Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Taskmanager blockiert, consent.exe 6x offen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.07.2015, 13:49   #1
Freakey_
 
Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



Hallo liebes Trojanerboard Team,
ich habe seit heute ein komisches Problem... Und zwar kann ich irgendwie den Taskmanager nicht mehr per Tastendruck starten, (hab ihn mit taskmgr.exe) gestartet, und da war consent.exe 6x offen. Ich konnte den Dateipfad nicht öffnen und schließen konnte ich es auch nicht.

Kann das irgendwie damit zu tun haben, dass ich seit gestern einen zweiten Bildschirm habe?
Ich kann auch manche Fenster nicht schließen, Malwarebytes-Anti Malware lädt zwar, startet aber nicht, und auf herunterfahren klicken geht auch nicht.

Bitte um Hilfe!

//Da fällt mir noch was ein: Avast findet bei mir immer ein Browserplugin namens "Compete" was ich entferne, es kommt aber immer wieder!

///Dieses consent.exe öffnet sich immer wieder, ist schon 8x offen jetzt...

Alt 01.07.2015, 14:26   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 01.07.2015, 14:54   #3
Freakey_
 
Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Adrian (administrator) on ADRIAN on 01-07-2015 15:44:50
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian & Roland & Julia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Users\Adrian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamSpeak Systems GmbH) C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Adrian\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-17] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2013-12-13] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Spotify Web Helper] => C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2015-06-26] (Spotify Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Spotify] => C:\Users\Adrian\AppData\Roaming\Spotify\Spotify.exe [7415864 2015-06-26] (Spotify Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\MountPoints2: F - F:\0data\cbs.exe
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\MountPoints2: {1fbf2697-26af-11e3-b9f3-80c16ee1eaf7} - F:\Setup.exe
Startup: C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-17] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://g.uk.msn.com/HPCON/13
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {939B14F3-B461-4624-9A18-471F61BFA534} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> {939B14F3-B461-4624-9A18-471F61BFA534} URL = 
SearchScopes: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-17] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-21] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-17] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-21] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: 10.0.0.1				activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4D90CE45-67A0-49AB-B5B4-C64A4C422721}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8B69EE98-7CCE-4594-BF68-254040775923}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-01] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-09] ()
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\donottrackplus@abine.com [2015-05-29]
FF Extension: ColorZilla - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-05-29]
FF Extension: WOT - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29]
FF Extension: Ghostery - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\firefox@ghostery.com.xpi [2015-05-09]
FF Extension: Adblock Edge - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-05]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]
CHR Extension: (Google Docs) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]
CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (MaskMe) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2015-06-04]
CHR Extension: (Blur) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-06-04]
CHR Extension: (Google Sheets) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-06-04]
CHR Extension: (AdBlock) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-04]
CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-19]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19]
CHR Extension: (No Name) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh [2015-07-01]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-17] (Avast Software s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-06] ()
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648 2015-03-08] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-03-18] (Microsoft Corporation)
R2 ezSharedSvc; C:\windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [4276136 2013-04-03] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1996144 2015-05-21] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-04-04] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2014-10-02] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-17] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-17] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-17] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-17] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-17] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-02] ()
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-08-02] (Echobit, LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-14] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 X6va011; \??\C:\windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-01 15:44 - 2015-07-01 15:47 - 00032311 _____ C:\Users\Adrian\Desktop\FRST.txt
2015-07-01 15:43 - 2015-07-01 15:43 - 02112512 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64(1).exe
2015-07-01 15:36 - 2015-07-01 15:37 - 00095283 _____ C:\Users\Adrian\Downloads\FRST.txt
2015-07-01 15:36 - 2015-07-01 15:36 - 02112512 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-07-01 15:33 - 2015-07-01 15:46 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-01 15:33 - 2015-07-01 15:33 - 00001068 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-01 15:33 - 2015-07-01 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-01 15:33 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-07-01 15:33 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-07-01 15:33 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-07-01 15:32 - 2015-07-01 15:34 - 00003880 _____ C:\Users\Adrian\Desktop\AdwCleaner[R4].txt
2015-07-01 15:32 - 2015-07-01 15:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-01 15:31 - 2015-07-01 15:32 - 02244096 _____ C:\Users\Adrian\Downloads\adwcleaner_4.207(1).exe
2015-07-01 14:57 - 2015-07-01 14:57 - 02244096 _____ C:\Users\Adrian\Downloads\AdwCleaner_4.207.exe
2015-06-30 21:03 - 2015-06-30 21:03 - 00000000 ____D C:\Users\Adrian\Desktop\Bauserver
2015-06-30 18:54 - 2015-06-30 18:54 - 00000278 _____ C:\Users\Adrian\Desktop\How to use the new things added in 1.4.6 (no NBT) Bukkit Forums.URL
2015-06-29 16:39 - 2015-06-29 16:39 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.atlauncher
2015-06-28 16:15 - 2015-06-28 16:15 - 00990670 _____ C:\Users\Adrian\Downloads\Essentials(1).zip
2015-06-28 16:08 - 2015-06-28 16:08 - 00279917 _____ C:\Users\Adrian\Downloads\nbteditor-1.2.zip
2015-06-23 18:22 - 2015-06-23 18:22 - 00001343 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-23 18:21 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2015-06-23 18:12 - 2015-06-17 11:10 - 42729104 _____ C:\windows\system32\nvcompiler.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 37748880 _____ C:\windows\SysWOW64\nvcompiler.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-06-23 18:12 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6435330.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6435330.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2015-06-23 18:12 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00030966 _____ C:\windows\system32\nvinfo.pb
2015-06-23 18:06 - 2015-06-23 18:06 - 00000000 ____D C:\NVIDIA
2015-06-23 17:48 - 2015-06-23 17:48 - 00158823 _____ C:\Users\Adrian\Downloads\2c36ac-Play GTA V.rar
2015-06-23 17:42 - 2015-06-23 17:42 - 00060476 _____ C:\Users\Adrian\Downloads\16420b-OpenAllInteriors.rar
2015-06-23 17:41 - 2015-06-23 17:41 - 00139690 _____ C:\Users\Adrian\Downloads\3137dd-the_red_house.zip
2015-06-23 17:41 - 2015-06-23 17:41 - 00130877 _____ C:\Users\Adrian\Downloads\7d5fc4-Bodyguard Menu 1.7.zip
2015-06-23 17:39 - 2015-06-23 17:39 - 00766494 _____ C:\Users\Adrian\Downloads\f72d70-RealPoliceOffenses.rar
2015-06-23 17:38 - 2015-06-23 17:38 - 00393765 _____ C:\Users\Adrian\Downloads\ScriptHookV_1.0.372.2.zip
2015-06-23 17:34 - 2015-06-23 17:42 - 292264080 _____ (NVIDIA Corporation) C:\Users\Adrian\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-06-23 17:29 - 2015-06-23 17:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-23 17:29 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2015-06-23 17:29 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2015-06-21 16:11 - 2015-06-21 16:12 - 00024799 _____ C:\Users\Adrian\Downloads\TurretsStarterPackRAW.rar
2015-06-21 16:09 - 2015-06-21 16:09 - 01399043 _____ C:\Users\Adrian\Desktop\DieUberwaffe_Tigerlily_HF50.sment
2015-06-21 09:54 - 2015-06-21 09:54 - 00000257 _____ C:\Users\Adrian\Desktop\Rockstar Games Social Club - Crew Squad Lemonators.URL
2015-06-20 17:03 - 2015-06-20 17:03 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2013
2015-06-20 17:03 - 2015-06-20 17:03 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2013
2015-06-20 11:54 - 2015-06-20 11:54 - 00005618 _____ C:\Users\Adrian\Desktop\Mein Radio.application
2015-06-20 11:54 - 2015-06-20 11:54 - 00000000 ____D C:\Users\Adrian\Desktop\Application Files
2015-06-20 11:54 - 2015-06-20 11:54 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2015-06-20 11:53 - 2015-06-20 11:53 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft FxCop
2015-06-20 11:32 - 2015-05-06 15:07 - 00319584 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2015-06-20 11:32 - 2015-05-06 15:07 - 00206944 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2015-06-20 11:32 - 2015-05-06 15:07 - 00206432 _____ (Oracle Corporation) C:\windows\system32\java.exe
2015-06-20 11:15 - 2015-06-20 11:28 - 146861984 _____ (Oracle Corporation) C:\Users\Adrian\Downloads\jdk-7u79-windows-x64.exe
2015-06-19 17:53 - 2015-06-19 17:53 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\NuGet
2015-06-19 17:24 - 2015-06-19 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-06-19 17:24 - 2015-06-19 17:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-06-19 17:20 - 2015-06-19 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2015-06-19 17:20 - 2015-06-19 17:20 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits
2015-06-19 17:16 - 2015-06-19 18:55 - 00000000 ____D C:\Users\Adrian\Documents\Visual Studio 2013
2015-06-19 17:16 - 2015-06-19 17:16 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2015-06-19 17:08 - 2015-06-19 17:08 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-06-19 17:02 - 2015-06-19 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2015-06-19 16:55 - 2015-06-19 17:10 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-06-19 16:55 - 2015-06-19 16:55 - 00000000 ____D C:\Program Files\Application Verifier
2015-06-19 16:55 - 2015-06-19 16:55 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-06-19 16:51 - 2015-06-19 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-06-19 16:45 - 2015-06-19 16:45 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-06-19 16:39 - 2015-06-19 16:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-06-19 16:38 - 2015-06-19 17:09 - 00000000 ____D C:\Program Files\IIS Express
2015-06-19 16:38 - 2015-06-19 17:09 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\ProgramData\NuGet
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files\IIS
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\IIS
2015-06-19 16:34 - 2015-06-19 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-06-19 16:25 - 2015-06-19 16:31 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-06-19 16:25 - 2015-06-19 16:25 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\windows\symbols
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-06-19 16:20 - 2015-06-19 17:36 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-19 16:20 - 2015-06-19 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2015-06-19 16:20 - 2015-06-19 16:29 - 00000000 ____D C:\windows\SysWOW64\1033
2015-06-19 16:08 - 2015-06-19 16:08 - 00000000 ____D C:\Users\Adrian\.tooling
2015-06-19 16:07 - 2015-06-19 17:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-06-19 16:07 - 2015-06-19 16:22 - 00000000 ____D C:\windows\system32\1033
2015-06-19 16:07 - 2015-06-19 16:07 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-06-19 15:47 - 2015-06-19 15:47 - 01240624 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\vs_community.exe
2015-06-19 15:46 - 2015-06-19 15:46 - 01198368 _____ C:\Users\Adrian\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe
2015-06-19 15:39 - 2015-06-19 15:40 - 00000000 ____D C:\Users\Adrian\SpongeAPI
2015-06-19 15:38 - 2015-06-19 15:39 - 03709881 _____ C:\Users\Adrian\Downloads\forge-1.8-11.14.3.1468-installer-win.exe
2015-06-19 15:37 - 2015-06-19 15:38 - 14131704 _____ C:\Users\Adrian\Downloads\sponge-1.8-1446-2.1DEV-490.jar
2015-06-18 14:12 - 2015-06-18 14:12 - 00054619 _____ C:\Users\Adrian\Downloads\ts18.nitrado.net-11200-2981-BU181829.dat
2015-06-17 16:59 - 2015-06-17 16:59 - 04832017 _____ C:\Users\Adrian\Downloads\WM01-demo.zip
2015-06-17 16:34 - 2015-06-17 16:34 - 00025510 _____ C:\Users\Adrian\Desktop\freakey.pdn
2015-06-15 16:18 - 2015-06-15 16:18 - 00000000 ____D C:\Users\Adrian\Desktop\icons
2015-06-11 18:12 - 2015-06-11 18:13 - 02210768 _____ C:\Users\Adrian\Downloads\StarMade-starter(1).exe
2015-06-11 11:27 - 2015-06-11 11:27 - 00000000 ____D C:\Users\Adrian\Desktop\Minecraft Server
2015-06-11 11:21 - 2015-06-11 11:21 - 00004010 _____ C:\Users\Adrian\AppData\Local\recently-used.xbel
2015-06-11 10:16 - 2015-06-11 10:16 - 21553694 _____ C:\Users\Adrian\Desktop\spigot-1.8.7-R0.1-SNAPSHOT.jar
2015-06-11 10:16 - 2015-06-11 10:16 - 21553694 _____ C:\Users\Adrian\Desktop\spigot-1.8.7.jar
2015-06-10 19:33 - 2015-06-10 19:33 - 00080153 _____ C:\Users\Adrian\Downloads\Orebfuscator.jar
2015-06-10 17:40 - 2015-06-10 17:40 - 00045721 _____ C:\Users\Adrian\Downloads\PvPTimer.jar
2015-06-10 17:32 - 2015-06-10 17:32 - 00020799 _____ C:\Users\Adrian\Downloads\PVPLeveling.jar
2015-06-10 17:18 - 2015-06-10 17:18 - 00295492 _____ C:\Users\Adrian\Downloads\Vault(1).jar
2015-06-10 15:41 - 2015-06-10 15:41 - 00203534 _____ C:\Users\Adrian\Downloads\BossShop.jar
2015-06-10 13:29 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-10 13:29 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-10 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-10 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-10 13:29 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-10 13:29 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-06-10 13:29 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-06-10 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-06-10 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-06-10 13:29 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-06-10 13:28 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-06-10 13:28 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-10 13:28 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-06-10 13:28 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-10 13:28 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-06-10 13:28 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-10 13:28 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-06-10 13:28 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-06-10 13:28 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-06-10 13:28 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-06-10 13:28 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-10 13:28 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-06-10 13:28 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-06-10 13:28 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-06-10 13:28 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-10 13:28 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-06-10 13:28 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-06-10 13:28 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-06-10 13:28 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 13:28 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-06-10 13:28 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-10 13:28 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-10 13:28 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-10 13:28 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-10 13:28 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-10 13:28 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-06-10 13:28 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-10 13:28 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-10 13:28 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-10 13:28 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-06-10 13:28 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-06-10 13:28 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-06-10 13:28 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-06-10 13:28 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-06-10 13:28 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-06-10 13:28 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-06-10 13:28 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-06-10 13:28 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-06-10 13:28 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-06-10 13:28 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-06-10 13:28 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-06-10 13:28 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-06-10 13:28 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 13:28 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-06-10 13:28 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-06-10 13:28 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-06-10 13:28 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-06-10 13:28 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-06-10 13:28 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-06-10 13:28 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-06-10 13:28 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-06-10 13:28 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-06-10 13:28 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-06-10 13:28 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-06-10 13:28 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-06-10 13:28 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-10 13:27 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-06-10 13:27 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-06-10 13:27 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-06-10 13:27 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-06-10 13:27 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-06-10 13:27 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-06-10 13:27 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-06-10 13:27 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-06-10 13:27 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-06-10 13:27 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-06-10 13:27 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-06-10 13:27 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-06-10 13:27 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-06-10 13:27 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-06-10 13:27 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:26 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-10 13:26 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-06-10 13:26 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-06-10 13:26 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-06-09 20:59 - 2015-06-09 20:59 - 00097426 _____ C:\Users\Adrian\Downloads\SimpleAlias_1.6.0.jar
2015-06-09 20:44 - 2015-06-09 20:44 - 00242829 _____ C:\Users\Adrian\Downloads\SimpleClans.jar
2015-06-09 20:41 - 2015-06-09 20:41 - 00088581 _____ C:\Users\Adrian\Downloads\FactionChat.jar
2015-06-09 20:36 - 2015-06-09 20:36 - 01353976 _____ C:\Users\Adrian\Downloads\MassiveCore.jar
2015-06-09 20:35 - 2015-06-09 20:35 - 01492385 _____ C:\Users\Adrian\Downloads\Factions-2.7.5.zip
2015-06-09 20:28 - 2015-06-09 20:28 - 00464200 _____ C:\Users\Adrian\Downloads\LWC.jar
2015-06-09 19:27 - 2015-06-09 19:27 - 06477032 _____ (Tim Kosse) C:\Users\Adrian\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-09 19:26 - 2015-06-09 19:26 - 00352171 _____ C:\Users\Adrian\Downloads\BVotifier[1].jar
2015-06-08 16:14 - 2015-06-08 16:14 - 00002580 _____ C:\windows\DPINST.LOG
2015-06-08 16:14 - 2015-06-08 16:14 - 00000000 ____D C:\Users\Adrian\hpremote
2015-06-07 12:24 - 2015-06-07 12:24 - 02803105 _____ C:\Users\Adrian\Downloads\craftconomy3-3.2.1(1).jar
2015-06-06 16:52 - 2015-06-07 11:01 - 00036984 _____ C:\windows\DirectX.log
2015-06-06 16:18 - 2015-06-27 13:09 - 00000000 ____D C:\Users\Adrian\Downloads\StarMade
2015-06-06 16:17 - 2015-06-11 18:22 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.StarMade
2015-06-06 16:17 - 2015-06-06 16:17 - 02210768 _____ C:\Users\Adrian\Downloads\StarMade-starter.exe
2015-06-04 09:48 - 2015-06-04 09:49 - 00087894 _____ C:\Users\Adrian\Downloads\BAT-WebInterface1.6(1).zip
2015-06-04 08:39 - 2015-06-04 08:39 - 00000000 ____D C:\ProgramData\Google
2015-06-04 08:35 - 2015-06-04 08:36 - 08180736 _____ C:\Users\Adrian\Downloads\chromeremotedesktophost.msi
2015-06-04 08:31 - 2015-06-04 08:31 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-04 07:27 - 2015-06-04 07:27 - 01822832 _____ (Pushbullet Inc ) C:\Users\Adrian\Downloads\pushbullet_installer.exe
2015-06-04 07:02 - 2015-06-04 07:02 - 00000233 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url
2015-06-02 20:48 - 2015-06-02 20:48 - 00395020 _____ C:\Users\Adrian\Downloads\CommunityBridge.jar
2015-06-02 20:32 - 2015-06-02 20:32 - 00237144 _____ C:\Users\Adrian\Downloads\BungeeTabListPlus.zip
2015-06-02 20:32 - 2015-06-02 20:32 - 00082663 _____ C:\Users\Adrian\Downloads\PingUtilsBungee-2.1.1-SNAPSHOT.jar
2015-06-01 18:02 - 2015-06-01 18:02 - 00000000 ____D C:\Users\Adrian\.ssh
2015-06-01 18:00 - 2015-06-01 18:45 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\GitHub
2015-06-01 18:00 - 2015-06-01 18:45 - 00000000 ____D C:\Users\Adrian\AppData\Local\GitHub
2015-06-01 18:00 - 2015-06-01 18:00 - 00002185 _____ C:\Users\Adrian\Desktop\Git Shell.lnk
2015-06-01 18:00 - 2015-06-01 18:00 - 00000308 _____ C:\Users\Adrian\Desktop\GitHub.appref-ms
2015-06-01 18:00 - 2015-06-01 18:00 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2015-06-01 17:57 - 2015-06-01 17:57 - 00677168 _____ () C:\Users\Adrian\Downloads\GitHubSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-01 15:45 - 2015-02-24 14:54 - 00000000 ____D C:\FRST
2015-07-01 15:45 - 2013-03-15 02:51 - 01112308 _____ C:\windows\WindowsUpdate.log
2015-07-01 15:43 - 2014-05-18 07:56 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Spotify
2015-07-01 15:43 - 2013-03-14 19:02 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Skype
2015-07-01 15:42 - 2014-05-18 07:57 - 00000000 ____D C:\Users\Adrian\AppData\Local\Spotify
2015-07-01 15:42 - 2013-05-18 19:37 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\TS3Client
2015-07-01 15:41 - 2013-09-02 11:16 - 00000000 ____D C:\Users\Adrian\AppData\Local\LogMeIn Hamachi
2015-07-01 15:41 - 2013-03-16 08:15 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-01 15:40 - 2012-06-15 02:18 - 00000000 ____D C:\ProgramData\PDFC
2015-07-01 15:39 - 2015-05-18 16:26 - 00017389 _____ C:\windows\setupact.log
2015-07-01 15:39 - 2012-06-15 01:58 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-01 15:39 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-01 15:38 - 2015-05-18 16:26 - 00067662 _____ C:\windows\PFRO.log
2015-07-01 15:38 - 2014-12-07 08:50 - 00000000 ____D C:\AdwCleaner
2015-07-01 15:37 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-01 15:37 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-01 15:33 - 2014-07-07 15:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-01 15:26 - 2013-09-13 19:07 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-01 14:47 - 2013-09-13 19:07 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-01 14:47 - 2012-06-15 02:12 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-01 14:47 - 2012-06-15 02:12 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-01 14:21 - 2015-02-09 12:26 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.minecraft
2015-07-01 14:16 - 2014-11-08 11:14 - 00000000 ____D C:\Users\Adrian\AppData\Local\Eclipse
2015-07-01 02:00 - 2013-06-22 18:56 - 00000000 ____D C:\Users\Adrian\AppData\Local\Adobe
2015-06-30 17:45 - 2015-04-14 15:52 - 00000080 _____ C:\Users\Adrian\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-29 18:34 - 2013-05-11 09:31 - 00000000 ____D C:\Users\Adrian\workspace
2015-06-29 16:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-29 13:47 - 2012-06-15 02:18 - 00000000 ____D C:\ProgramData\Skype
2015-06-29 13:45 - 2014-05-05 19:31 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-06-27 08:54 - 2014-05-05 19:31 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswsp.sys
2015-06-24 20:03 - 2014-11-04 09:40 - 00000000 ____D C:\Users\Adrian\Documents\Action!
2015-06-23 18:22 - 2013-08-05 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-23 18:22 - 2012-06-15 01:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-23 18:19 - 2012-06-15 01:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-20 20:32 - 2014-04-01 19:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Deployment
2015-06-20 17:02 - 2014-08-25 14:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-20 11:29 - 2013-03-23 14:22 - 00000000 ____D C:\Program Files\Java
2015-06-20 08:48 - 2013-09-28 08:31 - 05259320 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-19 17:39 - 2014-06-09 08:16 - 00143352 _____ C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-19 17:35 - 2014-04-14 07:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-19 17:16 - 2014-04-14 07:25 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-06-19 17:00 - 2014-04-14 07:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-06-19 17:00 - 2013-08-10 19:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-06-19 17:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-19 16:43 - 2014-10-15 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-19 16:08 - 2013-03-14 18:59 - 00000000 ____D C:\Users\Adrian
2015-06-19 16:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-17 16:38 - 2015-03-27 11:52 - 00000000 ___RD C:\Users\Adrian\Desktop\Meine Dateien
2015-06-17 16:34 - 2013-05-28 20:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Paint.NET
2015-06-17 16:29 - 2013-03-26 12:03 - 00000000 ____D C:\Users\Adrian\.gimp-2.8
2015-06-17 11:10 - 2015-04-13 16:48 - 17724600 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-06-17 11:10 - 2014-09-02 09:36 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2015-06-17 11:10 - 2014-09-02 09:36 - 01316000 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2015-06-17 11:10 - 2014-09-02 09:32 - 01567576 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2015-06-17 11:10 - 2013-11-13 12:22 - 01571696 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2015-06-17 11:10 - 2013-11-13 12:22 - 01320304 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2015-06-17 11:10 - 2013-04-10 15:47 - 15224784 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-06-17 11:10 - 2013-02-26 00:32 - 02997544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-06-17 11:10 - 2012-03-15 06:59 - 12855416 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2015-06-17 11:10 - 2012-03-15 06:59 - 03395648 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 06873232 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 03492168 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 02558792 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 00937616 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2015-06-17 08:48 - 2012-06-15 01:58 - 00385168 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 00062792 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2015-06-12 12:48 - 2015-05-06 17:23 - 00000600 _____ C:\Users\Adrian\AppData\Local\PUTTY.RND
2015-06-12 12:48 - 2013-04-15 17:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\FileZilla
2015-06-11 15:15 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-06-11 14:40 - 2015-01-07 15:14 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-06-11 14:40 - 2014-05-05 19:25 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieUserList
2015-06-11 14:40 - 2014-05-05 19:25 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieSiteList
2015-06-11 13:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-06-11 11:21 - 2015-04-07 15:53 - 00000000 ____D C:\Users\Adrian\AppData\Local\gtk-2.0
2015-06-11 10:17 - 2013-05-25 21:54 - 00000000 ____D C:\Users\Adrian\Documents\Bandicam
2015-06-11 09:56 - 2015-03-31 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2015-06-11 09:56 - 2013-03-16 09:10 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Audacity
2015-06-11 08:28 - 2012-06-15 01:44 - 00700336 _____ C:\windows\system32\perfh007.dat
2015-06-11 08:28 - 2012-06-15 01:44 - 00149928 _____ C:\windows\system32\perfc007.dat
2015-06-11 08:28 - 2009-07-14 07:13 - 01623774 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-11 08:22 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-06-11 08:19 - 2014-12-11 19:20 - 00000000 ____D C:\windows\system32\appraiser
2015-06-11 08:19 - 2014-05-06 12:21 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-11 08:19 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-10 20:48 - 2013-08-15 16:39 - 00000000 ____D C:\windows\system32\MRT
2015-06-10 20:41 - 2013-04-11 12:47 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-10 17:21 - 2013-04-15 17:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-06-10 17:21 - 2013-04-15 17:25 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-06-10 16:32 - 2015-04-14 15:52 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-10 16:32 - 2015-04-14 15:52 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-08 16:17 - 2013-06-09 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-06-08 16:17 - 2013-06-09 20:40 - 00000000 ____D C:\Program Files (x86)\Nero
2015-06-08 16:15 - 2012-06-15 02:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-06-08 16:15 - 2012-06-15 02:04 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-06-08 16:14 - 2012-06-15 02:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-08 16:00 - 2015-04-21 14:10 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\soundcloud-musicaudio-515e62acb4534adf9d67bd67c3aef5e8
2015-06-06 16:53 - 2013-05-11 11:56 - 00000000 ____D C:\Users\Adrian\Documents\My Games
2015-06-04 08:38 - 2013-04-01 10:00 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-02 16:11 - 2012-06-15 01:58 - 04421614 _____ C:\windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2013-11-14 15:51 - 2015-02-03 17:15 - 0000132 _____ () C:\Users\Adrian\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-05-20 07:19 - 2013-06-11 19:23 - 0000096 _____ () C:\Users\Adrian\AppData\Roaming\Camdata.ini
2013-05-20 07:19 - 2013-06-11 19:23 - 0000408 _____ () C:\Users\Adrian\AppData\Roaming\CamLayout.ini
2013-05-20 07:19 - 2013-06-11 19:23 - 0000408 _____ () C:\Users\Adrian\AppData\Roaming\CamShapes.ini
2013-05-20 07:13 - 2013-05-26 07:46 - 0004508 _____ () C:\Users\Adrian\AppData\Roaming\CamStudio.cfg
2015-05-13 11:21 - 2015-05-13 11:21 - 0000000 _____ () C:\Users\Adrian\AppData\Roaming\gdfw.log
2015-05-13 11:21 - 2015-05-13 11:21 - 0000779 _____ () C:\Users\Adrian\AppData\Roaming\gdscan.log
2014-10-13 18:59 - 2014-10-13 18:59 - 0001456 _____ () C:\Users\Adrian\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-04-06 19:11 - 2013-04-11 15:39 - 0003584 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-06 17:23 - 2015-06-12 12:48 - 0000600 _____ () C:\Users\Adrian\AppData\Local\PUTTY.RND
2015-06-11 11:21 - 2015-06-11 11:21 - 0004010 _____ () C:\Users\Adrian\AppData\Local\recently-used.xbel
2014-05-22 16:45 - 2014-05-22 16:45 - 0000003 _____ () C:\Users\Adrian\AppData\Local\updater.log
2014-05-22 16:45 - 2014-05-22 16:45 - 0000442 _____ () C:\Users\Adrian\AppData\Local\UserProducts.xml

Files to move or delete:
====================
C:\Users\Adrian\Quiz.bat
C:\Users\Adrian\worldpainter_64_1.10.3.exe
C:\Users\Adrian\worldpainter_64_1.9.0.exe


Some files in TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Adrian\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.2-18-ga04b586-b3107jnks.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-4827540028675145902.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-8726357250486247984.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-18-ga04b586-b3107jnks.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-1640976560113121343.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-1748178027778397222.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-1847612319792099815.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-2409685624733947850.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-2646838854747436420.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-2888182658571649898.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-3519014705264938437.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-3554134589459573298.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-4301284263848438752.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5387255101928983509.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5566886607779853474.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5608421060872803437.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5631155823920546649.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-5958460647030896234.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-596465670919884920.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6267333285519270813.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6279743994193730101.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6839923837052692343.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6899761752886796276.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-6956307459441802697.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7122909713967347229.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-726200272793483059.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7454451492279311364.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7642448563796266877.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7754896276059582178.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-7763889817463776677.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-8116101558523784844.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-8172442734647130134.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-8450085905217606293.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-8570957578103409483.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-1710614257447263786.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-2062049329647924177.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-2135401149620072559.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-2686272343921035731.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-3231143034059786007.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-4987107921528917091.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-5309891713955189797.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-8134318838681551854.dll
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Spigot-44c59bf-1880a9c-8744518777938921859.dll
C:\Users\Adrian\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Adrian\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Adrian\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Adrian\AppData\Local\Temp\nvStInst.exe
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Adrian\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Adrian\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll
C:\Users\Adrian\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Roland\AppData\Local\Temp\AskSLib.dll
C:\Users\Roland\AppData\Local\Temp\burnsetup.exe
C:\Users\Roland\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf4wiiv.dll
C:\Users\Roland\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Roland\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Roland\AppData\Local\Temp\ffmpeg17.exe
C:\Users\Roland\AppData\Local\Temp\ffmpeg18.exe
C:\Users\Roland\AppData\Local\Temp\ICReinstall_syncios_CB-DL-Manager.exe
C:\Users\Roland\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-75-g7f25632-b2717jnks.dll
C:\Users\Roland\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Roland\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Roland\AppData\Local\Temp\SDShelEx-x64.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-12-21 15:41

==================== End of log ============================
         
__________________

Alt 01.07.2015, 17:57   #4
Freakey_
 
Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



Addition.txt
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Adrian at 2015-07-01 15:50:57
Running from C:\Users\Adrian\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1501557853-1401194567-1476615106-500 - Administrator - Disabled)
Adrian (S-1-5-21-1501557853-1401194567-1476615106-1000 - Administrator - Enabled) => C:\Users\Adrian
Gast (S-1-5-21-1501557853-1401194567-1476615106-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1501557853-1401194567-1476615106-1005 - Limited - Enabled)
Julia (S-1-5-21-1501557853-1401194567-1476615106-1008 - Limited - Enabled) => C:\Users\Julia
Roland (S-1-5-21-1501557853-1401194567-1476615106-1002 - Administrator - Enabled) => C:\Users\Roland

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alarm für Cobra 11 - Das Syndikat - DEMO (HKLM-x32\...\Alarm für Cobra 11 - Das Syndikat - DEMO_is1) (Version:  - dtp)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.02 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.02 - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoHotkey 1.1.22.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.22.00 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version:  - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Play4Free (Adrian) (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlefield Play4Free (Adrian) (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Blockland (HKLM-x32\...\Steam App 250340) (Version:  - Eric Hartman)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
Bridge Constructor (HKLM-x32\...\Steam App 250460) (Version:  - )
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Chrome Remote Desktop Host (HKLM-x32\...\{A1A724F3-F1A6-479C-AE98-208946717E2B}) (Version: 42.0.2311.39 - Google Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Cobra 11 - Burning Wheels (remove only) (HKLM-x32\...\BurningWheels) (Version:  - )
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DC Universe Online PSG (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online PSG (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
Dropbox (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.7.0.0 - Electronic Arts)
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FileZilla Client 3.11.0.2 (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
FileZilla Client 3.11.0.2 (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.11.827 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
GitHub (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Harry Potter und die Heiligtümer des Todes(TM) - Teil 2 (HKLM-x32\...\{F0C9E8E9-C54B-48C1-9192-F5D49633AB5D}) (Version: 1.0.0.0 - Electronic Arts)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{750E9D0F-B188-4A7E-ADD2-84B7ED7D32F6}) (Version: 5.1.4281.27332 - Hewlett-Packard)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 6.0.0.0 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 7 Update 79 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
King Arthur's Gold (HKLM-x32\...\{643B056F-61C1-4489-9797-4D846D101A7A}) (Version: 0.95.428.0 - THD)
Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LCPD First Response (HKLM-x32\...\LCPD First Response) (Version: 1.0.0.0d - G17 Media)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.1.2 (HKLM-x32\...\{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}) (Version: 4.0.1.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MC-RP Setup (HKLM-x32\...\{0115E035-5A7B-4972-BC55-E639EE7E0749}) (Version: 2.1.0 - mc-rp)
Mein Radio (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\4d13c7785a7a8b30) (Version: 1.0.0.0 - Hewlett-Packard Company)
Mein Radio (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\4d13c7785a7a8b30) (Version: 1.0.0.0 - Hewlett-Packard Company)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4711.1002 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Note Block Studio version 3.2.1 (HKLM-x32\...\{84077DA9-3075-4AE5-BC82-345202B8CD4F}_is1) (Version: 3.2.1 - David Norgren)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Mod-MC (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Mod-MC) (Version:  - )
Mod-MC (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mod-MC) (Version:  - )
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MySQL Connector J (HKLM-x32\...\{5E91E205-AC15-4FA2-8A73-3CB5EC0E04A5}) (Version: 5.1.35 - Oracle Corporation)
MySQL Connector Net 6.9.6 (HKLM-x32\...\{71458704-E552-4A3E-8BFA-4F61C1F70724}) (Version: 6.9.6 - Oracle)
MySQL Documents 5.6 (HKLM-x32\...\{277FCB89-B03D-4A74-B9E6-97A4B07F691E}) (Version: 5.6.24 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{AC5A7E5E-629D-4A20-90D1-0FC2D426D7BF}) (Version: 5.6.24 - Oracle Corporation)
MySQL Fabric 1.6.1 & MySQL Utilities 1.6.1 (HKLM-x32\...\{5E11C144-6B3A-42A0-9646-7A80D565ECFF}) (Version: 1.6.1 - Oracle Corporation)
MySQL For Excel 1.3.4 (HKLM-x32\...\{A0352E65-6E78-48B3-B6D6-B3208E663249}) (Version: 1.3.4 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{7F30C2D9-2CEF-44FD-A2BA-C39DA3F7AD93}) (Version: 1.4.5.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero Burning ROM 2014 (HKLM-x32\...\{C9F54777-001E-41F6-83F8-B99A19EA5083}) (Version: 15.0.05600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PBO Manager v.1.4 beta (HKLM-x32\...\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}) (Version: 1.4.0 -  )
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.95 - PDF Complete, Inc)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version:  - Prism Studios)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.6207 - CyberLink Corp.) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 2.7 pygame-1.9.1 (HKLM-x32\...\{5D13804A-67B7-49DA-9B15-65B70A83B9C3}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 2.7.7 (64-bit) (HKLM\...\{049CA433-77A0-4e48-AC76-180A282C4E11}) (Version: 2.7.7150 - Python Software Foundation)
Python 3.3.2 (HKLM-x32\...\{92389DE9-939E-341B-A076-1D52D7DBCA71}) (Version: 3.3.2150 - Python Software Foundation)
Python 3.3.3 (64-bit) (HKLM\...\{E9D90870-AB19-32A8-AA93-F8348BA21D05}) (Version: 3.3.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samplitude Pro X Silver (HKLM-x32\...\MAGIX_{86460AB2-75D3-400D-B9A8-232EC729192E}) (Version: 12.0.2.115 - MAGIX AG)
Samplitude Pro X Silver (Version: 12.0.2.115 - MAGIX AG) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{1AEEC74F-4B4B-46E5-A124-A728EC02DF7F}) (Version: 1.47.1.11067 - ReSoft Ltd.) <==== ATTENTION
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Spotify (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version:  - sparsevector)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Escapists (HKLM-x32\...\Steam App 298630) (Version:  - Mouldy Toof Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EEB9EFDE-ED91-11E2-91A8-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
x64 Components v4.1.6 (HKLM\...\Advanced x64Components_is1) (Version: 4.1.6 - Shark007)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roland\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2013-11-09 08:22 - 00000856 ____A C:\windows\system32\Drivers\etc\hosts
10.0.0.1				activate.adobe.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {041AC71C-2E83-41A3-9554-505E9BC16A5E} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {06DC07AE-E4AD-43C7-A24E-36F63BF63935} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Adrian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {0ADC71B8-807C-4136-A3A1-A2C3E0D084BC} - System32\Tasks\HPCeeScheduleForAdrian => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1B2201A4-4B21-4025-B055-C91AB2D0B29E} - System32\Tasks\{2B544749-C5E0-4CB9-A076-C8F05F2E49BF} => pcalua.exe -a C:\Users\Adrian\Desktop\Setup.exe -d C:\Users\Adrian\Desktop
Task: {1F1D4F11-089A-4AF6-810E-480C83C2DFEE} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {26C3BDE7-D28F-40C5-AD50-122105E7002A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {27FC4DFF-9139-46D8-9BF7-CE891B4C2E1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {334F62A1-14D5-4AD7-9D9D-185FAF306C5E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {337E307F-1DDD-4EF0-8D40-F5EFCEB32DBA} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {3642C4C0-3B98-4160-A064-39ED0869F341} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {4DADD9CC-035A-406B-A423-6B9555ACE9A8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {55DC6AA8-CFC9-4392-891B-F9C3B1BD7EA3} - System32\Tasks\SERVER
Task: {5B077394-0B98-480C-87C3-0C240709CD75} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {5DE5203F-8628-4E1A-AF35-4C4678BB1EF7} - System32\Tasks\{E6EA3E45-7165-40A4-9FC3-83B36A2E9B84} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {61F768E0-7D8A-450F-AFD5-00F08BB5DCC2} - System32\Tasks\PaysafeCard in Portal2 Hülle!!!
Task: {631DD178-9898-4117-A534-A74C057FEA18} - System32\Tasks\MySQL\Installer\ManifestUpdate => c:\program files (x86)\mysql\mysql installer for windows\mysqlinstallerconsole.exe [2015-03-29] (Oracle Corporation)
Task: {698904AF-BD7C-43A6-A791-A640E6913B5D} - System32\Tasks\avastBCLRestartS-1-5-21-1501557853-1401194567-1476615106-1000 => Firefox.exe 
Task: {6B2959FE-F5FF-41E9-A669-AF05D5320A10} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {6D1AFA16-BF1F-4D69-B875-95745F2DF63C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-21] (Microsoft Corporation)
Task: {81CD89CF-09B7-4ED3-BFB9-4B8EB8437EB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {8230EFE9-711B-4354-98E1-57115D150942} - System32\Tasks\NCH Software\PrismSevenDays => C:\Program Files (x86)\NCH Software\Prism\Prism.exe
Task: {82B4103C-9A1A-4AEC-90A3-BE60C56A9082} - System32\Tasks\GAMIANO GEWINNSPIEL!
Task: {8604EB66-6E7D-4936-A784-64AC3EA48886} - System32\Tasks\WICHTIG
Task: {8EA51C4D-D3C9-439C-AB09-F5AE20B1157E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9101B909-7E8B-4996-8107-7247FB2E333F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)
Task: {91DC1A61-7372-4CF2-B2D9-E0A5648D2343} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)
Task: {931A1AD6-0FAC-45BC-AC61-21C7DD92229E} - System32\Tasks\NCH Software\ExpressBurnSevenDays => C:\Program Files (x86)\NCH Software\ExpressBurn\ExpressBurn.exe
Task: {94E9226C-97F0-4AF1-9274-A581A54DCC1B} - System32\Tasks\update-S-1-5-21-1501557853-1401194567-1476615106-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {9AAA1E7E-ACAA-43FD-889C-C7A16220C851} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9B36A057-A3D2-4345-A3B2-53106925BC34} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {9B867FDC-FEEE-4B88-9456-EB8F2D6B0363} - System32\Tasks\Start => C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
Task: {A459918B-B947-46D1-BFBF-D9D579DE4512} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Roland => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {A61FD028-E47B-4D5E-A476-9E9BE7E65B2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {B21DCAB4-B6D3-44F3-ABDC-B9637ABD7E00} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B5B4D891-6588-4B0A-92E5-365D3BCE4B0C} - System32\Tasks\DUC => C:\Program Files (x86)\No-IP\DUC40.exe
Task: {B83B0121-745B-4DE4-8C17-CBA638E82C2D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-02-17] ()
Task: {B972E0F9-134A-471C-BF1E-EBC4F7E86496} - System32\Tasks\{E89F20C8-6676-4864-9408-C01E0C2755AF} => pcalua.exe -a "C:\Program Files (x86)\GTA IV Vehicle Mod Installer\v1.5\gtaivvmi.exe" -d "C:\Program Files (x86)\GTA IV Vehicle Mod Installer\v1.5"
Task: {BB9F7843-A597-4CE1-9E5E-2E77079141D1} - System32\Tasks\{E043DE6B-9827-4807-9472-69EDE4CEDB0E} => C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe [2014-01-07] (Ubisoft Entertainment.)
Task: {CF789FA9-E7EC-4217-9CD3-296B9552F25E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E366872B-3E2A-4C8E-B1CB-7BE3E0101987} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01] (Adobe Systems Incorporated)
Task: {EFF15A10-9722-4D58-AD11-9C48EE1F8A62} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {F1E040D6-34C6-40D7-866E-286F0C380210} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForAdrian.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2012-06-15 01:58 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-02 17:18 - 2015-06-02 17:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-09-15 10:59 - 2012-08-01 15:44 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll
2015-03-31 09:53 - 2015-03-19 23:33 - 00736962 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-04-21 17:04 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-04-05 13:49 - 2014-10-02 16:24 - 00076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 15:07 - 2014-09-21 09:06 - 00102344 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 15:07 - 2014-09-21 09:06 - 00108488 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 15:10 - 2014-09-21 09:06 - 00563656 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 15:10 - 2014-09-21 09:06 - 00579016 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Users\Adrian\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2015-05-17 20:24 - 2015-05-17 20:24 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-17 20:24 - 2015-05-17 20:24 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-01 13:36 - 2015-07-01 13:36 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15070100\algo.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-13 16:52 - 2015-06-17 11:10 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 14:41 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 14:41 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 14:41 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 14:59 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 18:48 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-25 08:39 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-06-02 17:18 - 2015-06-02 17:18 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-03-19 15:23 - 2015-03-19 15:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-18 14:08 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-18 14:08 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2013-02-19 12:48 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\Users\Adrian\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Adrian\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Adrian\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Adrian\AppData\Roaming:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1501557853-1401194567-1476615106-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1501557853-1401194567-1476615106-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7725DE89-E83F-4BAB-B960-3184D07C10D3}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [{C56BE747-D7D9-405F-B6DC-1F2B8FB170B9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{B805765A-3445-44AB-B66A-E99526A6EFD1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{74B8F962-14AF-47E3-B4F5-9EE44DC56893}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8E2387B-6CE2-43D0-84F8-94B85C41BAF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4E346773-872D-491B-B087-6C5FE3CC2ED1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5767F5B3-ECEE-46BB-BCAA-F38BF9050775}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E0FC6BB-7068-4B6F-B65B-FC6F549E2D01}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C5F7B186-2702-4B3A-AA96-D7E1C085739E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2DEF6007-2AD3-44DB-B3DD-5E8BCF11F774}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{AE19D90D-8E24-4F00-9C5A-EF2F4664A12A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{41BD13B0-6E06-411E-95E8-A6A5C1FC10F6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{EC382866-8441-4B7B-8B16-C153BC1646A4}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{69A3602A-D727-4FC1-A7E2-61569D006923}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{E3655670-0721-46B5-A6B7-D70F3A983568}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{0938812A-7DED-41BC-8358-86939A56B552}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{34EF15B3-95BB-4515-B44F-BACE39D9B957}] => (Allow) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{C47DA7AC-02E6-4A35-B4AD-9629C4228DD9}] => (Allow) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{AB40C52B-B1DD-4556-8D32-6FCE4AAEC1F2}] => (Allow) C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6B63423E-6CFF-4398-9185-EDC135215FC8}] => (Allow) C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{CAD9D6D8-793C-4210-9153-20123064028D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{637F538C-A56C-42B9-B6A1-4DCE6CC6ECA9}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{998CD0DC-C563-4D14-AA37-A73A1D2419FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{5342D3C2-D9D1-4BDC-8CF7-AE1FB9037D3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{5F9887C1-4E6A-4C22-8E08-C118EC71E1AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{FCEE714A-FB37-454C-8B3A-C4C80AB56157}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{32505978-7C0F-4ADF-8FC5-10706CAD98BF}] => (Allow) C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7CA689AD-2342-4865-A892-106015C8F4F8}] => (Allow) C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AF51A93D-60E6-400F-88D7-CDA2FC66FBA9}C:\users\adrian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adrian\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8533760E-43EB-4492-9865-36330F82EB81}C:\users\adrian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adrian\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8F3EED5C-288A-457D-98BA-B39C02BE7EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{396285FC-4B7A-472F-A666-F71691BDBE41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4E948EEB-1484-49FA-A012-4801BA30788D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{79AEE65C-DA83-49CC-B8F4-9DDBEB66BD00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E963F82B-07D0-4AEA-AFBC-C7F30B0B59A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4106D859-3300-42CE-A9F9-93A55B3CD1E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1CF0E882-6F4B-44BD-8C84-77C6396C1D37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E2241544-C2BE-48C3-8F36-6C64E4070B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B4D9AC2F-C060-4ACD-BA82-E3AE61110F3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{AF4304B8-C7D5-4DAF-B3F9-3FE10A8C9E85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{AB658D72-0EAD-415E-9F96-3326478009BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{3D00E488-ADB4-4A83-B8BA-42F227465435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{33499D7C-59E6-489F-899C-21336D4475DC}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{AAADD60B-1110-47A3-8D4E-CEFBE5B28989}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{C15D3FC8-C272-4E47-90AE-0490A274B949}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{5560E43F-05F7-49AD-954F-EB5B178D82E8}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{139662F9-FC74-485F-A2A3-1FE8C4F93DBD}] => (Allow) LPort=5353
FirewallRules: [{57F05CF8-97F3-47EB-8F19-33D03EC86641}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{7B8041C9-7199-4D08-9BEE-F632AE8337DC}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{D19D4D27-657A-466A-AEAD-FA7ED3ECF410}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{F332566E-4F8F-4D59-905E-758A95D4FA91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DA340EC9-1D6E-425E-A991-63068AB0B1A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9CA84589-D26E-4252-B259-3FE3ED612479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E66F7C9C-F737-4BA5-A2AA-68BCE9583622}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9E2B167-FFAD-4E31-8396-08412ED67084}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{173906CC-5AF9-425A-BC0B-0A068C2E77EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E713AFAB-7A23-43E3-AD25-3228A9D1264F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6399EF50-8D00-4BBC-A0A1-1D08F3348C8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{C260E583-E366-41A5-AE3D-AC2100C9E1E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C78F265E-8FBF-4B69-BBE9-042AA2F9B88D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{7BFBB678-C0DC-42DA-937C-6E2817EF0B5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{10665EEA-0E26-47FE-AB5C-4940F8D391B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{476CA168-75E4-41E4-B26F-01F046718385}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4BE04311-EB97-45C6-B699-70499B211DCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{6AA415F3-8C11-496E-A5F1-FE20E2914E0F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{394F1F83-D77A-4232-AF37-DDDE3F06EFC8}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B0DF2AB0-70DA-4C53-BD08-D45D4A58938A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF11AAF-A126-4DAA-8817-024DC70F8C3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{87A957D0-58F1-4271-82EB-D4C6E1B6CC14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7672E71B-F416-450E-8305-77BE503FAD68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9A2E237D-AB79-4747-A42B-0A852FD360E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{FB1D3B69-EBBC-4849-AA00-AC9F7C1C2278}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{56C72EDB-DFB2-451D-8FF9-AC049E83551F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{8FCCB769-E062-4ECD-B8AE-5837031DAB1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{2AB5D71E-D662-4062-8D44-26F41ABFD0CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{C92760AB-A7CC-43ED-824B-542E321D53F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [TCP Query User{5C3296CA-31DD-4E8F-82CD-32F3463559F8}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [UDP Query User{29E77F18-289A-4947-97FA-F1818493880B}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [{22209C58-B94B-4536-B06C-AB5883FDF9F9}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{7E73E6E8-9EDD-472D-9642-7FAE4FC7761C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{C91119AE-F1BC-4D85-BC32-234CA157257B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{6B55690F-21AB-4D02-B25A-56694F67468B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [TCP Query User{189D7521-6549-45BA-A10C-229E77BD64AD}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{BA0903AA-3E21-4F14-AB46-DEFAA8F2F7B2}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{6DBEC91E-8637-4408-9994-0A1A37E6105D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{52F34E45-7D18-4111-AA05-963BF4E1479B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{8A6D7E74-EA75-4DDE-B544-41C4E659665D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{762E4113-F0DC-4779-9F2B-E0FAAABDF617}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{146919FF-1602-4DA7-B341-1C8C9D13684C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BridgeConstructor\BridgeConstructor.exe
FirewallRules: [{C94D4FF6-AD86-4BE0-B314-D81C18519E86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BridgeConstructor\BridgeConstructor.exe
FirewallRules: [{52A53501-046E-4372-84BF-A9B3A732A92B}] => (Allow) C:\Program Files (x86)\Brick-Force\BfLauncher.exe
FirewallRules: [{F3F06992-ED76-46F5-910A-8805CFB0B638}] => (Allow) C:\Program Files (x86)\Brick-Force\BrickForce.exe
FirewallRules: [{5BDA46F9-4D26-4F10-9620-AF8AF6D8CCB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A62D5167-2E1B-45E0-AEAB-A77A964D4892}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{70E8A62D-48AC-49F9-B354-06EAB06A765E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{26F8BD50-F655-4FC6-9D39-FA4CCD9AAC07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{FEAB6A70-00BE-40C9-BD70-82A3E5C9B188}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8C141BBD-58C9-467D-9848-8EAAF1FC0BB0}] => (Allow) LPort=2869
FirewallRules: [{719D9BB2-CB0D-49A9-B1C1-729C5474CC77}] => (Allow) LPort=1900
FirewallRules: [{CD2D6934-42CE-4D82-9D5E-5555CCD22B0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{2B2E2F5E-231B-4143-BD6F-C15B81CBA8A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{7DA7A065-F4E9-444E-9259-6620EF4ECDFB}C:\users\adrian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adrian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CA15F759-FEA4-46A6-A52C-A7085859165D}C:\users\adrian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adrian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3692B34A-1607-4AA1-81D7-554C028A445E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E5A71671-CB7F-4751-BDD9-603949C1A172}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{321D86F8-56EC-491C-A1FF-1349A525D509}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{3B6DB4E0-65A3-43CC-AF91-A980F62CBD07}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{5557BD66-2409-4F2C-A3E8-2EDF5BBBE279}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{34832F51-133E-4E40-9EF3-C738B3E43A16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{1F34037F-8B4C-460D-9A64-160B9B699E9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{3A849086-4E3A-4DEE-93CF-C5041AC28C28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{CB0A3944-4DB5-4D9E-9B42-CC841C92B03B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{BB361EB2-2517-44A8-BA69-BE283A829621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [TCP Query User{C50B81B0-F0CF-455E-A5FA-75C3C43FE778}C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{67CFD63B-6BF1-479E-8C7F-71042F420ABA}C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [{08665BE5-08B1-4FF5-8F78-A8AB2968D6C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{6639D13C-656E-4284-8A1B-8D4806EBD300}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{878D3DD1-336B-4145-A0D8-D0F237FBC43D}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{8811FA59-1250-4E07-82D2-8A07AC1876A5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{49180D1C-E43C-424D-9D93-958C0F28C43C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{724CE73C-6007-4C5A-9A6B-787F97FC7BEC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [TCP Query User{B37D49DA-7616-4B4E-BFDD-802C089B2ACE}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{57C7E261-C832-4846-AE6F-9B4E72018584}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{E377194F-6B8D-49A9-90EA-0D4A5A956421}C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe
FirewallRules: [UDP Query User{7978E998-2FA6-48E1-B199-31E8ED39F2FC}C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe
FirewallRules: [{B413F2FC-4698-4EA6-A374-745552BBC774}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{10DF6214-9844-4AD5-95D0-941BFC7D7E22}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{AA819EC6-3F82-4AAB-8176-FE09013BDAAA}C:\pylo\mcreator149\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator149\jdk\bin\java.exe
FirewallRules: [UDP Query User{2F723A8F-C93E-4C36-BD33-8B48A5889648}C:\pylo\mcreator149\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator149\jdk\bin\java.exe
FirewallRules: [{4CC77073-C5C2-49EF-8B37-4C1F79046576}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{50EC1D90-0FA1-4DA4-899E-E80E01201A94}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{2FAFE501-CB20-408F-9F26-ACAE1F6FE920}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{92142424-EC09-4349-8B98-41AE05C0E66C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3799D8FD-8437-4CB4-8473-58B20B5A850B}C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe
FirewallRules: [UDP Query User{69ADB191-09B6-4581-B9FA-308530A4BCCC}C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe
FirewallRules: [{69AA04D8-7B14-43BC-921E-47B1ED61854E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{83C53085-7214-4CEC-8B0B-04CE6E8A145E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{2FBE2A57-28AA-4A34-A80A-B4F77FF32EA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{3DAF6ECE-1BB5-4145-8825-A25ED441B212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{9F903F5B-3475-4D4F-ABC5-E7BE93F5873A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F0804D8E-D099-43B8-8D0A-DF2FC660F48D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3052E117-8836-4C8C-8179-F67D7A1968FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{42035716-DDBB-4E58-A34E-9F6C1F469E03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{94C26BC9-5E85-44B7-9854-4DD45A8A6D8D}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{52299794-2CE7-4B21-87CD-4DDB42C3272D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{93E7D721-2482-43FF-86CC-5728C5483BDC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C5BFE56-C37D-48CF-A38D-2FBF3EA2265E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4B624882-21EE-4935-9068-EB8A5E3D2579}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{000A36FD-FF4D-48AC-9CD2-C5E0D4E61376}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{A7D0850B-CAFA-4F2A-AE35-47DAD1E13033}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{7D6F8545-4D2D-422F-8952-0512FE9077D8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{4596D5DC-AB37-4592-8ECD-9D7770801E72}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{8C729E3E-4444-4B01-B928-A697EF2D793D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{9E7FF24A-44E7-4188-8424-A9B5B2E988D7}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{E132DFF6-7075-4DE8-BDB6-3D3310A446A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{DB7B89FD-B222-40ED-BC98-51022AD43AC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{F3A23186-2122-4E82-B6EA-6D7686EB28F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{C86045CB-B5A2-44A4-B589-C93124C89414}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{149585E9-5868-434D-8BF1-C70046E154CF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{129A03C7-1CD8-4B1D-81BD-98E07E3F3E9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{8739D6F5-C7F6-4F6C-BC1A-FCCD10DE8920}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{5F2FA9C8-F6EC-4AAB-BFFF-D97B23F5BC8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{F6FE675F-D33F-46D1-B4C9-223BD92ACBE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{B4FCCA00-E4C1-4A9E-8372-BC92F2DD7B28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [TCP Query User{EA6D42E3-F35B-467E-A3AA-55D9E8CAE726}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{A7DD2141-8A45-489B-AFFB-57A05229F3AD}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{F212B33B-31FA-4F06-91F4-ED042CA73673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B2854B13-4054-462B-8C5D-9E792D4F1763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{99BEBAFD-80BA-4E63-96AC-BA8ADDFB315D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{4BB0F19D-E19A-4A06-9DCC-C6AD08E1FBD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{C1144C6E-CDC3-48FE-A893-F2362900B24D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4AA7C2FC-6F54-47F7-A4B5-A1E1AE21A033}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4D7CA139-6DBE-4BF2-B0A9-F57972BA74B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2F232AE0-0C28-404F-8425-22610C051E5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AC180EF4-C0BF-4B73-95F2-2C7F679F840E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BC6983BB-E0AC-44FF-99A9-7DECBC999C53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{099D57FF-548F-482A-97C4-5D7D1D7DF301}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{030813A3-143C-429F-865C-592013D48B51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{2E2F7D48-E6C5-4AB8-A0DF-324420761B21}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F0941AF2-DD9F-4798-9F93-5FE5DFAAD340}] => (Allow) C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A56F683D-C3C5-4289-9628-D8E752BF8E66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{686FBA29-FF54-4CA1-916A-15F40238DAC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{72C34A5B-1EEC-4589-B760-4687C5C68B83}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{224E577A-3FDF-46BB-9230-35D35505A82B}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{5F5C282C-FE93-42DB-BB20-1CC29DF4957E}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2DEACC97-D40B-45E4-BD9E-D5FCFD100FAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{973ECF3D-9FB5-4413-BC6F-EE83F99E2F58}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{60CC3B70-2E81-461D-B372-84801A31B1C6}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{2CF76AFB-F847-42EE-ABC8-94316C6D89E1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{55C299BD-57DC-4764-995E-501BFAA0FAE3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{19641893-ADED-4838-8290-7FC5A4473A40}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{1404C65F-6854-43F6-A727-B3CD0376C895}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{E7AA8B43-40A2-4B2F-ACB7-1C37B424A521}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{EF888B35-708A-4731-A198-E0D0A376B784}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{952D2CF4-95A6-4E41-82FC-3CDAC45EA374}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{ED546795-7DB0-4A7C-913F-6E48102F59EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B8D97A83-009B-4717-8352-A864625E8710}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8E1A5031-0E76-484F-9AC0-7FAA14F41F85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{596F879B-2FB8-4296-9FC2-FC7C1EA2D8E2}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
FirewallRules: [{AF3621B2-AD70-461B-BB17-020DA0235F1B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{127475BA-12A2-43B3-B55E-FE8082B5A684}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{57F5CC14-9CD5-41A8-9B6D-ECEFF5DCB6F0}C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe] => (Allow) C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe
FirewallRules: [UDP Query User{BDB24747-9CE5-4AB2-94E9-69D842869416}C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe] => (Allow) C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe
FirewallRules: [{7E2F8A72-D0E5-4CCE-A0C5-EBB3657D5101}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FF62ABC-32B9-47F6-9A4F-928AFA3ED621}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{CB690175-4ABC-45F7-BB70-13D8404A683A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7D1D7A34-8E9D-4CB3-9A14-97CE04163F8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B03FD55B-6314-4B9C-B89B-E68B13634E9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{64184ECF-DAE3-4802-BBDE-FC23763E9227}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2015 02:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 147c

Startzeit: 01d0b3f9bfb94b45

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\Steam\steam.exe

Berichts-ID: 361dc56a-1fed-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:29:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 738

Startzeit: 01d0b3f799d255de

Endzeit: 6

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: d44138a6-1fec-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:15:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b48

Startzeit: 01d0b3f723b1ce43

Endzeit: 15

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: d56ea64b-1fea-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:11:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17e0

Startzeit: 01d0b328f699ab83

Endzeit: 9

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: 55cafba8-1fea-11e5-ba37-80c16ee1eaf7

Error: (06/29/2015 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 8.0.45.15, Zeitstempel: 0x554287ba
Name des fehlerhaften Moduls: awt.dll, Version: 8.0.45.15, Zeitstempel: 0x55428cbf
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000024a30
ID des fehlerhaften Prozesses: 0x2f4
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3

Error: (06/29/2015 05:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 8.0.45.15, Zeitstempel: 0x554287ba
Name des fehlerhaften Moduls: awt.dll, Version: 8.0.45.15, Zeitstempel: 0x55428cbf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000024a30
ID des fehlerhaften Prozesses: 0x2f4
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3

Error: (06/29/2015 05:16:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.45.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f7c

Startzeit: 01d0b27ad733b9f9

Endzeit: 37

Anwendungspfad: C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe

Berichts-ID: b919b117-1e71-11e5-a5e4-80c16ee1eaf7

Error: (06/29/2015 01:47:59 PM) (Source: ESENT) (EventID: 439) (User: )
Description: DllHost (5888) WebCacheLocal: Die Shadowkopfzeile für Datei C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk konnte nicht geschrieben werden. Fehler -1032.

Error: (06/29/2015 01:47:59 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (5888) WebCacheLocal: Versuch, Datei "C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (06/29/2015 01:46:31 PM) (Source: ESENT) (EventID: 439) (User: )
Description: DllHost (5888) WebCacheLocal: Die Shadowkopfzeile für Datei C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk konnte nicht geschrieben werden. Fehler -1032.


System errors:
=============
Error: (07/01/2015 03:41:31 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007041d

Error: (07/01/2015 03:41:30 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (07/01/2015 03:41:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/01/2015 03:41:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Modules Installer erreicht.

Error: (07/01/2015 03:39:17 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.

Error: (07/01/2015 03:39:17 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.

Error: (07/01/2015 03:39:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet: 
%%-2147024894

Error: (07/01/2015 03:38:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (07/01/2015 03:38:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (07/01/2015 03:38:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office:
=========================
Error: (07/01/2015 02:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: steam.exe2.81.34.6147c01d0b3f9bfb94b454C:\Program Files (x86)\Steam\steam.exe361dc56a-1fed-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:29:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.673801d0b3f799d255de6C:\Program Files (x86)\Steam\Steam.exed44138a6-1fec-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:15:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.6b4801d0b3f723b1ce4315C:\Program Files (x86)\Steam\Steam.exed56ea64b-1fea-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:11:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.617e001d0b328f699ab839C:\Program Files (x86)\Steam\Steam.exe55cafba8-1fea-11e5-ba37-80c16ee1eaf7

Error: (06/29/2015 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe8.0.45.15554287baawt.dll8.0.45.1555428cbfc000041d0000000000024a302f401d0b281c47fd524C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeC:\Program Files\Java\jre1.8.0_45\bin\awt.dll10edd01d-1e75-11e5-a5e4-80c16ee1eaf7

Error: (06/29/2015 05:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe8.0.45.15554287baawt.dll8.0.45.1555428cbfc00000050000000000024a302f401d0b281c47fd524C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeC:\Program Files\Java\jre1.8.0_45\bin\awt.dll04947803-1e75-11e5-a5e4-80c16ee1eaf7

Error: (06/29/2015 05:16:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.45.15f7c01d0b27ad733b9f937C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeb919b117-1e71-11e5-a5e4-80c16ee1eaf7

Error: (06/29/2015 01:47:59 PM) (Source: ESENT) (EventID: 439) (User: )
Description: DllHost5888WebCacheLocal: C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032

Error: (06/29/2015 01:47:59 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost5888WebCacheLocal: C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/29/2015 01:46:31 PM) (Source: ESENT) (EventID: 439) (User: )
Description: DllHost5888WebCacheLocal: C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032


CodeIntegrity Errors:
===================================
  Date: 2014-09-12 21:39:01.968
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:39:01.898
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:53.081
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:53.009
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:47.742
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:47.612
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:33.071
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:32.991
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:26.396
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:26.326
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 48%
Total physical RAM: 8148.01 MB
Available physical RAM: 4223.8 MB
Total Pagefile: 16294.23 MB
Available Pagefile: 11576.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:287.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:16.88 GB) (Free:2.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5F651316)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---


Nachdem ich mbam am PC habe, hab ich es mal drüber laufen lassen:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 01.07.2015
Suchlaufzeit: 17:38
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.01.03
Rootkit-Datenbank: v2015.06.30.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Adrian

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 652793
Abgelaufene Zeit: 1 Std., 17 Min., 12 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1501557853-1401194567-1476615106-1002\SOFTWARE\AskPartnerNetwork, , [07903e9e167461d5d6e4f70332d118e8], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh, , [286f9b41c9c149ed515af1f233d044bc], 
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1, , [286f9b41c9c149ed515af1f233d044bc], 
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata, , [286f9b41c9c149ed515af1f233d044bc], 

Dateien: 2
PUP.Optional.DownloadGuide.A, C:\Users\Roland\AppData\Local\Temp\ICReinstall_syncios_CB-DL-Manager.exe, , [583fdffd4d3d14220f1079ef3ec46c94], 
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata\verified_contents.json, , [286f9b41c9c149ed515af1f233d044bc], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 02.07.2015, 13:41   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Snap.Do


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.07.2015, 17:09   #6
Freakey_
 
Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



Code:
ATTFilter
18:07:00.0721 0x1ca8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:07:00.0721 0x1ca8  UEFI system
18:07:03.0350 0x1ca8  ============================================================
18:07:03.0350 0x1ca8  Current date / time: 2015/07/02 18:07:03.0350
18:07:03.0350 0x1ca8  SystemInfo:
18:07:03.0350 0x1ca8  
18:07:03.0350 0x1ca8  OS Version: 6.1.7601 ServicePack: 1.0
18:07:03.0350 0x1ca8  Product type: Workstation
18:07:03.0350 0x1ca8  ComputerName: ADRIAN
18:07:03.0351 0x1ca8  UserName: Adrian
18:07:03.0351 0x1ca8  Windows directory: C:\windows
18:07:03.0351 0x1ca8  System windows directory: C:\windows
18:07:03.0351 0x1ca8  Running under WOW64
18:07:03.0351 0x1ca8  Processor architecture: Intel x64
18:07:03.0351 0x1ca8  Number of processors: 4
18:07:03.0351 0x1ca8  Page size: 0x1000
18:07:03.0351 0x1ca8  Boot type: Normal boot
18:07:03.0351 0x1ca8  ============================================================
18:07:06.0252 0x1ca8  KLMD registered as C:\windows\system32\drivers\03118030.sys
18:07:06.0740 0x1ca8  System UUID: {C5BBC012-E61A-6555-9D7F-54887ABD7C9B}
18:07:07.0389 0x1ca8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:07:07.0400 0x1ca8  ============================================================
18:07:07.0400 0x1ca8  \Device\Harddisk0\DR0:
18:07:07.0406 0x1ca8  GPT partitions:
18:07:07.0406 0x1ca8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E7078520-8C2A-4712-B801-B9078A46E65E}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
18:07:07.0406 0x1ca8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2751E180-4CEF-4361-8DD0-BA7513A96107}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
18:07:07.0406 0x1ca8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {ED9B8358-843B-4604-B799-E42CA27AFDEE}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x724D0800
18:07:07.0407 0x1ca8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DDB4A47B-E17A-459D-850B-3DC746F120F9}, Name: Basic data partition, StartLBA 0x72543000, BlocksNum 0x21C3800
18:07:07.0407 0x1ca8  MBR partitions:
18:07:07.0407 0x1ca8  ============================================================
18:07:07.0421 0x1ca8  C: <-> \Device\Harddisk0\DR0\Partition3
18:07:07.0469 0x1ca8  D: <-> \Device\Harddisk0\DR0\Partition4
18:07:07.0469 0x1ca8  ============================================================
18:07:07.0469 0x1ca8  Initialize success
18:07:07.0469 0x1ca8  ============================================================
18:07:15.0710 0x0f4c  ============================================================
18:07:15.0710 0x0f4c  Scan started
18:07:15.0710 0x0f4c  Mode: Manual; 
18:07:15.0710 0x0f4c  ============================================================
18:07:15.0710 0x0f4c  KSN ping started
18:07:38.0424 0x0f4c  KSN ping finished: true
18:07:40.0132 0x0f4c  ================ Scan system memory ========================
18:07:40.0132 0x0f4c  System memory - ok
18:07:40.0132 0x0f4c  ================ Scan services =============================
18:07:40.0241 0x0f4c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
18:07:40.0245 0x0f4c  1394ohci - ok
18:07:40.0277 0x0f4c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
18:07:40.0283 0x0f4c  ACPI - ok
18:07:40.0292 0x0f4c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
18:07:40.0294 0x0f4c  AcpiPmi - ok
18:07:40.0339 0x0f4c  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\windows\system32\drivers\adfs.sys
18:07:40.0341 0x0f4c  adfs - ok
18:07:40.0425 0x0f4c  [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:07:40.0430 0x0f4c  AdobeFlashPlayerUpdateSvc - ok
18:07:40.0505 0x0f4c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
18:07:40.0513 0x0f4c  adp94xx - ok
18:07:40.0552 0x0f4c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
18:07:40.0558 0x0f4c  adpahci - ok
18:07:40.0570 0x0f4c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
18:07:40.0573 0x0f4c  adpu320 - ok
18:07:40.0605 0x0f4c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
18:07:40.0607 0x0f4c  AeLookupSvc - ok
18:07:40.0639 0x0f4c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
18:07:40.0649 0x0f4c  AFD - ok
18:07:40.0658 0x0f4c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
18:07:40.0660 0x0f4c  agp440 - ok
18:07:40.0679 0x0f4c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
18:07:40.0681 0x0f4c  ALG - ok
18:07:40.0711 0x0f4c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
18:07:40.0712 0x0f4c  aliide - ok
18:07:40.0718 0x0f4c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
18:07:40.0719 0x0f4c  amdide - ok
18:07:40.0736 0x0f4c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
18:07:40.0738 0x0f4c  AmdK8 - ok
18:07:40.0752 0x0f4c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
18:07:40.0754 0x0f4c  AmdPPM - ok
18:07:40.0781 0x0f4c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
18:07:40.0784 0x0f4c  amdsata - ok
18:07:40.0801 0x0f4c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
18:07:40.0805 0x0f4c  amdsbs - ok
18:07:40.0816 0x0f4c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
18:07:40.0818 0x0f4c  amdxata - ok
18:07:40.0860 0x0f4c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\windows\system32\drivers\appid.sys
18:07:40.0862 0x0f4c  AppID - ok
18:07:40.0885 0x0f4c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\windows\System32\appidsvc.dll
18:07:40.0887 0x0f4c  AppIDSvc - ok
18:07:40.0902 0x0f4c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
18:07:40.0904 0x0f4c  Appinfo - ok
18:07:40.0943 0x0f4c  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:07:40.0945 0x0f4c  Apple Mobile Device - ok
18:07:40.0974 0x0f4c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
18:07:40.0976 0x0f4c  arc - ok
18:07:40.0988 0x0f4c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
18:07:40.0991 0x0f4c  arcsas - ok
18:07:41.0056 0x0f4c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:07:41.0057 0x0f4c  aspnet_state - ok
18:07:41.0088 0x0f4c  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
18:07:41.0090 0x0f4c  aswHwid - ok
18:07:41.0118 0x0f4c  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
18:07:41.0120 0x0f4c  aswMonFlt - ok
18:07:41.0153 0x0f4c  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
18:07:41.0155 0x0f4c  aswRdr - ok
18:07:41.0200 0x0f4c  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
18:07:41.0202 0x0f4c  aswRvrt - ok
18:07:41.0235 0x0f4c  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
18:07:41.0253 0x0f4c  aswSnx - ok
18:07:41.0317 0x0f4c  [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP           C:\windows\system32\drivers\aswSP.sys
18:07:41.0324 0x0f4c  aswSP - ok
18:07:41.0349 0x0f4c  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\windows\system32\drivers\aswStm.sys
18:07:41.0352 0x0f4c  aswStm - ok
18:07:41.0374 0x0f4c  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
18:07:41.0379 0x0f4c  aswVmm - ok
18:07:41.0399 0x0f4c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
18:07:41.0400 0x0f4c  AsyncMac - ok
18:07:41.0422 0x0f4c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
18:07:41.0423 0x0f4c  atapi - ok
18:07:41.0452 0x0f4c  [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt          C:\windows\system32\DRIVERS\atksgt.sys
18:07:41.0455 0x0f4c  atksgt - ok
18:07:41.0484 0x0f4c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:07:41.0496 0x0f4c  AudioEndpointBuilder - ok
18:07:41.0516 0x0f4c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
18:07:41.0527 0x0f4c  AudioSrv - ok
18:07:41.0588 0x0f4c  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:07:41.0595 0x0f4c  avast! Antivirus - ok
18:07:41.0619 0x0f4c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
18:07:41.0622 0x0f4c  AxInstSV - ok
18:07:41.0653 0x0f4c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
18:07:41.0662 0x0f4c  b06bdrv - ok
18:07:41.0694 0x0f4c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
18:07:41.0699 0x0f4c  b57nd60a - ok
18:07:41.0732 0x0f4c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
18:07:41.0734 0x0f4c  BDESVC - ok
18:07:41.0745 0x0f4c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
18:07:41.0746 0x0f4c  Beep - ok
18:07:41.0812 0x0f4c  [ 9B6D239CE446D1B99122708F26714B21, 75508121470381BC9A81359B47B998C47893470E59D1135B4CCD5EE6396E04D8 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:07:41.0820 0x0f4c  BEService - ok
18:07:41.0865 0x0f4c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
18:07:41.0877 0x0f4c  BFE - ok
18:07:41.0917 0x0f4c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
18:07:41.0991 0x0f4c  BITS - ok
18:07:42.0013 0x0f4c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\drivers\blbdrive.sys
18:07:42.0015 0x0f4c  blbdrive - ok
18:07:42.0067 0x0f4c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:07:42.0075 0x0f4c  Bonjour Service - ok
18:07:42.0108 0x0f4c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
18:07:42.0110 0x0f4c  bowser - ok
18:07:42.0134 0x0f4c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
18:07:42.0135 0x0f4c  BrFiltLo - ok
18:07:42.0147 0x0f4c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
18:07:42.0148 0x0f4c  BrFiltUp - ok
18:07:42.0166 0x0f4c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
18:07:42.0169 0x0f4c  Browser - ok
18:07:42.0185 0x0f4c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
18:07:42.0190 0x0f4c  Brserid - ok
18:07:42.0198 0x0f4c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
18:07:42.0199 0x0f4c  BrSerWdm - ok
18:07:42.0202 0x0f4c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
18:07:42.0202 0x0f4c  BrUsbMdm - ok
18:07:42.0205 0x0f4c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
18:07:42.0207 0x0f4c  BrUsbSer - ok
18:07:42.0220 0x0f4c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
18:07:42.0221 0x0f4c  BTHMODEM - ok
18:07:42.0252 0x0f4c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
18:07:42.0256 0x0f4c  bthserv - ok
18:07:42.0323 0x0f4c  [ A3AD13CA2747953DDD4C9AE4FB925BEC, 860FA3A04DE9DA0B19C625681E594713844F3401FEFD7C26A28C6C94BA6920C7 ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
18:07:42.0324 0x0f4c  CalendarSynchService - ok
18:07:42.0349 0x0f4c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
18:07:42.0352 0x0f4c  cdfs - ok
18:07:42.0384 0x0f4c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
18:07:42.0387 0x0f4c  cdrom - ok
18:07:42.0401 0x0f4c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
18:07:42.0403 0x0f4c  CertPropSvc - ok
18:07:42.0490 0x0f4c  [ A2555605CD54DE880BDB6994B69DB617, D6827611C6AAA736DD5A1EC22D14A0E07BA33B59DE583DF1C3ACA00497FF6C6E ] chromoting      C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
18:07:42.0492 0x0f4c  chromoting - ok
18:07:42.0507 0x0f4c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
18:07:42.0508 0x0f4c  circlass - ok
18:07:42.0541 0x0f4c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
18:07:42.0548 0x0f4c  CLFS - ok
18:07:42.0648 0x0f4c  [ DCB3A44B930C082B1AC3CED6EE535387, 705786D560554FEAF5702C00DF4E58C0BCE14DDD54F14A70D3AA95CFF5BC4AFF ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:07:42.0693 0x0f4c  ClickToRunSvc - ok
18:07:42.0761 0x0f4c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:42.0763 0x0f4c  clr_optimization_v2.0.50727_32 - ok
18:07:42.0801 0x0f4c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:07:42.0804 0x0f4c  clr_optimization_v2.0.50727_64 - ok
18:07:42.0869 0x0f4c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:07:42.0872 0x0f4c  clr_optimization_v4.0.30319_32 - ok
18:07:42.0881 0x0f4c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:07:42.0884 0x0f4c  clr_optimization_v4.0.30319_64 - ok
18:07:42.0908 0x0f4c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys
18:07:42.0909 0x0f4c  CmBatt - ok
18:07:42.0924 0x0f4c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
18:07:42.0925 0x0f4c  cmdide - ok
18:07:42.0961 0x0f4c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
18:07:42.0970 0x0f4c  CNG - ok
18:07:42.0985 0x0f4c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
18:07:42.0986 0x0f4c  Compbatt - ok
18:07:43.0010 0x0f4c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
18:07:43.0011 0x0f4c  CompositeBus - ok
18:07:43.0018 0x0f4c  COMSysApp - ok
18:07:43.0022 0x0f4c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
18:07:43.0023 0x0f4c  crcdisk - ok
18:07:43.0052 0x0f4c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\windows\system32\cryptsvc.dll
18:07:43.0056 0x0f4c  CryptSvc - ok
18:07:43.0118 0x0f4c  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:07:43.0131 0x0f4c  cvhsvc - ok
18:07:43.0161 0x0f4c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
18:07:43.0169 0x0f4c  DcomLaunch - ok
18:07:43.0189 0x0f4c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
18:07:43.0195 0x0f4c  defragsvc - ok
18:07:43.0211 0x0f4c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
18:07:43.0213 0x0f4c  DfsC - ok
18:07:43.0243 0x0f4c  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
18:07:43.0246 0x0f4c  dg_ssudbus - ok
18:07:43.0284 0x0f4c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
18:07:43.0290 0x0f4c  Dhcp - ok
18:07:43.0359 0x0f4c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\windows\system32\diagtrack.dll
18:07:43.0387 0x0f4c  DiagTrack - ok
18:07:43.0404 0x0f4c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
18:07:43.0406 0x0f4c  discache - ok
18:07:43.0437 0x0f4c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
18:07:43.0439 0x0f4c  Disk - ok
18:07:43.0473 0x0f4c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
18:07:43.0477 0x0f4c  Dnscache - ok
18:07:43.0495 0x0f4c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
18:07:43.0501 0x0f4c  dot3svc - ok
18:07:43.0515 0x0f4c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
18:07:43.0519 0x0f4c  DPS - ok
18:07:43.0545 0x0f4c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
18:07:43.0546 0x0f4c  drmkaud - ok
18:07:43.0581 0x0f4c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
18:07:43.0598 0x0f4c  DXGKrnl - ok
18:07:43.0629 0x0f4c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
18:07:43.0632 0x0f4c  EapHost - ok
18:07:43.0706 0x0f4c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
18:07:43.0760 0x0f4c  ebdrv - ok
18:07:43.0786 0x0f4c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\windows\System32\lsass.exe
18:07:43.0788 0x0f4c  EFS - ok
18:07:43.0837 0x0f4c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
18:07:43.0849 0x0f4c  ehRecvr - ok
18:07:43.0858 0x0f4c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
18:07:43.0861 0x0f4c  ehSched - ok
18:07:43.0889 0x0f4c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
18:07:43.0898 0x0f4c  elxstor - ok
18:07:43.0901 0x0f4c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
18:07:43.0902 0x0f4c  ErrDev - ok
18:07:43.0941 0x0f4c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
18:07:43.0947 0x0f4c  EventSystem - ok
18:07:43.0993 0x0f4c  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\windows\system32\DRIVERS\evolve.sys
18:07:43.0995 0x0f4c  EvolveVirtualAdapter - ok
18:07:44.0012 0x0f4c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
18:07:44.0016 0x0f4c  exfat - ok
18:07:44.0028 0x0f4c  ezSharedSvc - ok
18:07:44.0048 0x0f4c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
18:07:44.0053 0x0f4c  fastfat - ok
18:07:44.0086 0x0f4c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
18:07:44.0099 0x0f4c  Fax - ok
18:07:44.0102 0x0f4c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
18:07:44.0103 0x0f4c  fdc - ok
18:07:44.0131 0x0f4c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
18:07:44.0133 0x0f4c  fdPHost - ok
18:07:44.0138 0x0f4c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
18:07:44.0140 0x0f4c  FDResPub - ok
18:07:44.0147 0x0f4c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
18:07:44.0149 0x0f4c  FileInfo - ok
18:07:44.0154 0x0f4c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
18:07:44.0155 0x0f4c  Filetrace - ok
18:07:44.0228 0x0f4c  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:07:44.0240 0x0f4c  FLEXnet Licensing Service - ok
18:07:44.0289 0x0f4c  [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
18:07:44.0307 0x0f4c  FLEXnet Licensing Service 64 - ok
18:07:44.0330 0x0f4c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
18:07:44.0332 0x0f4c  flpydisk - ok
18:07:44.0346 0x0f4c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
18:07:44.0351 0x0f4c  FltMgr - ok
18:07:44.0405 0x0f4c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\windows\system32\FntCache.dll
18:07:44.0425 0x0f4c  FontCache - ok
18:07:44.0452 0x0f4c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:07:44.0453 0x0f4c  FontCache3.0.0.0 - ok
18:07:44.0467 0x0f4c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
18:07:44.0474 0x0f4c  FsDepends - ok
18:07:44.0491 0x0f4c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
18:07:44.0492 0x0f4c  Fs_Rec - ok
18:07:44.0688 0x0f4c  [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc          C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
18:07:44.0692 0x0f4c  fussvc - ok
18:07:44.0750 0x0f4c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
18:07:44.0754 0x0f4c  fvevol - ok
18:07:44.0773 0x0f4c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
18:07:44.0775 0x0f4c  gagp30kx - ok
18:07:44.0796 0x0f4c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:07:44.0798 0x0f4c  GEARAspiWDM - ok
18:07:44.0877 0x0f4c  [ 55FC14B287C6FF306C32B42628CE0D8C, F22D7BA248D616A76AFAC5DA21A419FF13BC4346F402685F6FC6671B04528110 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:07:44.0896 0x0f4c  GfExperienceService - ok
18:07:44.0928 0x0f4c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
18:07:44.0942 0x0f4c  gpsvc - ok
18:07:45.0008 0x0f4c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:45.0011 0x0f4c  gupdate - ok
18:07:45.0015 0x0f4c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:45.0017 0x0f4c  gupdatem - ok
18:07:45.0058 0x0f4c  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\windows\system32\DRIVERS\hamachi.sys
18:07:45.0060 0x0f4c  hamachi - ok
18:07:45.0135 0x0f4c  [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:07:45.0176 0x0f4c  Hamachi2Svc - ok
18:07:45.0198 0x0f4c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
18:07:45.0200 0x0f4c  hcw85cir - ok
18:07:45.0229 0x0f4c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:07:45.0236 0x0f4c  HdAudAddService - ok
18:07:45.0265 0x0f4c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
18:07:45.0268 0x0f4c  HDAudBus - ok
18:07:45.0279 0x0f4c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
18:07:45.0280 0x0f4c  HidBatt - ok
18:07:45.0289 0x0f4c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
18:07:45.0291 0x0f4c  HidBth - ok
18:07:45.0300 0x0f4c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
18:07:45.0302 0x0f4c  HidIr - ok
18:07:45.0324 0x0f4c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
18:07:45.0326 0x0f4c  hidserv - ok
18:07:45.0345 0x0f4c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
18:07:45.0347 0x0f4c  HidUsb - ok
18:07:45.0359 0x0f4c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
18:07:45.0362 0x0f4c  hkmsvc - ok
18:07:45.0379 0x0f4c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:07:45.0385 0x0f4c  HomeGroupListener - ok
18:07:45.0412 0x0f4c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:07:45.0417 0x0f4c  HomeGroupProvider - ok
18:07:45.0451 0x0f4c  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:07:45.0453 0x0f4c  HP Support Assistant Service - ok
18:07:45.0524 0x0f4c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:07:45.0541 0x0f4c  hpqwmiex - ok
18:07:45.0575 0x0f4c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
18:07:45.0578 0x0f4c  HpSAMD - ok
18:07:45.0609 0x0f4c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
18:07:45.0622 0x0f4c  HTTP - ok
18:07:45.0631 0x0f4c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
18:07:45.0632 0x0f4c  hwpolicy - ok
18:07:45.0655 0x0f4c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
18:07:45.0658 0x0f4c  i8042prt - ok
18:07:45.0685 0x0f4c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
18:07:45.0693 0x0f4c  iaStorV - ok
18:07:45.0751 0x0f4c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:07:45.0766 0x0f4c  idsvc - ok
18:07:45.0805 0x0f4c  IEEtwCollectorService - ok
18:07:45.0925 0x0f4c  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
18:07:46.0025 0x0f4c  igfx - ok
18:07:46.0049 0x0f4c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
18:07:46.0050 0x0f4c  iirsp - ok
18:07:46.0078 0x0f4c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
18:07:46.0094 0x0f4c  IKEEXT - ok
18:07:46.0117 0x0f4c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
18:07:46.0118 0x0f4c  intelide - ok
18:07:46.0140 0x0f4c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
18:07:46.0142 0x0f4c  intelppm - ok
18:07:46.0168 0x0f4c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
18:07:46.0200 0x0f4c  IPBusEnum - ok
18:07:46.0242 0x0f4c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
18:07:46.0247 0x0f4c  IpFilterDriver - ok
18:07:46.0279 0x0f4c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
18:07:46.0290 0x0f4c  iphlpsvc - ok
18:07:46.0305 0x0f4c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
18:07:46.0307 0x0f4c  IPMIDRV - ok
18:07:46.0326 0x0f4c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
18:07:46.0329 0x0f4c  IPNAT - ok
18:07:46.0387 0x0f4c  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:07:46.0398 0x0f4c  iPod Service - ok
18:07:46.0440 0x0f4c  [ 944A6D2E1D971806EFFE4BBABF0DBDC7, 394FC1137D2F5CAE0076229EBFEA940584A15AE4D382006507292A94441AF442 ] IpOverUsbSvc    C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
18:07:46.0440 0x0f4c  IpOverUsbSvc - ok
18:07:46.0455 0x0f4c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
18:07:46.0466 0x0f4c  IRENUM - ok
18:07:46.0480 0x0f4c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
18:07:46.0481 0x0f4c  isapnp - ok
18:07:46.0513 0x0f4c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
18:07:46.0518 0x0f4c  iScsiPrt - ok
18:07:46.0538 0x0f4c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
18:07:46.0540 0x0f4c  kbdclass - ok
18:07:46.0556 0x0f4c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
18:07:46.0558 0x0f4c  kbdhid - ok
18:07:46.0577 0x0f4c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\windows\system32\lsass.exe
18:07:46.0579 0x0f4c  KeyIso - ok
18:07:46.0601 0x0f4c  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
18:07:46.0604 0x0f4c  KSecDD - ok
18:07:46.0617 0x0f4c  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
18:07:46.0620 0x0f4c  KSecPkg - ok
18:07:46.0628 0x0f4c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
18:07:46.0629 0x0f4c  ksthunk - ok
18:07:46.0660 0x0f4c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
18:07:46.0668 0x0f4c  KtmRm - ok
18:07:46.0706 0x0f4c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
18:07:46.0712 0x0f4c  LanmanServer - ok
18:07:46.0730 0x0f4c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:07:46.0754 0x0f4c  LanmanWorkstation - ok
18:07:46.0792 0x0f4c  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\windows\system32\DRIVERS\lirsgt.sys
18:07:46.0794 0x0f4c  lirsgt - ok
18:07:46.0820 0x0f4c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
18:07:46.0822 0x0f4c  lltdio - ok
18:07:46.0859 0x0f4c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
18:07:46.0865 0x0f4c  lltdsvc - ok
18:07:46.0879 0x0f4c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
18:07:46.0881 0x0f4c  lmhosts - ok
18:07:46.0920 0x0f4c  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
18:07:46.0928 0x0f4c  LMIGuardianSvc - ok
18:07:46.0955 0x0f4c  [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:07:46.0960 0x0f4c  LMS - ok
18:07:46.0979 0x0f4c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
18:07:46.0982 0x0f4c  LSI_FC - ok
18:07:47.0000 0x0f4c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
18:07:47.0003 0x0f4c  LSI_SAS - ok
18:07:47.0009 0x0f4c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
18:07:47.0011 0x0f4c  LSI_SAS2 - ok
18:07:47.0015 0x0f4c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
18:07:47.0017 0x0f4c  LSI_SCSI - ok
18:07:47.0033 0x0f4c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
18:07:47.0036 0x0f4c  luafv - ok
18:07:47.0056 0x0f4c  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
18:07:47.0058 0x0f4c  MBAMProtector - ok
18:07:47.0126 0x0f4c  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
18:07:47.0160 0x0f4c  MBAMScheduler - ok
18:07:47.0262 0x0f4c  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:07:47.0293 0x0f4c  MBAMService - ok
18:07:47.0347 0x0f4c  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\windows\system32\drivers\MBAMSwissArmy.sys
18:07:47.0349 0x0f4c  MBAMSwissArmy - ok
18:07:47.0365 0x0f4c  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
18:07:47.0366 0x0f4c  MBAMWebAccessControl - ok
18:07:47.0388 0x0f4c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
18:07:47.0391 0x0f4c  Mcx2Svc - ok
18:07:47.0415 0x0f4c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
18:07:47.0417 0x0f4c  megasas - ok
18:07:47.0448 0x0f4c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
18:07:47.0453 0x0f4c  MegaSR - ok
18:07:47.0473 0x0f4c  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\windows\system32\drivers\HECIx64.sys
18:07:47.0474 0x0f4c  MEIx64 - ok
18:07:47.0492 0x0f4c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
18:07:47.0495 0x0f4c  MMCSS - ok
18:07:47.0510 0x0f4c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
18:07:47.0512 0x0f4c  Modem - ok
18:07:47.0526 0x0f4c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
18:07:47.0527 0x0f4c  monitor - ok
18:07:47.0538 0x0f4c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
18:07:47.0540 0x0f4c  mouclass - ok
18:07:47.0553 0x0f4c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
18:07:47.0554 0x0f4c  mouhid - ok
18:07:47.0570 0x0f4c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
18:07:47.0572 0x0f4c  mountmgr - ok
18:07:47.0619 0x0f4c  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:07:47.0622 0x0f4c  MozillaMaintenance - ok
18:07:47.0662 0x0f4c  [ FC1D590039EF06A381768710E6C07E75, 2F8B4D5232C4848A423A4E647102F3EDFD9B3D55D0D14AC04FD6D60D9212106F ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
18:07:47.0667 0x0f4c  MpFilter - ok
18:07:47.0685 0x0f4c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
18:07:47.0688 0x0f4c  mpio - ok
18:07:47.0713 0x0f4c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
18:07:47.0715 0x0f4c  mpsdrv - ok
18:07:47.0751 0x0f4c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
18:07:47.0767 0x0f4c  MpsSvc - ok
18:07:47.0789 0x0f4c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
18:07:47.0792 0x0f4c  MRxDAV - ok
18:07:47.0810 0x0f4c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
18:07:47.0813 0x0f4c  mrxsmb - ok
18:07:47.0820 0x0f4c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
18:07:47.0826 0x0f4c  mrxsmb10 - ok
18:07:47.0830 0x0f4c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
18:07:47.0833 0x0f4c  mrxsmb20 - ok
18:07:47.0855 0x0f4c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
18:07:47.0857 0x0f4c  msahci - ok
18:07:47.0879 0x0f4c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
18:07:47.0882 0x0f4c  msdsm - ok
18:07:47.0899 0x0f4c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
18:07:47.0904 0x0f4c  MSDTC - ok
18:07:47.0908 0x0f4c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
18:07:47.0910 0x0f4c  Msfs - ok
18:07:47.0925 0x0f4c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
18:07:47.0926 0x0f4c  mshidkmdf - ok
18:07:47.0928 0x0f4c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
18:07:47.0929 0x0f4c  msisadrv - ok
18:07:47.0957 0x0f4c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
18:07:47.0961 0x0f4c  MSiSCSI - ok
18:07:47.0963 0x0f4c  msiserver - ok
18:07:47.0980 0x0f4c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
18:07:47.0981 0x0f4c  MSKSSRV - ok
18:07:48.0026 0x0f4c  [ FD909D744ACFCF61CAC3A77854F8B301, F9810A9A1D1DBF8EC5D7F48097039E78425EDA69A4EE5EAFB1FAB10AE9C1F385 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:07:48.0054 0x0f4c  MsMpSvc - ok
18:07:48.0098 0x0f4c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
18:07:48.0120 0x0f4c  MSPCLOCK - ok
18:07:48.0158 0x0f4c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
18:07:48.0161 0x0f4c  MSPQM - ok
18:07:48.0283 0x0f4c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
18:07:48.0307 0x0f4c  MsRPC - ok
18:07:48.0337 0x0f4c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
18:07:48.0339 0x0f4c  mssmbios - ok
18:07:48.0389 0x0f4c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
18:07:48.0390 0x0f4c  MSTEE - ok
18:07:48.0399 0x0f4c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
18:07:48.0400 0x0f4c  MTConfig - ok
18:07:48.0410 0x0f4c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
18:07:48.0412 0x0f4c  Mup - ok
18:07:48.0444 0x0f4c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
18:07:48.0452 0x0f4c  napagent - ok
18:07:48.0485 0x0f4c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
18:07:48.0490 0x0f4c  NativeWifiP - ok
18:07:48.0561 0x0f4c  [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
18:07:48.0574 0x0f4c  NAUpdate - ok
18:07:48.0627 0x0f4c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
18:07:48.0643 0x0f4c  NDIS - ok
18:07:48.0661 0x0f4c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
18:07:48.0662 0x0f4c  NdisCap - ok
18:07:48.0680 0x0f4c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
18:07:48.0681 0x0f4c  NdisTapi - ok
18:07:48.0699 0x0f4c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
18:07:48.0700 0x0f4c  Ndisuio - ok
18:07:48.0712 0x0f4c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
18:07:48.0716 0x0f4c  NdisWan - ok
18:07:48.0720 0x0f4c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
18:07:48.0722 0x0f4c  NDProxy - ok
18:07:48.0740 0x0f4c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
18:07:48.0741 0x0f4c  NetBIOS - ok
18:07:48.0754 0x0f4c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
18:07:48.0759 0x0f4c  NetBT - ok
18:07:48.0769 0x0f4c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\windows\system32\lsass.exe
18:07:48.0772 0x0f4c  Netlogon - ok
18:07:48.0797 0x0f4c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
18:07:48.0805 0x0f4c  Netman - ok
18:07:48.0837 0x0f4c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:48.0840 0x0f4c  NetMsmqActivator - ok
18:07:48.0844 0x0f4c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:48.0847 0x0f4c  NetPipeActivator - ok
18:07:48.0868 0x0f4c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
18:07:48.0877 0x0f4c  netprofm - ok
18:07:48.0885 0x0f4c  netr28ux - ok
18:07:48.0889 0x0f4c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:48.0892 0x0f4c  NetTcpActivator - ok
18:07:48.0896 0x0f4c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:48.0898 0x0f4c  NetTcpPortSharing - ok
18:07:48.0917 0x0f4c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
18:07:48.0919 0x0f4c  nfrd960 - ok
18:07:48.0951 0x0f4c  [ 8FB3C853E886E1E4D57271672486111C, 2D2954740BF2046FC4C0F1C00FBA9627C356792C0636A51078116876E4886FC6 ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
18:07:48.0954 0x0f4c  NisDrv - ok
18:07:49.0005 0x0f4c  [ EC445A9F0FB52E5F467C156FFF6F6D93, F1BD9F18376834097E80F107CC556CB65889E34D22F18D055CB88DF61D235306 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:07:49.0012 0x0f4c  NisSrv - ok
18:07:49.0061 0x0f4c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
18:07:49.0068 0x0f4c  NlaSvc - ok
18:07:49.0160 0x0f4c  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:07:49.0206 0x0f4c  NOBU - ok
18:07:49.0223 0x0f4c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
18:07:49.0225 0x0f4c  Npfs - ok
18:07:49.0243 0x0f4c  npggsvc - ok
18:07:49.0260 0x0f4c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
18:07:49.0263 0x0f4c  nsi - ok
18:07:49.0270 0x0f4c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
18:07:49.0271 0x0f4c  nsiproxy - ok
18:07:49.0318 0x0f4c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
18:07:49.0346 0x0f4c  Ntfs - ok
18:07:49.0353 0x0f4c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
18:07:49.0354 0x0f4c  Null - ok
18:07:49.0375 0x0f4c  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA           C:\windows\system32\drivers\nvhda64v.sys
18:07:49.0379 0x0f4c  NVHDA - ok
18:07:49.0617 0x0f4c  [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
18:07:49.0828 0x0f4c  nvlddmkm - ok
18:07:49.0916 0x0f4c  [ DCAA93D28D6FC75A4D80AE410008BA90, 7EDB69747C95FB68A4DF1932CF45E078DE94364D7A37D83A29952977A41D1FD7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:07:49.0947 0x0f4c  NvNetworkService - ok
18:07:49.0977 0x0f4c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
18:07:49.0981 0x0f4c  nvraid - ok
18:07:49.0998 0x0f4c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
18:07:50.0002 0x0f4c  nvstor - ok
18:07:50.0056 0x0f4c  [ 9408391358F3B9FD0F59E27151383C51, 777A41DE1D8D71833369D1335A083BA8F197317CB62D0E65EFFCC9760D84F2AB ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:07:50.0058 0x0f4c  NvStreamKms - ok
18:07:50.0073 0x0f4c  NvStreamSvc - ok
18:07:50.0112 0x0f4c  [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc           C:\windows\system32\nvvsvc.exe
18:07:50.0129 0x0f4c  nvsvc - ok
18:07:50.0166 0x0f4c  [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\windows\system32\drivers\nvvad64v.sys
18:07:50.0168 0x0f4c  nvvad_WaveExtensible - ok
18:07:50.0193 0x0f4c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
18:07:50.0196 0x0f4c  nv_agp - ok
18:07:50.0208 0x0f4c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
18:07:50.0210 0x0f4c  ohci1394 - ok
18:07:50.0300 0x0f4c  [ 895F501CF51EB727E457B17BC8D9EA1B, 3839E99715620208248A2D34421113B5C02F46979A10D6CE1CA59F037AEF0561 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:07:50.0334 0x0f4c  Origin Client Service - ok
18:07:50.0393 0x0f4c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:50.0396 0x0f4c  ose - ok
18:07:50.0622 0x0f4c  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:07:50.0717 0x0f4c  osppsvc - ok
18:07:50.0746 0x0f4c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
18:07:50.0753 0x0f4c  p2pimsvc - ok
18:07:50.0767 0x0f4c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
18:07:50.0776 0x0f4c  p2psvc - ok
18:07:50.0813 0x0f4c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
18:07:50.0815 0x0f4c  Parport - ok
18:07:50.0841 0x0f4c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
18:07:50.0843 0x0f4c  partmgr - ok
18:07:50.0867 0x0f4c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll
18:07:50.0872 0x0f4c  PcaSvc - ok
18:07:50.0877 0x0f4c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
18:07:50.0881 0x0f4c  pci - ok
18:07:50.0903 0x0f4c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
18:07:50.0904 0x0f4c  pciide - ok
18:07:50.0920 0x0f4c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
18:07:50.0924 0x0f4c  pcmcia - ok
18:07:50.0927 0x0f4c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
18:07:50.0929 0x0f4c  pcw - ok
18:07:50.0948 0x0f4c  pdfcDispatcher - ok
18:07:50.0973 0x0f4c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
18:07:50.0985 0x0f4c  PEAUTH - ok
18:07:51.0031 0x0f4c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
18:07:51.0034 0x0f4c  PerfHost - ok
18:07:51.0077 0x0f4c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
18:07:51.0102 0x0f4c  pla - ok
18:07:51.0138 0x0f4c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
18:07:51.0147 0x0f4c  PlugPlay - ok
18:07:51.0165 0x0f4c  PnkBstrA - ok
18:07:51.0182 0x0f4c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
18:07:51.0185 0x0f4c  PNRPAutoReg - ok
18:07:51.0196 0x0f4c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
18:07:51.0202 0x0f4c  PNRPsvc - ok
18:07:51.0232 0x0f4c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
18:07:51.0242 0x0f4c  PolicyAgent - ok
18:07:51.0262 0x0f4c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
18:07:51.0267 0x0f4c  Power - ok
18:07:51.0287 0x0f4c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
18:07:51.0290 0x0f4c  PptpMiniport - ok
18:07:51.0302 0x0f4c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
18:07:51.0304 0x0f4c  Processor - ok
18:07:51.0332 0x0f4c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
18:07:51.0338 0x0f4c  ProfSvc - ok
18:07:51.0343 0x0f4c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\windows\system32\lsass.exe
18:07:51.0346 0x0f4c  ProtectedStorage - ok
18:07:51.0362 0x0f4c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
18:07:51.0364 0x0f4c  Psched - ok
18:07:51.0411 0x0f4c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
18:07:51.0437 0x0f4c  ql2300 - ok
18:07:51.0449 0x0f4c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
18:07:51.0452 0x0f4c  ql40xx - ok
18:07:51.0475 0x0f4c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
18:07:51.0481 0x0f4c  QWAVE - ok
18:07:51.0491 0x0f4c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
18:07:51.0493 0x0f4c  QWAVEdrv - ok
18:07:51.0518 0x0f4c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
18:07:51.0519 0x0f4c  RasAcd - ok
18:07:51.0551 0x0f4c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
18:07:51.0553 0x0f4c  RasAgileVpn - ok
18:07:51.0560 0x0f4c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
18:07:51.0564 0x0f4c  RasAuto - ok
18:07:51.0571 0x0f4c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
18:07:51.0574 0x0f4c  Rasl2tp - ok
18:07:51.0588 0x0f4c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
18:07:51.0595 0x0f4c  RasMan - ok
18:07:51.0600 0x0f4c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
18:07:51.0603 0x0f4c  RasPppoe - ok
18:07:51.0606 0x0f4c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
18:07:51.0608 0x0f4c  RasSstp - ok
18:07:51.0623 0x0f4c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
18:07:51.0630 0x0f4c  rdbss - ok
18:07:51.0644 0x0f4c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
18:07:51.0646 0x0f4c  rdpbus - ok
18:07:51.0654 0x0f4c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
18:07:51.0655 0x0f4c  RDPCDD - ok
18:07:51.0672 0x0f4c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
18:07:51.0673 0x0f4c  RDPENCDD - ok
18:07:51.0685 0x0f4c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
18:07:51.0686 0x0f4c  RDPREFMP - ok
18:07:51.0738 0x0f4c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
18:07:51.0739 0x0f4c  RdpVideoMiniport - ok
18:07:51.0765 0x0f4c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
18:07:51.0770 0x0f4c  RDPWD - ok
18:07:51.0802 0x0f4c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
18:07:51.0807 0x0f4c  rdyboost - ok
18:07:51.0833 0x0f4c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
18:07:51.0836 0x0f4c  RemoteAccess - ok
18:07:51.0847 0x0f4c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
18:07:51.0852 0x0f4c  RemoteRegistry - ok
18:07:51.0860 0x0f4c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
18:07:51.0863 0x0f4c  RpcEptMapper - ok
18:07:51.0884 0x0f4c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
18:07:51.0886 0x0f4c  RpcLocator - ok
18:07:51.0901 0x0f4c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
18:07:51.0910 0x0f4c  RpcSs - ok
18:07:51.0922 0x0f4c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
18:07:51.0924 0x0f4c  rspndr - ok
18:07:51.0966 0x0f4c  [ 39A719875F572241C585A629EE62EB14, EE42DB11710374A2A97ED5B58A9DA0AECC8AB0DF4DEEAC5970F33046255CE2F9 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
18:07:51.0978 0x0f4c  RTL8167 - ok
18:07:51.0985 0x0f4c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\windows\system32\lsass.exe
18:07:51.0987 0x0f4c  SamSs - ok
18:07:52.0010 0x0f4c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
18:07:52.0012 0x0f4c  sbp2port - ok
18:07:52.0047 0x0f4c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
18:07:52.0052 0x0f4c  SCardSvr - ok
18:07:52.0059 0x0f4c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
18:07:52.0060 0x0f4c  scfilter - ok
18:07:52.0086 0x0f4c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
18:07:52.0107 0x0f4c  Schedule - ok
18:07:52.0125 0x0f4c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
18:07:52.0126 0x0f4c  SCPolicySvc - ok
18:07:52.0131 0x0f4c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
18:07:52.0137 0x0f4c  SDRSVC - ok
18:07:52.0160 0x0f4c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
18:07:52.0161 0x0f4c  secdrv - ok
18:07:52.0172 0x0f4c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
18:07:52.0175 0x0f4c  seclogon - ok
18:07:52.0192 0x0f4c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
18:07:52.0195 0x0f4c  SENS - ok
18:07:52.0209 0x0f4c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
18:07:52.0212 0x0f4c  SensrSvc - ok
18:07:52.0224 0x0f4c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
18:07:52.0225 0x0f4c  Serenum - ok
18:07:52.0252 0x0f4c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
18:07:52.0254 0x0f4c  Serial - ok
18:07:52.0265 0x0f4c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
18:07:52.0267 0x0f4c  sermouse - ok
18:07:52.0287 0x0f4c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
18:07:52.0292 0x0f4c  SessionEnv - ok
18:07:52.0303 0x0f4c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
18:07:52.0304 0x0f4c  sffdisk - ok
18:07:52.0307 0x0f4c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
18:07:52.0308 0x0f4c  sffp_mmc - ok
18:07:52.0310 0x0f4c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
18:07:52.0311 0x0f4c  sffp_sd - ok
18:07:52.0326 0x0f4c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
18:07:52.0341 0x0f4c  sfloppy - ok
18:07:52.0401 0x0f4c  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
18:07:52.0415 0x0f4c  Sftfs - ok
18:07:52.0458 0x0f4c  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:07:52.0468 0x0f4c  sftlist - ok
18:07:52.0480 0x0f4c  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
18:07:52.0486 0x0f4c  Sftplay - ok
18:07:52.0496 0x0f4c  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
18:07:52.0497 0x0f4c  Sftredir - ok
18:07:52.0499 0x0f4c  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
18:07:52.0501 0x0f4c  Sftvol - ok
18:07:52.0516 0x0f4c  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:07:52.0520 0x0f4c  sftvsa - ok
18:07:52.0549 0x0f4c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
18:07:52.0556 0x0f4c  SharedAccess - ok
18:07:52.0586 0x0f4c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:07:52.0595 0x0f4c  ShellHWDetection - ok
18:07:52.0612 0x0f4c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
18:07:52.0613 0x0f4c  SiSRaid2 - ok
18:07:52.0631 0x0f4c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
18:07:52.0633 0x0f4c  SiSRaid4 - ok
18:07:52.0697 0x0f4c  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:07:52.0702 0x0f4c  SkypeUpdate - ok
18:07:52.0722 0x0f4c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
18:07:52.0724 0x0f4c  Smb - ok
18:07:52.0759 0x0f4c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
18:07:52.0761 0x0f4c  SNMPTRAP - ok
18:07:52.0784 0x0f4c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
18:07:52.0785 0x0f4c  spldr - ok
18:07:52.0814 0x0f4c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
18:07:52.0826 0x0f4c  Spooler - ok
18:07:52.0896 0x0f4c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
18:07:52.0955 0x0f4c  sppsvc - ok
18:07:52.0965 0x0f4c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
18:07:52.0969 0x0f4c  sppuinotify - ok
18:07:53.0034 0x0f4c  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:07:53.0037 0x0f4c  SQLWriter - ok
18:07:53.0059 0x0f4c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
18:07:53.0067 0x0f4c  srv - ok
18:07:53.0076 0x0f4c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
18:07:53.0084 0x0f4c  srv2 - ok
18:07:53.0101 0x0f4c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
18:07:53.0105 0x0f4c  srvnet - ok
18:07:53.0118 0x0f4c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
18:07:53.0124 0x0f4c  SSDPSRV - ok
18:07:53.0137 0x0f4c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
18:07:53.0141 0x0f4c  SstpSvc - ok
18:07:53.0190 0x0f4c  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
18:07:53.0194 0x0f4c  ssudmdm - ok
18:07:53.0255 0x0f4c  [ 605ECCCE95ACF7AF12CBCCDAB55B8DD0, 7B676B58C26D880320434066B93C7B8372421699C0006806D4E8E0E824124281 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:07:53.0262 0x0f4c  STacSV - ok
18:07:53.0334 0x0f4c  [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:07:53.0348 0x0f4c  Steam Client Service - ok
18:07:53.0397 0x0f4c  [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:07:53.0405 0x0f4c  Stereo Service - ok
18:07:53.0421 0x0f4c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
18:07:53.0423 0x0f4c  stexstor - ok
18:07:53.0446 0x0f4c  [ 5709F6AEECC9C43AD9D550FB1D882209, CF4681AE1D6B15340F5A0787E0EFB682AA3CFA15D25741364D8455C040A5997B ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
18:07:53.0455 0x0f4c  STHDA - ok
18:07:53.0493 0x0f4c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
18:07:53.0505 0x0f4c  stisvc - ok
18:07:53.0525 0x0f4c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
18:07:53.0526 0x0f4c  swenum - ok
18:07:53.0554 0x0f4c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
18:07:53.0563 0x0f4c  swprv - ok
18:07:53.0607 0x0f4c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
18:07:53.0638 0x0f4c  SysMain - ok
18:07:53.0651 0x0f4c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
18:07:53.0655 0x0f4c  TabletInputService - ok
18:07:53.0686 0x0f4c  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
18:07:53.0688 0x0f4c  tap0901 - ok
18:07:53.0706 0x0f4c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
18:07:53.0713 0x0f4c  TapiSrv - ok
18:07:53.0726 0x0f4c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
18:07:53.0730 0x0f4c  TBS - ok
18:07:53.0788 0x0f4c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
18:07:53.0821 0x0f4c  Tcpip - ok
18:07:53.0865 0x0f4c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
18:07:53.0890 0x0f4c  TCPIP6 - ok
18:07:53.0908 0x0f4c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
18:07:53.0909 0x0f4c  tcpipreg - ok
18:07:53.0928 0x0f4c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
18:07:53.0929 0x0f4c  TDPIPE - ok
18:07:53.0953 0x0f4c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
18:07:53.0955 0x0f4c  TDTCP - ok
18:07:53.0980 0x0f4c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\windows\system32\DRIVERS\tdx.sys
18:07:53.0983 0x0f4c  tdx - ok
18:07:54.0084 0x0f4c  [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service      C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
18:07:54.0087 0x0f4c  Te.Service - ok
18:07:54.0112 0x0f4c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
18:07:54.0114 0x0f4c  TermDD - ok
18:07:54.0139 0x0f4c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
18:07:54.0152 0x0f4c  TermService - ok
18:07:54.0171 0x0f4c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
18:07:54.0196 0x0f4c  Themes - ok
18:07:54.0233 0x0f4c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
18:07:54.0258 0x0f4c  THREADORDER - ok
18:07:54.0318 0x0f4c  [ BDFC55C2389D23C7E36A627BD580EE98, E25CF1C01CF90B348333A0CBAF26F8F5751AE725E6059C35C492E00479105B70 ] tihub3          C:\windows\system32\drivers\tihub3.sys
18:07:54.0321 0x0f4c  tihub3 - ok
18:07:54.0594 0x0f4c  [ EBEDBC08C2E5EB4EC8E3DA4BF3D827B1, FC465EAF5C2E44F279B54B13C88ACCE565B1C9C6DDEB8D87FD0CD6CD3AA1AABC ] tixhci          C:\windows\system32\drivers\tixhci.sys
18:07:54.0602 0x0f4c  tixhci - ok
18:07:54.0627 0x0f4c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
18:07:54.0632 0x0f4c  TrkWks - ok
18:07:54.0673 0x0f4c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:07:54.0676 0x0f4c  TrustedInstaller - ok
18:07:54.0691 0x0f4c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
18:07:54.0692 0x0f4c  tssecsrv - ok
18:07:54.0717 0x0f4c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
18:07:54.0719 0x0f4c  TsUsbFlt - ok
18:07:54.0743 0x0f4c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
18:07:54.0745 0x0f4c  TsUsbGD - ok
18:07:54.0772 0x0f4c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
18:07:54.0775 0x0f4c  tunnel - ok
18:07:54.0798 0x0f4c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
18:07:54.0800 0x0f4c  uagp35 - ok
18:07:54.0813 0x0f4c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
18:07:54.0820 0x0f4c  udfs - ok
18:07:54.0845 0x0f4c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
18:07:54.0848 0x0f4c  UI0Detect - ok
18:07:54.0858 0x0f4c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
18:07:54.0860 0x0f4c  uliagpkx - ok
18:07:54.0869 0x0f4c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
18:07:54.0871 0x0f4c  umbus - ok
18:07:54.0873 0x0f4c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
18:07:54.0874 0x0f4c  UmPass - ok
18:07:54.0893 0x0f4c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
18:07:54.0901 0x0f4c  upnphost - ok
18:07:54.0937 0x0f4c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
18:07:54.0939 0x0f4c  USBAAPL64 - ok
18:07:55.0007 0x0f4c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
18:07:55.0009 0x0f4c  usbaudio - ok
18:07:55.0026 0x0f4c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
18:07:55.0029 0x0f4c  usbccgp - ok
18:07:55.0052 0x0f4c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
18:07:55.0054 0x0f4c  usbcir - ok
18:07:55.0061 0x0f4c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
18:07:55.0063 0x0f4c  usbehci - ok
18:07:55.0090 0x0f4c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
18:07:55.0096 0x0f4c  usbhub - ok
18:07:55.0111 0x0f4c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
18:07:55.0113 0x0f4c  usbohci - ok
18:07:55.0132 0x0f4c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
18:07:55.0134 0x0f4c  usbprint - ok
18:07:55.0158 0x0f4c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\drivers\usbscan.sys
18:07:55.0160 0x0f4c  usbscan - ok
18:07:55.0183 0x0f4c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
18:07:55.0189 0x0f4c  USBSTOR - ok
18:07:55.0223 0x0f4c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
18:07:55.0224 0x0f4c  usbuhci - ok
18:07:55.0245 0x0f4c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
18:07:55.0249 0x0f4c  UxSms - ok
18:07:55.0268 0x0f4c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\windows\system32\lsass.exe
18:07:55.0270 0x0f4c  VaultSvc - ok
18:07:55.0291 0x0f4c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
18:07:55.0292 0x0f4c  vdrvroot - ok
18:07:55.0317 0x0f4c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
18:07:55.0329 0x0f4c  vds - ok
18:07:55.0343 0x0f4c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
18:07:55.0344 0x0f4c  vga - ok
18:07:55.0353 0x0f4c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
18:07:55.0354 0x0f4c  VgaSave - ok
18:07:55.0377 0x0f4c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
18:07:55.0381 0x0f4c  vhdmp - ok
18:07:55.0403 0x0f4c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
18:07:55.0405 0x0f4c  viaide - ok
18:07:55.0408 0x0f4c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
18:07:55.0411 0x0f4c  volmgr - ok
18:07:55.0419 0x0f4c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
18:07:55.0426 0x0f4c  volmgrx - ok
18:07:55.0445 0x0f4c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\windows\system32\drivers\volsnap.sys
18:07:55.0450 0x0f4c  volsnap - ok
18:07:55.0525 0x0f4c  [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
18:07:55.0528 0x0f4c  VsEtwService120 - ok
18:07:55.0579 0x0f4c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
18:07:55.0583 0x0f4c  vsmraid - ok
18:07:55.0626 0x0f4c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
18:07:55.0649 0x0f4c  VSS - ok
18:07:55.0663 0x0f4c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
18:07:55.0665 0x0f4c  vwifibus - ok
18:07:55.0677 0x0f4c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
18:07:55.0679 0x0f4c  vwififlt - ok
18:07:55.0682 0x0f4c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
18:07:55.0684 0x0f4c  vwifimp - ok
18:07:55.0700 0x0f4c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
18:07:55.0709 0x0f4c  W32Time - ok
18:07:55.0735 0x0f4c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
18:07:55.0736 0x0f4c  WacomPen - ok
18:07:55.0752 0x0f4c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
18:07:55.0755 0x0f4c  WANARP - ok
18:07:55.0758 0x0f4c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
18:07:55.0760 0x0f4c  Wanarpv6 - ok
18:07:55.0807 0x0f4c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
18:07:55.0828 0x0f4c  WatAdminSvc - ok
18:07:55.0868 0x0f4c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
18:07:55.0895 0x0f4c  wbengine - ok
18:07:55.0922 0x0f4c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
18:07:55.0928 0x0f4c  WbioSrvc - ok
18:07:55.0946 0x0f4c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
18:07:55.0955 0x0f4c  wcncsvc - ok
18:07:55.0965 0x0f4c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:07:55.0968 0x0f4c  WcsPlugInService - ok
18:07:55.0992 0x0f4c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
18:07:55.0994 0x0f4c  Wd - ok
18:07:56.0024 0x0f4c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
18:07:56.0038 0x0f4c  Wdf01000 - ok
18:07:56.0068 0x0f4c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
18:07:56.0072 0x0f4c  WdiServiceHost - ok
18:07:56.0076 0x0f4c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
18:07:56.0080 0x0f4c  WdiSystemHost - ok
18:07:56.0103 0x0f4c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
18:07:56.0110 0x0f4c  WebClient - ok
18:07:56.0127 0x0f4c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
18:07:56.0134 0x0f4c  Wecsvc - ok
18:07:56.0143 0x0f4c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
18:07:56.0147 0x0f4c  wercplsupport - ok
18:07:56.0160 0x0f4c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
18:07:56.0164 0x0f4c  WerSvc - ok
18:07:56.0184 0x0f4c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
18:07:56.0185 0x0f4c  WfpLwf - ok
18:07:56.0196 0x0f4c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
18:07:56.0197 0x0f4c  WIMMount - ok
18:07:56.0213 0x0f4c  WinDefend - ok
18:07:56.0222 0x0f4c  WinHttpAutoProxySvc - ok
18:07:56.0258 0x0f4c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
18:07:56.0263 0x0f4c  Winmgmt - ok
18:07:56.0305 0x0f4c  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
18:07:56.0307 0x0f4c  WinRing0_1_2_0 - ok
18:07:56.0367 0x0f4c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll
18:07:56.0410 0x0f4c  WinRM - ok
18:07:56.0537 0x0f4c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\drivers\WinUsb.sys
18:07:56.0539 0x0f4c  WinUsb - ok
18:07:56.0565 0x0f4c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
18:07:56.0582 0x0f4c  Wlansvc - ok
18:07:56.0665 0x0f4c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:56.0704 0x0f4c  wlidsvc - ok
18:07:56.0729 0x0f4c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
18:07:56.0730 0x0f4c  WmiAcpi - ok
18:07:56.0760 0x0f4c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
18:07:56.0764 0x0f4c  wmiApSrv - ok
18:07:56.0792 0x0f4c  WMPNetworkSvc - ok
18:07:56.0815 0x0f4c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
18:07:56.0818 0x0f4c  WPCSvc - ok
18:07:56.0832 0x0f4c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
18:07:56.0837 0x0f4c  WPDBusEnum - ok
18:07:56.0840 0x0f4c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
18:07:56.0841 0x0f4c  ws2ifsl - ok
18:07:56.0855 0x0f4c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
18:07:56.0860 0x0f4c  wscsvc - ok
18:07:56.0862 0x0f4c  WSearch - ok
18:07:56.0934 0x0f4c  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\windows\system32\wuaueng.dll
18:07:56.0978 0x0f4c  wuauserv - ok
18:07:57.0000 0x0f4c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
18:07:57.0002 0x0f4c  WudfPf - ok
18:07:57.0029 0x0f4c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\drivers\WUDFRd.sys
18:07:57.0033 0x0f4c  WUDFRd - ok
18:07:57.0042 0x0f4c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
18:07:57.0051 0x0f4c  wudfsvc - ok
18:07:57.0071 0x0f4c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
18:07:57.0078 0x0f4c  WwanSvc - ok
18:07:57.0120 0x0f4c  X6va011 - ok
18:07:57.0130 0x0f4c  X6va012 - ok
18:07:57.0133 0x0f4c  X6va015 - ok
18:07:57.0158 0x0f4c  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\windows\system32\DRIVERS\xusb21.sys
18:07:57.0160 0x0f4c  xusb21 - ok
18:07:57.0177 0x0f4c  ================ Scan global ===============================
18:07:57.0190 0x0f4c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
18:07:57.0221 0x0f4c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
18:07:57.0232 0x0f4c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
18:07:57.0248 0x0f4c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
18:07:57.0288 0x0f4c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
18:07:57.0296 0x0f4c  [ Global ] - ok
18:07:57.0296 0x0f4c  ================ Scan MBR ==================================
18:07:57.0303 0x0f4c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:07:57.0397 0x0f4c  \Device\Harddisk0\DR0 - ok
18:07:57.0398 0x0f4c  ================ Scan VBR ==================================
18:07:57.0399 0x0f4c  [ B87516E956EDEE674B2538F071843BB2 ] \Device\Harddisk0\DR0\Partition1
18:07:57.0444 0x0f4c  \Device\Harddisk0\DR0\Partition1 - ok
18:07:57.0477 0x0f4c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
18:07:57.0477 0x0f4c  \Device\Harddisk0\DR0\Partition2 - ok
18:07:57.0485 0x0f4c  [ 0DAC1923C90D9324283A5B50EAFB40CC ] \Device\Harddisk0\DR0\Partition3
18:07:57.0542 0x0f4c  \Device\Harddisk0\DR0\Partition3 - ok
18:07:57.0555 0x0f4c  [ FC1DB9D4F07D1F784C5A8C506E463031 ] \Device\Harddisk0\DR0\Partition4
18:07:57.0555 0x0f4c  \Device\Harddisk0\DR0\Partition4 - ok
18:07:57.0556 0x0f4c  ================ Scan generic autorun ======================
18:07:57.0622 0x0f4c  [ 0D997D69A624B2A04EED0B64F2092642, 67B34F6EDF0BA7C2C2BD11D6F8423FAB7AE6D7672220AACE31B632081EA25E35 ] C:\Program Files\IDT\WDM\beats64.exe
18:07:57.0623 0x0f4c  BeatsOSDApp - ok
18:07:57.0656 0x0f4c  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
18:07:57.0658 0x0f4c  HPSYSDRV - ok
18:07:57.0697 0x0f4c  [ AD6C376374C21EC68DF33884613D0A05, 65E0668A2A24B9EF2BDABDE044D240F110AEC8B1EF838AB28084B7F899D2A75E ] C:\Program Files\IDT\WDM\sttray64.exe
18:07:57.0721 0x0f4c  SysTrayApp - ok
18:07:57.0769 0x0f4c  [ D9AA753B736FD63F397C59464DC6FE68, AB357D3FDBF47C127571EE3ABBCBD7FF607CDDA230191913B2B45B5374A9EE42 ] c:\Program Files\Microsoft Security Client\msseces.exe
18:07:57.0792 0x0f4c  MSC - ok
18:07:57.0803 0x0f4c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\windows\system32\rundll32.exe
18:07:57.0806 0x0f4c  ShadowPlay - ok
18:07:57.0851 0x0f4c  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
18:07:57.0865 0x0f4c  XboxStat - ok
18:07:57.0942 0x0f4c  [ D9133D4157664B1E2ACFC2CD56CCB599, 0B2B8EE7D45962026A30833D3D7F59FB1FB07085904C2E77A10714F38910E462 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:07:57.0986 0x0f4c  NvBackend - ok
18:07:58.0031 0x0f4c  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
18:07:58.0033 0x0f4c  NCPluginUpdater - ok
18:07:58.0092 0x0f4c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:07:58.0112 0x0f4c  Sidebar - ok
18:07:58.0135 0x0f4c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:07:58.0138 0x0f4c  mctadmin - ok
18:07:58.0159 0x0f4c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:07:58.0178 0x0f4c  Sidebar - ok
18:07:58.0183 0x0f4c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:07:58.0185 0x0f4c  mctadmin - ok
18:07:58.0285 0x0f4c  [ 8DACA62F3E15E45EBAF7AE51A609CBC1, 5FACF0EA36572E7228EB2808731ED00DD08B481937569E71C3A537D7E65022AD ] C:\Program Files (x86)\Steam\steam.exe
18:07:58.0334 0x0f4c  Steam - ok
18:07:58.0539 0x0f4c  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
18:07:58.0614 0x0f4c  Akamai NetSession Interface - ok
18:07:58.0688 0x0f4c  [ 9D199992DFADBA8720B9037C045657F2, 7FB89E0EED185341A85C4EE6F96BE26A840904CF6E25C032F489EB23D6242B4B ] C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:07:58.0721 0x0f4c  Spotify Web Helper - ok
18:07:58.0748 0x0f4c  Skype - ok
18:07:58.0944 0x0f4c  [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
18:07:59.0065 0x0f4c  CCleaner Monitoring - ok
18:07:59.0184 0x0f4c  [ 981FE670A8D36E9F43A74FAE1218F080, 84EFCC024B5F6DE6554C40033462B21CA550A240C84E46B36EBB972799AA8A8B ] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
18:07:59.0197 0x0f4c  MySQL Notifier - ok
18:07:59.0395 0x0f4c  [ 89E0B29C7C2636C7F80679F616712B4A, 396B636A7D6E10876B53E768C6008089953F98387117856EA60B342B8AF3F38D ] C:\Users\Adrian\AppData\Roaming\Spotify\Spotify.exe
18:07:59.0515 0x0f4c  Spotify - ok
18:07:59.0588 0x0f4c  [ 4547360EB0D90804B3AD080CE1D1D814, 8814E26A8A4CE84CB17AF98A6AF551B75AF8F26A19DBA5225657DBF29853550A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:07:59.0602 0x0f4c  GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E - ok
18:07:59.0620 0x0f4c  FlashPlayerUpdate - ok
18:07:59.0651 0x0f4c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:07:59.0670 0x0f4c  Sidebar - ok
18:07:59.0685 0x0f4c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:07:59.0688 0x0f4c  mctadmin - ok
18:07:59.0723 0x0f4c  [ A064A1D9CBD7F6959AAEAEAFF96DB2E9, F3DC0C0240FCE4FE7478093C415548297E49C349FE600D7F6CC1C655953C1D48 ] C:\windows\system32\osk.exe
18:07:59.0736 0x0f4c  osk.exe - ok
18:07:59.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:00.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:01.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:02.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:03.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:04.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:05.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:06.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:07.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:08.0737 0x0f4c  Waiting for KSN requests completion. In queue: 224
18:08:09.0787 0x0f4c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.3.216.0 ), 0x60000 ( disabled : updated )
18:08:09.0799 0x0f4c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
18:08:09.0800 0x0f4c  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x40010 ( disabled )
18:08:09.0872 0x0f4c  Win FW state via NFP2: enabled
18:08:19.0550 0x0f4c  ============================================================
18:08:19.0550 0x0f4c  Scan finished
18:08:19.0550 0x0f4c  ============================================================
18:08:19.0554 0x247c  Detected object count: 0
18:08:19.0554 0x247c  Actual detected object count: 0
18:09:13.0844 0x0c44  ============================================================
18:09:13.0844 0x0c44  Scan started
18:09:13.0844 0x0c44  Mode: Manual; 
18:09:13.0844 0x0c44  ============================================================
18:09:13.0844 0x0c44  KSN ping started
         

Alt 03.07.2015, 06:22   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.07.2015, 07:07   #8
Freakey_
 
Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



Code:
ATTFilter
ComboFix 15-06-30.01 - Adrian 03.07.2015   8:14.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.8148.5426 [GMT 2:00]
ausgeführt von:: c:\users\Adrian\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Roland\AppData\Roaming\Origin
c:\users\Roland\AppData\Roaming\Origin\Cloud Saves\blacklist
c:\users\Roland\AppData\Roaming\Origin\local.xml
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-03 bis 2015-07-03  ))))))))))))))))))))))))))))))
.
.
2015-07-03 06:29 . 2015-07-03 06:29	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-07-03 06:29 . 2015-07-03 06:29	--------	d-----w-	c:\users\Roland\AppData\Local\temp
2015-07-03 06:28 . 2015-07-03 06:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-01 14:01 . 2015-07-01 14:02	--------	d-----w-	c:\users\Adrian\AppData\Local\PAYDAY 2
2015-07-01 14:01 . 2015-07-01 14:01	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2015-07-01 13:33 . 2015-07-03 05:50	113880	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-01 13:33 . 2015-06-18 06:41	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-07-01 13:33 . 2015-06-18 06:41	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-01 13:33 . 2015-06-18 06:41	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-06-29 14:39 . 2015-06-29 14:39	--------	d-----w-	c:\users\Adrian\AppData\Roaming\.atlauncher
2015-06-23 16:21 . 2015-06-17 06:03	571024	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-06-23 16:06 . 2015-06-23 16:06	--------	d-----w-	C:\NVIDIA
2015-06-23 15:29 . 2015-06-23 15:29	--------	d-----w-	c:\programdata\boost_interprocess
2015-06-23 15:29 . 2015-05-19 03:29	46768	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-06-23 15:29 . 2015-05-19 03:14	57520	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-06-20 09:53 . 2015-06-20 09:53	--------	d-----w-	c:\users\Adrian\AppData\Roaming\Microsoft FxCop
2015-06-20 09:32 . 2015-05-06 13:07	319584	----a-w-	c:\windows\system32\javaws.exe
2015-06-20 09:32 . 2015-05-06 13:07	206944	----a-w-	c:\windows\system32\javaw.exe
2015-06-20 09:32 . 2015-05-06 13:07	206432	----a-w-	c:\windows\system32\java.exe
2015-06-19 15:53 . 2015-06-19 15:53	--------	d-----w-	c:\users\Adrian\AppData\Roaming\NuGet
2015-06-19 15:24 . 2015-06-19 15:24	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 11.0
2015-06-19 15:20 . 2015-06-19 15:20	--------	d-----w-	c:\program files (x86)\Windows Phone Silverlight Kits
2015-06-19 15:20 . 2015-06-20 16:51	2382112	----a-w-	c:\programdata\Microsoft\VisualStudio\12.0\1033\ResourceCache.dll
2015-06-19 15:16 . 2015-06-19 15:16	--------	d-----w-	c:\program files (x86)\Microsoft XDE
2015-06-19 15:08 . 2015-06-19 15:08	--------	d-----w-	c:\program files (x86)\AppInsights
2015-06-19 14:55 . 2015-06-19 14:55	--------	d-----w-	c:\program files\Application Verifier
2015-06-19 14:55 . 2015-06-19 14:55	--------	d-----w-	c:\program files (x86)\Application Verifier
2015-06-19 14:55 . 2015-06-19 15:10	--------	d-----w-	c:\programdata\Windows App Certification Kit
2015-06-19 14:50 . 2015-06-19 14:50	--------	d-----w-	c:\program files (x86)\Common Files\Microsoft
2015-06-19 14:45 . 2015-06-19 14:45	--------	d-----w-	c:\programdata\PreEmptive Solutions
2015-06-19 14:39 . 2015-06-19 14:40	--------	d-----w-	c:\program files (x86)\Microsoft Web Tools
2015-06-19 14:38 . 2015-06-19 15:09	--------	d-----w-	c:\program files\IIS Express
2015-06-19 14:38 . 2015-06-19 15:09	--------	d-----w-	c:\program files (x86)\IIS Express
2015-06-19 14:37 . 2015-06-19 14:37	--------	d-----w-	c:\programdata\NuGet
2015-06-19 14:37 . 2015-06-19 14:37	--------	d-----w-	c:\program files (x86)\NuGet
2015-06-19 14:37 . 2015-06-19 14:37	--------	d-----w-	c:\program files (x86)\Microsoft WCF Data Services
2015-06-19 14:37 . 2015-06-19 14:37	--------	d-----w-	c:\program files\IIS
2015-06-19 14:37 . 2015-06-19 14:37	--------	d-----w-	c:\program files (x86)\IIS
2015-06-19 14:25 . 2015-06-19 14:31	--------	d-----w-	c:\program files (x86)\Windows Kits
2015-06-19 14:25 . 2015-06-19 14:25	--------	d-----w-	c:\program files (x86)\Windows Phone Kits
2015-06-19 14:24 . 2015-06-19 14:24	--------	d-----w-	c:\program files (x86)\HTML Help Workshop
2015-06-19 14:24 . 2015-06-19 14:24	--------	d-----w-	c:\windows\symbols
2015-06-19 14:24 . 2015-06-19 14:24	--------	d-----w-	c:\program files (x86)\Microsoft Help Viewer
2015-06-19 14:20 . 2015-06-19 14:29	--------	d-----w-	c:\windows\SysWow64\1033
2015-06-19 14:20 . 2015-06-19 15:36	--------	d-----w-	c:\program files\Microsoft SQL Server
2015-06-19 14:11 . 2015-06-19 15:29	--------	d-----w-	c:\program files (x86)\Common Files\Merge Modules
2015-06-19 14:08 . 2015-06-19 14:08	--------	d-----w-	c:\users\Adrian\.tooling
2015-06-19 14:07 . 2015-06-19 15:03	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 12.0
2015-06-19 14:07 . 2015-06-19 14:22	--------	d-----w-	c:\windows\system32\1033
2015-06-19 14:07 . 2015-06-19 14:07	--------	d-----w-	c:\program files\Microsoft Visual Studio 12.0
2015-06-19 13:39 . 2015-06-19 13:40	--------	d-----w-	c:\users\Adrian\SpongeAPI
2015-06-10 11:28 . 2015-05-22 18:18	1021440	----a-w-	c:\windows\system32\appraiser.dll
2015-06-10 11:27 . 2015-05-25 18:19	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-06-10 11:26 . 2015-04-24 18:17	633856	----a-w-	c:\windows\system32\comctl32.dll
2015-06-10 11:26 . 2015-04-24 17:56	530432	----a-w-	c:\windows\SysWow64\comctl32.dll
2015-06-10 11:26 . 2015-05-25 17:08	3206144	----a-w-	c:\windows\system32\win32k.sys
2015-06-10 11:26 . 2015-04-11 03:19	69888	----a-w-	c:\windows\system32\drivers\stream.sys
2015-06-08 14:14 . 2015-06-08 14:14	--------	d-----w-	c:\users\Adrian\hpremote
2015-06-06 14:17 . 2015-06-11 16:22	--------	d-----w-	c:\users\Adrian\AppData\Roaming\.StarMade
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-01 12:47 . 2012-06-15 00:12	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-01 12:47 . 2012-06-15 00:12	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-27 06:54 . 2014-05-05 17:31	442264	----a-w-	c:\windows\system32\drivers\aswsp.sys
2015-06-17 09:10 . 2015-04-13 14:48	17724600	----a-w-	c:\windows\system32\nvwgf2umx.dll
2015-06-17 09:10 . 2014-09-02 07:36	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-06-17 09:10 . 2014-09-02 07:36	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-06-17 09:10 . 2014-09-02 07:32	1567576	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2015-06-17 09:10 . 2013-11-13 10:22	1571696	----a-w-	c:\windows\system32\nvspcap64.dll
2015-06-17 09:10 . 2013-11-13 10:22	1320304	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-06-17 09:10 . 2013-04-10 13:47	15224784	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2015-06-17 09:10 . 2013-02-25 22:32	2997544	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-06-17 09:10 . 2012-03-15 04:59	3395648	----a-w-	c:\windows\system32\nvapi64.dll
2015-06-17 09:10 . 2012-03-15 04:59	12855416	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-06-17 06:48 . 2012-06-14 23:58	937616	----a-w-	c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2012-06-14 23:58	62792	----a-w-	c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2012-06-14 23:58	385168	----a-w-	c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2012-06-14 23:58	2558792	----a-w-	c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2012-06-14 23:58	6873232	----a-w-	c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2012-06-14 23:58	3492168	----a-w-	c:\windows\system32\nvsvc64.dll
2015-06-10 18:41 . 2013-04-11 10:47	140135120	----a-w-	c:\windows\system32\MRT.exe
2015-06-02 14:11 . 2012-06-14 23:58	4421614	----a-w-	c:\windows\system32\nvcoproc.bin
2015-05-25 18:01 . 2015-06-10 11:27	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-19 03:14 . 2014-09-02 07:32	61616	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-05-17 18:24 . 2015-05-17 18:24	364472	----a-w-	c:\windows\system32\aswBoot.exe
2015-05-17 18:24 . 2014-05-05 17:31	137288	----a-w-	c:\windows\system32\drivers\aswStm.sys
2015-05-17 18:24 . 2014-05-05 17:31	272248	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-05-17 18:24 . 2014-05-05 17:31	65736	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-05-17 18:24 . 2014-05-05 17:31	89944	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2015-05-17 18:24 . 2014-05-05 17:31	29168	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-05-17 18:24 . 2014-05-05 17:31	93528	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2015-05-17 18:24 . 2015-05-17 18:24	43112	----a-w-	c:\windows\avastSS.scr
2015-05-17 18:24 . 2014-05-05 17:31	1047320	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2015-05-06 13:07 . 2013-03-23 12:22	110688	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2015-05-04 06:47 . 2013-04-05 11:51	348672	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2015-05-04 06:47 . 2013-04-05 11:49	348672	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-05-04 06:43 . 2013-04-05 11:49	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-05-01 13:17 . 2015-05-13 07:53	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 07:53	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 09:27 . 2015-05-01 09:27	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-21 15:13 . 2015-04-21 15:16	627920	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-04-20 03:17 . 2015-05-13 07:48	1179136	----a-w-	c:\windows\system32\FntCache.dll
2015-04-20 03:17 . 2015-05-13 07:48	1647104	----a-w-	c:\windows\system32\DWrite.dll
2015-04-20 02:56 . 2015-05-13 07:48	1250816	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 07:50	460800	----a-w-	c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 07:50	342016	----a-w-	c:\windows\SysWow64\certcli.dll
2015-04-13 03:28 . 2015-05-13 07:48	328704	----a-w-	c:\windows\system32\services.exe
2015-04-09 00:58 . 2015-04-13 14:48	1895568	----a-w-	c:\windows\system32\nvdispco6435012.dll
2015-04-09 00:58 . 2015-04-13 14:48	1557648	----a-w-	c:\windows\system32\nvdispgenco6435012.dll
2015-04-08 03:29 . 2015-05-13 07:48	275456	----a-w-	c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 07:48	24576	----a-w-	c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 07:48	216064	----a-w-	c:\windows\SysWow64\InkEd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-04-21 15:32	329376	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-04-21 15:32	329376	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-04-21 15:32	329376	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-04-21 15:32	329376	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-04-21 15:32	329376	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"Akamai NetSession Interface"="c:\users\Adrian\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 4673432]
"Spotify Web Helper"="c:\users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-26 2023480]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-06-02 28785280]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"MySQL Notifier"="c:\program files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe" [2014-09-03 773120]
"Spotify"="c:\users\Adrian\AppData\Roaming\Spotify\Spotify.exe" [2015-06-26 7415864]
"GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-06-05 813896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-17 5515496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [x]
S2 chromoting;Chrome Remote Desktop Service;c:\program files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe;c:\program files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-18 12:04	986440	----a-w-	c:\program files (x86)\Google\Chrome\Application\43.0.2357.124\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 12:47]
.
2015-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 16:03]
.
2015-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 16:03]
.
2013-12-24 c:\windows\Tasks\HPCeeScheduleForAdrian.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-04-21 15:32	358064	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-04-21 15:32	358064	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-04-21 15:32	358064	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-04-21 15:32	358064	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-04-21 15:32	358064	----a-w-	c:\users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-21 15:18	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-21 15:18	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-21 15:18	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-17 18:24	722400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-03-30 37888]
"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-18 1356240]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-17 1571696]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-17 2754704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-12 21720]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-Mod-MC - c:\users\Adrian\Desktop\Uninstal.exe
AddRemove-{87686C21-8A15-4b4d-A3F1-11141D9BE094} - c:\users\Adrian\Desktop\Desktop\ddd\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\SecuROM\License information*]
"datasecu"=hex:d8,b2,7a,c6,b4,33,c2,7f,d6,fe,43,a1,a8,66,fd,db,35,64,0a,c4,d3,
   c1,2b,61,91,51,78,eb,21,df,3c,25,fd,0e,38,80,1e,1e,2d,d7,dd,a7,8c,b1,c2,70,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-03  08:32:22
ComboFix-quarantined-files.txt  2015-07-03 06:32
.
Vor Suchlauf: 21 Verzeichnis(se), 322.265.214.976 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 323.936.432.128 Bytes frei
.
- - End Of File - - 20FC84F2B6482B99278F1748A325B496
5FB38429D5D77768867C76DCBDB35194
         

Geändert von Freakey_ (03.07.2015 um 07:34 Uhr) Grund: Mein Fehler - hat nur ne Zeit gedauert zu starten

Alt 03.07.2015, 09:05   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.07.2015, 11:55   #10
Freakey_
 
Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 03.07.2015
Suchlaufzeit: 11:19
Protokolldatei: 
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.03.01
Rootkit-Datenbank: v2015.07.01.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Adrian

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 657653
Abgelaufene Zeit: 1 Std., 16 Min., 32 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh, , [a9b46e6fc4c695a147e0ab3a2fd48878], 
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1, , [a9b46e6fc4c695a147e0ab3a2fd48878], 
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata, , [a9b46e6fc4c695a147e0ab3a2fd48878], 

Dateien: 2
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata\computed_hashes.json, , [a9b46e6fc4c695a147e0ab3a2fd48878], 
PUP.Optional.CrossRider, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\0.1_1\_metadata\verified_contents.json, , [a9b46e6fc4c695a147e0ab3a2fd48878], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.7 (07.02.2015:2)
OS: Windows 7 Home Premium x64
Ran by Adrian on 03.07.2015 at 12:47:32,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\windows\system32\tasks\update-S-1-5-21-1501557853-1401194567-1476615106-1000



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\windows\syswow64\sho239A.tmp
Successfully deleted: [File] C:\windows\syswow64\sho62F.tmp
Successfully deleted: [File] C:\windows\syswow64\sho766B.tmp
Successfully deleted: [File] C:\windows\syswow64\sho7ADA.tmp



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\tuneup software
Successfully deleted: [Folder] C:\Users\Adrian\AppData\Roaming\tuneup software
Successfully deleted: [Folder] C:\Users\Adrian\AppData\Roaming\3909



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh

[C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
ofjgnhihlklpobkaloamkankaaoclfjh

[C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Adrian\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  fmlgoencnlndpglbocajlimaikjohmab,
  ofjgnhihlklpobkaloamkankaaoclfjh
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.07.2015 at 12:51:23,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
# AdwCleaner v4.207 - Bericht erstellt 03/07/2015 um 12:40:14
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-07-02.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Adrian - ADRIAN
# Gestarted von : C:\Users\Adrian\Downloads\adwcleaner_4.207(1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.1 (x86 de)


-\\ Google Chrome v43.0.2357.124

[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=AT&userid=9c551487-5f5f-4f9c-9c01-b430fcd06690&searchtype=ds&q={searchTerms}&installDate=11/08/2013
[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

*************************

AdwCleaner[R2].txt - [1483 Bytes] - [07/12/2014 08:50:39]
AdwCleaner[R3].txt - [2554 Bytes] - [22/01/2015 14:55:28]
AdwCleaner[R5].txt - [1680 Bytes] - [03/07/2015 12:38:20]
AdwCleaner[S1].txt - [1620 Bytes] - [07/12/2014 08:54:17]
AdwCleaner[S2].txt - [3716 Bytes] - [01/07/2015 15:37:40]
AdwCleaner[S3].txt - [1529 Bytes] - [03/07/2015 12:40:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1588  Bytes] ##########
         
FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Adrian (administrator) on ADRIAN on 03-07-2015 12:54:09
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian & Roland & Julia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Adrian\Desktop\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-17] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2013-12-13] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Spotify Web Helper] => C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2015-06-26] (Spotify Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Run: [Spotify] => C:\Users\Adrian\AppData\Roaming\Spotify\Spotify.exe [7415864 2015-06-26] (Spotify Ltd)
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-17] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll [2015-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://g.uk.msn.com/HPCON/13
SearchScopes: HKLM -> {939B14F3-B461-4624-9A18-471F61BFA534} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> {939B14F3-B461-4624-9A18-471F61BFA534} URL = 
SearchScopes: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-17] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-21] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-17] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-21] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4D90CE45-67A0-49AB-B5B4-C64A4C422721}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8B69EE98-7CCE-4594-BF68-254040775923}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-01] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1501557853-1401194567-1476615106-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-09] ()
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\donottrackplus@abine.com [2015-05-29]
FF Extension: ColorZilla - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-05-29]
FF Extension: WOT - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29]
FF Extension: Ghostery - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\firefox@ghostery.com.xpi [2015-05-09]
FF Extension: Adblock Edge - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2kuze1xd.default-1431164206338\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-05]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]
CHR Extension: (Google Docs) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]
CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (MaskMe) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2015-06-04]
CHR Extension: (Blur) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-06-04]
CHR Extension: (Google Sheets) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-06-04]
CHR Extension: (AdBlock) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-04]
CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-19]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-17] (Avast Software s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-06] ()
S2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe [69448 2015-05-28] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-03-18] (Microsoft Corporation)
R2 ezSharedSvc; C:\windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [4276136 2013-04-03] (INCA Internet Co., Ltd.) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1996144 2015-05-21] (Electronic Arts)
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-04-04] (PDF Complete Inc)
S2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2014-10-02] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-17] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-17] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-17] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-17] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-17] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-02] ()
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-08-02] (Echobit, LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-14] ()
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 X6va011; \??\C:\windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-03 12:51 - 2015-07-03 12:51 - 00002053 _____ C:\Users\Adrian\Desktop\JRT.txt
2015-07-03 12:47 - 2015-07-03 12:47 - 00000207 _____ C:\windows\tweaking.com-regbackup-ADRIAN-Windows-7-Home-Premium-(64-bit).dat
2015-07-03 12:47 - 2015-07-03 12:47 - 00000000 ____D C:\RegBackup
2015-07-03 11:24 - 2015-07-03 11:24 - 02951023 _____ (Malwarebytes Corporation) C:\Users\Adrian\Desktop\JRT.exe
2015-07-03 10:22 - 2015-07-03 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-07-03 10:12 - 2015-07-03 10:22 - 00000000 ____D C:\xampp
2015-07-03 10:01 - 2015-07-03 10:11 - 112208384 _____ (Bitnami) C:\Users\Adrian\Downloads\xampp-win32-5.6.8-0-VC11-installer.exe
2015-07-03 08:32 - 2015-07-03 08:32 - 00040672 _____ C:\ComboFix.txt
2015-07-03 08:10 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2015-07-03 08:10 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2015-07-03 08:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2015-07-03 08:10 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2015-07-03 08:07 - 2015-07-03 08:07 - 05631262 _____ (Swearware) C:\Users\Adrian\Downloads\ComboFix.exe
2015-07-03 08:01 - 2015-07-03 08:32 - 00000000 ____D C:\Qoobox
2015-07-03 08:00 - 2015-07-03 08:31 - 00000000 ____D C:\windows\erdnt
2015-07-02 18:01 - 2015-07-02 18:01 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Adrian\Downloads\tdsskiller.exe
2015-07-01 19:27 - 2015-07-01 19:27 - 00065222 _____ C:\Users\Adrian\Desktop\GAListener.jar
2015-07-01 19:22 - 2015-07-01 19:22 - 00018694 _____ C:\Users\Adrian\Desktop\Votifier.jar
2015-07-01 18:56 - 2015-07-01 18:56 - 00002135 _____ C:\Users\Adrian\Desktop\mbam.txt
2015-07-01 16:01 - 2015-07-01 16:02 - 00000000 ____D C:\Users\Adrian\AppData\Local\PAYDAY 2
2015-07-01 16:01 - 2015-07-01 16:01 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-07-01 15:44 - 2015-07-03 12:54 - 00027886 _____ C:\Users\Adrian\Desktop\FRST.txt
2015-07-01 15:43 - 2015-07-01 15:43 - 02112512 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64(1).exe
2015-07-01 15:36 - 2015-07-01 15:37 - 00095283 _____ C:\Users\Adrian\Downloads\FRST.txt
2015-07-01 15:36 - 2015-07-01 15:36 - 02112512 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-07-01 15:33 - 2015-07-03 12:43 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-01 15:33 - 2015-07-01 15:33 - 00001068 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-01 15:33 - 2015-07-01 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-01 15:33 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-07-01 15:33 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-07-01 15:33 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-07-01 15:32 - 2015-07-01 15:34 - 00003880 _____ C:\Users\Adrian\Desktop\AdwCleaner[R4].txt
2015-07-01 15:32 - 2015-07-01 15:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-01 15:31 - 2015-07-01 15:32 - 02244096 _____ C:\Users\Adrian\Downloads\adwcleaner_4.207(1).exe
2015-07-01 14:57 - 2015-07-01 14:57 - 02244096 _____ C:\Users\Adrian\Downloads\AdwCleaner_4.207.exe
2015-06-30 21:03 - 2015-06-30 21:03 - 00000000 ____D C:\Users\Adrian\Desktop\Bauserver
2015-06-30 18:54 - 2015-06-30 18:54 - 00000278 _____ C:\Users\Adrian\Desktop\How to use the new things added in 1.4.6 (no NBT) Bukkit Forums.URL
2015-06-29 16:39 - 2015-06-29 16:39 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.atlauncher
2015-06-28 16:15 - 2015-06-28 16:15 - 00990670 _____ C:\Users\Adrian\Downloads\Essentials(1).zip
2015-06-28 16:08 - 2015-06-28 16:08 - 00279917 _____ C:\Users\Adrian\Downloads\nbteditor-1.2.zip
2015-06-23 18:22 - 2015-06-23 18:22 - 00001343 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-23 18:21 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2015-06-23 18:12 - 2015-06-17 11:10 - 42729104 _____ C:\windows\system32\nvcompiler.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 37748880 _____ C:\windows\SysWOW64\nvcompiler.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-06-23 18:12 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6435330.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6435330.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2015-06-23 18:12 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2015-06-23 18:12 - 2015-06-17 11:10 - 00030966 _____ C:\windows\system32\nvinfo.pb
2015-06-23 18:06 - 2015-06-23 18:06 - 00000000 ____D C:\NVIDIA
2015-06-23 17:48 - 2015-06-23 17:48 - 00158823 _____ C:\Users\Adrian\Downloads\2c36ac-Play GTA V.rar
2015-06-23 17:42 - 2015-06-23 17:42 - 00060476 _____ C:\Users\Adrian\Downloads\16420b-OpenAllInteriors.rar
2015-06-23 17:41 - 2015-06-23 17:41 - 00139690 _____ C:\Users\Adrian\Downloads\3137dd-the_red_house.zip
2015-06-23 17:41 - 2015-06-23 17:41 - 00130877 _____ C:\Users\Adrian\Downloads\7d5fc4-Bodyguard Menu 1.7.zip
2015-06-23 17:39 - 2015-06-23 17:39 - 00766494 _____ C:\Users\Adrian\Downloads\f72d70-RealPoliceOffenses.rar
2015-06-23 17:38 - 2015-06-23 17:38 - 00393765 _____ C:\Users\Adrian\Downloads\ScriptHookV_1.0.372.2.zip
2015-06-23 17:34 - 2015-06-23 17:42 - 292264080 _____ (NVIDIA Corporation) C:\Users\Adrian\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-06-23 17:29 - 2015-06-23 17:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-23 17:29 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2015-06-23 17:29 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2015-06-21 16:11 - 2015-06-21 16:12 - 00024799 _____ C:\Users\Adrian\Downloads\TurretsStarterPackRAW.rar
2015-06-21 16:09 - 2015-06-21 16:09 - 01399043 _____ C:\Users\Adrian\Desktop\DieUberwaffe_Tigerlily_HF50.sment
2015-06-21 09:54 - 2015-06-21 09:54 - 00000257 _____ C:\Users\Adrian\Desktop\Rockstar Games Social Club - Crew Squad Lemonators.URL
2015-06-20 17:03 - 2015-06-20 17:03 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2013
2015-06-20 17:03 - 2015-06-20 17:03 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2013
2015-06-20 11:54 - 2015-06-20 11:54 - 00005618 _____ C:\Users\Adrian\Desktop\Mein Radio.application
2015-06-20 11:54 - 2015-06-20 11:54 - 00000000 ____D C:\Users\Adrian\Desktop\Application Files
2015-06-20 11:54 - 2015-06-20 11:54 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2015-06-20 11:53 - 2015-06-20 11:53 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft FxCop
2015-06-20 11:32 - 2015-05-06 15:07 - 00319584 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2015-06-20 11:32 - 2015-05-06 15:07 - 00206944 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2015-06-20 11:32 - 2015-05-06 15:07 - 00206432 _____ (Oracle Corporation) C:\windows\system32\java.exe
2015-06-20 11:15 - 2015-06-20 11:28 - 146861984 _____ (Oracle Corporation) C:\Users\Adrian\Downloads\jdk-7u79-windows-x64.exe
2015-06-19 17:53 - 2015-06-19 17:53 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\NuGet
2015-06-19 17:24 - 2015-06-19 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-06-19 17:24 - 2015-06-19 17:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-06-19 17:20 - 2015-06-19 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2015-06-19 17:20 - 2015-06-19 17:20 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits
2015-06-19 17:16 - 2015-06-19 18:55 - 00000000 ____D C:\Users\Adrian\Documents\Visual Studio 2013
2015-06-19 17:16 - 2015-06-19 17:16 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2015-06-19 17:08 - 2015-06-19 17:08 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-06-19 17:02 - 2015-06-19 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2015-06-19 16:55 - 2015-06-19 17:10 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-06-19 16:55 - 2015-06-19 16:55 - 00000000 ____D C:\Program Files\Application Verifier
2015-06-19 16:55 - 2015-06-19 16:55 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-06-19 16:51 - 2015-06-19 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-06-19 16:45 - 2015-06-19 16:45 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-06-19 16:39 - 2015-06-19 16:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-06-19 16:38 - 2015-06-19 17:09 - 00000000 ____D C:\Program Files\IIS Express
2015-06-19 16:38 - 2015-06-19 17:09 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\ProgramData\NuGet
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files\IIS
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-06-19 16:37 - 2015-06-19 16:37 - 00000000 ____D C:\Program Files (x86)\IIS
2015-06-19 16:34 - 2015-06-19 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-06-19 16:25 - 2015-06-19 16:31 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-06-19 16:25 - 2015-06-19 16:25 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\windows\symbols
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-06-19 16:24 - 2015-06-19 16:24 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-06-19 16:20 - 2015-06-19 17:36 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-19 16:20 - 2015-06-19 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2015-06-19 16:20 - 2015-06-19 16:29 - 00000000 ____D C:\windows\SysWOW64\1033
2015-06-19 16:08 - 2015-06-19 16:08 - 00000000 ____D C:\Users\Adrian\.tooling
2015-06-19 16:07 - 2015-06-19 17:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-06-19 16:07 - 2015-06-19 16:22 - 00000000 ____D C:\windows\system32\1033
2015-06-19 16:07 - 2015-06-19 16:07 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-06-19 15:47 - 2015-06-19 15:47 - 01240624 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\vs_community.exe
2015-06-19 15:46 - 2015-06-19 15:46 - 01198368 _____ C:\Users\Adrian\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe
2015-06-19 15:39 - 2015-06-19 15:40 - 00000000 ____D C:\Users\Adrian\SpongeAPI
2015-06-19 15:38 - 2015-06-19 15:39 - 03709881 _____ C:\Users\Adrian\Downloads\forge-1.8-11.14.3.1468-installer-win.exe
2015-06-19 15:37 - 2015-06-19 15:38 - 14131704 _____ C:\Users\Adrian\Downloads\sponge-1.8-1446-2.1DEV-490.jar
2015-06-18 14:12 - 2015-06-18 14:12 - 00054619 _____ C:\Users\Adrian\Downloads\ts18.nitrado.net-11200-2981-BU181829.dat
2015-06-17 16:59 - 2015-06-17 16:59 - 04832017 _____ C:\Users\Adrian\Downloads\WM01-demo.zip
2015-06-17 16:34 - 2015-06-17 16:34 - 00025510 _____ C:\Users\Adrian\Desktop\freakey.pdn
2015-06-15 16:18 - 2015-06-15 16:18 - 00000000 ____D C:\Users\Adrian\Desktop\icons
2015-06-11 18:12 - 2015-06-11 18:13 - 02210768 _____ C:\Users\Adrian\Downloads\StarMade-starter(1).exe
2015-06-11 11:27 - 2015-06-11 11:27 - 00000000 ____D C:\Users\Adrian\Desktop\Minecraft Server
2015-06-11 11:21 - 2015-06-11 11:21 - 00004010 _____ C:\Users\Adrian\AppData\Local\recently-used.xbel
2015-06-11 10:16 - 2015-06-11 10:16 - 21553694 _____ C:\Users\Adrian\Desktop\spigot-1.8.7-R0.1-SNAPSHOT.jar
2015-06-11 10:16 - 2015-06-11 10:16 - 21553694 _____ C:\Users\Adrian\Desktop\spigot-1.8.7.jar
2015-06-10 19:33 - 2015-06-10 19:33 - 00080153 _____ C:\Users\Adrian\Downloads\Orebfuscator.jar
2015-06-10 17:40 - 2015-06-10 17:40 - 00045721 _____ C:\Users\Adrian\Downloads\PvPTimer.jar
2015-06-10 17:32 - 2015-06-10 17:32 - 00020799 _____ C:\Users\Adrian\Downloads\PVPLeveling.jar
2015-06-10 17:18 - 2015-06-10 17:18 - 00295492 _____ C:\Users\Adrian\Downloads\Vault(1).jar
2015-06-10 15:41 - 2015-06-10 15:41 - 00203534 _____ C:\Users\Adrian\Downloads\BossShop.jar
2015-06-10 13:29 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-10 13:29 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-10 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-10 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-10 13:29 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-10 13:29 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-06-10 13:29 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-06-10 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-06-10 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-06-10 13:29 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-06-10 13:28 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-06-10 13:28 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-10 13:28 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-06-10 13:28 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-10 13:28 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-06-10 13:28 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-10 13:28 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-06-10 13:28 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-06-10 13:28 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-06-10 13:28 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-06-10 13:28 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-10 13:28 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-06-10 13:28 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-06-10 13:28 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-06-10 13:28 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-10 13:28 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-06-10 13:28 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-06-10 13:28 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-06-10 13:28 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 13:28 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-06-10 13:28 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-10 13:28 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-10 13:28 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-10 13:28 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-10 13:28 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-10 13:28 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-06-10 13:28 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-10 13:28 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-10 13:28 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-10 13:28 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-06-10 13:28 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-06-10 13:28 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-06-10 13:28 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-06-10 13:28 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-06-10 13:28 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-06-10 13:28 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-06-10 13:28 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-06-10 13:28 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-06-10 13:28 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-06-10 13:28 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-06-10 13:28 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-06-10 13:28 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-06-10 13:28 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-06-10 13:28 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-06-10 13:28 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 13:28 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-06-10 13:28 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-06-10 13:28 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-06-10 13:28 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-06-10 13:28 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-06-10 13:28 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-06-10 13:28 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-06-10 13:28 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-06-10 13:28 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-06-10 13:28 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-06-10 13:28 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-06-10 13:28 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-06-10 13:28 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-06-10 13:28 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-10 13:27 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-06-10 13:27 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-06-10 13:27 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-06-10 13:27 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-06-10 13:27 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-06-10 13:27 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-06-10 13:27 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-06-10 13:27 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-06-10 13:27 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-06-10 13:27 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-06-10 13:27 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-06-10 13:27 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-06-10 13:27 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-06-10 13:27 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-06-10 13:27 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-06-10 13:27 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-06-10 13:27 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-06-10 13:27 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-06-10 13:27 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-06-10 13:27 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-06-10 13:27 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:27 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:26 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-10 13:26 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-06-10 13:26 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-06-10 13:26 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-06-09 20:59 - 2015-06-09 20:59 - 00097426 _____ C:\Users\Adrian\Downloads\SimpleAlias_1.6.0.jar
2015-06-09 20:44 - 2015-06-09 20:44 - 00242829 _____ C:\Users\Adrian\Downloads\SimpleClans.jar
2015-06-09 20:41 - 2015-06-09 20:41 - 00088581 _____ C:\Users\Adrian\Downloads\FactionChat.jar
2015-06-09 20:36 - 2015-06-09 20:36 - 01353976 _____ C:\Users\Adrian\Downloads\MassiveCore.jar
2015-06-09 20:35 - 2015-06-09 20:35 - 01492385 _____ C:\Users\Adrian\Downloads\Factions-2.7.5.zip
2015-06-09 20:28 - 2015-06-09 20:28 - 00464200 _____ C:\Users\Adrian\Downloads\LWC.jar
2015-06-09 19:27 - 2015-06-09 19:27 - 06477032 _____ (Tim Kosse) C:\Users\Adrian\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-09 19:26 - 2015-06-09 19:26 - 00352171 _____ C:\Users\Adrian\Downloads\BVotifier[1].jar
2015-06-08 16:14 - 2015-06-08 16:14 - 00002580 _____ C:\windows\DPINST.LOG
2015-06-08 16:14 - 2015-06-08 16:14 - 00000000 ____D C:\Users\Adrian\hpremote
2015-06-07 12:24 - 2015-06-07 12:24 - 02803105 _____ C:\Users\Adrian\Downloads\craftconomy3-3.2.1(1).jar
2015-06-06 16:52 - 2015-06-07 11:01 - 00036984 _____ C:\windows\DirectX.log
2015-06-06 16:18 - 2015-06-27 13:09 - 00000000 ____D C:\Users\Adrian\Downloads\StarMade
2015-06-06 16:17 - 2015-06-11 18:22 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.StarMade
2015-06-06 16:17 - 2015-06-06 16:17 - 02210768 _____ C:\Users\Adrian\Downloads\StarMade-starter.exe
2015-06-04 09:48 - 2015-06-04 09:49 - 00087894 _____ C:\Users\Adrian\Downloads\BAT-WebInterface1.6(1).zip
2015-06-04 08:39 - 2015-06-04 08:39 - 00000000 ____D C:\ProgramData\Google
2015-06-04 08:35 - 2015-06-04 08:36 - 08180736 _____ C:\Users\Adrian\Downloads\chromeremotedesktophost.msi
2015-06-04 08:31 - 2015-06-04 08:31 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-04 07:27 - 2015-06-04 07:27 - 01822832 _____ (Pushbullet Inc ) C:\Users\Adrian\Downloads\pushbullet_installer.exe
2015-06-04 07:02 - 2015-06-04 07:02 - 00000233 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-03 12:54 - 2015-02-24 14:54 - 00000000 ____D C:\FRST
2015-07-03 12:48 - 2013-03-15 02:51 - 01211979 _____ C:\windows\WindowsUpdate.log
2015-07-03 12:48 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-03 12:48 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-03 12:47 - 2013-09-02 11:16 - 00000000 ____D C:\Users\Adrian\AppData\Local\LogMeIn Hamachi
2015-07-03 12:46 - 2013-03-14 19:02 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Skype
2015-07-03 12:45 - 2014-05-18 07:56 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Spotify
2015-07-03 12:44 - 2014-05-18 07:57 - 00000000 ____D C:\Users\Adrian\AppData\Local\Spotify
2015-07-03 12:44 - 2013-03-16 08:15 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-03 12:43 - 2012-06-15 02:18 - 00000000 ____D C:\ProgramData\PDFC
2015-07-03 12:42 - 2015-05-18 16:26 - 00018453 _____ C:\windows\setupact.log
2015-07-03 12:41 - 2015-05-18 16:26 - 00070458 _____ C:\windows\PFRO.log
2015-07-03 12:41 - 2012-06-15 01:58 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-03 12:41 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-03 12:40 - 2014-12-07 08:50 - 00000000 ____D C:\AdwCleaner
2015-07-03 12:39 - 2013-03-16 09:10 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Audacity
2015-07-03 12:14 - 2014-11-08 11:14 - 00000000 ____D C:\Users\Adrian\AppData\Local\Eclipse
2015-07-03 10:55 - 2013-05-18 19:37 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\TS3Client
2015-07-03 10:28 - 2013-05-11 09:31 - 00000000 ____D C:\Users\Adrian\workspace
2015-07-03 10:04 - 2015-02-09 12:26 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\.minecraft
2015-07-03 08:32 - 2014-04-01 19:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Apps\2.0
2015-07-03 08:32 - 2013-04-01 10:00 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-03 08:32 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-03 08:29 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2015-07-03 08:25 - 2012-06-15 02:06 - 00000000 ____D C:\ProgramData\Temp
2015-07-03 08:10 - 2013-06-22 18:56 - 00000000 ____D C:\Users\Adrian\AppData\Local\Adobe
2015-07-03 07:52 - 2014-05-05 19:31 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-07-02 18:31 - 2012-06-15 01:44 - 00700336 _____ C:\windows\system32\perfh007.dat
2015-07-02 18:31 - 2012-06-15 01:44 - 00149928 _____ C:\windows\system32\perfc007.dat
2015-07-02 18:31 - 2011-02-11 19:15 - 01597118 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-07-02 18:31 - 2009-07-14 07:13 - 01597118 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-02 12:35 - 2009-07-14 06:45 - 00000000 ____D C:\windows\Setup
2015-07-01 18:15 - 2015-04-14 15:52 - 00000080 _____ C:\Users\Adrian\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-07-01 15:33 - 2014-07-07 15:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-01 15:26 - 2013-09-13 19:07 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-01 14:47 - 2013-09-13 19:07 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-01 14:47 - 2012-06-15 02:12 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-01 14:47 - 2012-06-15 02:12 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-29 16:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-29 13:47 - 2012-06-15 02:18 - 00000000 ____D C:\ProgramData\Skype
2015-06-27 08:54 - 2014-05-05 19:31 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswsp.sys
2015-06-24 20:03 - 2014-11-04 09:40 - 00000000 ____D C:\Users\Adrian\Documents\Action!
2015-06-23 18:22 - 2013-08-05 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-23 18:22 - 2012-06-15 01:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-23 18:19 - 2012-06-15 01:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-20 20:32 - 2014-04-01 19:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Deployment
2015-06-20 17:02 - 2014-08-25 14:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-20 11:29 - 2013-03-23 14:22 - 00000000 ____D C:\Program Files\Java
2015-06-20 08:48 - 2013-09-28 08:31 - 05259320 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-19 17:39 - 2014-06-09 08:16 - 00143352 _____ C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-19 17:35 - 2014-04-14 07:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-19 17:16 - 2014-04-14 07:25 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-06-19 17:00 - 2014-04-14 07:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-06-19 17:00 - 2013-08-10 19:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-06-19 17:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-19 16:43 - 2014-10-15 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-19 16:08 - 2013-03-14 18:59 - 00000000 ____D C:\Users\Adrian
2015-06-19 16:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-17 16:38 - 2015-03-27 11:52 - 00000000 ___RD C:\Users\Adrian\Desktop\Meine Dateien
2015-06-17 16:34 - 2013-05-28 20:51 - 00000000 ____D C:\Users\Adrian\AppData\Local\Paint.NET
2015-06-17 16:29 - 2013-03-26 12:03 - 00000000 ____D C:\Users\Adrian\.gimp-2.8
2015-06-17 11:10 - 2015-04-13 16:48 - 17724600 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-06-17 11:10 - 2014-09-02 09:36 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2015-06-17 11:10 - 2014-09-02 09:36 - 01316000 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2015-06-17 11:10 - 2014-09-02 09:32 - 01567576 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2015-06-17 11:10 - 2013-11-13 12:22 - 01571696 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2015-06-17 11:10 - 2013-11-13 12:22 - 01320304 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2015-06-17 11:10 - 2013-04-10 15:47 - 15224784 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-06-17 11:10 - 2013-02-26 00:32 - 02997544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-06-17 11:10 - 2012-03-15 06:59 - 12855416 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2015-06-17 11:10 - 2012-03-15 06:59 - 03395648 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 06873232 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 03492168 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 02558792 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 00937616 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2015-06-17 08:48 - 2012-06-15 01:58 - 00385168 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2015-06-17 08:48 - 2012-06-15 01:58 - 00062792 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2015-06-12 12:48 - 2015-05-06 17:23 - 00000600 _____ C:\Users\Adrian\AppData\Local\PUTTY.RND
2015-06-12 12:48 - 2013-04-15 17:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\FileZilla
2015-06-11 15:15 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-06-11 14:40 - 2015-01-07 15:14 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-06-11 14:40 - 2014-05-05 19:25 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieUserList
2015-06-11 14:40 - 2014-05-05 19:25 - 00000000 __SHD C:\Users\Adrian\AppData\Local\EmieSiteList
2015-06-11 13:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-06-11 11:21 - 2015-04-07 15:53 - 00000000 ____D C:\Users\Adrian\AppData\Local\gtk-2.0
2015-06-11 10:17 - 2013-05-25 21:54 - 00000000 ____D C:\Users\Adrian\Documents\Bandicam
2015-06-11 09:56 - 2015-03-31 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2015-06-11 08:22 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-06-11 08:19 - 2014-12-11 19:20 - 00000000 ____D C:\windows\system32\appraiser
2015-06-11 08:19 - 2014-05-06 12:21 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-11 08:19 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-10 20:48 - 2013-08-15 16:39 - 00000000 ____D C:\windows\system32\MRT
2015-06-10 20:41 - 2013-04-11 12:47 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-10 17:21 - 2013-04-15 17:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-06-10 17:21 - 2013-04-15 17:25 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-06-10 16:32 - 2015-04-14 15:52 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-10 16:32 - 2015-04-14 15:52 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-08 16:17 - 2013-06-09 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-06-08 16:17 - 2013-06-09 20:40 - 00000000 ____D C:\Program Files (x86)\Nero
2015-06-08 16:15 - 2012-06-15 02:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-06-08 16:15 - 2012-06-15 02:04 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-06-08 16:14 - 2012-06-15 02:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-08 16:00 - 2015-04-21 14:10 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\soundcloud-musicaudio-515e62acb4534adf9d67bd67c3aef5e8
2015-06-06 16:53 - 2013-05-11 11:56 - 00000000 ____D C:\Users\Adrian\Documents\My Games

==================== Files in the root of some directories =======

2013-11-14 15:51 - 2015-02-03 17:15 - 0000132 _____ () C:\Users\Adrian\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-05-20 07:19 - 2013-06-11 19:23 - 0000096 _____ () C:\Users\Adrian\AppData\Roaming\Camdata.ini
2013-05-20 07:19 - 2013-06-11 19:23 - 0000408 _____ () C:\Users\Adrian\AppData\Roaming\CamLayout.ini
2013-05-20 07:19 - 2013-06-11 19:23 - 0000408 _____ () C:\Users\Adrian\AppData\Roaming\CamShapes.ini
2013-05-20 07:13 - 2013-05-26 07:46 - 0004508 _____ () C:\Users\Adrian\AppData\Roaming\CamStudio.cfg
2015-05-13 11:21 - 2015-05-13 11:21 - 0000000 _____ () C:\Users\Adrian\AppData\Roaming\gdfw.log
2015-05-13 11:21 - 2015-05-13 11:21 - 0000779 _____ () C:\Users\Adrian\AppData\Roaming\gdscan.log
2014-10-13 18:59 - 2014-10-13 18:59 - 0001456 _____ () C:\Users\Adrian\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-04-06 19:11 - 2013-04-11 15:39 - 0003584 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-06 17:23 - 2015-06-12 12:48 - 0000600 _____ () C:\Users\Adrian\AppData\Local\PUTTY.RND
2015-06-11 11:21 - 2015-06-11 11:21 - 0004010 _____ () C:\Users\Adrian\AppData\Local\recently-used.xbel
2014-05-22 16:45 - 2014-05-22 16:45 - 0000003 _____ () C:\Users\Adrian\AppData\Local\updater.log
2014-05-22 16:45 - 2014-05-22 16:45 - 0000442 _____ () C:\Users\Adrian\AppData\Local\UserProducts.xml

Files to move or delete:
====================
C:\Users\Adrian\Quiz.bat
C:\Users\Adrian\worldpainter_64_1.10.3.exe
C:\Users\Adrian\worldpainter_64_1.9.0.exe


Some files in TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\jansi-64-git-Bukkit-61ef214-4807662166137902960.dll
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-12-21 15:41

==================== End of log ============================
         

Alt 03.07.2015, 11:56   #11
Freakey_
 
Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen



Addition.txt

[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Adrian at 2015-07-03 12:54:47
Running from C:\Users\Adrian\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1501557853-1401194567-1476615106-500 - Administrator - Disabled)
Adrian (S-1-5-21-1501557853-1401194567-1476615106-1000 - Administrator - Enabled) => C:\Users\Adrian
Gast (S-1-5-21-1501557853-1401194567-1476615106-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1501557853-1401194567-1476615106-1005 - Limited - Enabled)
Julia (S-1-5-21-1501557853-1401194567-1476615106-1008 - Limited - Enabled) => C:\Users\Julia
Roland (S-1-5-21-1501557853-1401194567-1476615106-1002 - Administrator - Enabled) => C:\Users\Roland

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alarm für Cobra 11 - Das Syndikat - DEMO (HKLM-x32\...\Alarm für Cobra 11 - Das Syndikat - DEMO_is1) (Version:  - dtp)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.02 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.02 - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoHotkey 1.1.22.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.22.00 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version:  - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Blockland (HKLM-x32\...\Steam App 250340) (Version:  - Eric Hartman)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
Bridge Constructor (HKLM-x32\...\Steam App 250460) (Version:  - )
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Chrome Remote Desktop Host (HKLM-x32\...\{FD6E648E-1378-467F-AD37-2B98B379B0DD}) (Version: 44.0.2403.25 - Google Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Cobra 11 - Burning Wheels (remove only) (HKLM-x32\...\BurningWheels) (Version:  - )
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DC Universe Online PSG (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
Dropbox (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.7.0.0 - Electronic Arts)
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FileZilla Client 3.11.0.2 (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.11.827 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Harry Potter und die Heiligtümer des Todes(TM) - Teil 2 (HKLM-x32\...\{F0C9E8E9-C54B-48C1-9192-F5D49633AB5D}) (Version: 1.0.0.0 - Electronic Arts)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{750E9D0F-B188-4A7E-ADD2-84B7ED7D32F6}) (Version: 5.1.4281.27332 - Hewlett-Packard)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 6.0.0.0 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 7 Update 79 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
King Arthur's Gold (HKLM-x32\...\{643B056F-61C1-4489-9797-4D846D101A7A}) (Version: 0.95.428.0 - THD)
Kit SDK de vérification de Visual Studio*2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LCPD First Response (HKLM-x32\...\LCPD First Response) (Version: 1.0.0.0d - G17 Media)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.1.2 (HKLM-x32\...\{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}) (Version: 4.0.1.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MC-RP Setup (HKLM-x32\...\{0115E035-5A7B-4972-BC55-E639EE7E0749}) (Version: 2.1.0 - mc-rp)
Mein Radio (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\4d13c7785a7a8b30) (Version: 1.0.0.0 - Hewlett-Packard Company)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4711.1002 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Note Block Studio version 3.2.1 (HKLM-x32\...\{84077DA9-3075-4AE5-BC82-345202B8CD4F}_is1) (Version: 3.2.1 - David Norgren)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MySQL Connector J (HKLM-x32\...\{5E91E205-AC15-4FA2-8A73-3CB5EC0E04A5}) (Version: 5.1.35 - Oracle Corporation)
MySQL Connector Net 6.9.6 (HKLM-x32\...\{71458704-E552-4A3E-8BFA-4F61C1F70724}) (Version: 6.9.6 - Oracle)
MySQL Documents 5.6 (HKLM-x32\...\{277FCB89-B03D-4A74-B9E6-97A4B07F691E}) (Version: 5.6.24 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{AC5A7E5E-629D-4A20-90D1-0FC2D426D7BF}) (Version: 5.6.24 - Oracle Corporation)
MySQL Fabric 1.6.1 & MySQL Utilities 1.6.1 (HKLM-x32\...\{5E11C144-6B3A-42A0-9646-7A80D565ECFF}) (Version: 1.6.1 - Oracle Corporation)
MySQL For Excel 1.3.4 (HKLM-x32\...\{A0352E65-6E78-48B3-B6D6-B3208E663249}) (Version: 1.3.4 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{7F30C2D9-2CEF-44FD-A2BA-C39DA3F7AD93}) (Version: 1.4.5.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero Burning ROM 2014 (HKLM-x32\...\{C9F54777-001E-41F6-83F8-B99A19EA5083}) (Version: 15.0.05600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PBO Manager v.1.4 beta (HKLM-x32\...\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}) (Version: 1.4.0 -  )
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.95 - PDF Complete, Inc)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version:  - Prism Studios)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.6207 - CyberLink Corp.) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 2.7 pygame-1.9.1 (HKLM-x32\...\{5D13804A-67B7-49DA-9B15-65B70A83B9C3}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 2.7.7 (64-bit) (HKLM\...\{049CA433-77A0-4e48-AC76-180A282C4E11}) (Version: 2.7.7150 - Python Software Foundation)
Python 3.3.2 (HKLM-x32\...\{92389DE9-939E-341B-A076-1D52D7DBCA71}) (Version: 3.3.2150 - Python Software Foundation)
Python 3.3.3 (64-bit) (HKLM\...\{E9D90870-AB19-32A8-AA93-F8348BA21D05}) (Version: 3.3.3150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samplitude Pro X Silver (HKLM-x32\...\MAGIX_{86460AB2-75D3-400D-B9A8-232EC729192E}) (Version: 12.0.2.115 - MAGIX AG)
Samplitude Pro X Silver (Version: 12.0.2.115 - MAGIX AG) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version:  - sparsevector)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Escapists (HKLM-x32\...\Steam App 298630) (Version:  - Mouldy Toof Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EEB9EFDE-ED91-11E2-91A8-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
x64 Components v4.1.6 (HKLM\...\Advanced x64Components_is1) (Version: 4.1.6 - Shark007)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.8-0 - Bitnami)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1501557853-1401194567-1476615106-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

02-07-2015 18:01:12 Revo Uninstaller's restore point - Snap.Do
02-07-2015 18:27:44 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-03 08:29 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {041AC71C-2E83-41A3-9554-505E9BC16A5E} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {06DC07AE-E4AD-43C7-A24E-36F63BF63935} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Adrian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {0ADC71B8-807C-4136-A3A1-A2C3E0D084BC} - System32\Tasks\HPCeeScheduleForAdrian => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1B2201A4-4B21-4025-B055-C91AB2D0B29E} - System32\Tasks\{2B544749-C5E0-4CB9-A076-C8F05F2E49BF} => pcalua.exe -a C:\Users\Adrian\Desktop\Setup.exe -d C:\Users\Adrian\Desktop
Task: {1F1D4F11-089A-4AF6-810E-480C83C2DFEE} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {26C3BDE7-D28F-40C5-AD50-122105E7002A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {27FC4DFF-9139-46D8-9BF7-CE891B4C2E1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {334F62A1-14D5-4AD7-9D9D-185FAF306C5E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {337E307F-1DDD-4EF0-8D40-F5EFCEB32DBA} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {3642C4C0-3B98-4160-A064-39ED0869F341} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {4DADD9CC-035A-406B-A423-6B9555ACE9A8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {55DC6AA8-CFC9-4392-891B-F9C3B1BD7EA3} - System32\Tasks\SERVER
Task: {5B077394-0B98-480C-87C3-0C240709CD75} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {5DE5203F-8628-4E1A-AF35-4C4678BB1EF7} - System32\Tasks\{E6EA3E45-7165-40A4-9FC3-83B36A2E9B84} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {61F768E0-7D8A-450F-AFD5-00F08BB5DCC2} - System32\Tasks\PaysafeCard in Portal2 Hülle!!!
Task: {631DD178-9898-4117-A534-A74C057FEA18} - System32\Tasks\MySQL\Installer\ManifestUpdate => c:\program files (x86)\mysql\mysql installer for windows\mysqlinstallerconsole.exe [2015-03-29] (Oracle Corporation)
Task: {698904AF-BD7C-43A6-A791-A640E6913B5D} - System32\Tasks\avastBCLRestartS-1-5-21-1501557853-1401194567-1476615106-1000 => Firefox.exe 
Task: {6B2959FE-F5FF-41E9-A669-AF05D5320A10} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {6D1AFA16-BF1F-4D69-B875-95745F2DF63C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-21] (Microsoft Corporation)
Task: {81CD89CF-09B7-4ED3-BFB9-4B8EB8437EB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {8230EFE9-711B-4354-98E1-57115D150942} - System32\Tasks\NCH Software\PrismSevenDays => C:\Program Files (x86)\NCH Software\Prism\Prism.exe
Task: {82B4103C-9A1A-4AEC-90A3-BE60C56A9082} - System32\Tasks\GAMIANO GEWINNSPIEL!
Task: {8604EB66-6E7D-4936-A784-64AC3EA48886} - System32\Tasks\WICHTIG
Task: {8EA51C4D-D3C9-439C-AB09-F5AE20B1157E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9101B909-7E8B-4996-8107-7247FB2E333F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)
Task: {91DC1A61-7372-4CF2-B2D9-E0A5648D2343} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)
Task: {931A1AD6-0FAC-45BC-AC61-21C7DD92229E} - System32\Tasks\NCH Software\ExpressBurnSevenDays => C:\Program Files (x86)\NCH Software\ExpressBurn\ExpressBurn.exe
Task: {94E9226C-97F0-4AF1-9274-A581A54DCC1B} - \update-S-1-5-21-1501557853-1401194567-1476615106-1000 No Task File <==== ATTENTION
Task: {9AAA1E7E-ACAA-43FD-889C-C7A16220C851} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9B36A057-A3D2-4345-A3B2-53106925BC34} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {9B867FDC-FEEE-4B88-9456-EB8F2D6B0363} - System32\Tasks\Start => C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
Task: {A459918B-B947-46D1-BFBF-D9D579DE4512} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Roland => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {A61FD028-E47B-4D5E-A476-9E9BE7E65B2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {B21DCAB4-B6D3-44F3-ABDC-B9637ABD7E00} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B5B4D891-6588-4B0A-92E5-365D3BCE4B0C} - System32\Tasks\DUC => C:\Program Files (x86)\No-IP\DUC40.exe
Task: {B83B0121-745B-4DE4-8C17-CBA638E82C2D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-02-17] ()
Task: {B972E0F9-134A-471C-BF1E-EBC4F7E86496} - System32\Tasks\{E89F20C8-6676-4864-9408-C01E0C2755AF} => pcalua.exe -a "C:\Program Files (x86)\GTA IV Vehicle Mod Installer\v1.5\gtaivvmi.exe" -d "C:\Program Files (x86)\GTA IV Vehicle Mod Installer\v1.5"
Task: {BB9F7843-A597-4CE1-9E5E-2E77079141D1} - System32\Tasks\{E043DE6B-9827-4807-9472-69EDE4CEDB0E} => C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe [2014-01-07] (Ubisoft Entertainment.)
Task: {CF789FA9-E7EC-4217-9CD3-296B9552F25E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E366872B-3E2A-4C8E-B1CB-7BE3E0101987} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01] (Adobe Systems Incorporated)
Task: {EFF15A10-9722-4D58-AD11-9C48EE1F8A62} - System32\Tasks\AdobeAAMUpdater-1.0-Cr4zzyPlays-PC-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {F1E040D6-34C6-40D7-866E-286F0C380210} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForAdrian.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-02 17:18 - 2015-06-02 17:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-04-21 17:04 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-17 20:24 - 2015-05-17 20:24 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-17 20:24 - 2015-05-17 20:24 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-03 11:28 - 2015-07-03 11:28 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070300\algo.dll
2015-03-19 15:23 - 2015-03-19 15:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\Users\Adrian\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Adrian\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Adrian\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Adrian\AppData\Roaming:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1501557853-1401194567-1476615106-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7725DE89-E83F-4BAB-B960-3184D07C10D3}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [{C56BE747-D7D9-405F-B6DC-1F2B8FB170B9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{B805765A-3445-44AB-B66A-E99526A6EFD1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{74B8F962-14AF-47E3-B4F5-9EE44DC56893}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8E2387B-6CE2-43D0-84F8-94B85C41BAF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4E346773-872D-491B-B087-6C5FE3CC2ED1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5767F5B3-ECEE-46BB-BCAA-F38BF9050775}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E0FC6BB-7068-4B6F-B65B-FC6F549E2D01}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C5F7B186-2702-4B3A-AA96-D7E1C085739E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2DEF6007-2AD3-44DB-B3DD-5E8BCF11F774}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{AE19D90D-8E24-4F00-9C5A-EF2F4664A12A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{41BD13B0-6E06-411E-95E8-A6A5C1FC10F6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{EC382866-8441-4B7B-8B16-C153BC1646A4}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{69A3602A-D727-4FC1-A7E2-61569D006923}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{E3655670-0721-46B5-A6B7-D70F3A983568}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{0938812A-7DED-41BC-8358-86939A56B552}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{34EF15B3-95BB-4515-B44F-BACE39D9B957}] => (Allow) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{C47DA7AC-02E6-4A35-B4AD-9629C4228DD9}] => (Allow) C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{AB40C52B-B1DD-4556-8D32-6FCE4AAEC1F2}] => (Allow) C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6B63423E-6CFF-4398-9185-EDC135215FC8}] => (Allow) C:\Users\Roland\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{CAD9D6D8-793C-4210-9153-20123064028D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{637F538C-A56C-42B9-B6A1-4DCE6CC6ECA9}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{998CD0DC-C563-4D14-AA37-A73A1D2419FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{5342D3C2-D9D1-4BDC-8CF7-AE1FB9037D3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{5F9887C1-4E6A-4C22-8E08-C118EC71E1AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{FCEE714A-FB37-454C-8B3A-C4C80AB56157}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{32505978-7C0F-4ADF-8FC5-10706CAD98BF}] => (Allow) C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7CA689AD-2342-4865-A892-106015C8F4F8}] => (Allow) C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AF51A93D-60E6-400F-88D7-CDA2FC66FBA9}C:\users\adrian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adrian\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8533760E-43EB-4492-9865-36330F82EB81}C:\users\adrian\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adrian\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8F3EED5C-288A-457D-98BA-B39C02BE7EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{396285FC-4B7A-472F-A666-F71691BDBE41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4E948EEB-1484-49FA-A012-4801BA30788D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{79AEE65C-DA83-49CC-B8F4-9DDBEB66BD00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E963F82B-07D0-4AEA-AFBC-C7F30B0B59A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4106D859-3300-42CE-A9F9-93A55B3CD1E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1CF0E882-6F4B-44BD-8C84-77C6396C1D37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E2241544-C2BE-48C3-8F36-6C64E4070B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B4D9AC2F-C060-4ACD-BA82-E3AE61110F3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{AF4304B8-C7D5-4DAF-B3F9-3FE10A8C9E85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{AB658D72-0EAD-415E-9F96-3326478009BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{3D00E488-ADB4-4A83-B8BA-42F227465435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{33499D7C-59E6-489F-899C-21336D4475DC}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{AAADD60B-1110-47A3-8D4E-CEFBE5B28989}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{C15D3FC8-C272-4E47-90AE-0490A274B949}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{5560E43F-05F7-49AD-954F-EB5B178D82E8}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{139662F9-FC74-485F-A2A3-1FE8C4F93DBD}] => (Allow) LPort=5353
FirewallRules: [{57F05CF8-97F3-47EB-8F19-33D03EC86641}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{7B8041C9-7199-4D08-9BEE-F632AE8337DC}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{D19D4D27-657A-466A-AEAD-FA7ED3ECF410}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{F332566E-4F8F-4D59-905E-758A95D4FA91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DA340EC9-1D6E-425E-A991-63068AB0B1A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9CA84589-D26E-4252-B259-3FE3ED612479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E66F7C9C-F737-4BA5-A2AA-68BCE9583622}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9E2B167-FFAD-4E31-8396-08412ED67084}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{173906CC-5AF9-425A-BC0B-0A068C2E77EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E713AFAB-7A23-43E3-AD25-3228A9D1264F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6399EF50-8D00-4BBC-A0A1-1D08F3348C8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{C260E583-E366-41A5-AE3D-AC2100C9E1E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C78F265E-8FBF-4B69-BBE9-042AA2F9B88D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{7BFBB678-C0DC-42DA-937C-6E2817EF0B5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{10665EEA-0E26-47FE-AB5C-4940F8D391B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{476CA168-75E4-41E4-B26F-01F046718385}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4BE04311-EB97-45C6-B699-70499B211DCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{6AA415F3-8C11-496E-A5F1-FE20E2914E0F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{394F1F83-D77A-4232-AF37-DDDE3F06EFC8}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B0DF2AB0-70DA-4C53-BD08-D45D4A58938A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF11AAF-A126-4DAA-8817-024DC70F8C3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{87A957D0-58F1-4271-82EB-D4C6E1B6CC14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7672E71B-F416-450E-8305-77BE503FAD68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9A2E237D-AB79-4747-A42B-0A852FD360E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{FB1D3B69-EBBC-4849-AA00-AC9F7C1C2278}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{56C72EDB-DFB2-451D-8FF9-AC049E83551F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{8FCCB769-E062-4ECD-B8AE-5837031DAB1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{2AB5D71E-D662-4062-8D44-26F41ABFD0CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{C92760AB-A7CC-43ED-824B-542E321D53F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [TCP Query User{5C3296CA-31DD-4E8F-82CD-32F3463559F8}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [UDP Query User{29E77F18-289A-4947-97FA-F1818493880B}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [{22209C58-B94B-4536-B06C-AB5883FDF9F9}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{7E73E6E8-9EDD-472D-9642-7FAE4FC7761C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{C91119AE-F1BC-4D85-BC32-234CA157257B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{6B55690F-21AB-4D02-B25A-56694F67468B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [TCP Query User{189D7521-6549-45BA-A10C-229E77BD64AD}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{BA0903AA-3E21-4F14-AB46-DEFAA8F2F7B2}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{6DBEC91E-8637-4408-9994-0A1A37E6105D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{52F34E45-7D18-4111-AA05-963BF4E1479B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{8A6D7E74-EA75-4DDE-B544-41C4E659665D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{762E4113-F0DC-4779-9F2B-E0FAAABDF617}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{146919FF-1602-4DA7-B341-1C8C9D13684C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BridgeConstructor\BridgeConstructor.exe
FirewallRules: [{C94D4FF6-AD86-4BE0-B314-D81C18519E86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BridgeConstructor\BridgeConstructor.exe
FirewallRules: [{52A53501-046E-4372-84BF-A9B3A732A92B}] => (Allow) C:\Program Files (x86)\Brick-Force\BfLauncher.exe
FirewallRules: [{F3F06992-ED76-46F5-910A-8805CFB0B638}] => (Allow) C:\Program Files (x86)\Brick-Force\BrickForce.exe
FirewallRules: [{5BDA46F9-4D26-4F10-9620-AF8AF6D8CCB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A62D5167-2E1B-45E0-AEAB-A77A964D4892}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{70E8A62D-48AC-49F9-B354-06EAB06A765E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{26F8BD50-F655-4FC6-9D39-FA4CCD9AAC07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{FEAB6A70-00BE-40C9-BD70-82A3E5C9B188}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8C141BBD-58C9-467D-9848-8EAAF1FC0BB0}] => (Allow) LPort=2869
FirewallRules: [{719D9BB2-CB0D-49A9-B1C1-729C5474CC77}] => (Allow) LPort=1900
FirewallRules: [{CD2D6934-42CE-4D82-9D5E-5555CCD22B0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{2B2E2F5E-231B-4143-BD6F-C15B81CBA8A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{7DA7A065-F4E9-444E-9259-6620EF4ECDFB}C:\users\adrian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adrian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CA15F759-FEA4-46A6-A52C-A7085859165D}C:\users\adrian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\adrian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3692B34A-1607-4AA1-81D7-554C028A445E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E5A71671-CB7F-4751-BDD9-603949C1A172}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{321D86F8-56EC-491C-A1FF-1349A525D509}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{3B6DB4E0-65A3-43CC-AF91-A980F62CBD07}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{5557BD66-2409-4F2C-A3E8-2EDF5BBBE279}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{34832F51-133E-4E40-9EF3-C738B3E43A16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{1F34037F-8B4C-460D-9A64-160B9B699E9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{3A849086-4E3A-4DEE-93CF-C5041AC28C28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{CB0A3944-4DB5-4D9E-9B42-CC841C92B03B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{BB361EB2-2517-44A8-BA69-BE283A829621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [TCP Query User{C50B81B0-F0CF-455E-A5FA-75C3C43FE778}C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{67CFD63B-6BF1-479E-8C7F-71042F420ABA}C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [{08665BE5-08B1-4FF5-8F78-A8AB2968D6C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{6639D13C-656E-4284-8A1B-8D4806EBD300}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{878D3DD1-336B-4145-A0D8-D0F237FBC43D}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{8811FA59-1250-4E07-82D2-8A07AC1876A5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{49180D1C-E43C-424D-9D93-958C0F28C43C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{724CE73C-6007-4C5A-9A6B-787F97FC7BEC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [TCP Query User{B37D49DA-7616-4B4E-BFDD-802C089B2ACE}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{57C7E261-C832-4846-AE6F-9B4E72018584}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{E377194F-6B8D-49A9-90EA-0D4A5A956421}C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe
FirewallRules: [UDP Query User{7978E998-2FA6-48E1-B199-31E8ED39F2FC}C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe
FirewallRules: [{B413F2FC-4698-4EA6-A374-745552BBC774}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{10DF6214-9844-4AD5-95D0-941BFC7D7E22}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{AA819EC6-3F82-4AAB-8176-FE09013BDAAA}C:\pylo\mcreator149\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator149\jdk\bin\java.exe
FirewallRules: [UDP Query User{2F723A8F-C93E-4C36-BD33-8B48A5889648}C:\pylo\mcreator149\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator149\jdk\bin\java.exe
FirewallRules: [{4CC77073-C5C2-49EF-8B37-4C1F79046576}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{50EC1D90-0FA1-4DA4-899E-E80E01201A94}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{2FAFE501-CB20-408F-9F26-ACAE1F6FE920}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{92142424-EC09-4349-8B98-41AE05C0E66C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3799D8FD-8437-4CB4-8473-58B20B5A850B}C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe
FirewallRules: [UDP Query User{69ADB191-09B6-4581-B9FA-308530A4BCCC}C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\minecraft\proxy_sa.exe
FirewallRules: [{69AA04D8-7B14-43BC-921E-47B1ED61854E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{83C53085-7214-4CEC-8B0B-04CE6E8A145E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{2FBE2A57-28AA-4A34-A80A-B4F77FF32EA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{3DAF6ECE-1BB5-4145-8825-A25ED441B212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{9F903F5B-3475-4D4F-ABC5-E7BE93F5873A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F0804D8E-D099-43B8-8D0A-DF2FC660F48D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3052E117-8836-4C8C-8179-F67D7A1968FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{42035716-DDBB-4E58-A34E-9F6C1F469E03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{94C26BC9-5E85-44B7-9854-4DD45A8A6D8D}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{52299794-2CE7-4B21-87CD-4DDB42C3272D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{93E7D721-2482-43FF-86CC-5728C5483BDC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C5BFE56-C37D-48CF-A38D-2FBF3EA2265E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4B624882-21EE-4935-9068-EB8A5E3D2579}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{000A36FD-FF4D-48AC-9CD2-C5E0D4E61376}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{A7D0850B-CAFA-4F2A-AE35-47DAD1E13033}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{7D6F8545-4D2D-422F-8952-0512FE9077D8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{4596D5DC-AB37-4592-8ECD-9D7770801E72}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{8C729E3E-4444-4B01-B928-A697EF2D793D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{9E7FF24A-44E7-4188-8424-A9B5B2E988D7}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{E132DFF6-7075-4DE8-BDB6-3D3310A446A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{DB7B89FD-B222-40ED-BC98-51022AD43AC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Blockland\Blockland.exe
FirewallRules: [{F3A23186-2122-4E82-B6EA-6D7686EB28F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{C86045CB-B5A2-44A4-B589-C93124C89414}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{149585E9-5868-434D-8BF1-C70046E154CF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{129A03C7-1CD8-4B1D-81BD-98E07E3F3E9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{8739D6F5-C7F6-4F6C-BC1A-FCCD10DE8920}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{5F2FA9C8-F6EC-4AAB-BFFF-D97B23F5BC8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{F6FE675F-D33F-46D1-B4C9-223BD92ACBE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{B4FCCA00-E4C1-4A9E-8372-BC92F2DD7B28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [TCP Query User{EA6D42E3-F35B-467E-A3AA-55D9E8CAE726}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{A7DD2141-8A45-489B-AFFB-57A05229F3AD}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{F212B33B-31FA-4F06-91F4-ED042CA73673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B2854B13-4054-462B-8C5D-9E792D4F1763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{99BEBAFD-80BA-4E63-96AC-BA8ADDFB315D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{4BB0F19D-E19A-4A06-9DCC-C6AD08E1FBD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{C1144C6E-CDC3-48FE-A893-F2362900B24D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4AA7C2FC-6F54-47F7-A4B5-A1E1AE21A033}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4D7CA139-6DBE-4BF2-B0A9-F57972BA74B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2F232AE0-0C28-404F-8425-22610C051E5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AC180EF4-C0BF-4B73-95F2-2C7F679F840E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BC6983BB-E0AC-44FF-99A9-7DECBC999C53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{099D57FF-548F-482A-97C4-5D7D1D7DF301}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{030813A3-143C-429F-865C-592013D48B51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{2E2F7D48-E6C5-4AB8-A0DF-324420761B21}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F0941AF2-DD9F-4798-9F93-5FE5DFAAD340}] => (Allow) C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A56F683D-C3C5-4289-9628-D8E752BF8E66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{686FBA29-FF54-4CA1-916A-15F40238DAC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{72C34A5B-1EEC-4589-B760-4687C5C68B83}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{224E577A-3FDF-46BB-9230-35D35505A82B}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{5F5C282C-FE93-42DB-BB20-1CC29DF4957E}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2DEACC97-D40B-45E4-BD9E-D5FCFD100FAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{973ECF3D-9FB5-4413-BC6F-EE83F99E2F58}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{60CC3B70-2E81-461D-B372-84801A31B1C6}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{2CF76AFB-F847-42EE-ABC8-94316C6D89E1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{55C299BD-57DC-4764-995E-501BFAA0FAE3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{19641893-ADED-4838-8290-7FC5A4473A40}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{1404C65F-6854-43F6-A727-B3CD0376C895}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{E7AA8B43-40A2-4B2F-ACB7-1C37B424A521}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{EF888B35-708A-4731-A198-E0D0A376B784}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{952D2CF4-95A6-4E41-82FC-3CDAC45EA374}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{ED546795-7DB0-4A7C-913F-6E48102F59EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B8D97A83-009B-4717-8352-A864625E8710}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8E1A5031-0E76-484F-9AC0-7FAA14F41F85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{AF3621B2-AD70-461B-BB17-020DA0235F1B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{127475BA-12A2-43B3-B55E-FE8082B5A684}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{57F5CC14-9CD5-41A8-9B6D-ECEFF5DCB6F0}C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe] => (Allow) C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe
FirewallRules: [UDP Query User{BDB24747-9CE5-4AB2-94E9-69D842869416}C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe] => (Allow) C:\users\adrian\desktop\meine dateien\developing » alles rund ums programmieren\developing\eclipse\eclipse.exe
FirewallRules: [{7E2F8A72-D0E5-4CCE-A0C5-EBB3657D5101}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FF62ABC-32B9-47F6-9A4F-928AFA3ED621}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{CB690175-4ABC-45F7-BB70-13D8404A683A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7D1D7A34-8E9D-4CB3-9A14-97CE04163F8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B03FD55B-6314-4B9C-B89B-E68B13634E9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{64184ECF-DAE3-4802-BBDE-FC23763E9227}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{3801CA63-0CCA-4FE0-9DF1-AEF857E49A00}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2015 10:36:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.1.5611, Zeitstempel: 0x55541a90
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.1.5611, Zeitstempel: 0x55540a1e
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/03/2015 10:36:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 38.0.1.5611 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10b4

Startzeit: 01d0b55d4e4bff80

Endzeit: 788

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 9f70d202-215e-11e5-adc1-80c16ee1eaf7

Error: (07/02/2015 06:27:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1501557853-1401194567-1476615106-1003.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {bbf531dd-c968-4fc2-9aac-3b4722d41b9a}

Error: (07/02/2015 06:01:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1501557853-1401194567-1476615106-1003.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {1acbed67-be75-40f1-9717-b7912dc2751b}

Error: (07/01/2015 02:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 147c

Startzeit: 01d0b3f9bfb94b45

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\Steam\steam.exe

Berichts-ID: 361dc56a-1fed-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:29:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 738

Startzeit: 01d0b3f799d255de

Endzeit: 6

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: d44138a6-1fec-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:15:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b48

Startzeit: 01d0b3f723b1ce43

Endzeit: 15

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: d56ea64b-1fea-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:11:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.81.34.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17e0

Startzeit: 01d0b328f699ab83

Endzeit: 9

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: 55cafba8-1fea-11e5-ba37-80c16ee1eaf7

Error: (06/29/2015 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 8.0.45.15, Zeitstempel: 0x554287ba
Name des fehlerhaften Moduls: awt.dll, Version: 8.0.45.15, Zeitstempel: 0x55428cbf
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000024a30
ID des fehlerhaften Prozesses: 0x2f4
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3

Error: (06/29/2015 05:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 8.0.45.15, Zeitstempel: 0x554287ba
Name des fehlerhaften Moduls: awt.dll, Version: 8.0.45.15, Zeitstempel: 0x55428cbf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000024a30
ID des fehlerhaften Prozesses: 0x2f4
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3


System errors:
=============
Error: (07/03/2015 00:50:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Modules Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (07/03/2015 00:48:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/03/2015 00:48:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X86" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CalendarSynchService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/03/2015 00:48:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/03/2015 00:48:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (07/03/2015 10:36:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa1157401d0b56a8a9a068fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla296fac0-215e-11e5-adc1-80c16ee1eaf7

Error: (07/03/2015 10:36:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe38.0.1.561110b401d0b55d4e4bff80788C:\Program Files (x86)\Mozilla Firefox\firefox.exe9f70d202-215e-11e5-adc1-80c16ee1eaf7

Error: (07/02/2015 06:27:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1501557853-1401194567-1476615106-1003.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {bbf531dd-c968-4fc2-9aac-3b4722d41b9a}

Error: (07/02/2015 06:01:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1501557853-1401194567-1476615106-1003.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {1acbed67-be75-40f1-9717-b7912dc2751b}

Error: (07/01/2015 02:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: steam.exe2.81.34.6147c01d0b3f9bfb94b454C:\Program Files (x86)\Steam\steam.exe361dc56a-1fed-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:29:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.673801d0b3f799d255de6C:\Program Files (x86)\Steam\Steam.exed44138a6-1fec-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:15:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.6b4801d0b3f723b1ce4315C:\Program Files (x86)\Steam\Steam.exed56ea64b-1fea-11e5-ba37-80c16ee1eaf7

Error: (07/01/2015 02:11:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.81.34.617e001d0b328f699ab839C:\Program Files (x86)\Steam\Steam.exe55cafba8-1fea-11e5-ba37-80c16ee1eaf7

Error: (06/29/2015 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe8.0.45.15554287baawt.dll8.0.45.1555428cbfc000041d0000000000024a302f401d0b281c47fd524C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeC:\Program Files\Java\jre1.8.0_45\bin\awt.dll10edd01d-1e75-11e5-a5e4-80c16ee1eaf7

Error: (06/29/2015 05:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe8.0.45.15554287baawt.dll8.0.45.1555428cbfc00000050000000000024a302f401d0b281c47fd524C:\Program Files\Java\jre1.8.0_45\bin\javaw.exeC:\Program Files\Java\jre1.8.0_45\bin\awt.dll04947803-1e75-11e5-a5e4-80c16ee1eaf7


CodeIntegrity Errors:
===================================
  Date: 2015-07-03 08:28:34.268
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-03 08:28:34.208
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:39:01.968
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:39:01.898
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:53.081
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:53.009
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:47.742
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:47.612
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:33.071
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-12 21:38:32.991
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 29%
Total physical RAM: 8148.01 MB
Available physical RAM: 5739.68 MB
Total Pagefile: 16294.23 MB
Available Pagefile: 13721.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:300.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:16.88 GB) (Free:2.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5F651316)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---

Alt 03.07.2015, 12:36   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Taskmanager blockiert, consent.exe 6x offen - Standard

Taskmanager blockiert, consent.exe 6x offen




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Taskmanager blockiert, consent.exe 6x offen
bildschirm, blockiert, consent, fenster, gestartet, gestern, herunterfahren, heute, hilfe!, klicke, klicken, komisches, konnte, lädt, nicht mehr, nicht schließen, offen, schließe, schließen, starte, starten, taskmanager, taste, troja, trojaner, trojanerboard, virus, öffnen




Ähnliche Themen: Taskmanager blockiert, consent.exe 6x offen


  1. Consent.exe Fehler
    Alles rund um Windows - 24.10.2015 (1)
  2. G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 04.04.2015 (18)
  3. Taskmanager geht nicht mehr Windows 7 Taskmanager trojaner 2014
    Alles rund um Windows - 18.06.2014 (48)
  4. "Posadi17" ständig offen als Task im Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 12.05.2014 (18)
  5. Zugriff auf Taskmanager u. Anwendungen wird blockiert, aufpoppende Alerts u. a.
    Plagegeister aller Art und deren Bekämpfung - 05.02.2010 (17)
  6. was ist consent.exe ?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2009 (2)
  7. Offen
    Lob, Kritik und Wünsche - 22.02.2009 (6)
  8. 2 Iexplorer offen!
    Mülltonne - 22.11.2008 (0)
  9. iexplorer.exe 2 mal offen
    Log-Analyse und Auswertung - 16.09.2008 (15)
  10. Taskmanager "blockiert" und Internetverbindung lässt sich nicht trennen
    Log-Analyse und Auswertung - 25.02.2008 (4)
  11. Trojaner blockiert Taskmanager, Ausführen...
    Plagegeister aller Art und deren Bekämpfung - 10.11.2007 (4)
  12. iexplorer.exe 2 mal offen :(
    Log-Analyse und Auswertung - 10.10.2007 (10)
  13. Udp-Prots offen
    Antiviren-, Firewall- und andere Schutzprogramme - 24.03.2005 (6)
  14. ports offen!!!!!
    Plagegeister aller Art und deren Bekämpfung - 29.05.2004 (2)
  15. Die X-Box ist offen...
    Alles rund um Mac OSX & Linux - 06.07.2003 (3)
  16. port offen
    Alles rund um Windows - 13.06.2003 (2)

Zum Thema Taskmanager blockiert, consent.exe 6x offen - Hallo liebes Trojanerboard Team, ich habe seit heute ein komisches Problem... Und zwar kann ich irgendwie den Taskmanager nicht mehr per Tastendruck starten, (hab ihn mit taskmgr.exe) gestartet, und da - Taskmanager blockiert, consent.exe 6x offen...
Archiv
Du betrachtest: Taskmanager blockiert, consent.exe 6x offen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.