - 2015-12-03 04:01 - 00000000 ____D C:\Users\Admin
2016-02-25 08:44 - 2015-08-06 20:56 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-02-24 20:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-24 18:56 - 2015-06-01 19:35 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-02-23 19:56 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-22 01:16 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-21 23:27 - 2015-01-27 10:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-02-21 00:02 - 2014-02-10 11:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SoftGrid Client
2016-02-20 22:15 - 2014-08-10 22:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-16 00:11 - 2015-12-03 03:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-16 00:11 - 2014-02-26 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-14 10:24 - 2015-01-26 02:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 20:35 - 2014-02-10 12:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-13 20:32 - 2014-02-10 12:11 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-12 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 19:34 - 2015-08-06 20:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-10 10:37 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 07:27 - 2015-09-22 23:03 - 12478528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-02-09 22:20 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 09:25 - 2015-09-22 23:03 - 19779648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 14115136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 03649576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 03231544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-02-09 06:29 - 2015-12-03 03:57 - 06368824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 02561472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-02-09 06:29 - 2015-12-03 03:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-02-09 06:29 - 2014-11-24 17:02 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-09 06:29 - 2014-11-24 17:02 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-07 23:20 - 2015-05-20 16:56 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-02-07 20:41 - 2014-04-12 17:17 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-02-06 15:58 - 2015-12-03 03:57 - 06154909 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 12:19 - 2014-08-31 18:56 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-01-31 01:02 - 2015-12-03 03:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-29 18:55 - 2015-07-25 17:47 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-01-29 17:37 - 2015-12-03 03:57 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-02-25 11:37 - 2016-02-25 11:37 - 0000432 _____ () C:\Users\Admin\AppData\Local\LMIR0001.tmp.bat
2016-02-25 11:37 - 2016-02-25 11:37 - 0000357 _____ () C:\Users\Admin\AppData\Local\LMIR0001.tmp_r.bat
2015-12-03 03:57 - 2015-12-03 03:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden.
LastRegBack: 2016-02-17 09:32
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016
durchgeführt von Admin (2016-02-26 09:37:59)
Gestartet von C:\Users\Admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-03 03:22:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-988284940-210793992-766847566-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-988284940-210793992-766847566-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-988284940-210793992-766847566-503 - Limited - Disabled)
Gast (S-1-5-21-988284940-210793992-766847566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-988284940-210793992-766847566-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1954 Alcatraz (HKLM-x32\...\Steam App 255280) (Version: - Daedalic Entertainment)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Baldur's Gate - The Original Saga (German) (HKLM-x32\...\GOGPACKBALDURSGATE1_is1) (Version: 2.0.0.20 - GOG.com)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Broken Sword - Director's Cut (HKLM-x32\...\1207658900_is1) (Version: 2.1.0.16 - GOG.com)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Architect Studio 5.0 (HKLM-x32\...\{E42939AE-9660-11E2-9A0D-F04DA23A5C58}) (Version: 5.0.178 - Sony)
Dxtory version 2.0.130 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.130 - ExKode Co. Ltd.)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version: - SQUARE ENIX)
Geheimakte Tunguska (HKLM-x32\...\{3B416FDA-CB3E-4514-9616-763E5B0D1140}) (Version: 1.03.02 - Deep Silver)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
HuniePop (HKLM-x32\...\1443428641_is1) (Version: 2.0.0.1 - GOG.com)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Leisure Suit Larry - Reloaded (HKLM-x32\...\1207659243_is1) (Version: 2.1.0.11 - GOG.com)
Magic Bullet QuickLooks for Movie Studio 64 bit (HKLM-x32\...\InstallShield_{03B2F2B1-247A-4216-997F-2BE0372FFEC9}) (Version: 1.4.3 - Ihr Firmenname)
Magic Bullet QuickLooks for Movie Studio 64 bit (Version: 1.4.3 - Ihr Firmenname) Hidden
MagicYUV Lossless Video Codec version 1.0 (HKLM-x32\...\{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.0 - INNOMAGIC, Ltd.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKVToolNix 7.5.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.5.0 - Moritz Bunkus)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{6C3C3A70-958D-11E2-B0E5-F04DA23A5C58}) (Version: 12.0.896 - Sony)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NewBlue VideoFX for Sony Vegas MSPPS (HKLM\...\NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Papers, Please (HKLM-x32\...\1207659209_is1) (Version: 2.5.0.11 - GOG.com)
PhotoFiltre 7 (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\PhotoFiltre 7) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version: - UBIart Montpellier)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis Games)
Sony Vocal Eraser (HKLM-x32\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{BC7B099E-4643-11E3-9A41-F04DA23A5C58}) (Version: 10.0.252 - Sony)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.12.1.0 - GOG.com)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version: - Telltale Games)
Torchlight (HKLM-x32\...\Steam App 41500) (Version: - Runic Games)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Tropico (HKLM-x32\...\Steam App 33520) (Version: - PopTop Software)
Two Worlds: Epic Edition (HKLM-x32\...\Steam App 1930) (Version: - Reality Pump Studios)
Unity Web Player (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.1 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02A600D9-1622-4911-9725-509354AEEC6E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0D117D4E-EE80-429D-9B8F-D88A92248012} - System32\Tasks\{A7EDC86C-AC88-4B0D-8EBF-801BB3377055} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Prerequisites\vcredist_x64.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Prerequisites"
Task: {0E38147A-4851-42DC-9070-354ABDEA17FC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {17C1BB3F-9616-44CB-922F-FF23AE97B1C0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1AC1141E-5152-4088-903E-CA244D117CC3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1F12A9F8-7D8D-4065-B944-4AEA70A1E4D3} - System32\Tasks\{F1F9B1E2-1649-459F-8D19-CE3F57076C12} => pcalua.exe -a "C:\Users\Admin\Downloads\chromeinstall-8u31 (1).exe" -d C:\Users\Admin\Downloads
Task: {27010340-37CF-488A-BE23-11555D46A73B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {2DB268B3-0211-4F20-A876-262F2EEAD600} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2F4F6831-28EB-427C-968C-08B0E3E853D5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {3B0FA0E6-512C-4CB7-86BF-2CA54168DC9E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-13] (Microsoft Corporation)
Task: {40F43CEE-3685-41BD-BD05-D3E30DDF1876} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4184E456-B813-43F0-9B55-96D23C9CD64C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {41C95DAF-DDF2-405F-A8C4-7C2A140FA0E7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4EBCE7C4-AC84-4EAF-B36A-56BD4FF4205A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5A65B13D-C7DD-442B-BC9F-E849177D96B1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5B136352-F75E-4BE9-8434-23C71C470FAC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5DC6463A-620C-498C-B8CC-3F26CD93C061} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {6D44F053-69EA-461A-ABFA-2E9FC7A0C0A4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6E01809B-A6A1-48BD-B4CA-115117903BF4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {6FC1A9A9-FC4E-40C5-A882-8E0B53ECC4D0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {734D0CE1-F91D-46C2-AEF6-86D2515E6550} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {73907E84-CF68-44D4-BC7D-C426518C8A13} - System32\Tasks\{459661D1-D2F6-419D-ADE9-E7E05FD0DA52} => pcalua.exe -a C:\ProgramData\HealthAlert\uninstall.exe -c /kb=y /ic=1
Task: {75DDAAA5-05CE-48D1-917F-D076DB6B8997} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7CD1B924-1215-4D6F-B79B-0807B81C65DD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {927B26A2-EDC4-4E89-A784-2709B910E102} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {975DC5FC-0BF4-4734-A115-4331365C7EC0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9B842312-0CD7-412B-9771-E75313F50259} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A3A38E1E-FA91-4361-A90B-CB608B7FE192} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {ABF95328-BD1A-4C58-AA4C-7D9E44654241} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {ADAA0D57-05AF-4D42-97A2-CA60B486A4FD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {B0297718-FC73-4D55-A112-237A0A2FA275} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BCF1AC20-C954-415B-90EB-09B341F654CA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DA3C86F9-5E29-40D8-8035-3E189AC2D6E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DEADD6EE-4754-42BF-96F9-AF94B6F06D4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {E04234EA-61B8-4CE5-B5DF-08E264BCF2FC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E5FA8F18-29CC-41E7-BDEC-EC7888343D95} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDACD965-B245-4FD8-8F97-275FB23FECAB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {F1A14AE5-8D99-4F21-9EEF-F5C2007E7C6B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F855E92F-2699-4DE3-AF41-951E76CED339} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 03:57 - 2016-02-09 06:29 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-03 19:37 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 19:37 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 20:43 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 20:43 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 20:52 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 20:52 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 19:53 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 19:53 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-05 20:15 - 2016-02-05 20:15 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-02-05 20:15 - 2016-02-05 20:15 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-19 18:55 - 2015-11-19 18:56 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-03-30 22:38 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-01-26 20:44 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-988284940-210793992-766847566-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Wallpaper\the_witcher_3_wild_hunt_wallpaper_3-1920x1200.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{6E420D0A-379E-4325-997B-5705899CAC39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{B96ABC35-9B8B-4784-A9DB-0C1EA97B9030}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{0F6FC0BD-FCD4-42C7-B4AA-5BC87EE1A220}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{B314AF56-BBF0-45AF-8C29-039C4BD429B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{256921F5-44A9-4B3A-BD2B-2A570C22DE55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D125E4-42FB-44D2-A0EE-0F02B56DFC57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F971CB50-BA99-4142-B8DF-8B89A8E07B33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{E7D8D473-00F7-4EE1-9530-60C4A0F4C150}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{4925243F-FBE6-44B7-A975-BCCB0C180AF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{30FDAB68-6C8E-4A7B-AA22-CCEA454D4F1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{506017D7-8AC0-4E6C-A834-C122FCF909C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{795906C9-BC9B-49FA-8325-C7C8870C2EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{E9A061A9-73B5-482C-997D-862ACF115145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{F4EBEA40-A7D8-43C7-AE9D-778C4CA5D7CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{65C91C97-F856-4271-9C73-C98B7567A801}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{360AEBC8-A0BE-4E94-8A33-AE6EAEC656E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{315E15EB-B4F1-43E8-A4E6-402275B529A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FF509E52-645D-4365-84AD-FB0C261C9868}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C5998C02-632D-43E9-90CA-60097EF8E86A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{991121E2-9026-4743-B7E5-7A8E55384142}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{86DF2C1A-1739-488B-875A-1AC9DB9C5060}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{6064EF51-4B50-4444-B1A4-EFA61BFF49F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1B15FC00-36FB-4A93-AE32-9647175F8F76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{DC722C51-C46D-40EC-8668-E362EAE276B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{C3A04E99-322D-46E9-B9BD-703483A7B189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{0F98958F-E861-40DD-BDC6-995B42040165}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{36EB300B-5DA7-4BF0-90A6-F1DE17CD6573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{49455361-4214-40EC-B265-FC6266F267D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{3956483D-656F-4265-BDA2-02173B16C080}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{D307758E-88ED-41D1-BA4D-784FC8711CA3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{83F8AF97-7FB9-454C-A591-89EB18A99069}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{711528E3-97F2-4F8A-9EA5-082E57617A17}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{C5046C9C-B48A-4D3C-AE86-93A41B7D5923}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{7DB14810-4D82-4530-8D15-AC1FCBB8292F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{D2A93941-11DF-48F6-860B-F94D40812543}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{43838B64-8209-499B-ADF7-50A08698FC1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{04679FA5-74EB-4F69-9CF8-D680702FF885}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [TCP Query User{AA756576-BAC1-4E66-88B8-E0048499E0E2}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{D89FE854-8AF1-4764-9460-3B065BD66B94}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{3248C1A6-D190-4F12-8664-CE8FC448256F}] => (Block) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{3C04B63A-6BE8-44F6-9601-3F5512BD4BD5}] => (Block) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{C5EB114E-20B2-4E5A-A3C0-42DB2A0E0E3B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{B3BEF09D-7E43-474E-B668-25C680E2C25F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E739C62B-55ED-493C-8218-9EA012051BBD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DDA49CF-21C4-4183-902F-D13104F301A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2C3D6D71-6A44-4A80-B2A7-219C1420825F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D560325B-8725-48E5-8ABC-2E1FF99FCE98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E48773F8-4DF5-4A58-A166-1B312C9269EF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{412CA1BF-B6E1-4713-B8FB-7EBC424876D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{2D959B1C-9A0A-4CAC-A4FC-75936D9D49F2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{C0F791F9-DF54-4563-8410-219F17F6D25F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{6CE64287-2232-4D23-AE8C-292D1C5D4F93}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{4E8BD3CA-B72A-4C48-A323-F5A3B2EBF83E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{00AB475C-77DB-4C57-B574-1D524BA5CA20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9AAD1A10-DA90-478C-9C63-08C7D8B02EC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{090A43EF-2DD9-4261-990A-CAFE332D8E92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{2102550E-749E-41E2-8FEE-B7EBBD08C1CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{4BCFAB4F-2B9D-45DE-B077-F08168D5D67C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{E42C92D2-79D8-4882-87F6-3B1B1594FDE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [TCP Query User{C1109CDB-71AE-439E-B1C2-50213C8C7A5B}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{83D4C6C7-813C-44E2-B75B-C4BE83A4CB62}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{36973D42-9A1C-4CFE-BF4D-E518212F5373}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{7D9C5840-7C9D-46DF-B0A2-BC21610BF4A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{C879E974-3CD9-40F1-9C30-303E9B43905F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C7E055CB-D40D-4E27-B447-69B9B33F8345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{12825260-A3BB-45E7-9C28-A1420FF60F33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{997E46D0-78E6-4A77-8D4F-3A92C07FE6B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{CFB6F006-D750-49A3-BAE0-6BDFB7E2AC9C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6B5F1130-E279-488D-AE55-A2DAE030F088}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CEED23D0-3A11-4786-864D-3081A7F322BE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{DE762189-4EF7-4EC1-A60F-21B017CB8085}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6D55673B-0FF9-4D59-A9A2-9F7BDF50B34C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{A2B93ADD-9986-4733-9E48-06254363C283}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{9E681173-7A4C-46C3-86A6-A36B1C2B5BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{05AA5451-BEE9-4D9E-94C0-0B0EC6026DC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{7D4D3518-150E-4447-B19A-4B0748E50D4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{AF8D2895-5885-495F-9C5B-E3B660A1F778}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [TCP Query User{A544BD62-14C2-4259-AAEF-022952556857}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{3909E355-B5FB-4A27-9199-194854704AAD}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{545D9B8D-9953-4CB7-8C25-D73B6336E07A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{29E901E5-DBD7-43C3-A1BC-B594CC13EA25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{3259E222-4518-4F5A-8904-4EE437F4BBFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{0F2CF57D-DE06-430D-82E2-7174208088DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1F3813EE-F4C8-49CB-8E88-BD546DB1DA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{6E7F3C96-0F1D-4656-9A5C-740C8216C7D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{C9ACFBFE-A603-4442-A109-BCD1CC90A1DD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{05C428E6-A1B0-451B-B550-113694555C8E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{460DC9FE-CE1D-4C6B-B70E-1703B62E80E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{4E52E920-FB9E-4B2F-85DE-B8FBBB13529B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{286BEAE6-98AE-4193-BA0D-534FE8742A51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C22367D4-EBB9-418D-B4E8-5F73846A2869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BC8E747A-F61E-4EB5-84D4-E88C3716963C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7DC3F700-62CA-4230-B7C6-F13844A6B5B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BFCBE96B-6F69-480B-8884-A8212FEEAC8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{9FFD4D7B-09F4-4441-ACF9-B3D8D37FE1B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{871626AC-BD7C-4745-A16B-45EE7A67EB03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{42F54F3E-40B8-4B0B-823A-B3B14CEFC3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{E97DDFC4-E97B-4704-B17D-FD5020048649}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{52B0886E-3621-49AD-964F-D4A2E707BE12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{F41E3239-CD33-4579-B34B-0AAF256F6C55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{D430042B-5DF0-418A-880D-9230DBE275EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{2B96A400-FD44-4DFD-9CFC-D29F6FB58F7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D793FCDF-0842-4FBC-90D7-B0973680D2EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [TCP Query User{4BCF5F21-C99A-478A-95FD-4A0869F00131}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{9E1EF25B-113D-422A-A4F8-11CBCA584F82}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{3F675CC0-3184-4393-894F-B4B33B351994}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{129A599D-446F-40B7-A918-9B2D3D6375EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{20ECE902-9A57-4F70-8E04-4C88E2419E05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{2D848495-1A91-4179-8CBB-3866ED0E0C34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{BA367573-7B8F-4777-8AB5-864A549D3CFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{CF00F149-60EB-48EB-92C5-AF5CB3E8B370}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{02A409DB-0A4D-415A-B68D-E2C8AD421B30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{7A43CD6B-4116-4279-9B1A-29C245724E88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{B063BE0A-60F7-4EE4-9FA6-88A2EFB1FBE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3B571F71-ACD4-4B5A-9DB1-75CFA55B3D21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3620AD47-E894-47F8-84C8-CB1D91B3110C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{7423B0B5-233A-473C-BB3C-A4032B7EA0BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{1505A911-84EC-4CAE-AE32-E71696A44070}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico\Tropico.EXE
FirewallRules: [{E32F9C77-6C08-45FD-A02D-B36226C008B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico\Tropico.EXE
FirewallRules: [{F581802C-2D95-4E59-B72E-6FFD315D8182}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF63116B-20B3-4892-A712-102390ED402D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C6692EF-51C0-4623-8C57-40EBA18FDEF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{49A3271C-BB1D-43DD-9654-075D79195F0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{DCBC8CE9-D293-4FA1-879B-270196EED1A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{9A9181C1-7313-4E03-936A-64B3E573D028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{D14185D7-9F38-4C57-965F-43D51E98A39D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{863A7EB5-4496-4987-BF95-C22A2FA2AC22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{43CF3CA2-59D2-450E-B920-4FC4ABD57704}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{2E4E2EBA-A40A-4895-80FD-F0DE745402A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{CA846C69-619B-40C8-8594-E8FDF54622DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AC494E79-2D9F-423D-847E-3000CCD76907}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{8BFD8407-04E7-4FA9-9E1F-150B376B9783}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F58ADA5A-4C45-4891-9DD3-8254D2E612CF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6ACFA7C6-CB3F-4F28-BC50-AAD2F0E06B3F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{58515D64-FDE2-448A-9448-2FEA27E88E4C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{876C7FEA-0DEE-4871-BFAB-053A02AED9AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{BB4BF462-7275-4801-8131-484F5D2EA2C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{523A1B31-06BB-4D69-B1DE-10F60E4F3610}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A153552B-49D1-4361-A137-0D94D18D37B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D43680B8-0ACE-4C04-80C7-D8D967C754EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B196BF22-7291-48F4-AC03-1DE595A40997}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4FA950EC-A651-4B05-B178-761195FED113}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B94E9B0F-047D-4BF0-9928-0BE7465C6A86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{4C463636-3D0B-489D-8D47-B867BB940BCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [TCP Query User{2785A175-2DF4-40EA-91A6-769AEBF450A8}C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{15F167CC-DEE4-46D4-B376-1BBC8B6631B2}C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{C648A936-27DA-4F97-9B13-FAF1A85070B9}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSA08E.tmp\SymNRT.exe
FirewallRules: [{330A2776-D04B-4D5E-BA65-F84A7657D6E1}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSA08E.tmp\SymNRT.exe
FirewallRules: [{1C6D9EA5-3BB6-4857-B833-2082CC9F4CDB}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSC64F.tmp\SymNRT.exe
FirewallRules: [{AF593FDA-A8A7-4C9A-ABD1-92EC5903C4AF}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSC64F.tmp\SymNRT.exe
FirewallRules: [{8975AD88-F6EA-4954-9D0A-276E0BE02EB6}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSACAD.tmp\SymNRT.exe
FirewallRules: [{03D5B382-45AA-448A-B5EF-8C2C4A54030F}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSACAD.tmp\SymNRT.exe
==================== Wiederherstellungspunkte =========================
22-02-2016 10:43:20 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/26/2016 05:40:58 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/26/2016 05:23:25 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/25/2016 08:43:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: Cortana.BackgroundTask.dll, Version: 0.0.0.0, Zeitstempel: 0x5699d0c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000046a65
ID des fehlerhaften Prozesses: 0x1ba8
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5
Error: (02/25/2016 08:41:10 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/25/2016 11:44:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (02/25/2016 11:40:52 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/25/2016 11:27:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
Description: Bei der Aktivierung der App „Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/25/2016 11:01:27 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/25/2016 10:42:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NetworkUXBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f4
Name des fehlerhaften Moduls: NetworkUXBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f4
Ausnahmecode: 0xe0464645
Fehleroffset: 0x000000000000a6d6
ID des fehlerhaften Prozesses: 0x1680
Startzeit der fehlerhaften Anwendung: 0xNetworkUXBroker.exe0
Pfad der fehlerhaften Anwendung: NetworkUXBroker.exe1
Pfad des fehlerhaften Moduls: NetworkUXBroker.exe2
Berichtskennung: NetworkUXBroker.exe3
Vollständiger Name des fehlerhaften Pakets: NetworkUXBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkUXBroker.exe5
Error: (02/25/2016 10:41:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NetworkUXBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f4
Name des fehlerhaften Moduls: NetworkUXBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f4
Ausnahmecode: 0xe0464645
Fehleroffset: 0x000000000000a6d6
ID des fehlerhaften Prozesses: 0x1680
Startzeit der fehlerhaften Anwendung: 0xNetworkUXBroker.exe0
Pfad der fehlerhaften Anwendung: NetworkUXBroker.exe1
Pfad des fehlerhaften Moduls: NetworkUXBroker.exe2
Berichtskennung: NetworkUXBroker.exe3
Vollständiger Name des fehlerhaften Pakets: NetworkUXBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkUXBroker.exe5
Systemfehler:
=============
Error: (02/26/2016 09:33:44 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 09:33:44 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 09:33:44 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 09:33:44 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 05:58:51 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 05:58:51 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 05:58:51 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 05:58:51 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 05:42:16 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/26/2016 05:42:16 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16262.64 MB
Verfügbarer physikalischer RAM: 13587.74 MB
Summe virtueller Speicher: 32646.64 MB
Verfügbarer virtueller Speicher: 29495.8 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1862.48 GB) (Free:1008.25 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 462E0839)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Ende von Addition.txt ============================
|
|
27.02.2016, 10:50
| #4 |
| /// Selecta Jahrusso | Virenprogramm lässt sich nicht mehr installieren Hy. Ich sehe da jetzt keine wirkliche Malware aber paar Dinge möchte ich noch genauer überprüfen. Norton sollte sich nicht mehr in der Liste von zu deinstallierbarer Software befinden und ist auch nicht mehr in der Windows Verwaltung zu finden. Somit sollte es eigentlich deinstalliert sein, aber es hat halt dezent viele Starteinträge hinterlassen. Wir nennen es nicht umsonst die gelbe Pest. Hat der Techniker da 10x das Uninstaller Tool herunter geladen und ausgeführt ?  Starte den Rechner bitte in den abgesicherten Modus. Führe dort das Removal Tool erneut aus. Starte danach in den normalen Modus. Je nachdem, sag mir ob es gelaufen ist. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec*.lnk
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
27.02.2016, 12:11
| #5 |
| | Virenprogramm lässt sich nicht mehr installieren Hallo, ich hatte nicht den Eindruck, dass der Miarbeiter von Norton Ahnung hatte von dem was er tut. Er hat es auf jeden Fall ziemlich oft probiert Norten neu zu installieren, ohne großen Erfolg. So ich hab das Uinstall Tool im abgesicherten Modus ausgeführt. Ist auch soweit fehlerfrei durchgelaufen. Hier der Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016
durchgeführt von Admin (2016-02-27 11:51:12) Run:1
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec*.lnk
*****************
=========== "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec*.lnk" ==========
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (10).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (2).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (3).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (4).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (5).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (6).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (7).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (8).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (9).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec.lnk => erfolgreich verschoben
========= Ende -> "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec*.lnk" ========
==== Ende von Fixlog 11:51:12 ====
Code:
ATTFilter 11:53:57.0145 0x1b3c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
11:54:01.0410 0x1b3c ============================================================
11:54:01.0410 0x1b3c Current date / time: 2016/02/27 11:54:01.0410
11:54:01.0410 0x1b3c SystemInfo:
11:54:01.0410 0x1b3c
11:54:01.0411 0x1b3c OS Version: 10.0.10586 ServicePack: 0.0
11:54:01.0411 0x1b3c Product type: Workstation
11:54:01.0411 0x1b3c ComputerName: ADMIN-PC
11:54:01.0411 0x1b3c UserName: Admin
11:54:01.0411 0x1b3c Windows directory: C:\WINDOWS
11:54:01.0411 0x1b3c System windows directory: C:\WINDOWS
11:54:01.0411 0x1b3c Running under WOW64
11:54:01.0411 0x1b3c Processor architecture: Intel x64
11:54:01.0411 0x1b3c Number of processors: 4
11:54:01.0411 0x1b3c Page size: 0x1000
11:54:01.0411 0x1b3c Boot type: Normal boot
11:54:01.0411 0x1b3c ============================================================
11:54:01.0877 0x1b3c KLMD registered as C:\WINDOWS\system32\drivers\83047933.sys
11:54:02.0633 0x1b3c System UUID: {FA7F67B2-09A3-7EBB-44B6-5ABA34BB06AF}
11:54:03.0205 0x1b3c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:54:03.0543 0x1b3c ============================================================
11:54:03.0543 0x1b3c \Device\Harddisk0\DR0:
11:54:03.0565 0x1b3c MBR partitions:
11:54:03.0565 0x1b3c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:54:03.0565 0x1b3c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8CF4000
11:54:03.0565 0x1b3c ============================================================
11:54:03.0637 0x1b3c C: <-> \Device\Harddisk0\DR0\Partition2
11:54:03.0637 0x1b3c ============================================================
11:54:03.0637 0x1b3c Initialize success
11:54:03.0637 0x1b3c ============================================================
11:55:27.0270 0x09d8 ============================================================
11:55:27.0270 0x09d8 Scan started
11:55:27.0270 0x09d8 Mode: Manual; SigCheck; TDLFS;
11:55:27.0270 0x09d8 ============================================================
11:55:27.0270 0x09d8 KSN ping started
11:55:29.0613 0x09d8 KSN ping finished: true
11:55:31.0348 0x09d8 ================ Scan system memory ========================
11:55:31.0348 0x09d8 System memory - ok
11:55:31.0348 0x09d8 ================ Scan services =============================
11:55:31.0473 0x09d8 1394ohci - ok
11:55:31.0488 0x09d8 3ware - ok
11:55:31.0488 0x09d8 ACPI - ok
11:55:31.0504 0x09d8 acpiex - ok
11:55:31.0504 0x09d8 acpipagr - ok
11:55:31.0520 0x09d8 AcpiPmi - ok
11:55:31.0520 0x09d8 acpitime - ok
11:55:31.0535 0x09d8 ADP80XX - ok
11:55:31.0551 0x09d8 AFD - ok
11:55:31.0551 0x09d8 agp440 - ok
11:55:31.0551 0x09d8 ahcache - ok
11:55:31.0551 0x09d8 AJRouter - ok
11:55:31.0567 0x09d8 ALG - ok
11:55:31.0567 0x09d8 AmdK8 - ok
11:55:31.0567 0x09d8 AmdPPM - ok
11:55:31.0582 0x09d8 amdsata - ok
11:55:31.0582 0x09d8 amdsbs - ok
11:55:31.0582 0x09d8 amdxata - ok
11:55:31.0629 0x09d8 AppHostSvc - ok
11:55:31.0645 0x09d8 AppID - ok
11:55:31.0645 0x09d8 AppIDSvc - ok
11:55:31.0660 0x09d8 Appinfo - ok
11:55:31.0660 0x09d8 AppMgmt - ok
11:55:31.0676 0x09d8 AppReadiness - ok
11:55:31.0676 0x09d8 AppXSvc - ok
11:55:31.0692 0x09d8 arcsas - ok
11:55:31.0738 0x09d8 aspnet_state - ok
11:55:31.0738 0x09d8 AsyncMac - ok
11:55:31.0754 0x09d8 atapi - ok
11:55:31.0770 0x09d8 AudioEndpointBuilder - ok
11:55:31.0770 0x09d8 Audiosrv - ok
11:55:31.0770 0x09d8 AxInstSV - ok
11:55:31.0785 0x09d8 b06bdrv - ok
11:55:31.0801 0x09d8 BasicDisplay - ok
11:55:31.0817 0x09d8 BasicRender - ok
11:55:31.0817 0x09d8 bcmfn - ok
11:55:31.0817 0x09d8 bcmfn2 - ok
11:55:31.0817 0x09d8 BDESVC - ok
11:55:31.0832 0x09d8 Beep - ok
11:55:31.0832 0x09d8 BFE - ok
11:55:31.0879 0x09d8 BITS - ok
11:55:31.0910 0x09d8 bowser - ok
11:55:31.0910 0x09d8 BrokerInfrastructure - ok
11:55:31.0910 0x09d8 Browser - ok
11:55:32.0051 0x09d8 [ 910B5BF2353D5D982D2F6B8F6454A00A, E27A0E9EDF50A935E83F4D5BD86C9B9B297F1B8193AFB7C28313B28B5A4B27A5 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
11:55:32.0129 0x09d8 BstHdAndroidSvc - ok
11:55:32.0145 0x09d8 [ 6A4D927BDEE8D9944FAA0012AF7AD232, F0B8642FB02628899CCE526A59A18E0A89456AA2385E82CD97B25CFC64C0E92E ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
11:55:32.0192 0x09d8 BstHdDrv - ok
11:55:32.0223 0x09d8 [ 95B960980034877821E7FB5BFE25136E, 64EA26E9E94767C9EBEEF26FEEAA3176BB7787785F5F20CB8BBB4C75F45AAAA1 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
11:55:32.0395 0x09d8 BstHdLogRotatorSvc - ok
11:55:32.0457 0x09d8 [ 5EBFF8D302047F4709F3A4F1231236E9, 84010BB25C4C029C03C98853E8AC75F103D1F34922B0643ECD758CE21E7DE4A6 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
11:55:32.0504 0x09d8 BstHdUpdaterSvc - ok
11:55:32.0535 0x09d8 BthAvrcpTg - ok
11:55:32.0551 0x09d8 BthHFEnum - ok
11:55:32.0551 0x09d8 bthhfhid - ok
11:55:32.0567 0x09d8 BthHFSrv - ok
11:55:32.0567 0x09d8 BTHMODEM - ok
11:55:32.0567 0x09d8 bthserv - ok
11:55:32.0582 0x09d8 buttonconverter - ok
11:55:32.0598 0x09d8 CapImg - ok
11:55:32.0598 0x09d8 cdfs - ok
11:55:32.0598 0x09d8 CDPSvc - ok
11:55:32.0613 0x09d8 cdrom - ok
11:55:32.0613 0x09d8 CertPropSvc - ok
11:55:32.0613 0x09d8 circlass - ok
11:55:32.0613 0x09d8 CLFS - ok
11:55:32.0629 0x09d8 ClipSVC - ok
11:55:32.0629 0x09d8 CmBatt - ok
11:55:32.0645 0x09d8 CNG - ok
11:55:32.0645 0x09d8 cnghwassist - ok
11:55:32.0692 0x09d8 CompositeBus - ok
11:55:32.0692 0x09d8 COMSysApp - ok
11:55:32.0692 0x09d8 condrv - ok
11:55:32.0692 0x09d8 CoreMessagingRegistrar - ok
11:55:32.0754 0x09d8 [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:55:32.0988 0x09d8 cphs - ok
11:55:33.0004 0x09d8 CryptSvc - ok
11:55:33.0020 0x09d8 CSC - ok
11:55:33.0020 0x09d8 CscService - ok
11:55:33.0160 0x09d8 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:55:33.0192 0x09d8 cvhsvc - ok
11:55:33.0192 0x09d8 dam - ok
11:55:33.0192 0x09d8 DcomLaunch - ok
11:55:33.0192 0x09d8 DcpSvc - ok
11:55:33.0207 0x09d8 defragsvc - ok
11:55:33.0207 0x09d8 DeviceAssociationService - ok
11:55:33.0223 0x09d8 DeviceInstall - ok
11:55:33.0223 0x09d8 DevQueryBroker - ok
11:55:33.0238 0x09d8 Dfsc - ok
11:55:33.0238 0x09d8 Dhcp - ok
11:55:33.0301 0x09d8 diagnosticshub.standardcollector.service - ok
11:55:33.0301 0x09d8 DiagTrack - ok
11:55:33.0317 0x09d8 disk - ok
11:55:33.0332 0x09d8 DmEnrollmentSvc - ok
11:55:33.0332 0x09d8 dmvsc - ok
11:55:33.0332 0x09d8 dmwappushservice - ok
11:55:33.0332 0x09d8 Dnscache - ok
11:55:33.0348 0x09d8 dot3svc - ok
11:55:33.0348 0x09d8 DPS - ok
11:55:33.0395 0x09d8 drmkaud - ok
11:55:33.0395 0x09d8 DsmSvc - ok
11:55:33.0410 0x09d8 DsSvc - ok
11:55:33.0442 0x09d8 DXGKrnl - ok
11:55:33.0442 0x09d8 Eaphost - ok
11:55:33.0442 0x09d8 ebdrv - ok
11:55:33.0457 0x09d8 EFS - ok
11:55:33.0457 0x09d8 EhStorClass - ok
11:55:33.0473 0x09d8 EhStorTcgDrv - ok
11:55:33.0488 0x09d8 embeddedmode - ok
11:55:33.0488 0x09d8 EntAppSvc - ok
11:55:33.0488 0x09d8 ErrDev - ok
11:55:33.0520 0x09d8 EventSystem - ok
11:55:33.0520 0x09d8 exfat - ok
11:55:33.0520 0x09d8 fastfat - ok
11:55:33.0520 0x09d8 Fax - ok
11:55:33.0520 0x09d8 fdc - ok
11:55:33.0535 0x09d8 fdPHost - ok
11:55:33.0535 0x09d8 FDResPub - ok
11:55:33.0535 0x09d8 fhsvc - ok
11:55:33.0567 0x09d8 FileCrypt - ok
11:55:33.0567 0x09d8 FileInfo - ok
11:55:33.0567 0x09d8 Filetrace - ok
11:55:33.0567 0x09d8 flpydisk - ok
11:55:33.0582 0x09d8 FltMgr - ok
11:55:33.0598 0x09d8 FontCache - ok
11:55:33.0692 0x09d8 FontCache3.0.0.0 - ok
11:55:33.0707 0x09d8 FsDepends - ok
11:55:33.0707 0x09d8 Fs_Rec - ok
11:55:33.0723 0x09d8 fvevol - ok
11:55:33.0723 0x09d8 gagp30kx - ok
11:55:33.0848 0x09d8 [ 6D18B1088696CF96CBEBD31B8A519BD4, 4B47EECD18C12749FBEFA9C20B466F1A501F238166BBAE5B1793C918305A3348 ] GalaxyClientService C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
11:55:33.0942 0x09d8 GalaxyClientService - ok
11:55:34.0207 0x09d8 [ C6B53600271EA23A03D5C23316407013, A2B672134EC6415D689F5F1BDF0500B876CB3BA2BA022E4C7FF4C15215AF7BC2 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
11:55:34.0629 0x09d8 GalaxyCommunication - ok
11:55:34.0660 0x09d8 gencounter - ok
11:55:34.0676 0x09d8 genericusbfn - ok
11:55:34.0848 0x09d8 [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:55:34.0895 0x09d8 GfExperienceService - ok
11:55:34.0895 0x09d8 GPIOClx0101 - ok
11:55:34.0926 0x09d8 gpsvc - ok
11:55:34.0926 0x09d8 GpuEnergyDrv - ok
11:55:34.0926 0x09d8 HDAudBus - ok
11:55:34.0926 0x09d8 HidBatt - ok
11:55:34.0926 0x09d8 HidBth - ok
11:55:34.0926 0x09d8 hidi2c - ok
11:55:34.0942 0x09d8 hidinterrupt - ok
11:55:34.0942 0x09d8 HidIr - ok
11:55:34.0942 0x09d8 hidserv - ok
11:55:34.0942 0x09d8 HidUsb - ok
11:55:34.0957 0x09d8 HomeGroupListener - ok
11:55:34.0957 0x09d8 HomeGroupProvider - ok
11:55:34.0957 0x09d8 HpSAMD - ok
11:55:34.0988 0x09d8 HTTP - ok
11:55:34.0988 0x09d8 hwpolicy - ok
11:55:34.0988 0x09d8 hyperkbd - ok
11:55:35.0004 0x09d8 i8042prt - ok
11:55:35.0004 0x09d8 iai2c - ok
11:55:35.0004 0x09d8 iaLPSS2i_I2C - ok
11:55:35.0004 0x09d8 iaLPSSi_GPIO - ok
11:55:35.0004 0x09d8 iaLPSSi_I2C - ok
11:55:35.0082 0x09d8 [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
11:55:35.0098 0x09d8 iaStorA - ok
11:55:35.0098 0x09d8 iaStorAV - ok
11:55:35.0160 0x09d8 [ D5854F77CEEAFC5A8405F8ECCBEC09DF, 06D94EAF55787F807FB40E95011E90B0A719AC1A1529C2C110C1EABC5BE02C5B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:55:35.0223 0x09d8 IAStorDataMgrSvc - ok
11:55:35.0223 0x09d8 iaStorV - ok
11:55:35.0223 0x09d8 ibbus - ok
11:55:35.0238 0x09d8 icssvc - ok
11:55:35.0301 0x09d8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:55:35.0379 0x09d8 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
11:55:37.0723 0x09d8 Detect skipped due to KSN trusted
11:55:37.0723 0x09d8 IDriverT - ok
11:55:37.0723 0x09d8 IEEtwCollectorService - ok
11:55:37.0942 0x09d8 [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:55:38.0270 0x09d8 igfx - ok
11:55:38.0301 0x09d8 [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
11:55:38.0348 0x09d8 igfxCUIService2.0.0.0 - ok
11:55:38.0364 0x09d8 IKEEXT - ok
11:55:38.0504 0x09d8 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:55:38.0598 0x09d8 IntcAzAudAddService - ok
11:55:38.0613 0x09d8 [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:55:38.0645 0x09d8 IntcDAud - ok
11:55:38.0676 0x09d8 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:55:39.0176 0x09d8 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:55:40.0489 0x17c8 Object required for P2P: [ C6B53600271EA23A03D5C23316407013 ] GalaxyCommunication
11:55:41.0520 0x09d8 Detect skipped due to KSN trusted
11:55:41.0520 0x09d8 Intel(R) Capability Licensing Service Interface - ok
11:55:41.0582 0x09d8 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:55:42.0207 0x09d8 Intel(R) Capability Licensing Service TCP IP Interface - ok
11:55:42.0207 0x09d8 intelide - ok
11:55:42.0223 0x09d8 intelpep - ok
11:55:42.0223 0x09d8 intelppm - ok
11:55:42.0223 0x09d8 IoQos - ok
11:55:42.0239 0x09d8 IpFilterDriver - ok
11:55:42.0239 0x09d8 iphlpsvc - ok
11:55:42.0270 0x09d8 IPMIDRV - ok
11:55:42.0270 0x09d8 IPNAT - ok
11:55:42.0270 0x09d8 IRENUM - ok
11:55:42.0270 0x09d8 isapnp - ok
11:55:42.0270 0x09d8 iScsiPrt - ok
11:55:42.0332 0x09d8 [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:55:42.0410 0x09d8 jhi_service - ok
11:55:42.0426 0x09d8 kbdclass - ok
11:55:42.0426 0x09d8 kbdhid - ok
11:55:42.0426 0x09d8 kdnic - ok
11:55:42.0426 0x09d8 KeyIso - ok
11:55:42.0426 0x09d8 KSecDD - ok
11:55:42.0457 0x09d8 KSecPkg - ok
11:55:42.0457 0x09d8 ksthunk - ok
11:55:42.0473 0x09d8 KtmRm - ok
11:55:42.0473 0x09d8 LanmanServer - ok
11:55:42.0489 0x09d8 LanmanWorkstation - ok
11:55:42.0489 0x09d8 lfsvc - ok
11:55:42.0489 0x09d8 LicenseManager - ok
11:55:42.0535 0x09d8 [ 8E4CA9AFD55EF6B509C80A8715ABF8C6, 45698605D17285D346D2052607AEF492EBD89E9625367C31584C7C84757EEFE0 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
11:55:42.0754 0x09d8 lirsgt - ok
11:55:42.0754 0x09d8 lltdio - ok
11:55:42.0754 0x09d8 lltdsvc - ok
11:55:42.0770 0x09d8 lmhosts - ok
11:55:42.0817 0x09d8 [ 02A9CBACE666877BBBA4FD66B22F6D4A, 0E783BA7A8F00CEC8F03CFEE03999CA5DB9E4DB7CCE62D9171CFCF36AFBE4BB1 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:55:42.0832 0x09d8 LMS - ok
11:55:42.0832 0x09d8 LSI_SAS - ok
11:55:42.0864 0x09d8 LSI_SAS2i - ok
11:55:42.0864 0x09d8 LSI_SAS3i - ok
11:55:42.0864 0x09d8 LSI_SSS - ok
11:55:42.0864 0x09d8 LSM - ok
11:55:42.0879 0x09d8 luafv - ok
11:55:42.0895 0x09d8 MapsBroker - ok
11:55:42.0957 0x17c8 Object send P2P result: true
11:55:42.0957 0x09d8 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:55:42.0973 0x09d8 MBAMProtector - ok
11:55:43.0067 0x09d8 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:55:43.0098 0x09d8 MBAMScheduler - ok
11:55:43.0129 0x09d8 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:55:43.0145 0x09d8 MBAMService - ok
11:55:43.0176 0x09d8 [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
11:55:43.0176 0x09d8 MBAMWebAccessControl - ok
11:55:43.0176 0x09d8 megasas - ok
11:55:43.0176 0x09d8 megasr - ok
11:55:43.0223 0x09d8 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
11:55:43.0239 0x09d8 MEIx64 - ok
11:55:43.0270 0x09d8 MessagingService - ok
11:55:43.0332 0x09d8 mlx4_bus - ok
11:55:43.0332 0x09d8 MMCSS - ok
11:55:43.0332 0x09d8 Modem - ok
11:55:43.0348 0x09d8 monitor - ok
11:55:43.0348 0x09d8 mouclass - ok
11:55:43.0348 0x09d8 mouhid - ok
11:55:43.0348 0x09d8 mountmgr - ok
11:55:43.0395 0x09d8 [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:55:43.0489 0x09d8 MozillaMaintenance - ok
11:55:43.0489 0x09d8 mpsdrv - ok
11:55:43.0504 0x09d8 MpsSvc - ok
11:55:43.0520 0x09d8 MQAC - ok
11:55:43.0520 0x09d8 MRxDAV - ok
11:55:43.0520 0x09d8 mrxsmb - ok
11:55:43.0551 0x09d8 mrxsmb10 - ok
11:55:43.0567 0x09d8 mrxsmb20 - ok
11:55:43.0567 0x09d8 MsBridge - ok
11:55:43.0598 0x09d8 MSDTC - ok
11:55:43.0614 0x09d8 Msfs - ok
11:55:43.0629 0x09d8 msgpiowin32 - ok
11:55:43.0629 0x09d8 mshidkmdf - ok
11:55:43.0629 0x09d8 mshidumdf - ok
11:55:43.0645 0x09d8 msisadrv - ok
11:55:43.0660 0x09d8 MSiSCSI - ok
11:55:43.0660 0x09d8 msiserver - ok
11:55:43.0660 0x09d8 MSKSSRV - ok
11:55:43.0660 0x09d8 MsLldp - ok
11:55:43.0676 0x09d8 MSMQ - ok
11:55:43.0676 0x09d8 MSPCLOCK - ok
11:55:43.0676 0x09d8 MSPQM - ok
11:55:43.0676 0x09d8 MsRPC - ok
11:55:43.0676 0x09d8 mssmbios - ok
11:55:43.0676 0x09d8 MSTEE - ok
11:55:43.0692 0x09d8 MTConfig - ok
11:55:43.0692 0x09d8 Mup - ok
11:55:43.0692 0x09d8 mvumis - ok
11:55:43.0692 0x09d8 NativeWifiP - ok
11:55:43.0692 0x09d8 NcaSvc - ok
11:55:43.0707 0x09d8 NcbService - ok
11:55:43.0707 0x09d8 NcdAutoSetup - ok
11:55:43.0707 0x09d8 ndfltr - ok
11:55:43.0707 0x09d8 NDIS - ok
11:55:43.0707 0x09d8 NdisCap - ok
11:55:43.0707 0x09d8 NdisImPlatform - ok
11:55:43.0707 0x09d8 NdisTapi - ok
11:55:43.0707 0x09d8 Ndisuio - ok
11:55:43.0723 0x09d8 NdisVirtualBus - ok
11:55:43.0723 0x09d8 NdisWan - ok
11:55:43.0723 0x09d8 ndiswanlegacy - ok
11:55:43.0723 0x09d8 ndproxy - ok
11:55:43.0723 0x09d8 Ndu - ok
11:55:43.0723 0x09d8 NetBIOS - ok
11:55:43.0723 0x09d8 NetBT - ok
11:55:43.0723 0x09d8 Netlogon - ok
11:55:43.0739 0x09d8 Netman - ok
11:55:43.0754 0x09d8 NetMsmqActivator - ok
11:55:43.0754 0x09d8 NetPipeActivator - ok
11:55:43.0770 0x09d8 netprofm - ok
11:55:43.0817 0x09d8 NetSetupSvc - ok
11:55:43.0817 0x09d8 NetTcpActivator - ok
11:55:43.0817 0x09d8 NetTcpPortSharing - ok
11:55:43.0817 0x09d8 NgcCtnrSvc - ok
11:55:43.0817 0x09d8 NgcSvc - ok
11:55:43.0817 0x09d8 NlaSvc - ok
11:55:43.0817 0x09d8 Npfs - ok
11:55:43.0817 0x09d8 npsvctrig - ok
11:55:43.0832 0x09d8 nsi - ok
11:55:43.0832 0x09d8 nsiproxy - ok
11:55:43.0848 0x09d8 NTFS - ok
11:55:43.0848 0x09d8 Null - ok
11:55:43.0895 0x09d8 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\WINDOWS\system32\drivers\nusb3hub.sys
11:55:44.0020 0x09d8 nusb3hub - ok
11:55:44.0051 0x09d8 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\WINDOWS\system32\drivers\nusb3xhc.sys
11:55:44.0098 0x09d8 nusb3xhc - ok
11:55:44.0129 0x09d8 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
11:55:44.0145 0x09d8 NVHDA - ok
11:55:44.0379 0x09d8 [ 2D766A9EE4FBE2CE60F595EA4ACBE540, 5AF3B1BD24A170D3C70EBAE79CE42FCBB14FF35CB0850DA9B08A9DC646712A5E ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
11:55:44.0817 0x09d8 nvlddmkm - ok
11:55:44.0973 0x09d8 [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:55:45.0348 0x09d8 NvNetworkService - ok
11:55:45.0457 0x09d8 nvraid - ok
11:55:45.0473 0x09d8 nvstor - ok
11:55:45.0520 0x09d8 [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:55:45.0551 0x09d8 NvStreamKms - ok
11:55:45.0692 0x09d8 [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
11:55:45.0895 0x09d8 NvStreamNetworkSvc - ok
11:55:46.0020 0x09d8 [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
11:55:46.0160 0x09d8 NvStreamSvc - ok
11:55:46.0270 0x09d8 [ 4F2B65FA16319BBA3A309EC2964920A1, 733D1B203AEC92B523B182438AF61D93388F781682297A48CC7C0FA741C2D21D ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
11:55:46.0395 0x09d8 nvsvc - ok
11:55:46.0426 0x09d8 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
11:55:46.0457 0x09d8 nvvad_WaveExtensible - ok
11:55:46.0457 0x09d8 nv_agp - ok
11:55:46.0473 0x09d8 OneSyncSvc - ok
11:55:46.0551 0x09d8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:55:46.0567 0x09d8 ose - ok
11:55:46.0707 0x09d8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:55:46.0817 0x09d8 osppsvc - ok
11:55:46.0817 0x09d8 p2pimsvc - ok
11:55:46.0817 0x09d8 p2psvc - ok
11:55:46.0817 0x09d8 Parport - ok
11:55:46.0817 0x09d8 partmgr - ok
11:55:46.0832 0x09d8 PcaSvc - ok
11:55:46.0848 0x09d8 pci - ok
11:55:46.0848 0x09d8 pciide - ok
11:55:46.0848 0x09d8 pcmcia - ok
11:55:46.0848 0x09d8 pcw - ok
11:55:46.0864 0x09d8 pdc - ok
11:55:46.0864 0x09d8 PEAUTH - ok
11:55:46.0864 0x09d8 PeerDistSvc - ok
11:55:46.0864 0x09d8 percsas2i - ok
11:55:46.0879 0x09d8 percsas3i - ok
11:55:46.0942 0x09d8 PerfHost - ok
11:55:46.0973 0x09d8 PhoneSvc - ok
11:55:46.0989 0x09d8 PimIndexMaintenanceSvc - ok
11:55:47.0020 0x09d8 pla - ok
11:55:47.0036 0x09d8 PlugPlay - ok
11:55:47.0036 0x09d8 PNRPAutoReg - ok
11:55:47.0036 0x09d8 PNRPsvc - ok
11:55:47.0051 0x09d8 PolicyAgent - ok
11:55:47.0051 0x09d8 Power - ok
11:55:47.0051 0x09d8 PptpMiniport - ok
11:55:47.0239 0x09d8 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:55:47.0473 0x09d8 PrintNotify - ok
11:55:47.0473 0x09d8 Processor - ok
11:55:47.0489 0x09d8 ProfSvc - ok
11:55:47.0504 0x09d8 Psched - ok
11:55:47.0520 0x09d8 QWAVE - ok
11:55:47.0520 0x09d8 QWAVEdrv - ok
11:55:47.0536 0x09d8 RasAcd - ok
11:55:47.0536 0x09d8 RasAgileVpn - ok
11:55:47.0551 0x09d8 RasAuto - ok
11:55:47.0551 0x09d8 Rasl2tp - ok
11:55:47.0551 0x09d8 RasMan - ok
11:55:47.0567 0x09d8 RasPppoe - ok
11:55:47.0567 0x09d8 RasSstp - ok
11:55:47.0567 0x09d8 rdbss - ok
11:55:47.0567 0x09d8 rdpbus - ok
11:55:47.0582 0x09d8 RDPDR - ok
11:55:47.0582 0x09d8 RdpVideoMiniport - ok
11:55:47.0582 0x09d8 rdyboost - ok
11:55:47.0582 0x09d8 ReFSv1 - ok
11:55:47.0614 0x09d8 RemoteAccess - ok
11:55:47.0614 0x09d8 RemoteRegistry - ok
11:55:47.0614 0x09d8 RetailDemo - ok
11:55:47.0614 0x09d8 RpcEptMapper - ok
11:55:47.0629 0x09d8 RpcLocator - ok
11:55:47.0629 0x09d8 RpcSs - ok
11:55:47.0629 0x09d8 rspndr - ok
11:55:47.0629 0x09d8 rt640x64 - ok
11:55:47.0770 0x09d8 [ 844CB9DBE08797A2A875DF9E2AF108D7, 53463064C2F34DB9C5E1484FA370AC00C4A3486713EC80E2323B07150A27DD1F ] RtlWlanu C:\WINDOWS\System32\drivers\rtwlanu.sys
11:55:47.0926 0x09d8 RtlWlanu - ok
11:55:47.0942 0x09d8 s3cap - ok
11:55:47.0957 0x09d8 SamSs - ok
11:55:47.0957 0x09d8 sbp2port - ok
11:55:47.0957 0x09d8 SCardSvr - ok
11:55:47.0957 0x09d8 ScDeviceEnum - ok
11:55:47.0973 0x09d8 scfilter - ok
11:55:47.0973 0x09d8 Schedule - ok
11:55:47.0973 0x09d8 SCPolicySvc - ok
11:55:47.0973 0x09d8 sdbus - ok
11:55:47.0973 0x09d8 SDRSVC - ok
11:55:47.0989 0x09d8 sdstor - ok
11:55:47.0989 0x09d8 seclogon - ok
11:55:47.0989 0x09d8 SENS - ok
11:55:47.0989 0x09d8 SensorDataService - ok
11:55:47.0989 0x09d8 SensorService - ok
11:55:48.0004 0x09d8 SensrSvc - ok
11:55:48.0004 0x09d8 SerCx - ok
11:55:48.0004 0x09d8 SerCx2 - ok
11:55:48.0004 0x09d8 Serenum - ok
11:55:48.0004 0x09d8 Serial - ok
11:55:48.0004 0x09d8 sermouse - ok
11:55:48.0004 0x09d8 SessionEnv - ok
11:55:48.0020 0x09d8 sfloppy - ok
11:55:48.0051 0x09d8 [ 9242988D74674C2819D454F001457BAD, D353A30D224940B0C7750161782CE98D4C47ABC5C4E04B100F8ABB6A3402B5AD ] Sftfs C:\WINDOWS\system32\DRIVERS\Sftfswin7.sys
11:55:48.0067 0x09d8 Sftfs - ok
11:55:48.0176 0x09d8 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:55:48.0192 0x09d8 sftlist - ok
11:55:48.0254 0x09d8 [ 44391FA910901E2B8A2F831340FD707A, 9ACAD655DCCCAF562CEDE9180B187C229FFCAF97BA87D78225253C7868698CB8 ] Sftplay C:\WINDOWS\system32\DRIVERS\Sftplaywin7.sys
11:55:48.0301 0x09d8 Sftplay - ok
11:55:48.0301 0x09d8 [ 8654DBDC8ED8ED7257618D11B6C590BE, 1A410CCB7CDE99C607662E21054E959D3349647C5BD810CE744DA59EEB9C3FA2 ] Sftredir C:\WINDOWS\system32\DRIVERS\Sftredirwin7.sys
11:55:48.0317 0x09d8 Sftredir - ok
11:55:48.0332 0x09d8 [ 648F0152A7BAE175905C22E8BD839760, 6E3FC032212FD1F39FEE96D230F47BB25355587E8A73E34776CAEA8C0C1FB58E ] Sftvol C:\WINDOWS\system32\DRIVERS\Sftvolwin7.sys
11:55:48.0332 0x09d8 Sftvol - ok
11:55:48.0348 0x09d8 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:55:48.0348 0x09d8 sftvsa - ok
11:55:48.0364 0x09d8 SharedAccess - ok
11:55:48.0395 0x09d8 ShellHWDetection - ok
11:55:48.0395 0x09d8 SiSRaid2 - ok
11:55:48.0411 0x09d8 SiSRaid4 - ok
11:55:48.0411 0x09d8 smphost - ok
11:55:48.0442 0x09d8 SmsRouter - ok
11:55:48.0442 0x09d8 SNMPTRAP - ok
11:55:48.0473 0x09d8 spaceport - ok
11:55:48.0473 0x09d8 SpbCx - ok
11:55:48.0473 0x09d8 Spooler - ok
11:55:48.0473 0x09d8 sppsvc - ok
11:55:48.0473 0x09d8 srv - ok
11:55:48.0489 0x09d8 srv2 - ok
11:55:48.0489 0x09d8 srvnet - ok
11:55:48.0489 0x09d8 SSDPSRV - ok
11:55:48.0489 0x09d8 SstpSvc - ok
11:55:48.0489 0x09d8 StateRepository - ok
11:55:48.0598 0x09d8 [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:55:49.0098 0x09d8 Steam Client Service - ok
11:55:49.0192 0x09d8 [ 5311DAD9879DA242A9EA385EE7DD4F0D, AD7180A9176A9243A430ABA45079C7B256E4E05AFBE6215C662B8337B8760E39 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:55:50.0129 0x09d8 Stereo Service - ok
11:55:50.0129 0x09d8 stexstor - ok
11:55:50.0145 0x09d8 stisvc - ok
11:55:50.0145 0x09d8 storahci - ok
11:55:50.0161 0x09d8 storflt - ok
11:55:50.0161 0x09d8 stornvme - ok
11:55:50.0161 0x09d8 storqosflt - ok
11:55:50.0192 0x09d8 StorSvc - ok
11:55:50.0192 0x09d8 storufs - ok
11:55:50.0192 0x09d8 storvsc - ok
11:55:50.0223 0x09d8 svsvc - ok
11:55:50.0223 0x09d8 swenum - ok
11:55:50.0223 0x09d8 swprv - ok
11:55:50.0239 0x09d8 Synth3dVsc - ok
11:55:50.0254 0x09d8 SysMain - ok
11:55:50.0270 0x09d8 SystemEventsBroker - ok
11:55:50.0270 0x09d8 TabletInputService - ok
11:55:50.0286 0x09d8 TapiSrv - ok
11:55:50.0286 0x09d8 Tcpip - ok
11:55:50.0286 0x09d8 Tcpip6 - ok
11:55:50.0286 0x09d8 tcpipreg - ok
11:55:50.0301 0x09d8 tdx - ok
11:55:50.0301 0x09d8 terminpt - ok
11:55:50.0301 0x09d8 TermService - ok
11:55:50.0317 0x09d8 Themes - ok
11:55:50.0317 0x09d8 TieringEngineService - ok
11:55:50.0317 0x09d8 tiledatamodelsvc - ok
11:55:50.0332 0x09d8 TimeBroker - ok
11:55:50.0332 0x09d8 TPM - ok
11:55:50.0332 0x09d8 TrkWks - ok
11:55:50.0379 0x09d8 TrustedInstaller - ok
11:55:50.0395 0x09d8 tsusbflt - ok
11:55:50.0411 0x09d8 TsUsbGD - ok
11:55:50.0411 0x09d8 tunnel - ok
11:55:50.0426 0x09d8 tzautoupdate - ok
11:55:50.0426 0x09d8 uagp35 - ok
11:55:50.0426 0x09d8 UASPStor - ok
11:55:50.0426 0x09d8 UcmCx0101 - ok
11:55:50.0442 0x09d8 UcmUcsi - ok
11:55:50.0442 0x09d8 Ucx01000 - ok
11:55:50.0442 0x09d8 UdeCx - ok
11:55:50.0442 0x09d8 udfs - ok
11:55:50.0442 0x09d8 UEFI - ok
11:55:50.0457 0x09d8 Ufx01000 - ok
11:55:50.0457 0x09d8 UfxChipidea - ok
11:55:50.0457 0x09d8 ufxsynopsys - ok
11:55:50.0473 0x09d8 UI0Detect - ok
11:55:50.0473 0x09d8 uliagpkx - ok
11:55:50.0473 0x09d8 umbus - ok
11:55:50.0473 0x09d8 UmPass - ok
11:55:50.0473 0x09d8 UmRdpService - ok
11:55:50.0489 0x09d8 UnistoreSvc - ok
11:55:50.0489 0x09d8 upnphost - ok
11:55:50.0489 0x09d8 UrsChipidea - ok
11:55:50.0489 0x09d8 UrsCx01000 - ok
11:55:50.0504 0x09d8 UrsSynopsys - ok
11:55:50.0504 0x09d8 usbaudio - ok
11:55:50.0504 0x09d8 usbccgp - ok
11:55:50.0504 0x09d8 usbcir - ok
11:55:50.0504 0x09d8 usbehci - ok
11:55:50.0504 0x09d8 usbhub - ok
11:55:50.0504 0x09d8 USBHUB3 - ok
11:55:50.0520 0x09d8 usbohci - ok
11:55:50.0520 0x09d8 usbprint - ok
11:55:50.0520 0x09d8 usbser - ok
11:55:50.0520 0x09d8 USBSTOR - ok
11:55:50.0536 0x09d8 usbuhci - ok
11:55:50.0551 0x09d8 USBXHCI - ok
11:55:50.0551 0x09d8 UserDataSvc - ok
11:55:50.0567 0x09d8 UserManager - ok
11:55:50.0567 0x09d8 UsoSvc - ok
11:55:50.0567 0x09d8 VaultSvc - ok
11:55:50.0567 0x09d8 vdrvroot - ok
11:55:50.0567 0x09d8 vds - ok
11:55:50.0567 0x09d8 VerifierExt - ok
11:55:50.0567 0x09d8 vhdmp - ok
11:55:50.0567 0x09d8 vhf - ok
11:55:50.0582 0x09d8 vmbus - ok
11:55:50.0582 0x09d8 VMBusHID - ok
11:55:50.0598 0x09d8 vmicguestinterface - ok
11:55:50.0598 0x09d8 vmicheartbeat - ok
11:55:50.0598 0x09d8 vmickvpexchange - ok
11:55:50.0614 0x09d8 vmicrdv - ok
11:55:50.0614 0x09d8 vmicshutdown - ok
11:55:50.0614 0x09d8 vmictimesync - ok
11:55:50.0614 0x09d8 vmicvmsession - ok
11:55:50.0614 0x09d8 vmicvss - ok
11:55:50.0614 0x09d8 volmgr - ok
11:55:50.0614 0x09d8 volmgrx - ok
11:55:50.0614 0x09d8 volsnap - ok
11:55:50.0629 0x09d8 vpci - ok
11:55:50.0629 0x09d8 vsmraid - ok
11:55:50.0629 0x09d8 VSS - ok
11:55:50.0629 0x09d8 VSTXRAID - ok
11:55:50.0629 0x09d8 vwifibus - ok
11:55:50.0629 0x09d8 vwififlt - ok
11:55:50.0629 0x09d8 vwifimp - ok
11:55:50.0645 0x09d8 W32Time - ok
11:55:50.0676 0x09d8 w3logsvc - ok
11:55:50.0692 0x09d8 W3SVC - ok
11:55:50.0692 0x09d8 WacomPen - ok
11:55:50.0707 0x09d8 WalletService - ok
11:55:50.0707 0x09d8 wanarp - ok
11:55:50.0707 0x09d8 wanarpv6 - ok
11:55:50.0707 0x09d8 WAS - ok
11:55:50.0723 0x09d8 wbengine - ok
11:55:50.0723 0x09d8 WbioSrvc - ok
11:55:50.0739 0x09d8 Wcmsvc - ok
11:55:50.0739 0x09d8 wcncsvc - ok
11:55:50.0739 0x09d8 WcsPlugInService - ok
11:55:50.0739 0x09d8 WdBoot - ok
11:55:50.0739 0x09d8 Wdf01000 - ok
11:55:50.0739 0x09d8 WdFilter - ok
11:55:50.0739 0x09d8 WdiServiceHost - ok
11:55:50.0754 0x09d8 WdiSystemHost - ok
11:55:50.0754 0x09d8 wdiwifi - ok
11:55:50.0754 0x09d8 WdNisDrv - ok
11:55:50.0786 0x09d8 WdNisSvc - ok
11:55:50.0786 0x09d8 WebClient - ok
11:55:50.0801 0x09d8 Wecsvc - ok
11:55:50.0801 0x09d8 WEPHOSTSVC - ok
11:55:50.0801 0x09d8 wercplsupport - ok
11:55:50.0801 0x09d8 WerSvc - ok
11:55:50.0801 0x09d8 WFPLWFS - ok
11:55:50.0801 0x09d8 WiaRpc - ok
11:55:50.0817 0x09d8 WIMMount - ok
11:55:50.0817 0x09d8 WinDefend - ok
11:55:50.0832 0x09d8 WindowsTrustedRT - ok
11:55:50.0832 0x09d8 WindowsTrustedRTProxy - ok
11:55:50.0832 0x09d8 WinHttpAutoProxySvc - ok
11:55:50.0848 0x09d8 WinMad - ok
11:55:50.0864 0x09d8 Winmgmt - ok
11:55:50.0895 0x09d8 WinRM - ok
11:55:50.0911 0x09d8 WINUSB - ok
11:55:50.0911 0x09d8 WinVerbs - ok
11:55:50.0911 0x09d8 WlanSvc - ok
11:55:50.0926 0x09d8 wlidsvc - ok
11:55:50.0926 0x09d8 WmiAcpi - ok
11:55:50.0926 0x09d8 wmiApSrv - ok
11:55:50.0957 0x09d8 WMPNetworkSvc - ok
11:55:50.0973 0x09d8 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
11:55:51.0004 0x09d8 Wof - ok
11:55:51.0004 0x09d8 workfolderssvc - ok
11:55:51.0004 0x09d8 wpcfltr - ok
11:55:51.0004 0x09d8 WPDBusEnum - ok
11:55:51.0020 0x09d8 WpdUpFltr - ok
11:55:51.0020 0x09d8 WpnService - ok
11:55:51.0020 0x09d8 ws2ifsl - ok
11:55:51.0020 0x09d8 wscsvc - ok
11:55:51.0020 0x09d8 WSearch - ok
11:55:51.0020 0x09d8 WSService - ok
11:55:51.0051 0x09d8 wuauserv - ok
11:55:51.0051 0x09d8 WudfPf - ok
11:55:51.0051 0x09d8 wudfsvc - ok
11:55:51.0051 0x09d8 WUDFWpdFs - ok
11:55:51.0051 0x09d8 WUDFWpdMtp - ok
11:55:51.0067 0x09d8 WwanSvc - ok
11:55:51.0082 0x09d8 XblAuthManager - ok
11:55:51.0082 0x09d8 XblGameSave - ok
11:55:51.0082 0x09d8 xboxgip - ok
11:55:51.0114 0x09d8 XboxNetApiSvc - ok
11:55:51.0114 0x09d8 xinputhid - ok
11:55:51.0114 0x09d8 xusb22 - ok
11:55:51.0114 0x09d8 ================ Scan global ===============================
11:55:51.0176 0x09d8 [ Global ] - ok
11:55:51.0176 0x09d8 ================ Scan MBR ==================================
11:55:51.0192 0x09d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:55:51.0504 0x09d8 \Device\Harddisk0\DR0 - ok
11:55:51.0504 0x09d8 ================ Scan VBR ==================================
11:55:51.0504 0x09d8 [ 81ED99DE0B1E4D870D6D05101AD292C3 ] \Device\Harddisk0\DR0\Partition1
11:55:51.0567 0x09d8 \Device\Harddisk0\DR0\Partition1 - ok
11:55:51.0567 0x09d8 [ BD06E1052A646C6802AA8FAA591C618F ] \Device\Harddisk0\DR0\Partition2
11:55:51.0629 0x09d8 \Device\Harddisk0\DR0\Partition2 - ok
11:55:51.0629 0x09d8 ================ Scan generic autorun ======================
11:55:52.0020 0x09d8 [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:55:52.0332 0x09d8 RTHDVCPL - ok
11:55:52.0364 0x09d8 [ 3A19FD28BF891CB67FD89A94BEC88C3F, 6D9F5FA55A4B8A386691E91305C8CA9323B91680FA2DC4585DDDECA69BB80FA0 ] C:\Windows\system32\igfxtray.exe
11:55:52.0379 0x09d8 IgfxTray - ok
11:55:52.0426 0x09d8 [ D94BCD3B86F5220BEFC277B395EEE845, 61D3DE5621CE855F8EA5BF2308D0DFFB3B517BF7187AEE1FEF6785C5880E7D49 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:55:52.0520 0x09d8 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:55:54.0832 0x09d8 Detect skipped due to KSN trusted
11:55:54.0832 0x09d8 IAStorIcon - ok
11:55:54.0942 0x09d8 [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:55:55.0051 0x09d8 NvBackend - ok
11:55:55.0083 0x09d8 ShadowPlay - ok
11:55:55.0145 0x09d8 [ 70BDEE03032BF7CE279838866B25E697, 007C3AC1B4380BC56EC6E14EFC022C03F165D08447AD763854351C530E19D976 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
11:55:55.0161 0x09d8 IMSS - ok
11:55:55.0176 0x09d8 [ D2AEADFD998706B4216315B2BD3FA79E, D45634355B7733F9B6754A6FB80B7EC20C0D584A08E2F710DF612B393D96A8F9 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
11:55:55.0223 0x09d8 ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
11:55:57.0567 0x09d8 Detect skipped due to KSN trusted
11:55:57.0567 0x09d8 ISUSScheduler - ok
11:55:57.0598 0x09d8 [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
11:55:57.0708 0x09d8 amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
11:56:00.0051 0x09d8 Detect skipped due to KSN trusted
11:56:00.0051 0x09d8 amd_dc_opt - ok
11:56:00.0176 0x09d8 [ D470EB94988531FE20A2A78766BB6858, 59F46FBC2267584422D7C4EC5BCC4071BB8DCF544C3AB44BEEBAE091EDCB9947 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
11:56:00.0223 0x09d8 BlueStacks Agent - ok
11:56:00.0286 0x09d8 OneDriveSetup - ok
11:56:00.0286 0x09d8 OneDriveSetup - ok
11:56:00.0301 0x09d8 [ A379B75A6FFE4DFD3184F35F0141CE91, C777B01B4361456D4D829E96723C85CCDC2E3647C4CF25894AC83100552E36AB ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
11:56:00.0442 0x09d8 ISUSPM Startup - detected UnsignedFile.Multi.Generic ( 1 )
11:56:00.0520 0x156c Object required for P2P: [ 4F2B65FA16319BBA3A309EC2964920A1 ] nvsvc
11:56:02.0786 0x09d8 Detect skipped due to KSN trusted
11:56:02.0786 0x09d8 ISUSPM Startup - ok
11:56:02.0848 0x09d8 [ 406E7DF08CE79BE3016CC6D15E2ED956, 9DA8D10AE642B9411A3EB253F97918A6F470F1772F0057964267497CE0BDA53A ] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
11:56:02.0895 0x09d8 Dxtory Update Checker 2.0 - detected UnsignedFile.Multi.Generic ( 1 )
11:56:02.0942 0x156c Object send P2P result: true
11:56:05.0239 0x09d8 Detect skipped due to KSN trusted
11:56:05.0239 0x09d8 Dxtory Update Checker 2.0 - ok
11:56:05.0411 0x09d8 [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:56:05.0426 0x09d8 OneDrive - ok
11:56:05.0426 0x09d8 OneDriveSetup - ok
11:56:05.0458 0x09d8 WAB Migrate - ok
11:56:05.0458 0x09d8 Waiting for KSN requests completion. In queue: 2
11:56:06.0473 0x09d8 Waiting for KSN requests completion. In queue: 2
11:56:07.0489 0x09d8 Waiting for KSN requests completion. In queue: 1
11:56:08.0520 0x09d8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
11:56:08.0536 0x09d8 Win FW state via NFP2: enabled ( trusted )
11:56:10.0926 0x09d8 ============================================================
11:56:10.0926 0x09d8 Scan finished
11:56:10.0926 0x09d8 ============================================================
11:56:10.0942 0x030c Detected object count: 0
11:56:10.0942 0x030c Actual detected object count: 0
|
|
27.02.2016, 12:12
| #6 |
| | Virenprogramm lässt sich nicht mehr installieren FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
durchgeführt von Admin (Administrator) auf ADMIN-PC (27-02-2016 12:06:26)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
(Kaspersky Lab ZAO) C:\Users\Admin\AppData\Local\Temp\{F961F371-BEAD-4706-A050-0AEF9D9A4216}\{9CC410C8-AFCD-40DD-9A05-0AF1C39898D7}.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [175368 2016-02-09] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-02-28]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{38fa8d64-1429-4eb3-94d0-479866b2cb77}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-988284940-210793992-766847566-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-988284940-210793992-766847566-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-988284940-210793992-766847566-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll => Keine Datei
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll => Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2015-06-19] (Pando Networks)
FF Plugin HKU\S-1-5-21-988284940-210793992-766847566-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-988284940-210793992-766847566-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-10] ()
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\searchplugins\safesearch.xml [2015-06-25]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-29]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-12]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-01-30] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-06-19] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 condrv; System32\drivers\condrv.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-27 12:06 - 2016-02-27 12:07 - 00015268 _____ C:\Users\Admin\Desktop\FRST.txt
2016-02-27 12:05 - 2016-02-27 12:06 - 02371072 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2016-02-27 11:54 - 2016-02-27 11:54 - 00246848 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\83047933.sys
2016-02-27 11:53 - 2016-02-27 11:56 - 00078164 _____ C:\TDSSKiller.3.1.0.9_27.02.2016_11.53.57_log.txt
2016-02-27 11:52 - 2016-02-27 11:53 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2016-02-27 11:51 - 2016-02-27 11:51 - 00001845 _____ C:\Users\Admin\Desktop\Fixlog.txt
2016-02-26 09:35 - 2016-02-27 12:06 - 00000000 ____D C:\FRST
2016-02-26 05:36 - 2016-02-26 05:36 - 00001364 _____ C:\Users\Admin\Desktop\Norton-Installationsdateien.lnk
2016-02-26 05:36 - 2016-02-26 05:36 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2016-02-26 05:35 - 2016-02-26 05:36 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader(2).exe
2016-02-26 05:30 - 2016-02-26 19:27 - 00364004 _____ C:\WINDOWS\ntbtlog.txt
2016-02-26 05:28 - 2016-02-26 05:28 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE (2).exe
2016-02-26 05:12 - 2016-02-26 05:14 - 00412020 _____ C:\WINDOWS\Minidump\022616-17640-01.dmp
2016-02-25 11:37 - 2016-02-25 11:37 - 00000432 _____ C:\Users\Admin\AppData\Local\LMIR0001.tmp.bat
2016-02-25 11:37 - 2016-02-25 11:37 - 00000357 _____ C:\Users\Admin\AppData\Local\LMIR0001.tmp_r.bat
2016-02-25 11:33 - 2016-02-25 11:36 - 00000000 ____D C:\Program Files (x86)\LogMeIn Rescue RC - 0bfdcd33-f52c-4b3b-a4a7-71770fabb626
2016-02-25 11:28 - 2016-02-27 11:45 - 00000000 ____D C:\ProgramData\Norton
2016-02-25 11:28 - 2016-02-26 19:28 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-02-25 11:28 - 2016-02-26 05:38 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-02-25 11:15 - 2016-02-25 11:15 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE (1).exe
2016-02-25 11:13 - 2016-02-25 11:13 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool(1).exe
2016-02-25 10:48 - 2016-02-25 10:48 - 00000000 __SHD C:\found.000
2016-02-25 10:29 - 2016-02-27 11:44 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-25 10:28 - 2016-02-25 10:28 - 00000000 ____D C:\WINDOWS\pss
2016-02-25 10:07 - 2016-02-26 05:31 - 00000000 ____D C:\NPE
2016-02-25 10:05 - 2016-02-26 05:33 - 00000000 ____D C:\Users\Admin\AppData\Local\NPE
2016-02-25 10:05 - 2016-02-25 10:05 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE.exe
2016-02-25 10:02 - 2016-02-25 10:02 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader (1).exe
2016-02-25 09:58 - 2016-02-27 07:56 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3CF3C132-6859-4994-8DAC-3B31CD8D194C}
2016-02-25 09:54 - 2016-02-25 09:55 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool.exe
2016-02-25 09:48 - 2016-02-25 09:48 - 00000248 _____ C:\rescue.info
2016-02-25 09:46 - 2016-02-25 09:46 - 01857576 _____ (LogMeIn, Inc.) C:\Users\Admin\Downloads\Support-LogMeInRescue.exe
2016-02-25 09:46 - 2016-02-25 09:46 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Rescue Applet
2016-02-24 21:57 - 2016-02-24 21:57 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\HuniePot
2016-02-24 21:55 - 2016-02-24 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HuniePop [GOG.com]
2016-02-16 00:11 - 2016-02-16 00:11 - 00002202 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-02-16 00:10 - 2016-02-16 00:10 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-02-16 00:10 - 2016-02-09 06:04 - 00111672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-02-16 00:09 - 2016-02-09 09:25 - 42983480 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 37616184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 31119296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 24944064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 21201784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17631304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17175248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17116936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 02541504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436191.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436191.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00950328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00383424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00378968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00317144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-02-14 10:24 - 2016-02-14 10:26 - 00353028 _____ C:\WINDOWS\Minidump\021416-29546-01.dmp
2016-02-12 06:29 - 2016-02-24 09:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-09 19:52 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 19:52 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 19:52 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 19:52 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 19:52 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 19:52 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 19:52 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 19:52 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 19:52 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 19:52 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 19:52 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 19:52 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 19:52 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 19:52 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 19:52 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 19:52 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 19:52 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 19:52 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 19:52 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 19:52 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 19:52 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 19:52 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 19:52 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 19:52 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 19:52 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 19:52 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 19:52 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 19:52 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 19:52 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 19:52 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 19:52 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 19:52 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 19:52 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 19:52 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 19:52 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 19:52 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 19:52 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 19:52 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 19:52 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 19:52 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 19:52 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 19:52 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 19:52 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 19:52 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 19:52 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 19:52 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 19:52 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 19:52 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 19:52 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 19:52 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 19:52 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 19:52 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 19:52 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 19:52 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 19:52 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 19:52 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 19:52 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 19:52 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-03 19:18 - 2016-02-03 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2016-02-02 19:33 - 2016-02-02 19:35 - 10026464 _____ C:\Users\Admin\Downloads\Worlds Apart (Sami Zayn)_Megalouis100v4.m4a
2016-01-31 12:53 - 2016-02-08 00:23 - 00000000 ____D C:\Users\Admin\Documents\Broken Sword - Director's Cut
2016-01-31 12:19 - 2016-01-31 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword - Director's Cut [GOG.com]
2016-01-31 01:02 - 2016-01-23 04:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-31 01:02 - 2016-01-23 04:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-29 19:10 - 2016-01-29 19:10 - 00000000 ____D C:\Users\Admin\Documents\League of Legends
2016-01-29 19:03 - 2016-02-25 09:55 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-01-29 18:55 - 2016-01-29 18:55 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader(1).exe
2016-01-29 17:44 - 2016-01-29 17:44 - 00102616 _____ (Symantec Corporation) C:\WINDOWS\SMSS-PFRO5d7c.tmp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-27 11:51 - 2015-12-03 04:01 - 02091230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-27 11:51 - 2015-10-30 19:35 - 00889534 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-27 11:51 - 2015-10-30 19:35 - 00197858 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-27 11:51 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-27 11:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-27 11:47 - 2015-12-03 04:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-27 11:47 - 2015-12-03 03:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-27 11:47 - 2015-12-03 03:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-27 11:46 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-26 19:34 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-26 19:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-26 05:30 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-26 05:12 - 2015-12-04 19:37 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-26 05:12 - 2014-03-07 16:29 - 890432205 _____ C:\WINDOWS\MEMORY.DMP
2016-02-25 20:43 - 2014-10-15 18:28 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-02-25 20:39 - 2015-03-05 20:41 - 00000000 ____D C:\GOG Games
2016-02-25 20:39 - 2015-03-05 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-02-25 20:39 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-25 09:59 - 2014-11-29 21:19 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2016-02-25 09:59 - 2014-11-29 21:19 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2016-02-25 09:58 - 2015-02-05 18:42 - 00000000 __SHD C:\Users\Admin\AppData\LocalLow\EmieUserList
2016-02-25 09:58 - 2015-02-05 18:42 - 00000000 __SHD C:\Users\Admin\AppData\LocalLow\EmieSiteList
2016-02-25 09:03 - 2015-12-03 04:01 - 00000000 ____D C:\Users\Admin
2016-02-25 08:44 - 2015-08-06 20:56 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-02-24 18:56 - 2015-06-01 19:35 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-02-22 01:16 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-21 23:27 - 2015-01-27 10:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-02-21 00:02 - 2014-02-10 11:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SoftGrid Client
2016-02-20 22:15 - 2014-08-10 22:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-16 00:11 - 2015-12-03 03:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-16 00:11 - 2014-02-26 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-14 10:24 - 2015-01-26 02:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 20:35 - 2014-02-10 12:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-13 20:32 - 2014-02-10 12:11 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-12 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 19:34 - 2015-08-06 20:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-10 10:37 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 07:27 - 2015-09-22 23:03 - 12478528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-02-09 22:20 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 09:25 - 2015-09-22 23:03 - 19779648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 14115136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 03649576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 03231544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-02-09 06:29 - 2015-12-03 03:57 - 06368824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 02561472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-02-09 06:29 - 2015-12-03 03:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-02-09 06:29 - 2014-11-24 17:02 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-09 06:29 - 2014-11-24 17:02 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-07 23:20 - 2015-05-20 16:56 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-02-07 20:41 - 2014-04-12 17:17 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-02-06 15:58 - 2015-12-03 03:57 - 06154909 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 12:19 - 2014-08-31 18:56 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-01-31 01:02 - 2015-12-03 03:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-29 18:55 - 2015-07-25 17:47 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-01-29 17:37 - 2015-12-03 03:57 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-02-25 11:37 - 2016-02-25 11:37 - 0000432 _____ () C:\Users\Admin\AppData\Local\LMIR0001.tmp.bat
2016-02-25 11:37 - 2016-02-25 11:37 - 0000357 _____ () C:\Users\Admin\AppData\Local\LMIR0001.tmp_r.bat
2015-12-03 03:57 - 2015-12-03 03:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden.
LastRegBack: 2016-02-27 10:03
==================== Ende von FRST.txt ============================
Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016
durchgeführt von Admin (2016-02-27 12:07:32)
Gestartet von C:\Users\Admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-03 03:22:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-988284940-210793992-766847566-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-988284940-210793992-766847566-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-988284940-210793992-766847566-503 - Limited - Disabled)
Gast (S-1-5-21-988284940-210793992-766847566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-988284940-210793992-766847566-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1954 Alcatraz (HKLM-x32\...\Steam App 255280) (Version: - Daedalic Entertainment)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Baldur's Gate - The Original Saga (German) (HKLM-x32\...\GOGPACKBALDURSGATE1_is1) (Version: 2.0.0.20 - GOG.com)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Broken Sword - Director's Cut (HKLM-x32\...\1207658900_is1) (Version: 2.1.0.16 - GOG.com)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Architect Studio 5.0 (HKLM-x32\...\{E42939AE-9660-11E2-9A0D-F04DA23A5C58}) (Version: 5.0.178 - Sony)
Dxtory version 2.0.130 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.130 - ExKode Co. Ltd.)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version: - SQUARE ENIX)
Geheimakte Tunguska (HKLM-x32\...\{3B416FDA-CB3E-4514-9616-763E5B0D1140}) (Version: 1.03.02 - Deep Silver)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
HuniePop (HKLM-x32\...\1443428641_is1) (Version: 2.0.0.1 - GOG.com)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Leisure Suit Larry - Reloaded (HKLM-x32\...\1207659243_is1) (Version: 2.1.0.11 - GOG.com)
Magic Bullet QuickLooks for Movie Studio 64 bit (HKLM-x32\...\InstallShield_{03B2F2B1-247A-4216-997F-2BE0372FFEC9}) (Version: 1.4.3 - Ihr Firmenname)
Magic Bullet QuickLooks for Movie Studio 64 bit (Version: 1.4.3 - Ihr Firmenname) Hidden
MagicYUV Lossless Video Codec version 1.0 (HKLM-x32\...\{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.0 - INNOMAGIC, Ltd.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKVToolNix 7.5.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.5.0 - Moritz Bunkus)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{6C3C3A70-958D-11E2-B0E5-F04DA23A5C58}) (Version: 12.0.896 - Sony)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NewBlue VideoFX for Sony Vegas MSPPS (HKLM\...\NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Papers, Please (HKLM-x32\...\1207659209_is1) (Version: 2.5.0.11 - GOG.com)
PhotoFiltre 7 (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\PhotoFiltre 7) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version: - UBIart Montpellier)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis Games)
Sony Vocal Eraser (HKLM-x32\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{BC7B099E-4643-11E3-9A41-F04DA23A5C58}) (Version: 10.0.252 - Sony)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.12.1.0 - GOG.com)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version: - Telltale Games)
Torchlight (HKLM-x32\...\Steam App 41500) (Version: - Runic Games)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Tropico (HKLM-x32\...\Steam App 33520) (Version: - PopTop Software)
Two Worlds: Epic Edition (HKLM-x32\...\Steam App 1930) (Version: - Reality Pump Studios)
Unity Web Player (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.1 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02A600D9-1622-4911-9725-509354AEEC6E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0D117D4E-EE80-429D-9B8F-D88A92248012} - System32\Tasks\{A7EDC86C-AC88-4B0D-8EBF-801BB3377055} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Prerequisites\vcredist_x64.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Prerequisites"
Task: {0E38147A-4851-42DC-9070-354ABDEA17FC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {17C1BB3F-9616-44CB-922F-FF23AE97B1C0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1AC1141E-5152-4088-903E-CA244D117CC3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1F12A9F8-7D8D-4065-B944-4AEA70A1E4D3} - System32\Tasks\{F1F9B1E2-1649-459F-8D19-CE3F57076C12} => pcalua.exe -a "C:\Users\Admin\Downloads\chromeinstall-8u31 (1).exe" -d C:\Users\Admin\Downloads
Task: {27010340-37CF-488A-BE23-11555D46A73B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {2DB268B3-0211-4F20-A876-262F2EEAD600} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2F4F6831-28EB-427C-968C-08B0E3E853D5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {40F43CEE-3685-41BD-BD05-D3E30DDF1876} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4184E456-B813-43F0-9B55-96D23C9CD64C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {41C95DAF-DDF2-405F-A8C4-7C2A140FA0E7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4EBCE7C4-AC84-4EAF-B36A-56BD4FF4205A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5A65B13D-C7DD-442B-BC9F-E849177D96B1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5B136352-F75E-4BE9-8434-23C71C470FAC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5DC6463A-620C-498C-B8CC-3F26CD93C061} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {6D44F053-69EA-461A-ABFA-2E9FC7A0C0A4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6E01809B-A6A1-48BD-B4CA-115117903BF4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {6FC1A9A9-FC4E-40C5-A882-8E0B53ECC4D0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {734D0CE1-F91D-46C2-AEF6-86D2515E6550} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {73907E84-CF68-44D4-BC7D-C426518C8A13} - System32\Tasks\{459661D1-D2F6-419D-ADE9-E7E05FD0DA52} => pcalua.exe -a C:\ProgramData\HealthAlert\uninstall.exe -c /kb=y /ic=1
Task: {75DDAAA5-05CE-48D1-917F-D076DB6B8997} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7CD1B924-1215-4D6F-B79B-0807B81C65DD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {927B26A2-EDC4-4E89-A784-2709B910E102} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {975DC5FC-0BF4-4734-A115-4331365C7EC0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9B842312-0CD7-412B-9771-E75313F50259} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A3A38E1E-FA91-4361-A90B-CB608B7FE192} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {ABF95328-BD1A-4C58-AA4C-7D9E44654241} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AD6C2470-2782-4D1D-94D2-D509E96F0AEB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-13] (Microsoft Corporation)
Task: {ADAA0D57-05AF-4D42-97A2-CA60B486A4FD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {B0297718-FC73-4D55-A112-237A0A2FA275} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BCF1AC20-C954-415B-90EB-09B341F654CA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DA3C86F9-5E29-40D8-8035-3E189AC2D6E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DEADD6EE-4754-42BF-96F9-AF94B6F06D4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {E04234EA-61B8-4CE5-B5DF-08E264BCF2FC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E5FA8F18-29CC-41E7-BDEC-EC7888343D95} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDACD965-B245-4FD8-8F97-275FB23FECAB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {F1A14AE5-8D99-4F21-9EEF-F5C2007E7C6B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F855E92F-2699-4DE3-AF41-951E76CED339} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 03:57 - 2016-02-09 06:29 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-03 19:37 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 19:37 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 20:43 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 20:43 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 20:52 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 20:52 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 19:53 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 19:53 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-03-30 22:38 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-01-26 20:44 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-988284940-210793992-766847566-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Wallpaper\the_witcher_3_wild_hunt_wallpaper_3-1920x1200.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{6E420D0A-379E-4325-997B-5705899CAC39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{B96ABC35-9B8B-4784-A9DB-0C1EA97B9030}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{0F6FC0BD-FCD4-42C7-B4AA-5BC87EE1A220}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{B314AF56-BBF0-45AF-8C29-039C4BD429B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{256921F5-44A9-4B3A-BD2B-2A570C22DE55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D125E4-42FB-44D2-A0EE-0F02B56DFC57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F971CB50-BA99-4142-B8DF-8B89A8E07B33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{E7D8D473-00F7-4EE1-9530-60C4A0F4C150}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{4925243F-FBE6-44B7-A975-BCCB0C180AF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{30FDAB68-6C8E-4A7B-AA22-CCEA454D4F1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{506017D7-8AC0-4E6C-A834-C122FCF909C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{795906C9-BC9B-49FA-8325-C7C8870C2EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{E9A061A9-73B5-482C-997D-862ACF115145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{F4EBEA40-A7D8-43C7-AE9D-778C4CA5D7CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{65C91C97-F856-4271-9C73-C98B7567A801}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{360AEBC8-A0BE-4E94-8A33-AE6EAEC656E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{315E15EB-B4F1-43E8-A4E6-402275B529A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FF509E52-645D-4365-84AD-FB0C261C9868}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C5998C02-632D-43E9-90CA-60097EF8E86A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{991121E2-9026-4743-B7E5-7A8E55384142}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{86DF2C1A-1739-488B-875A-1AC9DB9C5060}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{6064EF51-4B50-4444-B1A4-EFA61BFF49F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1B15FC00-36FB-4A93-AE32-9647175F8F76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{DC722C51-C46D-40EC-8668-E362EAE276B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{C3A04E99-322D-46E9-B9BD-703483A7B189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{0F98958F-E861-40DD-BDC6-995B42040165}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{36EB300B-5DA7-4BF0-90A6-F1DE17CD6573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{49455361-4214-40EC-B265-FC6266F267D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{3956483D-656F-4265-BDA2-02173B16C080}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{D307758E-88ED-41D1-BA4D-784FC8711CA3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{83F8AF97-7FB9-454C-A591-89EB18A99069}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{711528E3-97F2-4F8A-9EA5-082E57617A17}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{C5046C9C-B48A-4D3C-AE86-93A41B7D5923}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{7DB14810-4D82-4530-8D15-AC1FCBB8292F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{D2A93941-11DF-48F6-860B-F94D40812543}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{43838B64-8209-499B-ADF7-50A08698FC1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{04679FA5-74EB-4F69-9CF8-D680702FF885}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [TCP Query User{AA756576-BAC1-4E66-88B8-E0048499E0E2}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{D89FE854-8AF1-4764-9460-3B065BD66B94}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{3248C1A6-D190-4F12-8664-CE8FC448256F}] => (Block) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{3C04B63A-6BE8-44F6-9601-3F5512BD4BD5}] => (Block) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{C5EB114E-20B2-4E5A-A3C0-42DB2A0E0E3B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{B3BEF09D-7E43-474E-B668-25C680E2C25F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E739C62B-55ED-493C-8218-9EA012051BBD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DDA49CF-21C4-4183-902F-D13104F301A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2C3D6D71-6A44-4A80-B2A7-219C1420825F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D560325B-8725-48E5-8ABC-2E1FF99FCE98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E48773F8-4DF5-4A58-A166-1B312C9269EF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{412CA1BF-B6E1-4713-B8FB-7EBC424876D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{2D959B1C-9A0A-4CAC-A4FC-75936D9D49F2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{C0F791F9-DF54-4563-8410-219F17F6D25F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{6CE64287-2232-4D23-AE8C-292D1C5D4F93}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{4E8BD3CA-B72A-4C48-A323-F5A3B2EBF83E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{00AB475C-77DB-4C57-B574-1D524BA5CA20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9AAD1A10-DA90-478C-9C63-08C7D8B02EC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{090A43EF-2DD9-4261-990A-CAFE332D8E92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{2102550E-749E-41E2-8FEE-B7EBBD08C1CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{4BCFAB4F-2B9D-45DE-B077-F08168D5D67C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{E42C92D2-79D8-4882-87F6-3B1B1594FDE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [TCP Query User{C1109CDB-71AE-439E-B1C2-50213C8C7A5B}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{83D4C6C7-813C-44E2-B75B-C4BE83A4CB62}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{36973D42-9A1C-4CFE-BF4D-E518212F5373}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{7D9C5840-7C9D-46DF-B0A2-BC21610BF4A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{C879E974-3CD9-40F1-9C30-303E9B43905F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C7E055CB-D40D-4E27-B447-69B9B33F8345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{12825260-A3BB-45E7-9C28-A1420FF60F33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{997E46D0-78E6-4A77-8D4F-3A92C07FE6B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{CFB6F006-D750-49A3-BAE0-6BDFB7E2AC9C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6B5F1130-E279-488D-AE55-A2DAE030F088}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CEED23D0-3A11-4786-864D-3081A7F322BE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{DE762189-4EF7-4EC1-A60F-21B017CB8085}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6D55673B-0FF9-4D59-A9A2-9F7BDF50B34C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{A2B93ADD-9986-4733-9E48-06254363C283}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{9E681173-7A4C-46C3-86A6-A36B1C2B5BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{05AA5451-BEE9-4D9E-94C0-0B0EC6026DC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{7D4D3518-150E-4447-B19A-4B0748E50D4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{AF8D2895-5885-495F-9C5B-E3B660A1F778}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [TCP Query User{A544BD62-14C2-4259-AAEF-022952556857}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{3909E355-B5FB-4A27-9199-194854704AAD}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{545D9B8D-9953-4CB7-8C25-D73B6336E07A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{29E901E5-DBD7-43C3-A1BC-B594CC13EA25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{3259E222-4518-4F5A-8904-4EE437F4BBFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{0F2CF57D-DE06-430D-82E2-7174208088DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1F3813EE-F4C8-49CB-8E88-BD546DB1DA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{6E7F3C96-0F1D-4656-9A5C-740C8216C7D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{C9ACFBFE-A603-4442-A109-BCD1CC90A1DD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{05C428E6-A1B0-451B-B550-113694555C8E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{460DC9FE-CE1D-4C6B-B70E-1703B62E80E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{4E52E920-FB9E-4B2F-85DE-B8FBBB13529B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{286BEAE6-98AE-4193-BA0D-534FE8742A51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C22367D4-EBB9-418D-B4E8-5F73846A2869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BC8E747A-F61E-4EB5-84D4-E88C3716963C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7DC3F700-62CA-4230-B7C6-F13844A6B5B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BFCBE96B-6F69-480B-8884-A8212FEEAC8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{9FFD4D7B-09F4-4441-ACF9-B3D8D37FE1B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{871626AC-BD7C-4745-A16B-45EE7A67EB03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{42F54F3E-40B8-4B0B-823A-B3B14CEFC3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{E97DDFC4-E97B-4704-B17D-FD5020048649}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{52B0886E-3621-49AD-964F-D4A2E707BE12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{F41E3239-CD33-4579-B34B-0AAF256F6C55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{D430042B-5DF0-418A-880D-9230DBE275EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{2B96A400-FD44-4DFD-9CFC-D29F6FB58F7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D793FCDF-0842-4FBC-90D7-B0973680D2EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [TCP Query User{4BCF5F21-C99A-478A-95FD-4A0869F00131}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{9E1EF25B-113D-422A-A4F8-11CBCA584F82}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{3F675CC0-3184-4393-894F-B4B33B351994}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{129A599D-446F-40B7-A918-9B2D3D6375EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{20ECE902-9A57-4F70-8E04-4C88E2419E05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{2D848495-1A91-4179-8CBB-3866ED0E0C34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{BA367573-7B8F-4777-8AB5-864A549D3CFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{CF00F149-60EB-48EB-92C5-AF5CB3E8B370}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{02A409DB-0A4D-415A-B68D-E2C8AD421B30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{7A43CD6B-4116-4279-9B1A-29C245724E88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{B063BE0A-60F7-4EE4-9FA6-88A2EFB1FBE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3B571F71-ACD4-4B5A-9DB1-75CFA55B3D21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3620AD47-E894-47F8-84C8-CB1D91B3110C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{7423B0B5-233A-473C-BB3C-A4032B7EA0BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{1505A911-84EC-4CAE-AE32-E71696A44070}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico\Tropico.EXE
FirewallRules: [{E32F9C77-6C08-45FD-A02D-B36226C008B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico\Tropico.EXE
FirewallRules: [{F581802C-2D95-4E59-B72E-6FFD315D8182}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF63116B-20B3-4892-A712-102390ED402D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C6692EF-51C0-4623-8C57-40EBA18FDEF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{49A3271C-BB1D-43DD-9654-075D79195F0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{DCBC8CE9-D293-4FA1-879B-270196EED1A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{9A9181C1-7313-4E03-936A-64B3E573D028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{D14185D7-9F38-4C57-965F-43D51E98A39D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{863A7EB5-4496-4987-BF95-C22A2FA2AC22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{43CF3CA2-59D2-450E-B920-4FC4ABD57704}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{2E4E2EBA-A40A-4895-80FD-F0DE745402A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{CA846C69-619B-40C8-8594-E8FDF54622DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AC494E79-2D9F-423D-847E-3000CCD76907}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{8BFD8407-04E7-4FA9-9E1F-150B376B9783}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F58ADA5A-4C45-4891-9DD3-8254D2E612CF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6ACFA7C6-CB3F-4F28-BC50-AAD2F0E06B3F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{58515D64-FDE2-448A-9448-2FEA27E88E4C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{876C7FEA-0DEE-4871-BFAB-053A02AED9AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{BB4BF462-7275-4801-8131-484F5D2EA2C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{523A1B31-06BB-4D69-B1DE-10F60E4F3610}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A153552B-49D1-4361-A137-0D94D18D37B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D43680B8-0ACE-4C04-80C7-D8D967C754EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B196BF22-7291-48F4-AC03-1DE595A40997}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4FA950EC-A651-4B05-B178-761195FED113}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B94E9B0F-047D-4BF0-9928-0BE7465C6A86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{4C463636-3D0B-489D-8D47-B867BB940BCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [TCP Query User{2785A175-2DF4-40EA-91A6-769AEBF450A8}C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{15F167CC-DEE4-46D4-B376-1BBC8B6631B2}C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{C648A936-27DA-4F97-9B13-FAF1A85070B9}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSA08E.tmp\SymNRT.exe
FirewallRules: [{330A2776-D04B-4D5E-BA65-F84A7657D6E1}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSA08E.tmp\SymNRT.exe
FirewallRules: [{1C6D9EA5-3BB6-4857-B833-2082CC9F4CDB}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSC64F.tmp\SymNRT.exe
FirewallRules: [{AF593FDA-A8A7-4C9A-ABD1-92EC5903C4AF}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSC64F.tmp\SymNRT.exe
FirewallRules: [{8975AD88-F6EA-4954-9D0A-276E0BE02EB6}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSACAD.tmp\SymNRT.exe
FirewallRules: [{03D5B382-45AA-448A-B5EF-8C2C4A54030F}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSACAD.tmp\SymNRT.exe
==================== Wiederherstellungspunkte =========================
22-02-2016 10:43:20 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/27/2016 11:57:27 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/27/2016 11:44:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
Description: Bei der Aktivierung der App „Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/26/2016 09:55:46 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Helper process exited prematurely
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/26/2016 07:39:30 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/26/2016 05:40:58 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/26/2016 05:23:25 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/25/2016 08:43:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: Cortana.BackgroundTask.dll, Version: 0.0.0.0, Zeitstempel: 0x5699d0c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000046a65
ID des fehlerhaften Prozesses: 0x1ba8
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5
Error: (02/25/2016 08:41:10 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (02/25/2016 11:44:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (02/25/2016 11:40:52 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Systemfehler:
=============
Error: (02/27/2016 11:51:17 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/27/2016 11:51:17 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/27/2016 11:51:14 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (02/27/2016 11:48:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (02/27/2016 11:47:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Fehlercode: 21
Error: (02/27/2016 11:47:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/27/2016 11:46:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" ist vom Dienst "DHCP-Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (02/27/2016 11:46:06 AM) (Source: DCOM) (EventID: 10005) (User: Admin-PC)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (02/27/2016 11:45:49 AM) (Source: DCOM) (EventID: 10005) (User: Admin-PC)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (02/27/2016 11:45:49 AM) (Source: DCOM) (EventID: 10005) (User: Admin-PC)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16262.64 MB
Verfügbarer physikalischer RAM: 14072.23 MB
Summe virtueller Speicher: 32646.64 MB
Verfügbarer virtueller Speicher: 30255.83 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1862.48 GB) (Free:1008.55 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 462E0839)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Ende von Addition.txt ============================
|
|
28.02.2016, 11:11
| #7 |
| /// Selecta Jahrusso | Virenprogramm lässt sich nicht mehr installieren Hy Sorry, war gestern den ganzen Tag unterwegs. Das die Leute vom Support manchmal nur auf ihre Tools beschränkt sind, ist leider trauriger Alltag. Der Uninstaller hat zumindest die aktiven Komponenten entfernt, dennoch sind noch Ordner vorhanden, die eigentlich nicht mehr stören dürften. Da du dafür bezahlt hast, gehe ich mal davon aus, dass du es wieder installieren willst oder ? ( Ich persönlich würde diese Lizenz aber nicht mehr verlängern ) Checken wir das System noch etwas durch, bevor wir uns an die Neuinstallation machen. ESET Online Scanner
Da du dafür ja bezahlt hast,
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.02.2016, 13:24
| #8 |
| | Virenprogramm lässt sich nicht mehr installieren Hallo Daniel, kein Problem. Ja ich möchte Norton nochmal installieren (Meine Lizenz läuft leider noch bis 2017). Was würdest du mir danach für ein Programm empfehlen? Nach diesem Vorfall werde ich in Zunkunft auf Norton verzichten. Konnte jetzt aber mittlerweile ein Windows Update ausführen, das vorher nicht funktioniert hat. Wenn ich das dir zu verdanken habe, dann vielen Dank  Der ESET Online Scanner lässt sich nicht ausführen. Bei der Initialisierung erscheint die Fehlermeldung "Unerwarteter Fehler 101". (Habe die richtigen Einstellungen verwendet). Gruß Kanso |
|
28.02.2016, 14:16
| #9 |
| /// Selecta Jahrusso | Virenprogramm lässt sich nicht mehr installieren Für die Zukunft ? http://www.trojaner-board.de/166031-...-produkte.html Hm, den Fehler kenn ich nur, wenn die Uhrzeit nicht stimmt. Stimmt Datum und Jahr in der Taskleiste ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.02.2016, 14:18
| #10 |
| | Virenprogramm lässt sich nicht mehr installieren Ja Datum und Uhrzeit stimmen soweit. Gruß Kanso |
|
28.02.2016, 14:49
| #11 |
| /// Selecta Jahrusso | Virenprogramm lässt sich nicht mehr installieren Gerade bei mir versucht und läuft. Downloade dir mal bitte Windows All In One Repair von hier herunter http://filepony.de/download-windows_repair_aio/ Entpacke das Archiv. Starte den Rechner in den abgesicherten Modus !!! Im erstellten Ordner starte die Repair_Windows.exe. Ignoriere das verfügbare Update. Führe Step 3 - 5 vollständig aus ( Ich empfehle dringends die Backup Funktionen zu nutzen ) Wenn erledigt, öffne den Repairs Tab und belasse alles wie es ist. Rechts kannst du unter "Restart/Shutdown" den automatischen Neustart auswählen ( wenn du willst ) Klicke auf "Start Repairs". Nach dem Neustart, versuche bitte ESET erneut.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.02.2016, 17:00
| #12 |
| | Virenprogramm lässt sich nicht mehr installieren Hallo, hat leider nicht funktioniert, ich bekomme ständig die Fehlermeldung: "cmd.exe Anwendungsfehler" Die Anwendung konnte nicht gestartet werden (0xc0000142) Also bei Step 3 hat sich garnix getan, hat ungefähr ne Stunde lang geladen aber nix ist passiert und bei step 4 kam eben diese Fehlermeldung. Gruß Kanso |
|
28.02.2016, 18:52
| #13 |
| /// Selecta Jahrusso | Virenprogramm lässt sich nicht mehr installieren Drücke bitte die Windows Taste und gib CMD ein. Starte die Eingabeaufforderung mit Rechtsklick "Als Admin ausführen " Gib ein : sfc /scannow Dies prüft das System auf fehlerhafte Dateien. Wenn dies beendet ist, versuche Windows Repair erneut.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.02.2016, 19:05
| #14 |
| | Virenprogramm lässt sich nicht mehr installieren Hallo, kann ich leider nicht öffnen, es erscheint die Fehlermeldung "Die Anwendung konnte nicht korrekt gestartet werden (0xc0000142)".  Gruß Kanso |
|
29.02.2016, 08:48
| #15 |
| /// Selecta Jahrusso | Virenprogramm lässt sich nicht mehr installieren Okay, dann gehen wir mal auf Problemsuche. Macht der Rechner sonst noch Probleme ? Note Mit Windows 10 kommst du so in die RC 1. Neustart des PC bei gedrückter SHIFT-Taste 2. "Problembehandlung" auswählen 3. Aufruf der "Erweiterten Optionen" 4. "Eingabeaufforderung" auswählen 5. Benutzerkonto auswählen 6. Falls gesetzt: "Kennwort-Eingabe" 7. "Eingabeaufforderung" wird geöffnet. Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie Geändert von Larusso (29.02.2016 um 08:55 Uhr) |
|
| Themen zu Virenprogramm lässt sich nicht mehr installieren |
| computer, desktop, eingefangen, fehlermeldung, gefangen, guten, infiziert, installieren, konnte, melde, morgen, neu, neuinstallation, nicht mehr, norton, problem, probleme, programm, schonmal, security, support, versuche, virenprogramm, zugang, öffnen |
Linear-Darstellung
