Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Festplatte füllt und leert sich selbstständig

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.07.2015, 09:58   #1
lokithease
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Servus,

meine Systemfestplatte füllt und leert sich in beobachtbarer Geschwindigkeit selbst. Meinem Gefühl nach nur wenn ich zum Internet verbunden bin.
Ich habe die Hinweise aus einem vorhandenen Thread benutzt und hier schon mal zwei Logs angehängt.
Das löschen der Wiederherstellungspunkte hat einen Großteil des Speichers wieder befreit, das Problem aber nicht behoben; der Speicher variiert auch bin ausgeschalteter Systemwiederherstellung.

Vielen Dank und Grüße.,

Tobi

Edit: Ich habe mit TreeSize jetzt die Speicherplatzverschiebungen auf den Windows Ordner begrenzen können.

Anhang 75197

Anhang 75198

Geändert von lokithease (25.07.2015 um 10:15 Uhr)

Alt 25.07.2015, 10:44   #2
M-K-D-B
/// TB-Ausbilder
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 25.07.2015, 11:08   #3
lokithease
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Servus Matthias,

vielen Dank für deine schnelle Antwort.
Hier die Logs:

tdsskiller
Code:
ATTFilter
12:07:17.0619 0x1958  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
12:07:19.0209 0x1958  ============================================================
12:07:19.0209 0x1958  Current date / time: 2015/07/25 12:07:19.0209
12:07:19.0209 0x1958  SystemInfo:
12:07:19.0209 0x1958  
12:07:19.0209 0x1958  OS Version: 6.1.7601 ServicePack: 1.0
12:07:19.0209 0x1958  Product type: Workstation
12:07:19.0209 0x1958  ComputerName: TSK-PC
12:07:19.0209 0x1958  UserName: TSK
12:07:19.0209 0x1958  Windows directory: C:\Windows
12:07:19.0209 0x1958  System windows directory: C:\Windows
12:07:19.0209 0x1958  Running under WOW64
12:07:19.0209 0x1958  Processor architecture: Intel x64
12:07:19.0209 0x1958  Number of processors: 8
12:07:19.0209 0x1958  Page size: 0x1000
12:07:19.0209 0x1958  Boot type: Normal boot
12:07:19.0209 0x1958  ============================================================
12:07:19.0239 0x1958  KLMD registered as C:\Windows\system32\drivers\78496991.sys
12:07:19.0279 0x1958  System UUID: {D2749764-BCEB-7EAD-2396-654DE29FB217}
12:07:19.0459 0x1958  Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 ( 55.90 Gb ), SectorSize: 0x200, Cylinders: 0x6B98, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
12:07:19.0469 0x1958  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:07:19.0469 0x1958  Drive \Device\Harddisk2\DR2 - Size: 0x3F3C0000 ( 0.99 Gb ), SectorSize: 0x200, Cylinders: 0x80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:07:19.0469 0x1958  ============================================================
12:07:19.0469 0x1958  \Device\Harddisk0\DR0:
12:07:19.0469 0x1958  MBR partitions:
12:07:19.0469 0x1958  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6FCB800
12:07:19.0469 0x1958  \Device\Harddisk1\DR1:
12:07:19.0469 0x1958  MBR partitions:
12:07:19.0469 0x1958  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:07:19.0469 0x1958  \Device\Harddisk2\DR2:
12:07:19.0469 0x1958  MBR partitions:
12:07:19.0469 0x1958  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1F9DE0
12:07:19.0469 0x1958  ============================================================
12:07:19.0469 0x1958  C: <-> \Device\Harddisk0\DR0\Partition1
12:07:19.0499 0x1958  D: <-> \Device\Harddisk1\DR1\Partition1
12:07:19.0499 0x1958  ============================================================
12:07:19.0499 0x1958  Initialize success
12:07:19.0499 0x1958  ============================================================
12:07:23.0462 0x0bd8  ============================================================
12:07:23.0462 0x0bd8  Scan started
12:07:23.0462 0x0bd8  Mode: Manual; SigCheck; TDLFS; 
12:07:23.0462 0x0bd8  ============================================================
12:07:23.0462 0x0bd8  KSN ping started
12:07:25.0782 0x0bd8  KSN ping finished: true
12:07:26.0013 0x0bd8  ================ Scan system memory ========================
12:07:26.0013 0x0bd8  System memory - ok
12:07:26.0013 0x0bd8  ================ Scan services =============================
12:07:26.0053 0x0bd8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:07:26.0083 0x0bd8  1394ohci - ok
12:07:26.0093 0x0bd8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:07:26.0103 0x0bd8  ACPI - ok
12:07:26.0103 0x0bd8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:07:26.0113 0x0bd8  AcpiPmi - ok
12:07:26.0123 0x0bd8  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:07:26.0123 0x0bd8  AdobeARMservice - ok
12:07:26.0153 0x0bd8  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:07:26.0163 0x0bd8  AdobeFlashPlayerUpdateSvc - ok
12:07:26.0173 0x0bd8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:07:26.0193 0x0bd8  adp94xx - ok
12:07:26.0193 0x0bd8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:07:26.0213 0x0bd8  adpahci - ok
12:07:26.0213 0x0bd8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:07:26.0223 0x0bd8  adpu320 - ok
12:07:26.0223 0x0bd8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:07:26.0243 0x0bd8  AeLookupSvc - ok
12:07:26.0263 0x0bd8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:07:26.0273 0x0bd8  AFD - ok
12:07:26.0283 0x0bd8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:07:26.0283 0x0bd8  agp440 - ok
12:07:26.0293 0x0bd8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:07:26.0293 0x0bd8  ALG - ok
12:07:26.0303 0x0bd8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:07:26.0303 0x0bd8  aliide - ok
12:07:26.0303 0x0bd8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:07:26.0313 0x0bd8  amdide - ok
12:07:26.0313 0x0bd8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:07:26.0323 0x0bd8  AmdK8 - ok
12:07:26.0323 0x0bd8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:07:26.0333 0x0bd8  AmdPPM - ok
12:07:26.0333 0x0bd8  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:07:26.0343 0x0bd8  amdsata - ok
12:07:26.0353 0x0bd8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:07:26.0363 0x0bd8  amdsbs - ok
12:07:26.0363 0x0bd8  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:07:26.0363 0x0bd8  amdxata - ok
12:07:26.0373 0x0bd8  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
12:07:26.0373 0x0bd8  AppID - ok
12:07:26.0383 0x0bd8  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:07:26.0383 0x0bd8  AppIDSvc - ok
12:07:26.0393 0x0bd8  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
12:07:26.0393 0x0bd8  Appinfo - ok
12:07:26.0403 0x0bd8  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:07:26.0403 0x0bd8  Apple Mobile Device - ok
12:07:26.0413 0x0bd8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:07:26.0413 0x0bd8  arc - ok
12:07:26.0423 0x0bd8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:07:26.0433 0x0bd8  arcsas - ok
12:07:26.0443 0x0bd8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:07:26.0443 0x0bd8  aspnet_state - ok
12:07:26.0453 0x0bd8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:07:26.0473 0x0bd8  AsyncMac - ok
12:07:26.0473 0x0bd8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:07:26.0483 0x0bd8  atapi - ok
12:07:26.0533 0x0bd8  [ 40734F3A5EEC4C4AC6A1FAF10B293714, 069885A5EED99E51E5D8621CF5174DCCC6C56B3F950A11C14A3A97A8DADD9D5C ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:07:26.0583 0x0bd8  athr - ok
12:07:26.0603 0x0bd8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:07:26.0613 0x0bd8  AudioEndpointBuilder - ok
12:07:26.0633 0x0bd8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:07:26.0653 0x0bd8  AudioSrv - ok
12:07:26.0653 0x0bd8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:07:26.0663 0x0bd8  AxInstSV - ok
12:07:26.0683 0x0bd8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:07:26.0693 0x0bd8  b06bdrv - ok
12:07:26.0703 0x0bd8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:07:26.0713 0x0bd8  b57nd60a - ok
12:07:26.0713 0x0bd8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:07:26.0723 0x0bd8  BDESVC - ok
12:07:26.0723 0x0bd8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:07:26.0743 0x0bd8  Beep - ok
12:07:26.0763 0x0bd8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:07:26.0783 0x0bd8  BFE - ok
12:07:26.0803 0x0bd8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:07:26.0833 0x0bd8  BITS - ok
12:07:26.0843 0x0bd8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:07:26.0843 0x0bd8  blbdrive - ok
12:07:26.0863 0x0bd8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:07:26.0873 0x0bd8  Bonjour Service - ok
12:07:26.0883 0x0bd8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:07:26.0883 0x0bd8  bowser - ok
12:07:26.0893 0x0bd8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:07:26.0893 0x0bd8  BrFiltLo - ok
12:07:26.0903 0x0bd8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:07:26.0903 0x0bd8  BrFiltUp - ok
12:07:26.0913 0x0bd8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:07:26.0923 0x0bd8  Browser - ok
12:07:26.0933 0x0bd8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:07:26.0943 0x0bd8  Brserid - ok
12:07:26.0943 0x0bd8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:07:26.0953 0x0bd8  BrSerWdm - ok
12:07:26.0953 0x0bd8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:07:26.0963 0x0bd8  BrUsbMdm - ok
12:07:26.0963 0x0bd8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:07:26.0973 0x0bd8  BrUsbSer - ok
12:07:26.0973 0x0bd8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:07:26.0983 0x0bd8  BTHMODEM - ok
12:07:26.0983 0x0bd8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:07:27.0013 0x0bd8  bthserv - ok
12:07:27.0013 0x0bd8  [ 3862E463B01E20326325DDDDDFBB3372, 55257D1AFD80B57FB1CAFFBED94FC79B90EC6803095C6E26426FFC3E5E6A1251 ] busenum         C:\Windows\system32\DRIVERS\SteelBus64.sys
12:07:27.0023 0x0bd8  busenum - ok
12:07:27.0023 0x0bd8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:07:27.0043 0x0bd8  cdfs - ok
12:07:27.0053 0x0bd8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:07:27.0063 0x0bd8  cdrom - ok
12:07:27.0063 0x0bd8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:07:27.0083 0x0bd8  CertPropSvc - ok
12:07:27.0093 0x0bd8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:07:27.0093 0x0bd8  circlass - ok
12:07:27.0103 0x0bd8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
12:07:27.0123 0x0bd8  CLFS - ok
12:07:27.0123 0x0bd8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:07:27.0133 0x0bd8  clr_optimization_v2.0.50727_32 - ok
12:07:27.0133 0x0bd8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:07:27.0143 0x0bd8  clr_optimization_v2.0.50727_64 - ok
12:07:27.0153 0x0bd8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:07:27.0163 0x0bd8  clr_optimization_v4.0.30319_32 - ok
12:07:27.0163 0x0bd8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:07:27.0173 0x0bd8  clr_optimization_v4.0.30319_64 - ok
12:07:27.0173 0x0bd8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:07:27.0183 0x0bd8  CmBatt - ok
12:07:27.0183 0x0bd8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:07:27.0193 0x0bd8  cmdide - ok
12:07:27.0203 0x0bd8  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
12:07:27.0223 0x0bd8  CNG - ok
12:07:27.0223 0x0bd8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:07:27.0223 0x0bd8  Compbatt - ok
12:07:27.0233 0x0bd8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:07:27.0243 0x0bd8  CompositeBus - ok
12:07:27.0243 0x0bd8  COMSysApp - ok
12:07:27.0263 0x0bd8  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:07:27.0283 0x0bd8  cphs - ok
12:07:27.0283 0x0bd8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:07:27.0283 0x0bd8  crcdisk - ok
12:07:27.0293 0x0bd8  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:07:27.0303 0x0bd8  CryptSvc - ok
12:07:27.0323 0x0bd8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:07:27.0343 0x0bd8  DcomLaunch - ok
12:07:27.0353 0x0bd8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:07:27.0383 0x0bd8  defragsvc - ok
12:07:27.0383 0x0bd8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:07:27.0403 0x0bd8  DfsC - ok
12:07:27.0413 0x0bd8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:07:27.0443 0x0bd8  Dhcp - ok
12:07:27.0443 0x0bd8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:07:27.0463 0x0bd8  discache - ok
12:07:27.0463 0x0bd8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:07:27.0473 0x0bd8  Disk - ok
12:07:27.0483 0x0bd8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:07:27.0493 0x0bd8  Dnscache - ok
12:07:27.0493 0x0bd8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:07:27.0523 0x0bd8  dot3svc - ok
12:07:27.0523 0x0bd8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:07:27.0543 0x0bd8  DPS - ok
12:07:27.0553 0x0bd8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:07:27.0553 0x0bd8  drmkaud - ok
12:07:27.0563 0x0bd8  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:07:27.0573 0x0bd8  dtsoftbus01 - ok
12:07:27.0593 0x0bd8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:07:27.0613 0x0bd8  DXGKrnl - ok
12:07:27.0613 0x0bd8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:07:27.0643 0x0bd8  EapHost - ok
12:07:27.0703 0x0bd8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:07:27.0763 0x0bd8  ebdrv - ok
12:07:27.0763 0x0bd8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
12:07:27.0773 0x0bd8  EFS - ok
12:07:27.0793 0x0bd8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:07:27.0803 0x0bd8  ehRecvr - ok
12:07:27.0813 0x0bd8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:07:27.0823 0x0bd8  ehSched - ok
12:07:27.0833 0x0bd8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:07:27.0843 0x0bd8  elxstor - ok
12:07:27.0843 0x0bd8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:07:27.0853 0x0bd8  ErrDev - ok
12:07:27.0863 0x0bd8  [ 3663291D0D26001A2BB67678AB61D14C, 33199EA9E25E2C262E58ADAA41030AF353A73F3C23225F457CDE1AC22E9A4FE3 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
12:07:27.0863 0x0bd8  EtronHub3 - ok
12:07:27.0863 0x0bd8  [ 744420D6C062C38F7361870F010D6D4B, F4FFA21A6DE872D5ACEC3DAD46AE2F18517CD11FD04D19D959643AA508B3E85E ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
12:07:27.0873 0x0bd8  EtronXHCI - ok
12:07:27.0883 0x0bd8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:07:27.0913 0x0bd8  EventSystem - ok
12:07:27.0913 0x0bd8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:07:27.0943 0x0bd8  exfat - ok
12:07:27.0943 0x0bd8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:07:27.0973 0x0bd8  fastfat - ok
12:07:27.0983 0x0bd8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:07:28.0003 0x0bd8  Fax - ok
12:07:28.0003 0x0bd8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:07:28.0013 0x0bd8  fdc - ok
12:07:28.0013 0x0bd8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:07:28.0033 0x0bd8  fdPHost - ok
12:07:28.0033 0x0bd8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:07:28.0063 0x0bd8  FDResPub - ok
12:07:28.0063 0x0bd8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:07:28.0073 0x0bd8  FileInfo - ok
12:07:28.0073 0x0bd8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:07:28.0093 0x0bd8  Filetrace - ok
12:07:28.0113 0x0bd8  [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:07:28.0133 0x0bd8  FLEXnet Licensing Service - ok
12:07:28.0133 0x0bd8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:07:28.0143 0x0bd8  flpydisk - ok
12:07:28.0153 0x0bd8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:07:28.0163 0x0bd8  FltMgr - ok
12:07:28.0173 0x0bd8  [ D4463A74E1BFBF3FB9B4FC6CF5390152, 88797B2C3AA5AF8F8A4FF1E25B23D9947A687EB6B4286C9A1F81177244664A58 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
12:07:28.0173 0x0bd8  fltsrv - ok
12:07:28.0203 0x0bd8  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
12:07:28.0233 0x0bd8  FontCache - ok
12:07:28.0233 0x0bd8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:07:28.0243 0x0bd8  FontCache3.0.0.0 - ok
12:07:28.0243 0x0bd8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:07:28.0253 0x0bd8  FsDepends - ok
12:07:28.0253 0x0bd8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:07:28.0253 0x0bd8  Fs_Rec - ok
12:07:28.0263 0x0bd8  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:07:28.0273 0x0bd8  fvevol - ok
12:07:28.0273 0x0bd8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:07:28.0283 0x0bd8  gagp30kx - ok
12:07:28.0383 0x0bd8  [ 7037D548B726108F9420B9F345573DC4, 659202CD4F8E789B47D9E7281312DD87B4718A615EC8B5C7F143E84AC7B9ACA3 ] GalaxyClientService D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
12:07:28.0423 0x0bd8  GalaxyClientService - ok
12:07:28.0563 0x0bd8  [ 7747954B78DEED16169FC816108FE995, 677A09A5702884A138C83739487AF23EF6E4C8F79875997D26417E823D692293 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
12:07:28.0674 0x0bd8  GalaxyCommunication - ok
12:07:28.0684 0x0bd8  gdrv - ok
12:07:28.0684 0x0bd8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:07:28.0694 0x0bd8  GEARAspiWDM - ok
12:07:28.0724 0x0bd8  [ 171CCFEB86294AFAA3609DB3899A841E, 0C2162A2D4A276182E922BBEF195CB936ABCBE6729C535CA23CDA9DAD0DDF491 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:07:28.0744 0x0bd8  GfExperienceService - ok
12:07:28.0764 0x0bd8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:07:28.0794 0x0bd8  gpsvc - ok
12:07:28.0804 0x0bd8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:07:28.0804 0x0bd8  gupdate - ok
12:07:28.0814 0x0bd8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:07:28.0814 0x0bd8  gupdatem - ok
12:07:28.0824 0x0bd8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:07:28.0824 0x0bd8  hcw85cir - ok
12:07:28.0834 0x0bd8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:07:28.0854 0x0bd8  HdAudAddService - ok
12:07:28.0854 0x0bd8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:07:28.0864 0x0bd8  HDAudBus - ok
12:07:28.0864 0x0bd8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:07:28.0874 0x0bd8  HidBatt - ok
12:07:28.0884 0x0bd8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:07:28.0884 0x0bd8  HidBth - ok
12:07:28.0894 0x0bd8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:07:28.0904 0x0bd8  HidIr - ok
12:07:28.0904 0x0bd8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:07:28.0924 0x0bd8  hidserv - ok
12:07:28.0924 0x0bd8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:07:28.0934 0x0bd8  HidUsb - ok
12:07:28.0934 0x0bd8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:07:28.0954 0x0bd8  hkmsvc - ok
12:07:28.0964 0x0bd8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:07:28.0974 0x0bd8  HomeGroupListener - ok
12:07:28.0984 0x0bd8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:07:28.0994 0x0bd8  HomeGroupProvider - ok
12:07:28.0994 0x0bd8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:07:29.0004 0x0bd8  HpSAMD - ok
12:07:29.0014 0x0bd8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:07:29.0034 0x0bd8  HTTP - ok
12:07:29.0034 0x0bd8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:07:29.0044 0x0bd8  hwpolicy - ok
12:07:29.0044 0x0bd8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:07:29.0054 0x0bd8  i8042prt - ok
12:07:29.0074 0x0bd8  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:07:29.0084 0x0bd8  iaStor - ok
12:07:29.0084 0x0bd8  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:07:29.0094 0x0bd8  IAStorDataMgrSvc - ok
12:07:29.0104 0x0bd8  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:07:29.0114 0x0bd8  iaStorV - ok
12:07:29.0134 0x0bd8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:07:29.0154 0x0bd8  idsvc - ok
12:07:29.0164 0x0bd8  IEEtwCollectorService - ok
12:07:29.0314 0x0bd8  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:07:29.0404 0x0bd8  igfx - ok
12:07:29.0414 0x0bd8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:07:29.0424 0x0bd8  iirsp - ok
12:07:29.0444 0x0bd8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:07:29.0464 0x0bd8  IKEEXT - ok
12:07:29.0464 0x0bd8  IntcAzAudAddService - ok
12:07:29.0474 0x0bd8  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:07:29.0484 0x0bd8  IntcDAud - ok
12:07:29.0494 0x0bd8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:07:29.0494 0x0bd8  intelide - ok
12:07:29.0494 0x0bd8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:07:29.0504 0x0bd8  intelppm - ok
12:07:29.0514 0x0bd8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:07:29.0534 0x0bd8  IPBusEnum - ok
12:07:29.0534 0x0bd8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:07:29.0554 0x0bd8  IpFilterDriver - ok
12:07:29.0574 0x0bd8  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:07:29.0604 0x0bd8  iphlpsvc - ok
12:07:29.0604 0x0bd8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:07:29.0614 0x0bd8  IPMIDRV - ok
12:07:29.0614 0x0bd8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:07:29.0634 0x0bd8  IPNAT - ok
12:07:29.0654 0x0bd8  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:07:29.0668 0x0bd8  iPod Service - ok
12:07:29.0678 0x0bd8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:07:29.0688 0x0bd8  IRENUM - ok
12:07:29.0688 0x0bd8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:07:29.0688 0x0bd8  isapnp - ok
12:07:29.0698 0x0bd8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:07:29.0708 0x0bd8  iScsiPrt - ok
12:07:29.0718 0x0bd8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:07:29.0718 0x0bd8  kbdclass - ok
12:07:29.0718 0x0bd8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:07:29.0728 0x0bd8  kbdhid - ok
12:07:29.0728 0x0bd8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
12:07:29.0738 0x0bd8  KeyIso - ok
12:07:29.0738 0x0bd8  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:07:29.0748 0x0bd8  KSecDD - ok
12:07:29.0758 0x0bd8  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:07:29.0758 0x0bd8  KSecPkg - ok
12:07:29.0768 0x0bd8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:07:29.0788 0x0bd8  ksthunk - ok
12:07:29.0788 0x0bd8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:07:29.0818 0x0bd8  KtmRm - ok
12:07:29.0828 0x0bd8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:07:29.0848 0x0bd8  LanmanServer - ok
12:07:29.0848 0x0bd8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:07:29.0878 0x0bd8  LanmanWorkstation - ok
12:07:29.0878 0x0bd8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:07:29.0898 0x0bd8  lltdio - ok
12:07:29.0908 0x0bd8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:07:29.0928 0x0bd8  lltdsvc - ok
12:07:29.0938 0x0bd8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:07:29.0958 0x0bd8  lmhosts - ok
12:07:29.0958 0x0bd8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:07:29.0968 0x0bd8  LSI_FC - ok
12:07:29.0968 0x0bd8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:07:29.0978 0x0bd8  LSI_SAS - ok
12:07:29.0978 0x0bd8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:07:29.0988 0x0bd8  LSI_SAS2 - ok
12:07:29.0988 0x0bd8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:07:29.0998 0x0bd8  LSI_SCSI - ok
12:07:29.0998 0x0bd8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:07:30.0018 0x0bd8  luafv - ok
12:07:30.0028 0x0bd8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:07:30.0038 0x0bd8  Mcx2Svc - ok
12:07:30.0038 0x0bd8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:07:30.0038 0x0bd8  megasas - ok
12:07:30.0048 0x0bd8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:07:30.0058 0x0bd8  MegaSR - ok
12:07:30.0068 0x0bd8  [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:07:30.0068 0x0bd8  MEIx64 - ok
12:07:30.0078 0x0bd8  Microsoft SharePoint Workspace Audit Service - ok
12:07:30.0078 0x0bd8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:07:30.0098 0x0bd8  MMCSS - ok
12:07:30.0098 0x0bd8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:07:30.0128 0x0bd8  Modem - ok
12:07:30.0128 0x0bd8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:07:30.0138 0x0bd8  monitor - ok
12:07:30.0138 0x0bd8  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
12:07:30.0148 0x0bd8  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
12:07:32.0658 0x0bd8  Detect skipped due to KSN trusted
12:07:32.0668 0x0bd8  MotioninJoyXFilter - ok
12:07:32.0668 0x0bd8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:07:32.0688 0x0bd8  mouclass - ok
12:07:32.0688 0x0bd8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:07:32.0698 0x0bd8  mouhid - ok
12:07:32.0708 0x0bd8  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:07:32.0718 0x0bd8  mountmgr - ok
12:07:32.0718 0x0bd8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:07:32.0728 0x0bd8  mpio - ok
12:07:32.0738 0x0bd8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:07:32.0758 0x0bd8  mpsdrv - ok
12:07:32.0778 0x0bd8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:07:32.0818 0x0bd8  MpsSvc - ok
12:07:32.0818 0x0bd8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:07:32.0828 0x0bd8  MRxDAV - ok
12:07:32.0828 0x0bd8  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:07:32.0838 0x0bd8  mrxsmb - ok
12:07:32.0848 0x0bd8  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:07:32.0858 0x0bd8  mrxsmb10 - ok
12:07:32.0868 0x0bd8  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:07:32.0868 0x0bd8  mrxsmb20 - ok
12:07:32.0878 0x0bd8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:07:32.0878 0x0bd8  msahci - ok
12:07:32.0888 0x0bd8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:07:32.0888 0x0bd8  msdsm - ok
12:07:32.0898 0x0bd8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:07:32.0908 0x0bd8  MSDTC - ok
12:07:32.0908 0x0bd8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:07:32.0928 0x0bd8  Msfs - ok
12:07:32.0928 0x0bd8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:07:32.0948 0x0bd8  mshidkmdf - ok
12:07:32.0958 0x0bd8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:07:32.0958 0x0bd8  msisadrv - ok
12:07:32.0968 0x0bd8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:07:32.0988 0x0bd8  MSiSCSI - ok
12:07:32.0988 0x0bd8  msiserver - ok
12:07:32.0998 0x0bd8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:07:33.0008 0x0bd8  MSKSSRV - ok
12:07:33.0018 0x0bd8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:07:33.0038 0x0bd8  MSPCLOCK - ok
12:07:33.0038 0x0bd8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:07:33.0058 0x0bd8  MSPQM - ok
12:07:33.0068 0x0bd8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:07:33.0078 0x0bd8  MsRPC - ok
12:07:33.0078 0x0bd8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:07:33.0088 0x0bd8  mssmbios - ok
12:07:33.0218 0x0bd8  MSSQL$BWDATOOLSET - ok
12:07:33.0225 0x0bd8  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:07:33.0230 0x0bd8  MSSQLServerADHelper - ok
12:07:33.0233 0x0bd8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:07:33.0253 0x0bd8  MSTEE - ok
12:07:33.0255 0x0bd8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:07:33.0262 0x0bd8  MTConfig - ok
12:07:33.0265 0x0bd8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:07:33.0271 0x0bd8  Mup - ok
12:07:33.0282 0x0bd8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:07:33.0310 0x0bd8  napagent - ok
12:07:33.0320 0x0bd8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:07:33.0334 0x0bd8  NativeWifiP - ok
12:07:33.0356 0x0bd8  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:07:33.0378 0x0bd8  NDIS - ok
12:07:33.0381 0x0bd8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:07:33.0402 0x0bd8  NdisCap - ok
12:07:33.0405 0x0bd8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:07:33.0425 0x0bd8  NdisTapi - ok
12:07:33.0429 0x0bd8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:07:33.0449 0x0bd8  Ndisuio - ok
12:07:33.0455 0x0bd8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:07:33.0478 0x0bd8  NdisWan - ok
12:07:33.0481 0x0bd8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:07:33.0501 0x0bd8  NDProxy - ok
12:07:33.0504 0x0bd8  [ 04DC476E1E5C1178724CA350F77E8D93, C2870142EC14F62F9A6086262EE997F33FB9CC5719B66DAF82544E9B6245B919 ] Neo_VPN         C:\Windows\system32\DRIVERS\Neo_0025.sys
12:07:33.0509 0x0bd8  Neo_VPN - ok
12:07:33.0512 0x0bd8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:07:33.0534 0x0bd8  NetBIOS - ok
12:07:33.0544 0x0bd8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:07:33.0568 0x0bd8  NetBT - ok
12:07:33.0568 0x0bd8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
12:07:33.0578 0x0bd8  Netlogon - ok
12:07:33.0588 0x0bd8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:07:33.0608 0x0bd8  Netman - ok
12:07:33.0618 0x0bd8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:07:33.0631 0x0bd8  NetMsmqActivator - ok
12:07:33.0636 0x0bd8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:07:33.0645 0x0bd8  NetPipeActivator - ok
12:07:33.0658 0x0bd8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:07:33.0687 0x0bd8  netprofm - ok
12:07:33.0691 0x0bd8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:07:33.0700 0x0bd8  NetTcpActivator - ok
12:07:33.0704 0x0bd8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:07:33.0712 0x0bd8  NetTcpPortSharing - ok
12:07:33.0715 0x0bd8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:07:33.0721 0x0bd8  nfrd960 - ok
12:07:33.0731 0x0bd8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:07:33.0743 0x0bd8  NlaSvc - ok
12:07:33.0746 0x0bd8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:07:33.0767 0x0bd8  Npfs - ok
12:07:33.0770 0x0bd8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:07:33.0791 0x0bd8  nsi - ok
12:07:33.0794 0x0bd8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:07:33.0815 0x0bd8  nsiproxy - ok
12:07:33.0849 0x0bd8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:07:33.0881 0x0bd8  Ntfs - ok
12:07:33.0886 0x0bd8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:07:33.0907 0x0bd8  Null - ok
12:07:33.0913 0x0bd8  [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:07:33.0921 0x0bd8  NVHDA - ok
12:07:34.0152 0x0bd8  [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:07:34.0343 0x0bd8  nvlddmkm - ok
12:07:34.0388 0x0bd8  [ 4B1E6975B565883985FB43C3FD6C88C6, D4CCA860A9AFDF5D729885896B3034A55C4778FE0A333C06B8B71C20BF73A48A ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:07:34.0423 0x0bd8  NvNetworkService - ok
12:07:34.0431 0x0bd8  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:07:34.0439 0x0bd8  nvraid - ok
12:07:34.0445 0x0bd8  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:07:34.0453 0x0bd8  nvstor - ok
12:07:34.0456 0x0bd8  [ DD8043B662B1F0CFC037976E38271975, A129975AE17677783A76E8DBEC6D01709BC40202672AAB5BB72A8E19A285C4C9 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:07:34.0496 0x0bd8  NvStreamKms - ok
12:07:34.0497 0x0bd8  NvStreamSvc - ok
12:07:34.0523 0x0bd8  [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:07:34.0544 0x0bd8  nvsvc - ok
12:07:34.0548 0x0bd8  [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:07:34.0554 0x0bd8  nvvad_WaveExtensible - ok
12:07:34.0559 0x0bd8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:07:34.0567 0x0bd8  nv_agp - ok
12:07:34.0571 0x0bd8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:07:34.0578 0x0bd8  ohci1394 - ok
12:07:34.0656 0x0bd8  [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
12:07:34.0694 0x0bd8  Origin Client Service - ok
12:07:34.0701 0x0bd8  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:07:34.0708 0x0bd8  ose64 - ok
12:07:34.0831 0x0bd8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:07:34.0921 0x0bd8  osppsvc - ok
12:07:34.0937 0x0bd8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:07:34.0949 0x0bd8  p2pimsvc - ok
12:07:34.0960 0x0bd8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:07:34.0974 0x0bd8  p2psvc - ok
12:07:34.0978 0x0bd8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:07:34.0986 0x0bd8  Parport - ok
12:07:34.0990 0x0bd8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:07:34.0997 0x0bd8  partmgr - ok
12:07:35.0004 0x0bd8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:07:35.0013 0x0bd8  PcaSvc - ok
12:07:35.0019 0x0bd8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:07:35.0028 0x0bd8  pci - ok
12:07:35.0030 0x0bd8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:07:35.0035 0x0bd8  pciide - ok
12:07:35.0043 0x0bd8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:07:35.0051 0x0bd8  pcmcia - ok
12:07:35.0055 0x0bd8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:07:35.0061 0x0bd8  pcw - ok
12:07:35.0076 0x0bd8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:07:35.0093 0x0bd8  PEAUTH - ok
12:07:35.0115 0x0bd8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:07:35.0122 0x0bd8  PerfHost - ok
12:07:35.0153 0x0bd8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:07:35.0197 0x0bd8  pla - ok
12:07:35.0212 0x0bd8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:07:35.0225 0x0bd8  PlugPlay - ok
12:07:35.0228 0x0bd8  PnkBstrA - ok
12:07:35.0231 0x0bd8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:07:35.0238 0x0bd8  PNRPAutoReg - ok
12:07:35.0246 0x0bd8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:07:35.0258 0x0bd8  PNRPsvc - ok
12:07:35.0270 0x0bd8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:07:35.0299 0x0bd8  PolicyAgent - ok
12:07:35.0306 0x0bd8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:07:35.0330 0x0bd8  Power - ok
12:07:35.0334 0x0bd8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:07:35.0355 0x0bd8  PptpMiniport - ok
12:07:35.0359 0x0bd8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:07:35.0366 0x0bd8  Processor - ok
12:07:35.0373 0x0bd8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:07:35.0383 0x0bd8  ProfSvc - ok
12:07:35.0386 0x0bd8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
12:07:35.0393 0x0bd8  ProtectedStorage - ok
12:07:35.0398 0x0bd8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:07:35.0420 0x0bd8  Psched - ok
12:07:35.0460 0x0bd8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:07:35.0492 0x0bd8  ql2300 - ok
12:07:35.0499 0x0bd8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:07:35.0507 0x0bd8  ql40xx - ok
12:07:35.0514 0x0bd8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:07:35.0528 0x0bd8  QWAVE - ok
12:07:35.0531 0x0bd8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:07:35.0542 0x0bd8  QWAVEdrv - ok
12:07:35.0544 0x0bd8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:07:35.0564 0x0bd8  RasAcd - ok
12:07:35.0568 0x0bd8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:07:35.0589 0x0bd8  RasAgileVpn - ok
12:07:35.0594 0x0bd8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:07:35.0617 0x0bd8  RasAuto - ok
12:07:35.0621 0x0bd8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:07:35.0643 0x0bd8  Rasl2tp - ok
12:07:35.0652 0x0bd8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:07:35.0678 0x0bd8  RasMan - ok
12:07:35.0683 0x0bd8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:07:35.0704 0x0bd8  RasPppoe - ok
12:07:35.0708 0x0bd8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:07:35.0729 0x0bd8  RasSstp - ok
12:07:35.0739 0x0bd8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:07:35.0764 0x0bd8  rdbss - ok
12:07:35.0768 0x0bd8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:07:35.0776 0x0bd8  rdpbus - ok
12:07:35.0778 0x0bd8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:07:35.0799 0x0bd8  RDPCDD - ok
12:07:35.0802 0x0bd8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:07:35.0823 0x0bd8  RDPENCDD - ok
12:07:35.0826 0x0bd8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:07:35.0847 0x0bd8  RDPREFMP - ok
12:07:35.0853 0x0bd8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:07:35.0861 0x0bd8  RDPWD - ok
12:07:35.0870 0x0bd8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:07:35.0879 0x0bd8  rdyboost - ok
12:07:35.0883 0x0bd8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:07:35.0905 0x0bd8  RemoteAccess - ok
12:07:35.0911 0x0bd8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:07:35.0934 0x0bd8  RemoteRegistry - ok
12:07:35.0938 0x0bd8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:07:35.0960 0x0bd8  RpcEptMapper - ok
12:07:35.0963 0x0bd8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:07:35.0970 0x0bd8  RpcLocator - ok
12:07:35.0984 0x0bd8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:07:36.0012 0x0bd8  RpcSs - ok
12:07:36.0016 0x0bd8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:07:36.0037 0x0bd8  rspndr - ok
12:07:36.0050 0x0bd8  [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A, AB2615EB7313C02F6311143B27A426042A16925480ECBA6880448BE9818E9A39 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:07:36.0060 0x0bd8  RTL8167 - ok
12:07:36.0063 0x0bd8  [ 92EEA5F44DBFD36D794660A4E1F8DAC5, 42CFD442FB1ED7DF3B1324BD59E33FE113C3668041452090A85BCAC2F02DEE3D ] SAlphamHid      C:\Windows\system32\DRIVERS\SAlpham64.sys
12:07:36.0069 0x0bd8  SAlphamHid - ok
12:07:36.0072 0x0bd8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
12:07:36.0079 0x0bd8  SamSs - ok
12:07:36.0083 0x0bd8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:07:36.0089 0x0bd8  sbp2port - ok
12:07:36.0158 0x0bd8  [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService  D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:07:36.0182 0x0bd8  SBSDWSCService - ok
12:07:36.0190 0x0bd8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:07:36.0214 0x0bd8  SCardSvr - ok
12:07:36.0217 0x0bd8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:07:36.0238 0x0bd8  scfilter - ok
12:07:36.0261 0x0bd8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:07:36.0301 0x0bd8  Schedule - ok
12:07:36.0307 0x0bd8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:07:36.0328 0x0bd8  SCPolicySvc - ok
12:07:36.0334 0x0bd8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:07:36.0343 0x0bd8  SDRSVC - ok
12:07:36.0345 0x0bd8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:07:36.0366 0x0bd8  secdrv - ok
12:07:36.0369 0x0bd8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:07:36.0390 0x0bd8  seclogon - ok
12:07:36.0393 0x0bd8  [ C66245C07365872DC19A164C54CCDF7D, 1F378E96603398023B2A530E1E1CE42691EC5C9DDD33FE53BF8108BC0D428215 ] SEE             C:\Windows\system32\drivers\see.sys
12:07:36.0398 0x0bd8  SEE - ok
12:07:36.0402 0x0bd8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:07:36.0424 0x0bd8  SENS - ok
12:07:36.0426 0x0bd8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:07:36.0433 0x0bd8  SensrSvc - ok
12:07:36.0436 0x0bd8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:07:36.0443 0x0bd8  Serenum - ok
12:07:36.0447 0x0bd8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:07:36.0454 0x0bd8  Serial - ok
12:07:36.0457 0x0bd8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:07:36.0464 0x0bd8  sermouse - ok
12:07:36.0471 0x0bd8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:07:36.0494 0x0bd8  SessionEnv - ok
12:07:36.0497 0x0bd8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:07:36.0505 0x0bd8  sffdisk - ok
12:07:36.0507 0x0bd8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:07:36.0515 0x0bd8  sffp_mmc - ok
12:07:36.0517 0x0bd8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:07:36.0526 0x0bd8  sffp_sd - ok
12:07:36.0528 0x0bd8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:07:36.0534 0x0bd8  sfloppy - ok
12:07:36.0545 0x0bd8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:07:36.0572 0x0bd8  SharedAccess - ok
12:07:36.0581 0x0bd8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:07:36.0608 0x0bd8  ShellHWDetection - ok
12:07:36.0611 0x0bd8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:07:36.0617 0x0bd8  SiSRaid2 - ok
12:07:36.0621 0x0bd8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:07:36.0627 0x0bd8  SiSRaid4 - ok
12:07:36.0632 0x0bd8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:07:36.0654 0x0bd8  Smb - ok
12:07:36.0665 0x0bd8  [ F26AAD9ADFC9B62AC59A004A913C92DA, BECD2B5E4A99F31A4BE28D9535A49BE517DD9F94A7A0C122A8FAEA4382C62595 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
12:07:36.0674 0x0bd8  snapman - ok
12:07:36.0677 0x0bd8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:07:36.0684 0x0bd8  SNMPTRAP - ok
12:07:36.0687 0x0bd8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:07:36.0692 0x0bd8  spldr - ok
12:07:36.0707 0x0bd8  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
12:07:36.0736 0x0bd8  Spooler - ok
12:07:36.0826 0x0bd8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:07:36.0905 0x0bd8  sppsvc - ok
12:07:36.0913 0x0bd8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:07:36.0935 0x0bd8  sppuinotify - ok
12:07:36.0944 0x0bd8  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:07:36.0952 0x0bd8  SQLBrowser - ok
12:07:36.0958 0x0bd8  [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:07:36.0965 0x0bd8  SQLWriter - ok
12:07:36.0978 0x0bd8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:07:36.0993 0x0bd8  srv - ok
12:07:37.0005 0x0bd8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:07:37.0018 0x0bd8  srv2 - ok
12:07:37.0024 0x0bd8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:07:37.0032 0x0bd8  srvnet - ok
12:07:37.0039 0x0bd8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:07:37.0063 0x0bd8  SSDPSRV - ok
12:07:37.0067 0x0bd8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:07:37.0089 0x0bd8  SstpSvc - ok
12:07:37.0107 0x0bd8  [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:07:37.0125 0x0bd8  Steam Client Service - ok
12:07:37.0138 0x0bd8  [ C64C157B167FE562E8670984E72C25FA, 9302C82A75CA65515297B72F3A6230307AAE0B14FD8C9C7FA343F7B62E5ED376 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:07:37.0149 0x0bd8  Stereo Service - ok
12:07:37.0152 0x0bd8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:07:37.0158 0x0bd8  stexstor - ok
12:07:37.0172 0x0bd8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:07:37.0192 0x0bd8  stisvc - ok
12:07:37.0195 0x0bd8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:07:37.0201 0x0bd8  swenum - ok
12:07:37.0214 0x0bd8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:07:37.0244 0x0bd8  swprv - ok
12:07:37.0279 0x0bd8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:07:37.0318 0x0bd8  SysMain - ok
12:07:37.0325 0x0bd8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:07:37.0337 0x0bd8  TabletInputService - ok
12:07:37.0345 0x0bd8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:07:37.0370 0x0bd8  TapiSrv - ok
12:07:37.0374 0x0bd8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:07:37.0396 0x0bd8  TBS - ok
12:07:37.0434 0x0bd8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:07:37.0470 0x0bd8  Tcpip - ok
12:07:37.0509 0x0bd8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:07:37.0546 0x0bd8  TCPIP6 - ok
12:07:37.0553 0x0bd8  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:07:37.0574 0x0bd8  tcpipreg - ok
12:07:37.0577 0x0bd8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:07:37.0583 0x0bd8  TDPIPE - ok
12:07:37.0586 0x0bd8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:07:37.0592 0x0bd8  TDTCP - ok
12:07:37.0596 0x0bd8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:07:37.0618 0x0bd8  tdx - ok
12:07:37.0621 0x0bd8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:07:37.0627 0x0bd8  TermDD - ok
12:07:37.0642 0x0bd8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:07:37.0660 0x0bd8  TermService - ok
12:07:37.0664 0x0bd8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:07:37.0675 0x0bd8  Themes - ok
12:07:37.0678 0x0bd8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:07:37.0700 0x0bd8  THREADORDER - ok
12:07:37.0705 0x0bd8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:07:37.0729 0x0bd8  TrkWks - ok
12:07:37.0734 0x0bd8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:07:37.0757 0x0bd8  TrustedInstaller - ok
12:07:37.0761 0x0bd8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:07:37.0767 0x0bd8  tssecsrv - ok
12:07:37.0770 0x0bd8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:07:37.0776 0x0bd8  TsUsbFlt - ok
12:07:37.0781 0x0bd8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:07:37.0803 0x0bd8  tunnel - ok
12:07:37.0806 0x0bd8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:07:37.0813 0x0bd8  uagp35 - ok
12:07:37.0823 0x0bd8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:07:37.0847 0x0bd8  udfs - ok
12:07:37.0852 0x0bd8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:07:37.0860 0x0bd8  UI0Detect - ok
12:07:37.0864 0x0bd8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:07:37.0870 0x0bd8  uliagpkx - ok
12:07:37.0873 0x0bd8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:07:37.0880 0x0bd8  umbus - ok
12:07:37.0883 0x0bd8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:07:37.0889 0x0bd8  UmPass - ok
12:07:37.0899 0x0bd8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:07:37.0926 0x0bd8  upnphost - ok
12:07:37.0930 0x0bd8  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:07:37.0934 0x0bd8  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
12:07:40.0272 0x0bd8  Detect skipped due to KSN trusted
12:07:40.0272 0x0bd8  USBAAPL64 - ok
12:07:40.0282 0x0bd8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:07:40.0296 0x0bd8  usbaudio - ok
12:07:40.0302 0x0bd8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:07:40.0312 0x0bd8  usbccgp - ok
12:07:40.0318 0x0bd8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:07:40.0328 0x0bd8  usbcir - ok
12:07:40.0333 0x0bd8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:07:40.0342 0x0bd8  usbehci - ok
12:07:40.0354 0x0bd8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:07:40.0368 0x0bd8  usbhub - ok
12:07:40.0371 0x0bd8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:07:40.0377 0x0bd8  usbohci - ok
12:07:40.0380 0x0bd8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:07:40.0388 0x0bd8  usbprint - ok
12:07:40.0392 0x0bd8  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:07:40.0400 0x0bd8  USBSTOR - ok
12:07:40.0403 0x0bd8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:07:40.0409 0x0bd8  usbuhci - ok
12:07:40.0412 0x0bd8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:07:40.0434 0x0bd8  UxSms - ok
12:07:40.0437 0x0bd8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
12:07:40.0444 0x0bd8  VaultSvc - ok
12:07:40.0447 0x0bd8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:07:40.0453 0x0bd8  vdrvroot - ok
12:07:40.0465 0x0bd8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:07:40.0495 0x0bd8  vds - ok
12:07:40.0498 0x0bd8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:07:40.0507 0x0bd8  vga - ok
12:07:40.0509 0x0bd8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:07:40.0531 0x0bd8  VgaSave - ok
12:07:40.0538 0x0bd8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:07:40.0546 0x0bd8  vhdmp - ok
12:07:40.0549 0x0bd8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:07:40.0555 0x0bd8  viaide - ok
12:07:40.0559 0x0bd8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:07:40.0565 0x0bd8  volmgr - ok
12:07:40.0576 0x0bd8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:07:40.0588 0x0bd8  volmgrx - ok
12:07:40.0595 0x0bd8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:07:40.0605 0x0bd8  volsnap - ok
12:07:40.0612 0x0bd8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:07:40.0620 0x0bd8  vsmraid - ok
12:07:40.0653 0x0bd8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:07:40.0700 0x0bd8  VSS - ok
12:07:40.0704 0x0bd8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:07:40.0713 0x0bd8  vwifibus - ok
12:07:40.0716 0x0bd8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:07:40.0726 0x0bd8  vwififlt - ok
12:07:40.0729 0x0bd8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:07:40.0738 0x0bd8  vwifimp - ok
12:07:40.0749 0x0bd8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:07:40.0775 0x0bd8  W32Time - ok
12:07:40.0779 0x0bd8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:07:40.0786 0x0bd8  WacomPen - ok
12:07:40.0790 0x0bd8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:07:40.0801 0x0bd8  WANARP - ok
12:07:40.0811 0x0bd8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:07:40.0831 0x0bd8  Wanarpv6 - ok
12:07:40.0861 0x0bd8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:07:40.0891 0x0bd8  wbengine - ok
12:07:40.0901 0x0bd8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:07:40.0911 0x0bd8  WbioSrvc - ok
12:07:40.0921 0x0bd8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:07:40.0941 0x0bd8  wcncsvc - ok
12:07:40.0941 0x0bd8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:07:40.0951 0x0bd8  WcsPlugInService - ok
12:07:40.0961 0x0bd8  [ E47E66538692B1CFD6CC8021546FCC83, EF8EB285D815437B1E6A2A78AE4C2FC751C77ACEA4EB626E092D8E6012D725EF ] WCUService_STC_FF C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
12:07:40.0971 0x0bd8  WCUService_STC_FF - ok
12:07:40.0991 0x0bd8  [ 147C60622CB53E901EFD8BB6D44A4C46, 453E9DDBE17C9C54C60BD160BBA045B39914A70B6DF7B6C530D68333944C43FB ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
12:07:41.0001 0x0bd8  WCUService_STC_IE - ok
12:07:41.0001 0x0bd8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:07:41.0011 0x0bd8  Wd - ok
12:07:41.0031 0x0bd8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:07:41.0051 0x0bd8  Wdf01000 - ok
12:07:41.0051 0x0bd8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:07:41.0061 0x0bd8  WdiServiceHost - ok
12:07:41.0071 0x0bd8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:07:41.0081 0x0bd8  WdiSystemHost - ok
12:07:41.0081 0x0bd8  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
12:07:41.0101 0x0bd8  WebClient - ok
12:07:41.0111 0x0bd8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:07:41.0131 0x0bd8  Wecsvc - ok
12:07:41.0131 0x0bd8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:07:41.0161 0x0bd8  wercplsupport - ok
12:07:41.0161 0x0bd8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:07:41.0181 0x0bd8  WerSvc - ok
12:07:41.0181 0x0bd8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:07:41.0201 0x0bd8  WfpLwf - ok
12:07:41.0211 0x0bd8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:07:41.0211 0x0bd8  WIMMount - ok
12:07:41.0211 0x0bd8  WinDefend - ok
12:07:41.0221 0x0bd8  WinHttpAutoProxySvc - ok
12:07:41.0221 0x0bd8  WinI2C-DDC - ok
12:07:41.0231 0x0bd8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:07:41.0261 0x0bd8  Winmgmt - ok
12:07:41.0301 0x0bd8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:07:41.0355 0x0bd8  WinRM - ok
12:07:41.0363 0x0bd8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:07:41.0372 0x0bd8  WinUsb - ok
12:07:41.0395 0x0bd8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:07:41.0420 0x0bd8  Wlansvc - ok
12:07:41.0465 0x0bd8  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:07:41.0504 0x0bd8  wlidsvc - ok
12:07:41.0514 0x0bd8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:07:41.0514 0x0bd8  WmiAcpi - ok
12:07:41.0524 0x0bd8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:07:41.0534 0x0bd8  wmiApSrv - ok
12:07:41.0534 0x0bd8  WMPNetworkSvc - ok
12:07:41.0544 0x0bd8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:07:41.0544 0x0bd8  WPCSvc - ok
12:07:41.0554 0x0bd8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:07:41.0564 0x0bd8  WPDBusEnum - ok
12:07:41.0564 0x0bd8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:07:41.0584 0x0bd8  ws2ifsl - ok
12:07:41.0584 0x0bd8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:07:41.0604 0x0bd8  wscsvc - ok
12:07:41.0604 0x0bd8  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
12:07:41.0614 0x0bd8  WSDPrintDevice - ok
12:07:41.0614 0x0bd8  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
12:07:41.0624 0x0bd8  WSDScan - ok
12:07:41.0624 0x0bd8  WSearch - ok
12:07:41.0674 0x0bd8  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:07:41.0724 0x0bd8  wuauserv - ok
12:07:41.0724 0x0bd8  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:07:41.0754 0x0bd8  WudfPf - ok
12:07:41.0754 0x0bd8  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:07:41.0774 0x0bd8  WUDFRd - ok
12:07:41.0784 0x0bd8  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:07:41.0804 0x0bd8  wudfsvc - ok
12:07:41.0814 0x0bd8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:07:41.0824 0x0bd8  WwanSvc - ok
12:07:41.0824 0x0bd8  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
12:07:41.0834 0x0bd8  xusb21 - ok
12:07:41.0844 0x0bd8  ================ Scan global ===============================
12:07:41.0844 0x0bd8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:07:41.0844 0x0bd8  [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
12:07:41.0854 0x0bd8  [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
12:07:41.0864 0x0bd8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:07:41.0874 0x0bd8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:07:41.0874 0x0bd8  [ Global ] - ok
12:07:41.0874 0x0bd8  ================ Scan MBR ==================================
12:07:41.0874 0x0bd8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:07:41.0974 0x0bd8  \Device\Harddisk0\DR0 - ok
12:07:41.0984 0x0bd8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:07:42.0154 0x0bd8  \Device\Harddisk1\DR1 - ok
12:07:42.0164 0x0bd8  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk2\DR2
12:07:42.0224 0x0bd8  \Device\Harddisk2\DR2 - ok
12:07:42.0224 0x0bd8  ================ Scan VBR ==================================
12:07:42.0224 0x0bd8  [ 72A3471637CA02F7B3B1E149FE37949A ] \Device\Harddisk0\DR0\Partition1
12:07:42.0224 0x0bd8  \Device\Harddisk0\DR0\Partition1 - ok
12:07:42.0234 0x0bd8  [ DE3B3D26C79A40C422ED19959C39C4BD ] \Device\Harddisk1\DR1\Partition1
12:07:42.0254 0x0bd8  \Device\Harddisk1\DR1\Partition1 - ok
12:07:42.0264 0x0bd8  [ 9E5DB219C3DAB8EA95A71EB72D465328 ] \Device\Harddisk2\DR2\Partition1
12:07:42.0264 0x0bd8  \Device\Harddisk2\DR2\Partition1 - ok
12:07:42.0264 0x0bd8  ================ Scan generic autorun ======================
12:07:42.0274 0x0bd8  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
12:07:42.0284 0x0bd8  BCSSync - ok
12:07:42.0284 0x0bd8  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
12:07:42.0294 0x0bd8  IgfxTray - ok
12:07:42.0314 0x0bd8  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
12:07:42.0324 0x0bd8  HotKeysCmds - ok
12:07:42.0334 0x0bd8  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
12:07:42.0344 0x0bd8  Persistence - ok
12:07:42.0404 0x0bd8  [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:07:42.0454 0x0bd8  NvBackend - ok
12:07:42.0454 0x0bd8  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:07:42.0464 0x0bd8  ShadowPlay - ok
12:07:42.0474 0x0bd8  [ F96C73D7D525174B80CFD865A5D7E083, 06E7ACA4B9496CF0505F623DC4516A893E7A70EA37EAB27EA943C8831D221F40 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:07:42.0484 0x0bd8  IAStorIcon - ok
12:07:42.0554 0x0bd8  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] D:\Program Files (x86)\iTunes\iTunesHelper.exe
12:07:42.0554 0x0bd8  iTunesHelper - ok
12:07:42.0604 0x0bd8  [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] D:\Program Files (x86)\PDF24\pdf24.exe
12:07:42.0624 0x0bd8  PDFPrint - ok
12:07:42.0654 0x0bd8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:07:42.0684 0x0bd8  Sidebar - ok
12:07:42.0684 0x0bd8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:07:42.0694 0x0bd8  mctadmin - ok
12:07:42.0724 0x0bd8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:07:42.0744 0x0bd8  Sidebar - ok
12:07:42.0754 0x0bd8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:07:42.0764 0x0bd8  mctadmin - ok
12:07:42.0854 0x0bd8  [ 8DACA62F3E15E45EBAF7AE51A609CBC1, 5FACF0EA36572E7228EB2808731ED00DD08B481937569E71C3A537D7E65022AD ] D:\Program Files (x86)\Steam\steam.exe
12:07:42.0904 0x0bd8  Steam - ok
12:07:42.0974 0x0bd8  [ 390679F7A217A5E73D756276C40AE887, 3EDFB645B2F58864E653C66516D6D48C4F9D691CFD51D91D4D88E316EE7B7177 ] D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
12:07:43.0014 0x0bd8  SpybotSD TeaTimer - detected UnsignedFile.Multi.Generic ( 1 )
12:07:45.0346 0x0bd8  Detect skipped due to KSN trusted
12:07:45.0346 0x0bd8  SpybotSD TeaTimer - ok
12:07:45.0359 0x0bd8  [ 146F096060E2906CF579CF0096ED85CB, 8E633A025C2026463298E6170C82FD8203A705DC493183432684566484533F42 ] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
12:07:45.0372 0x0bd8  SteelSeries Engine - detected UnsignedFile.Multi.Generic ( 1 )
12:07:47.0903 0x0bd8  Detect skipped due to KSN trusted
12:07:47.0903 0x0bd8  SteelSeries Engine - ok
12:07:48.0067 0x0bd8  [ 36C55F2645D61F15457D23B56F0149DA, 410DDEA347DD8AA58838560CC01AABD3F7D40A6879482AADD09BC4A82E26D48D ] D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
12:07:48.0194 0x0bd8  GalaxyClient - ok
12:07:48.0207 0x0bd8  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
12:07:48.0213 0x0bd8  Dropbox Update - ok
12:07:48.0213 0x0bd8  Waiting for KSN requests completion. In queue: 79
12:07:49.0213 0x0bd8  Waiting for KSN requests completion. In queue: 2
12:07:50.0213 0x0bd8  Waiting for KSN requests completion. In queue: 2
12:07:51.0223 0x0bd8  Win FW state via NFP2: enabled ( trusted )
12:07:53.0578 0x0bd8  ============================================================
12:07:53.0578 0x0bd8  Scan finished
12:07:53.0578 0x0bd8  ============================================================
12:07:53.0586 0x12c4  Detected object count: 0
12:07:53.0586 0x12c4  Actual detected object count: 0
         
__________________

Alt 25.07.2015, 11:09   #4
lokithease
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by TSK (administrator) on TSK-PC on 25-07-2015 11:56:44
Running from C:\Users\TSK\Desktop
Loaded Profiles: TSK (Available Profiles: TSK)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Dropbox, Inc.) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Users\TSK\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [SpybotSD TeaTimer] => D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [239104 2013-02-06] (SteelSeries ApS)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7247416 2015-07-20] (GOG.com)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [Dropbox Update] => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
Startup: C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-05-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zenimax Launcher.lnk [2014-01-09]
ShortcutTarget: Zenimax Launcher.lnk -> D:\Program Files (x86)\Zenimax Online\Launcher\Bethesda.net_Launcher.exe (No File)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {269C069F-43BD-4245-8ADB-8EE265057163} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {6A2FA341-331E-421e-9B67-5C00501C6F1D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {AE27EA29-0A68-4bee-98A4-623994B4BDE3} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0643C37E-5534-4489-941C-0F6F78949918}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A8FD029E-32DA-4DA6-A0EC-3BAC3E53C00E}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default
FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/971030084/proxy.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\system32\npdeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2232650930-980712706-877487117-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: GFACE Experience Plugin - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: FoxyProxy Standard - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\foxyproxy@eric.h.jung [2015-01-04]
FF Extension: Premiumize.me - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2015-01-04]
FF Extension: web Player - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{07a56c5c-9aba-46d7-876a-2aaab7932900}.xpi [2014-06-15]
FF Extension: {b26ec7aa-f2b6-4ddc-800e-5c43e181fe95} - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{b26ec7aa-f2b6-4ddc-800e-5c43e181fe95}.xpi [2014-06-11]
FF Extension: Adblock Plus - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-24]

Chrome: 
=======
CHR Profile: C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18]
CHR Extension: (Google Drive) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18]
CHR Extension: (YouTube) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18]
CHR Extension: (Google Search) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-02-14]
CHR Extension: (Hola Better Internet Engine) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-11-16]
CHR Extension: (SciLor's Grooveshark(tm) Unlocker) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob [2014-04-18]
CHR Extension: (AdBlock) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Gmail) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-20] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S2 MSSQL$BWDATOOLSET; D:\Downloads\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-09-18] ()
R2 SBSDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-06] (DT Soft Ltd)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0025.sys [28768 2014-11-18] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-01-10] (SteelSeries Corporation)
S3 SEE; C:\Windows\System32\drivers\see.sys [38240 2014-11-18] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [File not signed]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S2 WinI2C-DDC; \??\C:\Windows\system32\drivers\DDCDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 11:56 - 2015-07-25 11:56 - 00024559 _____ C:\Users\TSK\Desktop\FRST.txt
2015-07-25 11:56 - 2015-07-25 11:56 - 00000000 ____D C:\FRST
2015-07-25 11:55 - 2015-07-25 11:55 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\TSK\Desktop\tdsskiller.exe
2015-07-25 11:55 - 2015-07-25 11:55 - 02135552 _____ (Farbar) C:\Users\TSK\Desktop\FRST64.exe
2015-07-25 10:49 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-25 10:49 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-25 10:49 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-25 10:49 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-25 10:32 - 2015-07-25 10:32 - 00000000 ____D C:\Users\TSK\AppData\Roaming\JAM Software
2015-07-25 10:32 - 2015-07-25 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-07-25 10:28 - 2015-07-25 10:28 - 00096362 _____ C:\Users\TSK\Desktop\OTL.Txt
2015-07-25 10:23 - 2015-07-25 10:23 - 00002995 _____ C:\Users\TSK\Desktop\AdwCleaner[S1].txt
2015-07-16 16:35 - 2015-07-25 11:27 - 00002184 _____ C:\Windows\setupact.log
2015-07-16 16:35 - 2015-07-16 16:35 - 00000000 _____ C:\Windows\setuperr.log
2015-07-15 11:19 - 2015-07-16 09:24 - 00000000 ____D C:\Users\TSK\Documents\Darkest
2015-07-15 10:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 10:06 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 10:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 10:06 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 10:06 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 10:06 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 10:06 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 10:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 10:06 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 10:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 10:06 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 10:06 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 10:06 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 10:06 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 10:06 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 10:06 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 10:06 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 10:06 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 10:06 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 10:06 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 10:06 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 10:05 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 10:05 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 10:05 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 10:05 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 10:05 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 10:05 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 10:05 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 10:05 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:05 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 10:05 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 10:05 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 10:05 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 10:05 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 10:05 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:05 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 10:05 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:05 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 10:05 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 10:05 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 10:05 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 10:05 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 10:05 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 10:05 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 10:05 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 10:05 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 10:05 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 10:05 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 10:05 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 10:05 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 10:05 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 10:05 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 10:05 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 10:05 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 10:05 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 10:05 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 10:05 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 10:05 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 10:05 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 10:05 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 10:05 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 10:05 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 10:05 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 10:05 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 10:05 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 10:03 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 10:03 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 10:03 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 10:03 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 10:03 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 10:03 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 10:03 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 10:03 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 10:03 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 10:03 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 10:03 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 10:03 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 10:03 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 10:03 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 10:03 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 10:03 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 10:03 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 10:03 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 10:03 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 10:03 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 10:03 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 10:03 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 10:03 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 10:03 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 10:03 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 10:03 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 10:03 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-13 14:12 - 2015-07-13 14:12 - 00000000 ____D C:\Users\TSK\Documents\Telltale Games
2015-07-11 12:55 - 2015-07-16 14:33 - 00000000 ____D C:\Users\TSK\AppData\Roaming\DVDVideoSoft
2015-07-11 11:56 - 2015-07-11 11:56 - 00000000 ____D C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-10 21:52 - 2015-07-10 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS
2015-06-27 12:29 - 2015-06-27 12:29 - 00000736 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 11:56 - 2012-05-14 21:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 11:46 - 2014-04-18 19:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 11:18 - 2015-06-17 17:06 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job
2015-07-25 11:18 - 2015-06-17 17:06 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job
2015-07-25 11:13 - 2015-06-17 17:06 - 00004186 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA
2015-07-25 11:13 - 2015-06-17 17:06 - 00003790 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core
2015-07-25 11:09 - 2009-07-14 06:45 - 00020208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 11:09 - 2009-07-14 06:45 - 00020208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 11:08 - 2009-07-14 19:58 - 00749336 _____ C:\Windows\system32\perfh007.dat
2015-07-25 11:08 - 2009-07-14 19:58 - 00168106 _____ C:\Windows\system32\perfc007.dat
2015-07-25 11:08 - 2009-07-14 07:13 - 01761708 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-25 11:06 - 2015-05-17 21:59 - 01560464 _____ C:\Windows\WindowsUpdate.log
2015-07-25 11:02 - 2014-04-18 19:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 11:02 - 2012-05-06 20:52 - 00000000 ____D C:\Users\TSK\AppData\Roaming\Dropbox
2015-07-25 11:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 11:01 - 2015-04-16 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-25 11:01 - 2009-07-14 06:45 - 00408520 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-25 10:53 - 2015-05-17 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-07-25 10:35 - 2012-05-06 20:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-25 10:22 - 2014-07-06 10:37 - 00000000 ____D C:\AdwCleaner
2015-07-16 09:56 - 2012-05-14 21:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 09:56 - 2012-05-14 21:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 09:56 - 2012-05-14 21:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 09:41 - 2014-04-18 19:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 09:41 - 2014-04-18 19:44 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 09:35 - 2015-01-04 13:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 09:35 - 2014-12-07 10:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 15:10 - 2012-05-06 20:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 15:07 - 2013-08-14 22:34 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 11:19 - 2015-05-02 17:02 - 00000000 ____D C:\Users\TSK\AppData\Roaming\NVIDIA
2015-07-15 11:19 - 2012-12-01 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-12 12:11 - 2015-06-15 20:46 - 00001660 _____ C:\Windows\PFRO.log
2015-07-11 12:53 - 2015-06-15 10:41 - 00036794 _____ C:\Windows\DirectX.log
2015-07-11 12:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-06 23:20 - 2012-05-06 20:58 - 00000000 ____D C:\Windows\Minidump
2015-07-03 08:43 - 2012-05-10 12:06 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-01 10:12 - 2015-05-19 08:02 - 00000000 ____D C:\Users\TSK\Documents\The Witcher 3
2015-06-27 12:30 - 2012-05-07 14:05 - 00000000 ____D C:\Users\TSK\Documents\Nexus Mod Manager
2015-06-27 12:30 - 2012-05-06 22:37 - 00000000 ____D C:\Users\TSK\AppData\Local\Skyrim
2015-06-27 12:29 - 2014-11-09 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-06-25 23:59 - 2012-11-23 20:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

==================== Files in the root of some directories =======

2014-01-07 23:25 - 2014-01-07 23:25 - 0000037 ___SH () C:\Users\TSK\AppData\Local\70149b02515b3bb20dd492.47983420

Some files in TEMP:
====================
C:\Users\TSK\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyymxtj.dll
C:\Users\TSK\AppData\Local\Temp\Quarantine.exe
C:\Users\TSK\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 15:55

==================== End of log ============================
         

Alt 25.07.2015, 11:09   #5
lokithease
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Addition
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by TSK at 2015-07-25 11:57:01
Running from C:\Users\TSK\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2232650930-980712706-877487117-500 - Administrator - Disabled)
Gast (S-1-5-21-2232650930-980712706-877487117-501 - Limited - Enabled)
TSK (S-1-5-21-2232650930-980712706-877487117-1000 - Administrator - Enabled) => C:\Users\TSK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1998142718.48.56.41167770 - Audible, Inc.)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version:  - )
ContentMod2.6 (HKLM-x32\...\ContentMod_2.6) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
Curse Client (HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version:  - )
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
Dropbox (HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Knights of Honor (HKLM-x32\...\Steam App 25830) (Version:  - Black Sea Studios Ltd)
Leviathan: Warships (HKLM-x32\...\Steam App 202270) (Version:  - Pieces Interactive)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mumble 1.3.0 (HKLM\...\{5CF49B6B-598B-4944-8A8E-B1B34E6ECB6F}) (Version: 1.3.0 - The Mumble team)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.7 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Parallels runtime modules (x32 Version: 1.00.0000 - Parallels) Hidden
Parallels USB Driver (x32 Version: 6.00.23350 - Parallels) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Penny Arcade's On the Rain-Slick Precipice of Darkness 4 (HKLM-x32\...\Steam App 237570) (Version:  - Zeboyd Games)
Postal 2 - Apocalypse Weekend (HKLM-x32\...\Postal 2 - Apocalypse Weekend) (Version:  - )
Postal 2 - Share The Pain (HKLM-x32\...\Postal 2 - Share The Pain) (Version:  - )
Realistic Colors and Real Nights 3.0.1 - HDR Edition - (HKLM-x32\...\Realistic Colors and Real Nights 3.0.1 - HDR Edition -) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SnapAPI (x32 Version: 4.2.709 - Acronis) Hidden
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.7.3047.30645 - SteelSeries)
Tales from the Borderlands (HKLM-x32\...\1432213337_is1) (Version: 2.1.0.2 - GOG.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.7.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
TripleA Version 1_7_0_3 (HKLM-x32\...\TripleAVersion1_7_0_3) (Version:  - )
TripleA Version 1_8_0_3 (HKLM-x32\...\TripleAVersion1_8_0_3) (Version:  - )
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Datacolor (Spyder3) USB  (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{9e177f9e-27b6-4a84-9037-eab4b82868e3}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-01-13 00:24 - 00450752 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E4558E8-1388-4CB2-8499-9BA89236AA30} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {1609CAE3-61A6-4EC9-8CBB-44AC9B153B6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {6EE1111F-D08B-4B71-BE34-766B1AD60053} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {7E57F72C-F856-4227-A3E0-6E8089F0CC31} - System32\Tasks\{7C29FCC2-7733-474E-9577-EF1F9F2369E1} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {96FCD9BF-49CD-4801-B7FF-F56D16AB088F} - System32\Tasks\{4A483AA4-33C3-4A41-8E61-430241C68B28} => pcalua.exe -a "D:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries\Launcher.exe" -d "D:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries"
Task: {9DEF66E7-BA9C-4E37-9858-CB01D59AFBB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AB02F77F-807A-4B3A-A242-10E47B69D3CB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {C5E47D3B-3B80-4F50-9564-BB626F49FC4E} - System32\Tasks\{A0F26065-B8E6-43EC-AEA7-DD1A05A66449} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {DECCCFA2-6E7F-4879-B8D6-BAADF6471504} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {F1FF2A19-9D5F-4282-A04E-FB8EC18EA7CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {F2D2070C-D795-45A1-9210-1179BFB074E9} - System32\Tasks\{0A9F147B-8610-4C94-BC48-E425BFDBD47E} => pcalua.exe -a "D:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/39500

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-12-01 17:30 - 2013-09-18 21:25 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-16 19:28 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-06 20:43 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-05-06 20:31 - 2011-04-10 04:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00603136 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00175616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2013-04-01 18:46 - 2015-07-19 15:54 - 00089915 _____ () C:\Users\TSK\AppData\Local\Temp\d12d05b4-91e4-4bef-b454-f07710dc01b4\CliSecureRT64.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00269824 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00142336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 09435648 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00198144 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00349184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00172032 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00306688 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00154112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00168960 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00156160 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-02-06 17:10 - 2013-02-06 17:10 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-16 19:35 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-25 11:02 - 2015-07-25 11:02 - 00043008 _____ () c:\users\tsk\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyymxtj.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\TSK\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-10-16 17:02 - 2014-10-16 17:02 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2012-05-06 20:34 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-03-12 18:10 - 2015-04-16 19:40 - 00776192 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 23:21 - 2015-04-23 04:16 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2015-01-19 23:21 - 2015-04-23 04:16 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 23:21 - 2015-04-23 04:16 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 19:38 - 2015-06-04 20:56 - 02407104 _____ () D:\Program Files (x86)\Steam\video.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 02396672 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 00479744 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-08 14:45 - 2014-12-01 23:31 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2012-02-11 16:16 - 2015-06-04 20:56 - 00703168 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-02-11 16:16 - 2015-05-11 21:01 - 36302728 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-14 09:16 - 2015-05-11 21:01 - 08958344 _____ () D:\Program Files (x86)\Steam\bin\pdf.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-14 19:43 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 19:43 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\TSK\Desktop\aWZ2wEK_460s.jpg:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2232650930-980712706-877487117-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: SCBackService => 2
MSCONFIG\Services: WCUService_STC_IE => 2
MSCONFIG\startupfolder: C:^Users^TSK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EIZO EasyPIX.lnk => C:\Windows\pss\EIZO EasyPIX.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EasyPIXCore => "D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe"
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: STCAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
MSCONFIG\startupreg: ZyngaGamesAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D0D30725-FFDD-43A6-A681-582C84F5387A}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3AE695D4-4665-4152-961C-DC32916E3DE4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E0B9DA6-2ECD-4F30-872A-F545A8A4724B}] => (Allow) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5D593C93-F9EB-489E-8DC6-E015FB22160F}] => (Allow) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{BAABF21E-5B3A-4DA3-8A69-955571F36797}C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe] => (Allow) C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe
FirewallRules: [UDP Query User{9DCD5E7B-FAF8-4872-BB35-3004CE9DAC72}C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe] => (Allow) C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe
FirewallRules: [TCP Query User{BCF8E1C4-F015-4D5D-861F-595BC74FFF00}D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{D9C15FEB-69D8-4250-9F38-BAFAABC0D905}D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{B201688A-47B4-4073-9369-078D7334CF2D}C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6533D624-16F8-419A-8904-5E6B9BD20601}C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4B024105-6E0E-441D-917D-4BBC5E09FF53}D:\downloads\diablo-iii-8370-dede-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [UDP Query User{FD25BEF3-DD2A-4E48-9B39-B4B47F447065}D:\downloads\diablo-iii-8370-dede-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [{6853CD0B-B222-48FA-960C-F2602A73CCA3}] => (Allow) D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe
FirewallRules: [{E915AEE6-8A39-45FF-8F6A-AFBA07EB0630}] => (Allow) D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe
FirewallRules: [{3D389463-6911-410D-B81B-912767978CD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{14264450-AB67-44A8-9C42-A85EC10E23C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{AE523EF3-A9CA-41C4-8197-29292AD0FC5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{DFD7446D-1FAB-48F3-A876-75AA61D724C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [TCP Query User{21A2ECC1-8960-4736-B5EE-4E4AE0E49E57}D:\program files\eizo\eizo easypix core\ep_eacore.exe] => (Allow) D:\program files\eizo\eizo easypix core\ep_eacore.exe
FirewallRules: [UDP Query User{D1AE69D7-23F0-4906-AF46-BCFA5666C89C}D:\program files\eizo\eizo easypix core\ep_eacore.exe] => (Allow) D:\program files\eizo\eizo easypix core\ep_eacore.exe
FirewallRules: [TCP Query User{654FC5D9-BA8A-4A67-AE5A-2A6420A691B3}D:\downloads\diablo-iii-8370-engb-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-engb-installer-downloader.exe
FirewallRules: [UDP Query User{8E11BFFC-4D44-4B37-99E2-9FE442F09137}D:\downloads\diablo-iii-8370-engb-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-engb-installer-downloader.exe
FirewallRules: [{8D99FC34-3390-4CFD-9E5F-34D9C5CAEABF}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{95644706-F3A2-4CBD-AEA7-1B22485C884B}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E3839F1D-72FE-4503-A5C7-CC0B06007619}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{021982FF-B36A-4EA3-859A-D37AECFFCC43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{E2EDF72B-D8A7-439F-89A1-692F3592C0B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [{DD0C543E-772E-4D62-A259-A1E6962D2722}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [TCP Query User{FCF8243B-7A67-4440-B37A-72D8E0919B2B}C:\users\tsk\appdata\local\temp\gw2.exe] => (Allow) C:\users\tsk\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{B184EC7C-F6EA-47EF-AD8D-3A0C7B40BCD9}C:\users\tsk\appdata\local\temp\gw2.exe] => (Allow) C:\users\tsk\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{F9C9D214-3430-4073-9930-7EC18CE17EED}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{12C4455A-F857-421F-93A6-9052135501B4}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [{A145F7E5-804F-400E-BC43-3A140FED5BC5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{6AC240D7-BC97-4897-B4FA-B6F1FE3F83EB}D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{D716C1AB-5460-4D32-83F6-F0DE2A397FD7}D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{1A0A46A9-666A-43E9-ACCB-38D49A872ED1}D:\jdownloader\jre\bin\javaw.exe] => (Allow) D:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4ADBA8C0-E3C8-4F2A-BC5E-57C2965B8B27}D:\jdownloader\jre\bin\javaw.exe] => (Allow) D:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{0F4C77D0-6E68-471A-A4FA-466E55072DD7}D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{9B8BC567-4EAB-487A-84C9-9CDFA6B44445}D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{037441F9-ED70-4CF8-8AE8-DD4C2C423B13}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{FF0FA164-8276-49C7-BC5E-6D56D21F4C33}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{F5A4EB06-757A-431B-B4D5-7EBD9F8595D4}D:\downloads\dead space 2\deadspace2.exe] => (Allow) D:\downloads\dead space 2\deadspace2.exe
FirewallRules: [UDP Query User{B00F2B16-7933-45A7-ACCC-DB9A2C80F31E}D:\downloads\dead space 2\deadspace2.exe] => (Allow) D:\downloads\dead space 2\deadspace2.exe
FirewallRules: [{6B14C0AF-AD0F-42F2-8A7A-051064A5DF04}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{EF908D24-7CB8-4888-B595-2874D3E5C123}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{906D5D74-1CF5-4511-871D-F5868562E67F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{59082A65-FAAA-4512-BB5E-86BB3EA38639}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{B3126EA9-EAFF-493A-B6AB-9AE584F7961D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS_Demo\bin\SteamDemoCastlevaniaLoSUE.exe
FirewallRules: [{E720B376-4D90-4BC5-85E9-AF6045F1A90E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS_Demo\bin\SteamDemoCastlevaniaLoSUE.exe
FirewallRules: [{67D5DADC-2CE7-4ECB-B93C-EE2EEC4567C1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{A5D87FAE-BC70-477C-9D64-D39122447CB1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{6A17B3B1-B612-4132-B5D5-F572B620A68C}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{0EF286D4-84EE-4945-8D99-115C674D3AD0}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{74392404-232F-444D-9C38-BA39F0DA364C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{127A960B-08BF-4937-86A4-316FA9B38DCA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{1CCA714D-45F0-4029-BD78-6D00F08A43CD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{C2130B57-2BFA-45C2-9E8D-6DB4C211A33D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{E7E9FDD6-F367-4D09-B089-002E1D9CAFCF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6C42164B-A073-4661-B9B9-2BE7E2B179A0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{4A13BA5B-1323-4C56-8513-28F4DE08F0C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ApocalypseWeekend\System\ApocalypseWeekend.exe
FirewallRules: [{A62E93FA-BC95-465F-A14A-94459651731E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ApocalypseWeekend\System\ApocalypseWeekend.exe
FirewallRules: [{586FE56D-9FAB-4249-A3E0-BE64543CA7D3}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{BF884D5C-098B-4D0B-A931-25061DBABAD4}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{8042B1A4-195E-4E26-9EC5-786F0B43271E}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{6580414E-97BD-44C1-A64B-11503B54D555}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{1EF2CC53-42B3-4CB4-95B4-13B89C61DD93}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{5CDE34F9-DD1C-40D2-9E0D-54693DBBE22B}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{0C14A072-409E-4968-98EE-1313FEBF5474}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A0C376F8-0D22-41C3-9760-3E465F03DAB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{13B409AA-03D2-4348-B196-168D096977F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4B76F4C8-1D1E-421F-A330-AC1244D36CED}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{93DA7922-6398-45B1-83BD-4FA25B9D3D8F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{866B7424-9427-44C2-BF53-035A3E889F8C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{77402F84-6803-448C-AE2E-DDD50BA737BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BD34614D-ADCF-4D24-9B17-534F9A43BD4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{A1D16131-5A95-407C-BBC9-F825E792CAEE}D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => (Allow) D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [UDP Query User{3D9D999C-74B9-47C5-A946-56A4DD14082C}D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => (Allow) D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [{3B14C5EA-7B8F-4E28-802B-7F7B7D877AF4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9CB7AE8C-F996-42F5-9553-F63B569721F1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C9DC6806-1EA6-4239-AA06-43FBE7B4CE20}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8847229E-F14E-463B-812B-F353EECBE06D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{FEF9F887-9BEB-46D1-B6C4-4020D1999A5D}D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{56ACBB8C-6F89-4DE4-88AE-2E45E9DAD9B1}D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [{E15E42F1-EEC5-4CDF-A7D7-1051FEA16BB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{80FBCBB1-2362-4436-B343-F66715206D56}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E25C2D15-1997-4E3F-8338-114E0305DBC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
FirewallRules: [{CCF1279E-8C23-40FC-9D6F-5B9B9F00508C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
FirewallRules: [{C6A9C98B-FC49-4D9D-AB38-5B7319FB69A9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{A706169A-DBA3-4596-B1FD-D801C9BB1825}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{AC789CF9-A303-47BD-B761-5D442C919494}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F21A6BB5-2635-4940-B9BF-01361FAB72ED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{93A4B8F6-E39B-4A05-9445-D1431A15DC2D}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{E9816897-8F4A-48EA-8C11-C42A2D9617FA}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{8B76EC21-BB5C-4E00-A1EC-6E181F0C23FE}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{4FD76A01-9415-4A2A-AA08-C41EB8E3E381}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{25B8E651-51BA-4698-84B1-0A303CF9F379}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{377DD0C5-393A-405C-B2EF-6A5C1A786E92}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\Rosetta Stone TOTALe.exe
FirewallRules: [{02D9DA10-E5E2-4498-AB4C-B40D39FFFD89}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{5F54FAC8-CB69-4D27-9548-1812DB8B4274}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{82FA8ED3-B413-4487-9EE5-7FA476C96A71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{421C714E-6F95-4663-AC2E-5559440FF727}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{CCD7B8C9-716D-410C-BAE6-23D19D1C2314}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{A717A2FC-860F-4E2C-A9FE-7498D8992D3A}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{C3F9B305-8BC9-455A-A086-1539580FC466}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{F85C4CA0-94C9-4096-8ADD-83B966666FBA}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{83B15348-B8C8-4DDB-A953-2AF28CE4ECBB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{50FCC96F-DAE5-4080-A43A-D5347475C133}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{CFCFBFCD-3067-45A5-B0B5-7F25EB1D090B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{6AD7B061-10CE-4E6A-9CBF-3D8EDEE07324}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{F48E80A6-D624-4514-822E-19D67ED2BC69}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{3B6D3582-044F-46A1-BCE4-0ECD06CAF6D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{BED4E547-E03B-42CA-8AAE-D889D9FACF6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{2E468B09-E137-46FB-98D7-34DC00C333BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{929B96C8-BB30-45E2-8C4D-67F003D00831}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3496ACD8-4A9A-4AD8-A5C7-317F0720080D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{639C5751-4241-4C6F-ABC1-EC24AEDE7275}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{315D1985-D72D-43F6-B085-544C64CFFB7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7F7C8A34-3EB4-4440-8CE8-E089CB98D1FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{6726B2D7-EE50-40AD-B07D-8BF1A43FD53A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{E9DE99EA-2E30-4CA7-B03D-BEAE05DAAFD8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{ADB9B820-FEF1-4EA4-B3DB-08C9B09D72EC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{92B651A6-7E41-4692-8536-5F04642FEB87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{81A733D8-F18D-481B-910D-617BD7DE26A4}D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{2F371CA9-215F-4D3A-A235-9E6E1C52A457}D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{B2E711EE-16DA-4B94-B39E-6A39C129FD67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{74A0F31F-EB8E-4201-96A7-51FA43B53049}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{16AE12E4-115E-4849-855F-32DD6286C905}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C9C49129-EE12-4018-9B8D-94A9D766147F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{BB5B96D5-3D2C-4A9B-89F6-B316D9C08BC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{6A29DE1C-451F-4B0E-B0AD-1F6EDC2AC3EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{98201F84-A77F-489F-B624-ED72E35B30FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{A70A99E2-73A8-4389-894B-38FE31FE461F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{E7340C6C-3894-486D-AAF4-F7EE375F686C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{8C37AD88-386B-4C93-81A5-8AA8D0242007}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{65F3BEFC-5D70-44E8-8D0A-EF1F9218F20B}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{74E3FA54-D568-4786-95F4-D70F41763673}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{42422D7C-7BC2-4EC1-A7C4-128B1310C1BD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{3917E3FE-39DA-4F46-BCD0-29F3199AE28B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{44179890-4A98-465B-9BFB-AC58712DBDFA}D:\games\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{F8C8C636-634E-405B-A614-37F0D519C8CE}D:\games\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\gw2.exe
FirewallRules: [{F2C3DAD8-F760-4342-AFB5-21768A7A1AEF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{409F07F5-630A-4DE1-B3BB-CA90C3AEA98E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{943528FB-7BE3-4BA4-AF17-68BBC20FF892}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{390BA2AD-D186-4034-B2F9-D17AC01C63B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [TCP Query User{722966E3-4E85-44D3-9D02-DFE80ECA1DD6}D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe] => (Block) D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [UDP Query User{4C133EE3-2E80-49F1-BDBD-D8B5C1D66B08}D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe] => (Block) D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [{350366D2-5F43-455B-8886-E553759DB557}] => (Allow) D:\Downloads\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{A7CC2804-D904-4D3C-98A4-8095B8B9A2A5}] => (Allow) D:\Downloads\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{0F59F4FF-2C1D-4668-A62A-3B237FF0EA33}] => (Allow) D:\Downloads\Dragon Age\tools\RPU.exe
FirewallRules: [{25650B00-C688-4997-812D-A9DA38EC635E}] => (Allow) D:\Downloads\Dragon Age\tools\RPU.exe
FirewallRules: [{C784BC3D-D43E-412D-AAC2-33447BA17CFF}] => (Allow) D:\Downloads\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [{336F5B60-7EA4-454A-9DDA-4473C157B77A}] => (Allow) D:\Downloads\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [TCP Query User{974D6F34-D942-4BB7-9125-50BA65424AD7}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [UDP Query User{EEF9B811-76EF-44BE-9942-AE38A8232A15}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{25F486DE-3124-4A03-9A15-658DBBB4716B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F4F3579F-C1D3-4C75-BF48-85FA1CF0E2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF63036B-E346-4D7D-9D8B-732173170D2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{47EE331D-2B7F-44F6-93AF-3A7FEFD3C25A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{75394979-87B0-4439-A684-683638C659FD}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F834FDC-D6EF-49AB-8129-9383EF23F72F}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0F4DAFBD-52B4-45C3-9C46-6A61C9779DE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{60CD3691-DAE8-4E09-AC97-92400C557C0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{011F936A-EE6E-47B2-802B-91EE7FABFA53}D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [UDP Query User{43EF2D69-F02F-4843-A3C6-165CEBBCC898}D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [{8D300A7F-33FB-40B3-BF73-EAEE4A661CFC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D437C575-FA84-4134-83FF-F334BBA577C2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [TCP Query User{5AEC509D-E07A-4363-8A44-A400B6ADE478}D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{0F90AB27-1560-496D-B68F-8FA362CF5777}D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [{25ACEFD4-1814-4A2A-9405-56C6F06ED4EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{8A1E9DEE-A3BF-49D6-B5A0-E0D0655A5C34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{710BD64B-C703-41CC-95EB-19B206C0719B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{1A546FC1-D0B4-4AAD-841A-8FABCDD871D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{20571518-0693-43D7-A5EB-83FAF66B29E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{A3011250-858A-4881-86B8-979678266503}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [TCP Query User{13410BC9-4C0B-4F4F-AF3F-B4D455C21C30}D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [UDP Query User{2943C021-5278-4E80-BB6C-890E679E9B40}D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{1103BEEC-9066-475E-A4AC-23D8D2753B97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{92FECCA3-3443-4915-A7BC-E56DB2421C53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{BD3626F5-2042-4EC0-849C-ADBFB43FA484}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{77C3C81F-69CD-40B6-A892-0302F0F82C37}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA938B6E-D6DE-47AB-9E5F-C958DCF75901}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{54ADD87D-C53C-4092-A231-A9B3E32CBB45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AED77D6-164D-4147-906A-27877F56CBB0}] => (Allow) D:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7CEF7A7F-5123-4267-B7F3-C9BE1112CD45}D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{0BFB461F-A440-42BD-9F76-937F7EDA178B}D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{893D1063-8C75-4299-8225-019427FD3E5A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{41A61AEC-3349-4614-87CD-F55F87FE3946}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{9260A945-63C9-4B51-AD66-639DFE236F3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{73A3D382-B8A5-4355-B729-D59154A48563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1B92CC88-6C48-42FF-BA9F-E51E91D92F03}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{2C6E3089-BD04-40AE-80BD-CE71F7AE282A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{CC2F9F08-17A0-4335-BE96-52375490B223}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{4E886C7F-2070-42CE-8A9B-6EED8380CF13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{CC538997-514D-4F66-AC29-C5FDCBEECC3A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{4F978A49-5712-464E-A2F9-1F2DECDDD70C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{52D9A1A2-6E4D-43A9-8087-B978894C9EE2}D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe] => (Block) D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe
FirewallRules: [UDP Query User{5F4590DC-2306-40AE-B1DF-52EDBD4E4633}D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe] => (Block) D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe
FirewallRules: [{2CED1D6A-3502-43DB-9932-9F0E34CC8569}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{2D03009B-DD1F-43C0-AAB6-4E5C96050F47}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{D253C664-72E3-4B5F-982B-A80404CD5CB5}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{F8DD63A3-0F1E-4C67-92B9-0CD4B8E9D3EB}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{42F6B230-1B0E-4023-AE65-2E3480E6FACB}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{C3F1A140-1EAD-4434-9144-71828418EA0C}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{8EA95A28-4967-47F5-BC04-9B272E0FE057}] => (Allow) D:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{83D87E5B-BDBF-43D4-9152-68913B8614D6}] => (Allow) D:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [TCP Query User{A5C77DFF-C8D7-40A7-8D4A-62DE80CC0E79}D:\program files (x86)\dying light\dyinglightgame.exe] => (Block) D:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{53DB70E5-CA1B-4F57-BDA3-FE691ED78BCB}D:\program files (x86)\dying light\dyinglightgame.exe] => (Block) D:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [{EE9D4FED-AEC6-408D-BB5D-3AAD609DB373}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{B11A01E4-BA1B-4A67-BDB3-37BB8B0A6BA1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{D0AE4AD0-1AC2-4CE4-A448-A854C1DBE9D9}D:\program files (x86)\thechineseroom\dear esther\dearesther.exe] => (Block) D:\program files (x86)\thechineseroom\dear esther\dearesther.exe
FirewallRules: [UDP Query User{258223E1-F27B-48BF-9194-F3BFB5E8F70F}D:\program files (x86)\thechineseroom\dear esther\dearesther.exe] => (Block) D:\program files (x86)\thechineseroom\dear esther\dearesther.exe
FirewallRules: [TCP Query User{F382CF67-4637-4018-9E9F-B4ADD8603278}D:\games\launcher\bethesda.net_launcher.exe] => (Allow) D:\games\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{4E2E6E9D-7D18-4576-9182-E87BB1365146}D:\games\launcher\bethesda.net_launcher.exe] => (Allow) D:\games\launcher\bethesda.net_launcher.exe
FirewallRules: [{3AE27273-FAB1-4A3D-A18C-EA6A458B3309}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5DDD4A36-ABF4-4FFE-857C-202EDE507462}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F18986CB-2F9F-44C8-9F45-2A895A54A468}] => (Allow) D:\Games\Hearthstone\Hearthstone.exe
FirewallRules: [{EF0FC17B-B91A-468B-99EE-2EB4C450137B}] => (Allow) D:\Games\Hearthstone\Hearthstone.exe
FirewallRules: [{442257FA-9A46-4AEC-9503-3D21DEBE1DC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{6618F859-019E-406A-BDF6-B494B0796ECC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{0007F8F4-B69E-47D7-95AE-47C5DF797B18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{30D0124E-8A64-4528-87AE-F1F1208A06EA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{87A35DF0-C652-4BEE-A862-9F542B40C87E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{063FFE2A-A23D-4EA8-9C68-3054BC783296}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CC5326C9-AF2C-425A-ACBD-A3EE31FD8555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{88896BDF-6AFC-41A4-B09D-E32C937D10D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{482A1D9C-C486-4658-AD8E-4D7F3A2A2BB2}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{3A7600BA-8557-49F9-978E-397B2DEC60BA}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{057195C2-CE48-44F1-87E0-7FCD349D0D18}] => (Allow) D:\Downloads\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{6713D87A-76B5-4569-BEEA-FD28203E8CFD}] => (Allow) D:\Downloads\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{060CC6F0-79AD-402B-9E71-6C18953812DA}] => (Allow) C:\Users\TSK\AppData\Local\Apps\2.0\RL7QCVJJ.8Q5\JRR2TL53.7ZV\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{388A117E-EF86-4A20-85AF-95B02F50F7CE}] => (Allow) C:\Users\TSK\AppData\Local\Apps\2.0\RL7QCVJJ.8Q5\JRR2TL53.7ZV\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{D482C428-6C0E-400B-B0F9-513ADC7D1AD7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{5A4179F4-7144-4A43-98FD-2A1CA3395A7B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{552EEF84-4CE8-480B-BCA6-2E5F8E09D693}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{ABD7ACDB-C06F-4682-966E-35BE6BB099DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{66B77B7B-B067-4570-A590-AE82F4B9A180}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{0D6AAC33-9EC3-4AD9-BF7A-4A07158A3BC8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{AD4102CC-B4E8-49A5-8D62-3F7200CDBAFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{46904335-AB5E-4F37-AAF3-A74697A39DA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6BDDD889-9CD9-4DBD-AD1C-6247C2F6C06A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe

==================== Faulty Device Manager Devices =============

Name: WinI2C-DDC Kernel Mode Driver
Description: WinI2C-DDC Kernel Mode Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WinI2C-DDC
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/25/2015 10:21:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GalaxyClient Helper.exe, Version: 1.0.6.31, Zeitstempel: 0x55a8e976
Name des fehlerhaften Moduls: libcef.dll, Version: 3.1750.1638.0, Zeitstempel: 0x5321c89d
Ausnahmecode: 0x80000003
Fehleroffset: 0x00114d90
ID des fehlerhaften Prozesses: 0xd3c
Startzeit der fehlerhaften Anwendung: 0xGalaxyClient Helper.exe0
Pfad der fehlerhaften Anwendung: GalaxyClient Helper.exe1
Pfad des fehlerhaften Moduls: GalaxyClient Helper.exe2
Berichtskennung: GalaxyClient Helper.exe3

Error: (07/20/2015 07:47:55 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (07/19/2015 11:38:21 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5547614

Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5547614

Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5546616

Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5546616

Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2015 06:36:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5545617


System errors:
=============
Error: (07/25/2015 11:02:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server (BWDATOOLSET)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/25/2015 11:02:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinI2C-DDC Kernel Mode Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/25/2015 10:23:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server (BWDATOOLSET)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/25/2015 10:23:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinI2C-DDC Kernel Mode Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/25/2015 10:22:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SBSD Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (07/25/2015 10:21:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GalaxyClient Helper.exe1.0.6.3155a8e976libcef.dll3.1750.1638.05321c89d8000000300114d90d3c01d0c6b2ef88f23cD:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exeD:\Program Files (x86)\GalaxyClient\libcef.dll2f2c49b9-32a6-11e5-8b27-00aceb45131e

Error: (07/20/2015 07:47:55 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*d:\program files (x86)\spybot - search & destroy\DelZip179.dlld:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (07/19/2015 11:38:21 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5547614

Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5547614

Error: (07/19/2015 06:36:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5546616

Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5546616

Error: (07/19/2015 06:36:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2015 06:36:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5545617


CodeIntegrity Errors:
===================================
  Date: 2014-10-10 17:37:04.604
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\TSK\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-10 17:37:04.562
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\TSK\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-10 17:37:04.512
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-10 17:37:04.469
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 8109.11 MB
Available physical RAM: 5337.56 MB
Total Virtual: 16216.41 MB
Available Virtual: 13347.73 MB

==================== Drives ================================

Drive c: (Volume) (Fixed) (Total:55.9 GB) (Free:9.46 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:119.58 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (CARBOARDBOX) (Removable) (Total:0.99 GB) (Free:0.84 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 45C40761)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5B2849B1)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1011.8 MB) (Disk ID: 009EAF4A)
Partition 1: (Active) - (Size=1012 MB) - (Type=06)

==================== End of log ============================
         
--- --- ---


Alt 25.07.2015, 11:11   #6
M-K-D-B
/// TB-Ausbilder
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Servus,




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alt 25.07.2015, 11:20   #7
lokithease
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Code:
ATTFilter
ComboFix 15-07-23.01 - TSK 25.07.2015  12:14:31.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8109.5992 [GMT 2:00]
ausgeführt von:: c:\users\TSK\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\TSK\AppData\Local\Temp\d12d05b4-91e4-4bef-b454-f07710dc01b4\CliSecureRT64.dll
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
D:\install.exe
D:\Setup.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-25 bis 2015-07-25  ))))))))))))))))))))))))))))))
.
.
2015-07-25 10:17 . 2015-07-25 10:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-25 09:56 . 2015-07-25 09:57	--------	d-----w-	C:\FRST
2015-07-25 08:50 . 2015-07-15 01:12	12222168	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC5D0CAB-57B7-4DF5-B031-E89E40B9A425}\mpengine.dll
2015-07-25 08:49 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-25 08:49 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-25 08:49 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-25 08:49 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-25 08:49 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-25 08:49 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-25 08:49 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-25 08:49 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-25 08:49 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-25 08:49 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-25 08:32 . 2015-07-25 08:32	--------	d-----w-	c:\users\TSK\AppData\Roaming\JAM Software
2015-07-15 08:05 . 2015-06-20 19:57	49664	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-07-15 08:03 . 2015-07-04 18:07	2087424	----a-w-	c:\windows\system32\ole32.dll
2015-07-11 10:55 . 2015-07-16 12:33	--------	d-----w-	c:\users\TSK\AppData\Roaming\DVDVideoSoft
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-16 07:56 . 2012-05-14 19:22	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-16 07:56 . 2012-05-14 19:22	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 06:43 . 2012-05-10 10:06	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-06-24 11:36 . 2015-04-16 17:35	1320120	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-06-24 11:36 . 2015-04-16 17:35	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-06-24 11:36 . 2015-04-16 17:35	1571696	----a-w-	c:\windows\system32\nvspcap64.dll
2015-06-24 11:36 . 2015-04-16 17:35	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-06-23 23:31 . 2015-06-23 23:31	1615016	----a-w-	c:\windows\system32\FM20.DLL
2015-06-23 11:30 . 2012-05-06 19:15	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-05-19 03:29 . 2015-06-23 12:00	46768	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-05-19 03:14 . 2015-06-23 12:00	57520	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-05-19 03:14 . 2015-04-16 17:34	61616	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-05-13 06:52 . 2015-05-18 18:57	31552	----a-w-	c:\windows\system32\nvhdap64.dll
2015-05-13 06:52 . 2015-05-18 18:57	195912	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2015-05-13 06:52 . 2013-04-01 16:55	1558848	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2015-05-12 06:27 . 2015-05-18 18:57	982672	----a-w-	c:\windows\SysWow64\NvIFR.dll
2015-05-12 06:27 . 2015-05-18 18:57	974480	----a-w-	c:\windows\SysWow64\NvFBC.dll
2015-05-12 06:27 . 2015-05-18 18:57	939080	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2015-05-12 06:27 . 2015-05-18 18:57	502896	----a-w-	c:\windows\system32\nvEncodeAPI64.dll
2015-05-12 06:27 . 2015-05-18 18:57	42718864	----a-w-	c:\windows\system32\nvcompiler.dll
2015-05-12 06:27 . 2015-05-18 18:57	408208	----a-w-	c:\windows\system32\NvIFROpenGL.dll
2015-05-12 06:27 . 2015-05-18 18:57	407296	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll
2015-05-12 06:27 . 2015-05-18 18:57	37741712	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2015-05-12 06:27 . 2015-05-18 18:57	364176	----a-w-	c:\windows\SysWow64\NvIFROpenGL.dll
2015-05-12 06:27 . 2015-05-18 18:57	30478992	----a-w-	c:\windows\system32\nvoglv64.dll
2015-05-12 06:27 . 2015-05-18 18:57	2932368	----a-w-	c:\windows\system32\nvcuvid.dll
2015-05-12 06:27 . 2015-05-18 18:57	2599056	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2015-05-12 06:27 . 2015-05-18 18:57	22945424	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2015-05-12 06:27 . 2015-05-18 18:57	1898312	----a-w-	c:\windows\system32\nvdispco6435286.dll
2015-05-12 06:27 . 2015-05-18 18:57	16145176	----a-w-	c:\windows\system32\nvopencl.dll
2015-05-12 06:27 . 2015-05-18 18:57	1557648	----a-w-	c:\windows\system32\nvdispgenco6435286.dll
2015-05-12 06:27 . 2015-05-18 18:57	150832	----a-w-	c:\windows\system32\nvoglshim64.dll
2015-05-12 06:27 . 2015-05-18 18:57	14455296	----a-w-	c:\windows\system32\nvcuda.dll
2015-05-12 06:27 . 2015-05-18 18:57	13263568	----a-w-	c:\windows\SysWow64\nvopencl.dll
2015-05-12 06:27 . 2015-05-18 18:57	128512	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2015-05-12 06:27 . 2015-05-18 18:57	11790144	----a-w-	c:\windows\SysWow64\nvcuda.dll
2015-05-12 06:27 . 2015-05-18 18:57	1099808	----a-w-	c:\windows\system32\nvumdshimx.dll
2015-05-12 06:27 . 2015-05-18 18:57	10972304	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2015-05-12 06:27 . 2015-05-18 18:57	1059984	----a-w-	c:\windows\system32\NvIFR64.dll
2015-05-12 06:27 . 2015-05-18 18:57	1050256	----a-w-	c:\windows\system32\NvFBC64.dll
2015-05-12 06:27 . 2015-04-16 17:34	3363224	----a-w-	c:\windows\system32\nvapi64.dll
2015-05-12 06:27 . 2015-04-16 17:34	12849056	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-05-12 06:27 . 2015-04-16 17:28	112784	----a-w-	c:\windows\system32\OpenCL.dll
2015-05-12 06:27 . 2015-04-16 17:28	105288	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-05-12 06:27 . 2014-11-18 15:19	2971776	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-05-12 06:27 . 2014-11-18 15:19	176064	----a-w-	c:\windows\system32\nvinitx.dll
2015-05-12 06:27 . 2014-11-18 15:19	17540416	----a-w-	c:\windows\system32\nvwgf2umx.dll
2015-05-12 06:27 . 2014-11-18 15:19	15858728	----a-w-	c:\windows\system32\nvd3dumx.dll
2015-05-12 06:27 . 2014-11-18 15:19	154256	----a-w-	c:\windows\SysWow64\nvinit.dll
2015-05-12 06:27 . 2014-11-18 15:19	15048816	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2015-05-12 03:30 . 2015-04-16 17:28	937288	----a-w-	c:\windows\system32\nvvsvc.exe
2015-05-12 03:30 . 2015-04-16 17:28	62608	----a-w-	c:\windows\system32\nvshext.dll
2015-05-12 03:30 . 2015-04-16 17:28	385352	----a-w-	c:\windows\system32\nvmctray.dll
2015-05-12 03:30 . 2015-04-16 17:28	2558608	----a-w-	c:\windows\system32\nvsvcr.dll
2015-05-12 03:30 . 2015-04-16 17:28	6872392	----a-w-	c:\windows\system32\nvcpl.dll
2015-05-12 03:30 . 2015-04-16 17:28	3490448	----a-w-	c:\windows\system32\nvsvc64.dll
2015-05-12 02:34 . 2015-05-18 18:57	571024	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-05-11 17:01 . 2015-04-16 17:28	4391871	----a-w-	c:\windows\system32\nvcoproc.bin
2015-05-09 03:27 . 2015-06-09 20:54	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-09 03:27 . 2015-06-09 20:54	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-09 03:27 . 2015-06-09 20:54	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-09 03:27 . 2015-06-09 20:54	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-09 03:26 . 2015-06-09 20:54	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-09 03:26 . 2015-06-09 20:54	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-09 03:26 . 2015-06-09 20:54	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-09 03:25 . 2015-06-09 20:54	338432	----a-w-	c:\windows\system32\conhost.exe
2015-05-09 03:20 . 2015-06-09 20:54	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 03:20 . 2015-06-09 20:54	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 03:13 . 2015-06-09 20:54	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2015-05-09 03:13 . 2015-06-09 20:54	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-09 03:13 . 2015-06-09 20:54	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2015-05-09 03:12 . 2015-06-09 20:54	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2015-05-09 03:12 . 2015-06-09 20:54	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2015-05-09 03:08 . 2015-06-09 20:54	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	151576	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"SpybotSD TeaTimer"="d:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SteelSeries Engine"="c:\program files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" [2013-02-06 239104]
"GalaxyClient"="d:\program files (x86)\GalaxyClient\GalaxyClient.exe" [2015-07-20 7247416]
"Dropbox Update"="c:\users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-17 134512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2014-09-01 152392]
"PDFPrint"="d:\program files (x86)\PDF24\pdf24.exe" [2014-11-28 193568]
.
c:\users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 43871968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);d:\downloads\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe;d:\downloads\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
R2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
R3 GalaxyClientService;GalaxyClientService;d:\program files (x86)\GalaxyClient\GalaxyClientService.exe;d:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x]
R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Origin Client Service;Origin Client Service;d:\program files (x86)\Origin\OriginClientService.exe;d:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SEE;SoftEther Ethernet Layer Driver;c:\windows\system32\drivers\see.sys;c:\windows\SYSNATIVE\drivers\see.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;d:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;d:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [x]
S3 busenum;SteelBusSvc;c:\windows\system32\DRIVERS\SteelBus64.sys;c:\windows\SYSNATIVE\DRIVERS\SteelBus64.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0025.sys;c:\windows\SYSNATIVE\DRIVERS\Neo_0025.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys;c:\windows\SYSNATIVE\DRIVERS\SAlpham64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 39676603
*NewlyCreated* - 55436216
*Deregistered* - 39676603
*Deregistered* - 55436216
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-14 17:43	991048	----a-w-	c:\program files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 07:56]
.
2015-07-25 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job
- c:\users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 15:06]
.
2015-07-25 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job
- c:\users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 15:06]
.
2015-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 17:44]
.
2015-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 17:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	184856	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	184856	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	184856	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	184856	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	184856	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	184856	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	184856	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-26 18:30	184856	----a-w-	c:\users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-24 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-24 1571696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mDefault_Page_URL = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zenimax Launcher.lnk - d:\program files (x86)\Zenimax Online\Launcher\Bethesda.net_Launcher.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-ContentMod_2.5 - d:\program files (x86)\Steam\steamapps\common\Gothic 3\Uninstall_CM_2.6.exe
AddRemove-Realistic Colors and Real Nights 3.0.1 - HDR Edition - - d:\program files (x86)\Steam\steamapps\common\skyrim\Uninstall-RCRN.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-25  12:18:38
ComboFix-quarantined-files.txt  2015-07-25 10:18
.
Vor Suchlauf: 9.974.759.424 Bytes frei
Nach Suchlauf: 9.841.053.696 Bytes frei
.
- - End Of File - - 1504BAB96671EE4DB42034ABDB0D7441
         

Alt 26.07.2015, 08:18   #8
M-K-D-B
/// TB-Ausbilder
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Alt 26.07.2015, 09:46   #9
lokithease
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 26/07/2015 um 10:32:45
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-09.2 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : TSK - TSK-PC
# Gestarted von : C:\Users\TSK\Desktop\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v


-\\ Google Chrome v43.0.2357.134

[C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=dspp&ts=1400433733&from=cor&uid=OCZ-AGILITY3_OCZ-4P4QI634PS92FC1V&q={searchTerms}

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [7321 Bytes] - [06/07/2014 10:37:57]
AdwCleaner[R1].txt - [3018 Bytes] - [25/07/2015 10:21:03]
AdwCleaner[R2].txt - [1419 Bytes] - [26/07/2015 10:31:40]
AdwCleaner[S0].txt - [7286 Bytes] - [06/07/2014 10:38:11]
AdwCleaner[S1].txt - [2995 Bytes] - [25/07/2015 10:22:17]
AdwCleaner[S2].txt - [1339 Bytes] - [26/07/2015 10:32:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1398  Bytes] ##########
         


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.07.2015
Suchlauf-Zeit: 10:35:19
Logdatei: malwaer bytes.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.03.09.05
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: TSK

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 370740
Verstrichene Zeit: 4 Min, 14 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 7 Home Premium x64
Ran by TSK on 26.07.2015 at 10:40:44,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] wcuservice_stc_ie [Reboot required]



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files

Successfully deleted: [File] C:\Users\TSK\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.lyricsfreak.com_0.localstorage
Successfully deleted: [File] C:\Users\TSK\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.lyricsfreak.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\TSK\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\TSK\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\Users\TSK\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Users\TSK\AppData\Roaming\0F1L1I1P0H1L1E1E1F



~~~ Chrome


[C:\Users\TSK\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\TSK\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gkojfkhlekighikafcpjkiklfbnlmeio

[C:\Users\TSK\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\TSK\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.07.2015 at 10:42:48,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
durchgeführt von TSK (Administrator) auf TSK-PC (26-07-2015 10:43:55)
Gestartet von C:\Users\TSK\Desktop
Geladene Profile: TSK (Verfügbare Profile: TSK)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [SpybotSD TeaTimer] => D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [239104 2013-02-06] (SteelSeries ApS)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7247416 2015-07-20] (GOG.com)
HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Run: [Dropbox Update] => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
Startup: C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-05-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2232650930-980712706-877487117-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {269C069F-43BD-4245-8ADB-8EE265057163} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {6A2FA341-331E-421e-9B67-5C00501C6F1D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-2232650930-980712706-877487117-1000 -> {AE27EA29-0A68-4bee-98A4-623994B4BDE3} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0643C37E-5534-4489-941C-0F6F78949918}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A8FD029E-32DA-4DA6-A0EC-3BAC3E53C00E}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default
FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/971030084/proxy.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\system32\npdeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2232650930-980712706-877487117-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll Keine Datei
FF Extension: GFACE Experience Plugin - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: FoxyProxy Standard - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\foxyproxy@eric.h.jung [2015-01-04]
FF Extension: Premiumize.me - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2015-01-04]
FF Extension: web Player - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{07a56c5c-9aba-46d7-876a-2aaab7932900}.xpi [2014-06-15]
FF Extension: {b26ec7aa-f2b6-4ddc-800e-5c43e181fe95} - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{b26ec7aa-f2b6-4ddc-800e-5c43e181fe95}.xpi [2014-06-11]
FF Extension: Adblock Plus - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-24]

Chrome: 
=======
CHR Profile: C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18]
CHR Extension: (Google Drive) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18]
CHR Extension: (YouTube) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18]
CHR Extension: (Google Search) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-02-14]
CHR Extension: (Hola Better Internet Engine) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-11-16]
CHR Extension: (SciLor's Grooveshark(tm) Unlocker) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob [2014-04-18]
CHR Extension: (AdBlock) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Gmail) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-20] (GOG.com)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 MSSQL$BWDATOOLSET; D:\Downloads\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-09-18] ()
S2 SBSDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-06] (DT Soft Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0025.sys [28768 2014-11-18] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-01-10] (SteelSeries Corporation)
S3 SEE; C:\Windows\System32\drivers\see.sys [38240 2014-11-18] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [Datei ist nicht signiert]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S2 WinI2C-DDC; \??\C:\Windows\system32\drivers\DDCDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-26 10:43 - 2015-07-26 10:43 - 00000000 ____D C:\Users\TSK\Desktop\FRST-OlderVersion
2015-07-26 10:42 - 2015-07-26 10:42 - 00002064 _____ C:\Users\TSK\Desktop\JRT.txt
2015-07-26 10:39 - 2015-07-26 10:39 - 00001217 _____ C:\Users\TSK\Desktop\malwaer bytes.txt
2015-07-26 10:35 - 2015-07-26 10:35 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-26 10:34 - 2015-07-26 10:34 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-26 10:34 - 2015-07-26 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-26 10:34 - 2015-07-26 10:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-26 10:34 - 2015-07-26 10:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-26 10:34 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-26 10:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-26 10:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-26 10:33 - 2015-07-26 10:33 - 00001478 _____ C:\Users\TSK\Desktop\AdwCleaner[S2].txt
2015-07-26 10:31 - 2015-07-26 10:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\TSK\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-26 10:31 - 2015-07-26 10:30 - 02248704 _____ C:\Users\TSK\Desktop\AdwCleaner_4.208.exe
2015-07-26 10:31 - 2015-07-26 10:30 - 01798288 _____ (Malwarebytes Corporation) C:\Users\TSK\Desktop\JRT.exe
2015-07-25 15:01 - 2015-07-25 15:01 - 00000000 ____D C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-25 12:55 - 2015-07-25 12:55 - 00000000 ____D C:\Users\TSK\AppData\Local\CEF
2015-07-25 12:18 - 2015-07-25 12:18 - 00032621 _____ C:\ComboFix.txt
2015-07-25 12:12 - 2015-07-25 12:18 - 00000000 ____D C:\Qoobox
2015-07-25 12:12 - 2015-07-25 12:17 - 00000000 ____D C:\Windows\erdnt
2015-07-25 12:12 - 2015-07-25 12:12 - 05633622 ____R (Swearware) C:\Users\TSK\Desktop\ComboFix.exe
2015-07-25 12:12 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-25 12:12 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-25 12:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-25 12:12 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-25 11:56 - 2015-07-26 10:44 - 00022568 _____ C:\Users\TSK\Desktop\FRST.txt
2015-07-25 11:56 - 2015-07-26 10:43 - 00000000 ____D C:\FRST
2015-07-25 11:55 - 2015-07-26 10:43 - 02146816 _____ (Farbar) C:\Users\TSK\Desktop\FRST64.exe
2015-07-25 11:55 - 2015-07-25 11:55 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\TSK\Desktop\tdsskiller.exe
2015-07-25 10:49 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-25 10:49 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-25 10:49 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-25 10:49 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-25 10:49 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-25 10:49 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-25 10:32 - 2015-07-25 10:32 - 00000000 ____D C:\Users\TSK\AppData\Roaming\JAM Software
2015-07-25 10:32 - 2015-07-25 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-07-25 10:28 - 2015-07-25 10:28 - 00096362 _____ C:\Users\TSK\Desktop\OTL.Txt
2015-07-25 10:23 - 2015-07-25 10:23 - 00002995 _____ C:\Users\TSK\Desktop\AdwCleaner[S1].txt
2015-07-16 16:35 - 2015-07-26 10:33 - 00003192 _____ C:\Windows\setupact.log
2015-07-16 16:35 - 2015-07-16 16:35 - 00000000 _____ C:\Windows\setuperr.log
2015-07-15 11:19 - 2015-07-16 09:24 - 00000000 ____D C:\Users\TSK\Documents\Darkest
2015-07-15 10:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 10:06 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 10:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 10:06 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 10:06 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 10:06 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 10:06 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 10:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 10:06 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 10:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 10:06 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 10:06 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 10:06 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 10:06 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 10:06 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 10:06 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 10:06 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 10:06 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 10:06 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 10:06 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 10:06 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 10:05 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 10:05 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 10:05 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 10:05 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 10:05 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 10:05 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 10:05 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 10:05 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:05 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 10:05 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 10:05 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 10:05 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 10:05 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 10:05 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:05 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 10:05 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:05 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 10:05 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 10:05 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 10:05 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 10:05 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 10:05 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 10:05 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 10:05 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 10:05 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 10:05 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 10:05 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 10:05 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 10:05 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 10:05 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 10:05 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 10:05 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 10:05 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 10:05 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 10:05 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 10:05 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 10:05 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 10:05 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 10:05 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 10:05 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 10:05 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 10:05 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 10:05 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 10:05 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 10:03 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 10:03 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 10:03 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 10:03 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 10:03 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 10:03 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 10:03 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 10:03 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 10:03 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 10:03 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 10:03 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 10:03 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 10:03 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 10:03 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 10:03 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 10:03 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 10:03 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 10:03 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 10:03 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 10:03 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 10:03 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 10:03 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 10:03 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 10:03 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 10:03 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 10:03 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 10:03 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 10:03 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 10:03 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 10:03 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 10:03 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-13 14:12 - 2015-07-13 14:12 - 00000000 ____D C:\Users\TSK\Documents\Telltale Games
2015-07-11 12:55 - 2015-07-16 14:33 - 00000000 ____D C:\Users\TSK\AppData\Roaming\DVDVideoSoft
2015-07-10 21:52 - 2015-07-10 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS
2015-06-27 12:29 - 2015-06-27 12:29 - 00000736 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-26 10:44 - 2015-05-17 21:59 - 01606392 _____ C:\Windows\WindowsUpdate.log
2015-07-26 10:41 - 2009-07-14 06:45 - 00020208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-26 10:41 - 2009-07-14 06:45 - 00020208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-26 10:39 - 2009-07-14 19:58 - 00749336 _____ C:\Windows\system32\perfh007.dat
2015-07-26 10:39 - 2009-07-14 19:58 - 00168106 _____ C:\Windows\system32\perfc007.dat
2015-07-26 10:39 - 2009-07-14 07:13 - 01761708 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-26 10:33 - 2015-04-16 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-26 10:33 - 2014-04-18 19:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-26 10:33 - 2012-05-06 20:52 - 00000000 ____D C:\Users\TSK\AppData\Roaming\Dropbox
2015-07-26 10:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-26 10:32 - 2014-07-06 10:37 - 00000000 ____D C:\AdwCleaner
2015-07-26 10:28 - 2015-06-17 17:06 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job
2015-07-26 10:28 - 2014-04-18 19:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-26 10:27 - 2012-05-14 21:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 15:05 - 2015-06-15 20:46 - 00003514 _____ C:\Windows\PFRO.log
2015-07-25 12:18 - 2015-03-27 15:55 - 00000000 ____D C:\Users\TSK\AppData\Local\Apps\2.0
2015-07-25 12:17 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-25 11:18 - 2015-06-17 17:06 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job
2015-07-25 11:13 - 2015-06-17 17:06 - 00004186 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA
2015-07-25 11:13 - 2015-06-17 17:06 - 00003790 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core
2015-07-25 11:01 - 2009-07-14 06:45 - 00408520 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-25 10:53 - 2015-05-17 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-07-25 10:35 - 2012-05-06 20:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-16 09:56 - 2012-05-14 21:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 09:56 - 2012-05-14 21:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 09:56 - 2012-05-14 21:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 09:41 - 2014-04-18 19:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 09:41 - 2014-04-18 19:44 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 09:35 - 2015-01-04 13:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 09:35 - 2014-12-07 10:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 15:10 - 2012-05-06 20:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 15:07 - 2013-08-14 22:34 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 11:19 - 2015-05-02 17:02 - 00000000 ____D C:\Users\TSK\AppData\Roaming\NVIDIA
2015-07-15 11:19 - 2012-12-01 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-11 12:53 - 2015-06-15 10:41 - 00036794 _____ C:\Windows\DirectX.log
2015-07-11 12:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-06 23:20 - 2012-05-06 20:58 - 00000000 ____D C:\Windows\Minidump
2015-07-03 08:43 - 2012-05-10 12:06 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-01 10:12 - 2015-05-19 08:02 - 00000000 ____D C:\Users\TSK\Documents\The Witcher 3
2015-06-27 12:30 - 2012-05-07 14:05 - 00000000 ____D C:\Users\TSK\Documents\Nexus Mod Manager
2015-06-27 12:30 - 2012-05-06 22:37 - 00000000 ____D C:\Users\TSK\AppData\Local\Skyrim
2015-06-27 12:29 - 2014-11-09 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-07 23:25 - 2014-01-07 23:25 - 0000037 ___SH () C:\Users\TSK\AppData\Local\70149b02515b3bb20dd492.47983420

Einige Dateien in TEMP:
====================
C:\Users\TSK\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy1s4v0.dll
C:\Users\TSK\AppData\Local\Temp\Quarantine.exe
C:\Users\TSK\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-25 14:05

==================== Ende von log ============================
         

Alt 26.07.2015, 09:47   #10
lokithease
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-07-2015
durchgeführt von TSK an 2015-07-26 10:44:09
Gestartet von C:\Users\TSK\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2232650930-980712706-877487117-500 - Administrator - Disabled)
Gast (S-1-5-21-2232650930-980712706-877487117-501 - Limited - Enabled)
TSK (S-1-5-21-2232650930-980712706-877487117-1000 - Administrator - Enabled) => C:\Users\TSK

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1998142718.48.56.41167770 - Audible, Inc.)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version:  - )
ContentMod2.6 (HKLM-x32\...\ContentMod_2.6) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
Curse Client (HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version:  - )
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
Dropbox (HKU\S-1-5-21-2232650930-980712706-877487117-1000\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Knights of Honor (HKLM-x32\...\Steam App 25830) (Version:  - Black Sea Studios Ltd)
Leviathan: Warships (HKLM-x32\...\Steam App 202270) (Version:  - Pieces Interactive)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mumble 1.3.0 (HKLM\...\{5CF49B6B-598B-4944-8A8E-B1B34E6ECB6F}) (Version: 1.3.0 - The Mumble team)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.7 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Parallels runtime modules (x32 Version: 1.00.0000 - Parallels) Hidden
Parallels USB Driver (x32 Version: 6.00.23350 - Parallels) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Penny Arcade's On the Rain-Slick Precipice of Darkness 4 (HKLM-x32\...\Steam App 237570) (Version:  - Zeboyd Games)
Postal 2 - Apocalypse Weekend (HKLM-x32\...\Postal 2 - Apocalypse Weekend) (Version:  - )
Postal 2 - Share The Pain (HKLM-x32\...\Postal 2 - Share The Pain) (Version:  - )
Realistic Colors and Real Nights 3.0.1 - HDR Edition - (HKLM-x32\...\Realistic Colors and Real Nights 3.0.1 - HDR Edition -) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SnapAPI (x32 Version: 4.2.709 - Acronis) Hidden
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.7.3047.30645 - SteelSeries)
Tales from the Borderlands (HKLM-x32\...\1432213337_is1) (Version: 2.1.0.2 - GOG.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.7.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
TripleA Version 1_7_0_3 (HKLM-x32\...\TripleAVersion1_7_0_3) (Version:  - )
TripleA Version 1_8_0_3 (HKLM-x32\...\TripleAVersion1_8_0_3) (Version:  - )
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Datacolor (Spyder3) USB  (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{9e177f9e-27b6-4a84-9037-eab4b82868e3}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2232650930-980712706-877487117-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TSK\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

ATTENTION: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-07-25 12:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0E4558E8-1388-4CB2-8499-9BA89236AA30} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {1609CAE3-61A6-4EC9-8CBB-44AC9B153B6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {6EE1111F-D08B-4B71-BE34-766B1AD60053} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {7E57F72C-F856-4227-A3E0-6E8089F0CC31} - System32\Tasks\{7C29FCC2-7733-474E-9577-EF1F9F2369E1} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {96FCD9BF-49CD-4801-B7FF-F56D16AB088F} - System32\Tasks\{4A483AA4-33C3-4A41-8E61-430241C68B28} => pcalua.exe -a "D:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries\Launcher.exe" -d "D:\Program Files (x86)\The Vanishing of Ethan Carter\Binaries"
Task: {9DEF66E7-BA9C-4E37-9858-CB01D59AFBB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AB02F77F-807A-4B3A-A242-10E47B69D3CB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {C5E47D3B-3B80-4F50-9564-BB626F49FC4E} - System32\Tasks\{A0F26065-B8E6-43EC-AEA7-DD1A05A66449} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {DECCCFA2-6E7F-4879-B8D6-BAADF6471504} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {F1FF2A19-9D5F-4282-A04E-FB8EC18EA7CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {F2D2070C-D795-45A1-9210-1179BFB074E9} - System32\Tasks\{0A9F147B-8610-4C94-BC48-E425BFDBD47E} => pcalua.exe -a "D:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/39500

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000Core.job => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2232650930-980712706-877487117-1000UA.job => C:\Users\TSK\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-06 20:43 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-14 19:43 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 19:43 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\TSK\Desktop\aWZ2wEK_460s.jpg:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. The "AlternateShell" value will be restored.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2232650930-980712706-877487117-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TSK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: SCBackService => 2
MSCONFIG\Services: WCUService_STC_IE => 2
MSCONFIG\startupfolder: C:^Users^TSK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EIZO EasyPIX.lnk => C:\Windows\pss\EIZO EasyPIX.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EasyPIXCore => "D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe"
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: STCAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
MSCONFIG\startupreg: ZyngaGamesAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{D0D30725-FFDD-43A6-A681-582C84F5387A}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3AE695D4-4665-4152-961C-DC32916E3DE4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E0B9DA6-2ECD-4F30-872A-F545A8A4724B}] => (Allow) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5D593C93-F9EB-489E-8DC6-E015FB22160F}] => (Allow) C:\Users\TSK\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{BAABF21E-5B3A-4DA3-8A69-955571F36797}C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe] => (Allow) C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe
FirewallRules: [UDP Query User{9DCD5E7B-FAF8-4872-BB35-3004CE9DAC72}C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe] => (Allow) C:\users\tsk\appdata\local\temp\7d.tmp\kmservice.exe
FirewallRules: [TCP Query User{BCF8E1C4-F015-4D5D-861F-595BC74FFF00}D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{D9C15FEB-69D8-4250-9F38-BAFAABC0D905}D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mrflausch666\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{B201688A-47B4-4073-9369-078D7334CF2D}C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6533D624-16F8-419A-8904-5E6B9BD20601}C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tsk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4B024105-6E0E-441D-917D-4BBC5E09FF53}D:\downloads\diablo-iii-8370-dede-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [UDP Query User{FD25BEF3-DD2A-4E48-9B39-B4B47F447065}D:\downloads\diablo-iii-8370-dede-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [{6853CD0B-B222-48FA-960C-F2602A73CCA3}] => (Allow) D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe
FirewallRules: [{E915AEE6-8A39-45FF-8F6A-AFBA07EB0630}] => (Allow) D:\Program Files\EIZO\EIZO EasyPIX Core\ep_eacore.exe
FirewallRules: [{3D389463-6911-410D-B81B-912767978CD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{14264450-AB67-44A8-9C42-A85EC10E23C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{AE523EF3-A9CA-41C4-8197-29292AD0FC5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{DFD7446D-1FAB-48F3-A876-75AA61D724C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [TCP Query User{21A2ECC1-8960-4736-B5EE-4E4AE0E49E57}D:\program files\eizo\eizo easypix core\ep_eacore.exe] => (Allow) D:\program files\eizo\eizo easypix core\ep_eacore.exe
FirewallRules: [UDP Query User{D1AE69D7-23F0-4906-AF46-BCFA5666C89C}D:\program files\eizo\eizo easypix core\ep_eacore.exe] => (Allow) D:\program files\eizo\eizo easypix core\ep_eacore.exe
FirewallRules: [TCP Query User{654FC5D9-BA8A-4A67-AE5A-2A6420A691B3}D:\downloads\diablo-iii-8370-engb-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-engb-installer-downloader.exe
FirewallRules: [UDP Query User{8E11BFFC-4D44-4B37-99E2-9FE442F09137}D:\downloads\diablo-iii-8370-engb-installer-downloader.exe] => (Allow) D:\downloads\diablo-iii-8370-engb-installer-downloader.exe
FirewallRules: [{8D99FC34-3390-4CFD-9E5F-34D9C5CAEABF}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{95644706-F3A2-4CBD-AEA7-1B22485C884B}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E3839F1D-72FE-4503-A5C7-CC0B06007619}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{021982FF-B36A-4EA3-859A-D37AECFFCC43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{E2EDF72B-D8A7-439F-89A1-692F3592C0B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [{DD0C543E-772E-4D62-A259-A1E6962D2722}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [TCP Query User{FCF8243B-7A67-4440-B37A-72D8E0919B2B}C:\users\tsk\appdata\local\temp\gw2.exe] => (Allow) C:\users\tsk\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{B184EC7C-F6EA-47EF-AD8D-3A0C7B40BCD9}C:\users\tsk\appdata\local\temp\gw2.exe] => (Allow) C:\users\tsk\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{F9C9D214-3430-4073-9930-7EC18CE17EED}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{12C4455A-F857-421F-93A6-9052135501B4}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [{A145F7E5-804F-400E-BC43-3A140FED5BC5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{6AC240D7-BC97-4897-B4FA-B6F1FE3F83EB}D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{D716C1AB-5460-4D32-83F6-F0DE2A397FD7}D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) D:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{1A0A46A9-666A-43E9-ACCB-38D49A872ED1}D:\jdownloader\jre\bin\javaw.exe] => (Allow) D:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4ADBA8C0-E3C8-4F2A-BC5E-57C2965B8B27}D:\jdownloader\jre\bin\javaw.exe] => (Allow) D:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{0F4C77D0-6E68-471A-A4FA-466E55072DD7}D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{9B8BC567-4EAB-487A-84C9-9CDFA6B44445}D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\program files (x86)\ubisoft\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{037441F9-ED70-4CF8-8AE8-DD4C2C423B13}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{FF0FA164-8276-49C7-BC5E-6D56D21F4C33}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{F5A4EB06-757A-431B-B4D5-7EBD9F8595D4}D:\downloads\dead space 2\deadspace2.exe] => (Allow) D:\downloads\dead space 2\deadspace2.exe
FirewallRules: [UDP Query User{B00F2B16-7933-45A7-ACCC-DB9A2C80F31E}D:\downloads\dead space 2\deadspace2.exe] => (Allow) D:\downloads\dead space 2\deadspace2.exe
FirewallRules: [{6B14C0AF-AD0F-42F2-8A7A-051064A5DF04}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{EF908D24-7CB8-4888-B595-2874D3E5C123}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{906D5D74-1CF5-4511-871D-F5868562E67F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{59082A65-FAAA-4512-BB5E-86BB3EA38639}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{B3126EA9-EAFF-493A-B6AB-9AE584F7961D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS_Demo\bin\SteamDemoCastlevaniaLoSUE.exe
FirewallRules: [{E720B376-4D90-4BC5-85E9-AF6045F1A90E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS_Demo\bin\SteamDemoCastlevaniaLoSUE.exe
FirewallRules: [{67D5DADC-2CE7-4ECB-B93C-EE2EEC4567C1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{A5D87FAE-BC70-477C-9D64-D39122447CB1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{6A17B3B1-B612-4132-B5D5-F572B620A68C}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{0EF286D4-84EE-4945-8D99-115C674D3AD0}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{74392404-232F-444D-9C38-BA39F0DA364C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{127A960B-08BF-4937-86A4-316FA9B38DCA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{1CCA714D-45F0-4029-BD78-6D00F08A43CD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{C2130B57-2BFA-45C2-9E8D-6DB4C211A33D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{E7E9FDD6-F367-4D09-B089-002E1D9CAFCF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6C42164B-A073-4661-B9B9-2BE7E2B179A0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{4A13BA5B-1323-4C56-8513-28F4DE08F0C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ApocalypseWeekend\System\ApocalypseWeekend.exe
FirewallRules: [{A62E93FA-BC95-465F-A14A-94459651731E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ApocalypseWeekend\System\ApocalypseWeekend.exe
FirewallRules: [{586FE56D-9FAB-4249-A3E0-BE64543CA7D3}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{BF884D5C-098B-4D0B-A931-25061DBABAD4}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\launcher.exe
FirewallRules: [{8042B1A4-195E-4E26-9EC5-786F0B43271E}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{6580414E-97BD-44C1-A64B-11503B54D555}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
FirewallRules: [{1EF2CC53-42B3-4CB4-95B4-13B89C61DD93}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{5CDE34F9-DD1C-40D2-9E0D-54693DBBE22B}] => (Allow) D:\Program Files (x86)\Dragon's Prophet\dp_x86.exe
FirewallRules: [{0C14A072-409E-4968-98EE-1313FEBF5474}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A0C376F8-0D22-41C3-9760-3E465F03DAB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{13B409AA-03D2-4348-B196-168D096977F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4B76F4C8-1D1E-421F-A330-AC1244D36CED}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{93DA7922-6398-45B1-83BD-4FA25B9D3D8F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{866B7424-9427-44C2-BF53-035A3E889F8C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Leviathan Warships\Leviathan.exe
FirewallRules: [{77402F84-6803-448C-AE2E-DDD50BA737BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BD34614D-ADCF-4D24-9B17-534F9A43BD4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{A1D16131-5A95-407C-BBC9-F825E792CAEE}D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => (Allow) D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [UDP Query User{3D9D999C-74B9-47C5-A946-56A4DD14082C}D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => (Allow) D:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [{3B14C5EA-7B8F-4E28-802B-7F7B7D877AF4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9CB7AE8C-F996-42F5-9553-F63B569721F1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C9DC6806-1EA6-4239-AA06-43FBE7B4CE20}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8847229E-F14E-463B-812B-F353EECBE06D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{FEF9F887-9BEB-46D1-B6C4-4020D1999A5D}D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{56ACBB8C-6F89-4DE4-88AE-2E45E9DAD9B1}D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [{E15E42F1-EEC5-4CDF-A7D7-1051FEA16BB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{80FBCBB1-2362-4436-B343-F66715206D56}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E25C2D15-1997-4E3F-8338-114E0305DBC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
FirewallRules: [{CCF1279E-8C23-40FC-9D6F-5B9B9F00508C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Penny Arcade's On the Rain-Slick Precipice of Darkness 4\Rainslick4.exe
FirewallRules: [{C6A9C98B-FC49-4D9D-AB38-5B7319FB69A9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{A706169A-DBA3-4596-B1FD-D801C9BB1825}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{AC789CF9-A303-47BD-B761-5D442C919494}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F21A6BB5-2635-4940-B9BF-01361FAB72ED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{93A4B8F6-E39B-4A05-9445-D1431A15DC2D}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{E9816897-8F4A-48EA-8C11-C42A2D9617FA}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{8B76EC21-BB5C-4E00-A1EC-6E181F0C23FE}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{4FD76A01-9415-4A2A-AA08-C41EB8E3E381}] => (Allow) D:\Program Files (x86)\Parallels\Parallels Transporter Agent\ParallelsTransporterAgent.exe
FirewallRules: [{25B8E651-51BA-4698-84B1-0A303CF9F379}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{377DD0C5-393A-405C-B2EF-6A5C1A786E92}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\Rosetta Stone TOTALe.exe
FirewallRules: [{02D9DA10-E5E2-4498-AB4C-B40D39FFFD89}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
FirewallRules: [{5F54FAC8-CB69-4D27-9548-1812DB8B4274}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{82FA8ED3-B413-4487-9EE5-7FA476C96A71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{421C714E-6F95-4663-AC2E-5559440FF727}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{CCD7B8C9-716D-410C-BAE6-23D19D1C2314}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{A717A2FC-860F-4E2C-A9FE-7498D8992D3A}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{C3F9B305-8BC9-455A-A086-1539580FC466}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{F85C4CA0-94C9-4096-8ADD-83B966666FBA}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{83B15348-B8C8-4DDB-A953-2AF28CE4ECBB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{50FCC96F-DAE5-4080-A43A-D5347475C133}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{CFCFBFCD-3067-45A5-B0B5-7F25EB1D090B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{6AD7B061-10CE-4E6A-9CBF-3D8EDEE07324}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{F48E80A6-D624-4514-822E-19D67ED2BC69}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{3B6D3582-044F-46A1-BCE4-0ECD06CAF6D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{BED4E547-E03B-42CA-8AAE-D889D9FACF6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{2E468B09-E137-46FB-98D7-34DC00C333BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{929B96C8-BB30-45E2-8C4D-67F003D00831}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3496ACD8-4A9A-4AD8-A5C7-317F0720080D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{639C5751-4241-4C6F-ABC1-EC24AEDE7275}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{315D1985-D72D-43F6-B085-544C64CFFB7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7F7C8A34-3EB4-4440-8CE8-E089CB98D1FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{6726B2D7-EE50-40AD-B07D-8BF1A43FD53A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{E9DE99EA-2E30-4CA7-B03D-BEAE05DAAFD8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{ADB9B820-FEF1-4EA4-B3DB-08C9B09D72EC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{92B651A6-7E41-4692-8536-5F04642FEB87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{81A733D8-F18D-481B-910D-617BD7DE26A4}D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{2F371CA9-215F-4D3A-A235-9E6E1C52A457}D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) D:\downloads\goat.simulator.v1.0.27849.cracked-3dm\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{B2E711EE-16DA-4B94-B39E-6A39C129FD67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{74A0F31F-EB8E-4201-96A7-51FA43B53049}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{16AE12E4-115E-4849-855F-32DD6286C905}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C9C49129-EE12-4018-9B8D-94A9D766147F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{BB5B96D5-3D2C-4A9B-89F6-B316D9C08BC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{6A29DE1C-451F-4B0E-B0AD-1F6EDC2AC3EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{98201F84-A77F-489F-B624-ED72E35B30FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{A70A99E2-73A8-4389-894B-38FE31FE461F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{E7340C6C-3894-486D-AAF4-F7EE375F686C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{8C37AD88-386B-4C93-81A5-8AA8D0242007}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{65F3BEFC-5D70-44E8-8D0A-EF1F9218F20B}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{74E3FA54-D568-4786-95F4-D70F41763673}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{42422D7C-7BC2-4EC1-A7C4-128B1310C1BD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{3917E3FE-39DA-4F46-BCD0-29F3199AE28B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{44179890-4A98-465B-9BFB-AC58712DBDFA}D:\games\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{F8C8C636-634E-405B-A614-37F0D519C8CE}D:\games\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\gw2.exe
FirewallRules: [{F2C3DAD8-F760-4342-AFB5-21768A7A1AEF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{409F07F5-630A-4DE1-B3BB-CA90C3AEA98E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{943528FB-7BE3-4BA4-AF17-68BBC20FF892}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{390BA2AD-D186-4034-B2F9-D17AC01C63B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [TCP Query User{722966E3-4E85-44D3-9D02-DFE80ECA1DD6}D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe] => (Block) D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [UDP Query User{4C133EE3-2E80-49F1-BDBD-D8B5C1D66B08}D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe] => (Block) D:\program files (x86)\epic games\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [{350366D2-5F43-455B-8886-E553759DB557}] => (Allow) D:\Downloads\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{A7CC2804-D904-4D3C-98A4-8095B8B9A2A5}] => (Allow) D:\Downloads\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{0F59F4FF-2C1D-4668-A62A-3B237FF0EA33}] => (Allow) D:\Downloads\Dragon Age\tools\RPU.exe
FirewallRules: [{25650B00-C688-4997-812D-A9DA38EC635E}] => (Allow) D:\Downloads\Dragon Age\tools\RPU.exe
FirewallRules: [{C784BC3D-D43E-412D-AAC2-33447BA17CFF}] => (Allow) D:\Downloads\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [{336F5B60-7EA4-454A-9DDA-4473C157B77A}] => (Allow) D:\Downloads\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [TCP Query User{974D6F34-D942-4BB7-9125-50BA65424AD7}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [UDP Query User{EEF9B811-76EF-44BE-9942-AE38A8232A15}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{25F486DE-3124-4A03-9A15-658DBBB4716B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F4F3579F-C1D3-4C75-BF48-85FA1CF0E2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF63036B-E346-4D7D-9D8B-732173170D2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{47EE331D-2B7F-44F6-93AF-3A7FEFD3C25A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{75394979-87B0-4439-A684-683638C659FD}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F834FDC-D6EF-49AB-8129-9383EF23F72F}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0F4DAFBD-52B4-45C3-9C46-6A61C9779DE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{60CD3691-DAE8-4E09-AC97-92400C557C0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{011F936A-EE6E-47B2-802B-91EE7FABFA53}D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [UDP Query User{43EF2D69-F02F-4843-A3C6-165CEBBCC898}D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin64\lichdombattlemage.exe
FirewallRules: [{8D300A7F-33FB-40B3-BF73-EAEE4A661CFC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D437C575-FA84-4134-83FF-F334BBA577C2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [TCP Query User{5AEC509D-E07A-4363-8A44-A400B6ADE478}D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{0F90AB27-1560-496D-B68F-8FA362CF5777}D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) D:\program files (x86)\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [{25ACEFD4-1814-4A2A-9405-56C6F06ED4EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{8A1E9DEE-A3BF-49D6-B5A0-E0D0655A5C34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{710BD64B-C703-41CC-95EB-19B206C0719B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{1A546FC1-D0B4-4AAD-841A-8FABCDD871D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{20571518-0693-43D7-A5EB-83FAF66B29E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{A3011250-858A-4881-86B8-979678266503}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [TCP Query User{13410BC9-4C0B-4F4F-AF3F-B4D455C21C30}D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [UDP Query User{2943C021-5278-4E80-BB6C-890E679E9B40}D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) D:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{1103BEEC-9066-475E-A4AC-23D8D2753B97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{92FECCA3-3443-4915-A7BC-E56DB2421C53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{BD3626F5-2042-4EC0-849C-ADBFB43FA484}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{77C3C81F-69CD-40B6-A892-0302F0F82C37}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA938B6E-D6DE-47AB-9E5F-C958DCF75901}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{54ADD87D-C53C-4092-A231-A9B3E32CBB45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AED77D6-164D-4147-906A-27877F56CBB0}] => (Allow) D:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7CEF7A7F-5123-4267-B7F3-C9BE1112CD45}D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{0BFB461F-A440-42BD-9F76-937F7EDA178B}D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) D:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{893D1063-8C75-4299-8225-019427FD3E5A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{41A61AEC-3349-4614-87CD-F55F87FE3946}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{9260A945-63C9-4B51-AD66-639DFE236F3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{73A3D382-B8A5-4355-B729-D59154A48563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1B92CC88-6C48-42FF-BA9F-E51E91D92F03}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{2C6E3089-BD04-40AE-80BD-CE71F7AE282A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{CC2F9F08-17A0-4335-BE96-52375490B223}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{4E886C7F-2070-42CE-8A9B-6EED8380CF13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{CC538997-514D-4F66-AC29-C5FDCBEECC3A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{4F978A49-5712-464E-A2F9-1F2DECDDD70C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{52D9A1A2-6E4D-43A9-8087-B978894C9EE2}D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe] => (Block) D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe
FirewallRules: [UDP Query User{5F4590DC-2306-40AE-B1DF-52EDBD4E4633}D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe] => (Block) D:\downloads\weqwe\far.cry.4.limited.edition.cracked.multi15-fc4\bin\farcry4.exe
FirewallRules: [{2CED1D6A-3502-43DB-9932-9F0E34CC8569}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{2D03009B-DD1F-43C0-AAB6-4E5C96050F47}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{D253C664-72E3-4B5F-982B-A80404CD5CB5}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{F8DD63A3-0F1E-4C67-92B9-0CD4B8E9D3EB}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{42F6B230-1B0E-4023-AE65-2E3480E6FACB}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{C3F1A140-1EAD-4434-9144-71828418EA0C}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{8EA95A28-4967-47F5-BC04-9B272E0FE057}] => (Allow) D:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{83D87E5B-BDBF-43D4-9152-68913B8614D6}] => (Allow) D:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [TCP Query User{A5C77DFF-C8D7-40A7-8D4A-62DE80CC0E79}D:\program files (x86)\dying light\dyinglightgame.exe] => (Block) D:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{53DB70E5-CA1B-4F57-BDA3-FE691ED78BCB}D:\program files (x86)\dying light\dyinglightgame.exe] => (Block) D:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [{EE9D4FED-AEC6-408D-BB5D-3AAD609DB373}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{B11A01E4-BA1B-4A67-BDB3-37BB8B0A6BA1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{D0AE4AD0-1AC2-4CE4-A448-A854C1DBE9D9}D:\program files (x86)\thechineseroom\dear esther\dearesther.exe] => (Block) D:\program files (x86)\thechineseroom\dear esther\dearesther.exe
FirewallRules: [UDP Query User{258223E1-F27B-48BF-9194-F3BFB5E8F70F}D:\program files (x86)\thechineseroom\dear esther\dearesther.exe] => (Block) D:\program files (x86)\thechineseroom\dear esther\dearesther.exe
FirewallRules: [TCP Query User{F382CF67-4637-4018-9E9F-B4ADD8603278}D:\games\launcher\bethesda.net_launcher.exe] => (Allow) D:\games\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{4E2E6E9D-7D18-4576-9182-E87BB1365146}D:\games\launcher\bethesda.net_launcher.exe] => (Allow) D:\games\launcher\bethesda.net_launcher.exe
FirewallRules: [{3AE27273-FAB1-4A3D-A18C-EA6A458B3309}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5DDD4A36-ABF4-4FFE-857C-202EDE507462}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F18986CB-2F9F-44C8-9F45-2A895A54A468}] => (Allow) D:\Games\Hearthstone\Hearthstone.exe
FirewallRules: [{EF0FC17B-B91A-468B-99EE-2EB4C450137B}] => (Allow) D:\Games\Hearthstone\Hearthstone.exe
FirewallRules: [{442257FA-9A46-4AEC-9503-3D21DEBE1DC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{6618F859-019E-406A-BDF6-B494B0796ECC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{0007F8F4-B69E-47D7-95AE-47C5DF797B18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{30D0124E-8A64-4528-87AE-F1F1208A06EA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{87A35DF0-C652-4BEE-A862-9F542B40C87E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{063FFE2A-A23D-4EA8-9C68-3054BC783296}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CC5326C9-AF2C-425A-ACBD-A3EE31FD8555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{88896BDF-6AFC-41A4-B09D-E32C937D10D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{482A1D9C-C486-4658-AD8E-4D7F3A2A2BB2}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{3A7600BA-8557-49F9-978E-397B2DEC60BA}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{057195C2-CE48-44F1-87E0-7FCD349D0D18}] => (Allow) D:\Downloads\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{6713D87A-76B5-4569-BEEA-FD28203E8CFD}] => (Allow) D:\Downloads\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{060CC6F0-79AD-402B-9E71-6C18953812DA}] => (Allow) C:\Users\TSK\AppData\Local\Apps\2.0\RL7QCVJJ.8Q5\JRR2TL53.7ZV\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{388A117E-EF86-4A20-85AF-95B02F50F7CE}] => (Allow) C:\Users\TSK\AppData\Local\Apps\2.0\RL7QCVJJ.8Q5\JRR2TL53.7ZV\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{D482C428-6C0E-400B-B0F9-513ADC7D1AD7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{5A4179F4-7144-4A43-98FD-2A1CA3395A7B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{552EEF84-4CE8-480B-BCA6-2E5F8E09D693}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{ABD7ACDB-C06F-4682-966E-35BE6BB099DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{66B77B7B-B067-4570-A590-AE82F4B9A180}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{0D6AAC33-9EC3-4AD9-BF7A-4A07158A3BC8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{AD4102CC-B4E8-49A5-8D62-3F7200CDBAFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{46904335-AB5E-4F37-AAF3-A74697A39DA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6BDDD889-9CD9-4DBD-AD1C-6247C2F6C06A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: WinI2C-DDC Kernel Mode Driver
Description: WinI2C-DDC Kernel Mode Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WinI2C-DDC
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64546709

Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64546709

Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64545711

Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64545711

Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64544712

Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64544712

Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2015 10:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64543714


Systemfehler:
=============
Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SBSD Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/26/2015 10:41:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2015 10:41:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Splashtop Connect Firefox Software Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/26/2015 10:41:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/26/2015 10:41:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "SQL Server Browser" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2015 10:41:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64546709

Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64546709

Error: (07/26/2015 10:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64545711

Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64545711

Error: (07/26/2015 10:27:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64544712

Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64544712

Error: (07/26/2015 10:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2015 10:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64543714


CodeIntegrity Fehler:
===================================
  Date: 2015-07-25 12:17:16.360
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-25 12:17:16.328
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-10 17:37:04.604
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\TSK\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-10 17:37:04.562
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\TSK\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-10 17:37:04.512
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-10 17:37:04.469
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 35%
Total physical RAM: 8109.11 MB
Available physical RAM: 5246.32 MB
Total Virtual: 9107.3 MB
Available Virtual: 6325.9 MB

==================== Drives ================================

Drive c: (Volume) (Fixed) (Total:55.9 GB) (Free:8.32 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:127.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (CARBOARDBOX) (Removable) (Total:0.99 GB) (Free:0.84 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 45C40761)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5B2849B1)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1011.8 MB) (Disk ID: 009EAF4A)
Partition 1: (Active) - (Size=1012 MB) - (Type=06)

==================== Ende von log ============================
         

Alt 27.07.2015, 12:51   #11
M-K-D-B
/// TB-Ausbilder
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
FF Extension: {b26ec7aa-f2b6-4ddc-800e-5c43e181fe95} - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default\Extensions\{b26ec7aa-f2b6-4ddc-800e-5c43e181fe95}.xpi [2014-06-11]
FF Extension: web Player - C:\Users\TSK\AppData\Roaming\Mozilla\Firefox\Profiles\l9x5to81.default
\Extensions\{07a56c5c-9aba-46d7-876a-2aaab7932900}.xpi [2014-06-15]
CHR Extension: (Hola Better Internet Engine) - C:\Users\TSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-11-16]
C:\Users\TSK\AppData\Local\70149b02515b3bb20dd492.47983420
RemoveProxy:
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck,
  • die beiden neuen Logdateien von FRST.

Alt 27.07.2015, 15:57   #12
lokithease
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Super,

ich bin jetzt aber erstmal weit entfernt von meinem PC.
In ca. zwei Wochen bin ich wieder da.

Alt 28.07.2015, 04:46   #13
M-K-D-B
/// TB-Ausbilder
 
Festplatte füllt und leert sich selbstständig - Standard

Festplatte füllt und leert sich selbstständig



Zitat:
Zitat von lokithease Beitrag anzeigen
ich bin jetzt aber erstmal weit entfernt von meinem PC.
In ca. zwei Wochen bin ich wieder da.
Dann kannst du in zwei Wochen ein neues Thema aufmachen.
Bis dahin kann sich zu viel am Rechner ändern.


Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Antwort

Themen zu Festplatte füllt und leert sich selbstständig
festplatte, füllt, geschwindigkeit, hinweise, inter, interne, internet, leer, leert, löschen, platte, problem, selbstständig, servus, thread, verbunden, wiederherstellungspunkte



Ähnliche Themen: Festplatte füllt und leert sich selbstständig


  1. Festplatte füllt sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 07.01.2016 (8)
  2. Festplatte füllt sich von allein
    Plagegeister aller Art und deren Bekämpfung - 08.08.2015 (7)
  3. Festplatte füllt sich selbstständig nach dem Hochfahren, Speicherplatz grundlos auf allen Partitionen immer wieder voll
    Plagegeister aller Art und deren Bekämpfung - 19.07.2015 (8)
  4. Festplatte füllt sich im Minuten Takt
    Plagegeister aller Art und deren Bekämpfung - 22.06.2015 (6)
  5. C-Laufwerk füllt sich von selbst
    Log-Analyse und Auswertung - 16.04.2015 (15)
  6. Windows 7: Festplatte füllt sich von selbst
    Log-Analyse und Auswertung - 10.02.2014 (30)
  7. Speicherort C: füllt sich von alleine!
    Plagegeister aller Art und deren Bekämpfung - 19.01.2014 (3)
  8. DealPly / Infiziert durch Bundle-Software / Über 1000 Einträge in der Hosts Datei / Arbeitsspeicher füllt sich
    Log-Analyse und Auswertung - 24.12.2013 (14)
  9. festplatte füllt sich automatisch!
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (19)
  10. "Windows wird gestartet" freeze, Festplatte macht sich selbstständig, Was ist denn jetzt los?
    Alles rund um Windows - 27.08.2013 (3)
  11. Festplatte C füllt sich unaufhaltsam
    Plagegeister aller Art und deren Bekämpfung - 13.07.2013 (105)
  12. Festplatte füllt sich täglich von alleine! Virus?
    Plagegeister aller Art und deren Bekämpfung - 29.04.2013 (16)
  13. Festplatte macht sich selbstständig
    Plagegeister aller Art und deren Bekämpfung - 24.11.2011 (4)
  14. Lokaler Datenträger fülltsich von alleine und leert sich von alleine immer im kreis
    Plagegeister aller Art und deren Bekämpfung - 14.07.2011 (3)
  15. Festplatte Füllt sich von allein?
    Alles rund um Windows - 08.02.2009 (3)
  16. Papierkorb leert sich automatisch.
    Alles rund um Windows - 19.10.2007 (37)
  17. Hilfe, Festplatte füllt sich von alleine.
    Alles rund um Windows - 04.01.2007 (6)

Zum Thema Festplatte füllt und leert sich selbstständig - Servus, meine Systemfestplatte füllt und leert sich in beobachtbarer Geschwindigkeit selbst. Meinem Gefühl nach nur wenn ich zum Internet verbunden bin. Ich habe die Hinweise aus einem vorhandenen Thread benutzt - Festplatte füllt und leert sich selbstständig...
Archiv
Du betrachtest: Festplatte füllt und leert sich selbstständig auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.