| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.ukWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.11.2016, 12:42
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.11.2016, 12:43
| #17 |
 | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Hier das (jetzt hoffentlich lesbare) FRST-Logfile:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
durchgeführt von X (Administrator) auf X-PC (15-11-2016 12:44:36)
Gestartet von C:\Users\X\Downloads
Geladene Profile: X (Verfügbare Profile: X)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dropbox, Inc.) C:\Users\X\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.bin
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Run: [Dropbox Update] => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-19] (Dropbox, Inc.)
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [5915776 2016-03-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\MountPoints2: {f6631e24-558c-11e6-b4ac-d8cb8a731465} - E:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-03-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-06-04]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\X\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk [2010-12-30]
ShortcutTarget: OpenOffice.org 2.0.lnk -> C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{094D41E0-F3C1-4A18-84B8-F8606D692EE3}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1332CAA2-6C1E-42E5-80D3-405D8A72D810}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Kein Name -> {0347C33E-8762-4905-BF09-768834316C61} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Kein Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> Keine Datei
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default [2016-11-15]
FF user.js: detected! => C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\user.js [2011-03-16]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\8fwb6c52.default -> Search
FF Keyword.URL: Mozilla\Firefox\Profiles\8fwb6c52.default -> hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=1STLI09F&q=
FF NetworkProxy: Mozilla\Firefox\Profiles\8fwb6c52.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\8fwb6c52.default -> type", 0
FF Extension: (Avira Browser Safety) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\abs@avira.com [2016-11-14]
FF Extension: (Firebug) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-11]
FF Extension: (FoxyProxy Standard) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\foxyproxy@eric.h.jung [2016-09-01]
FF Extension: (RefControl) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.xpi [2016-04-27]
FF Extension: (Live HTTP headers) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2016-04-27]
FF Extension: (Tamper Data) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2016-04-27]
FF Extension: (Web Developer) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-08-19]
FF Extension: (Adblock Plus) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF Extension: (DownThemAll!) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (User Agent Switcher) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-04-27]
FF SearchPlugin: C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\searchplugins\google-search.xml [2011-03-16]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-10-20] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-10-20] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-10-20] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-10-20] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-06-11] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3145422843-1996295090-1453084995-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\X\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\nppdf32.dll [2013-09-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin2.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin3.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin4.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin5.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npstrlnk.dll [2010-07-20] ( )
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 GalaxyClientService; C:\Program Files\GalaxyClient\GalaxyClientService.exe [284224 2016-10-28] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6581824 2016-10-28] (GOG.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Users\X\AppData\Local\Temp\7zS23FF\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe [146888 2016-03-19] (Mozilla Foundation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2130440 2016-09-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2195984 2016-09-12] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-14 19:27 - 2016-11-14 19:27 - 00000000 ____D C:\Users\X\AppData\LocalLow\Prologue Games
2016-11-14 14:14 - 2016-11-14 14:16 - 69796004 _____ C:\Users\X\Downloads\WayOfTheWickedBook7TalesOfTalingardePFRPGPDF.zip
2016-11-14 14:12 - 2016-11-14 14:13 - 57222280 _____ C:\Users\X\Downloads\WayOfTheWickedBook6TheWagesOfSinPFRPGPDF.zip
2016-11-14 14:09 - 2016-11-14 14:10 - 42997798 _____ C:\Users\X\Downloads\WayOfTheWickedBook5TheDevilMyOnlyMasterPFRPGPDF.zip
2016-11-14 14:08 - 2016-11-14 14:08 - 48175625 _____ C:\Users\X\Downloads\WayOfTheWickedBook4OfDragonsAndPrincessesPFRPGPDF.zip
2016-11-14 14:06 - 2016-11-14 14:07 - 38282616 _____ C:\Users\X\Downloads\WayOfTheWickedBook3TearsOfTheBlessedPFRPGPDF.zip
2016-11-12 16:32 - 2016-11-12 16:32 - 00001235 _____ C:\mbam-log-2016-11-12 (16.32).txt
2016-11-12 15:45 - 2016-11-12 16:39 - 00074422 _____ C:\Users\X\Downloads\Addition.txt
2016-11-12 15:43 - 2016-11-15 12:44 - 00018536 _____ C:\Users\X\Downloads\FRST.txt
2016-11-12 15:43 - 2016-11-15 12:44 - 00000000 ____D C:\FRST
2016-11-12 15:43 - 2016-11-12 15:43 - 02411520 _____ (Farbar) C:\Users\X\Downloads\FRST64.exe
2016-11-11 18:42 - 2016-11-12 17:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-11 18:33 - 2016-11-12 16:59 - 00000000 ____D C:\Users\X\Desktop\mbar
2016-11-11 18:13 - 2016-11-11 18:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\X\Downloads\mbar-1.09.3.1001.exe
2016-11-10 19:40 - 2016-11-10 19:40 - 00000000 ____D C:\Users\X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 18:00 - 2016-11-10 18:00 - 00007561 _____ C:\Users\X\.recently-used.xbel
2016-11-09 19:32 - 2016-11-09 19:32 - 00332768 _____ C:\Users\X\Downloads\Werewolf the Forsaken Merits.pdf
2016-11-09 16:26 - 2016-11-09 16:47 - 00012023 _____ C:\Users\X\Documents\Etikett 2.odt
2016-11-07 12:29 - 2016-11-07 12:29 - 00680619 _____ C:\Users\X\Documents\KfB Einladung X 15.11.16.pdf
2016-11-05 20:33 - 2016-11-05 20:33 - 00055177 _____ C:\Users\X\Downloads\Randommagicitems-3rd.pdf
2016-11-05 18:36 - 2016-11-05 18:40 - 00013982 _____ C:\Users\X\Documents\Etikett.odt
2016-11-01 11:48 - 2016-11-01 11:48 - 00061992 _____ C:\Users\X\Downloads\Konto_75106278-Auszug_2016_010.PDF
2016-11-01 11:47 - 2016-11-01 11:48 - 00059223 _____ C:\Users\X\Downloads\Konto_75106765-Auszug_2016_010.PDF
2016-11-01 11:47 - 2016-11-01 11:47 - 00064963 _____ C:\Users\X\Downloads\Konto_74102302-Auszug_2016_010.PDF
2016-11-01 11:42 - 2016-11-01 11:42 - 02228626 _____ C:\Users\X\Documents\Amtsgericht HX 2016.pdf
2016-10-31 12:17 - 2016-10-31 12:17 - 00105878 _____ C:\Users\X\Documents\Absage Expertum.pdf
2016-10-29 18:15 - 2016-10-29 18:15 - 00000222 _____ C:\Users\X\Desktop\The Age of Decadence.url
2016-10-28 17:27 - 2016-10-28 17:39 - 00008931 _____ C:\Users\X\Documents\Echogeld.ods
2016-10-26 11:52 - 2016-10-26 11:59 - 00012670 _____ C:\Users\X\Documents\Außergewöhnliche Belastungen Reissmann 2016.ods
2016-10-23 13:43 - 2016-11-04 13:31 - 00011529 _____ C:\Users\X\Documents\Bewerbungstagebuch X.ods
2016-10-21 18:43 - 2016-10-21 22:29 - 00276146 _____ C:\Users\X\Downloads\Biohazard.chum
2016-10-20 22:53 - 2016-10-21 15:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-20 16:06 - 2016-10-20 16:52 - 00016294 _____ C:\Users\X\Documents\Fahrten 2015 HX.ods
2016-10-20 10:18 - 2016-10-20 10:18 - 01138551 _____ C:\Users\X\Documents\X Anmeldung Martinsmarkt.pdf
2016-10-19 11:29 - 2016-10-19 11:44 - 00013543 _____ C:\Users\X\Documents\X Haus der Seelen.odt
2016-10-18 17:50 - 2016-10-18 17:50 - 00123297 _____ C:\Users\X\Documents\Biohazard SR 4.pdf
2016-10-18 17:07 - 2016-10-21 11:48 - 00272618 _____ C:\Users\X\Downloads\Entwurf 4.chum
2016-10-18 16:39 - 2016-10-18 17:07 - 00256890 _____ C:\Users\X\Downloads\Entwurf 3.chum
2016-10-18 11:31 - 2016-10-18 11:31 - 00089859 _____ C:\Users\X\Downloads\17379917_Kontoauszug_20161006.pdf
2016-10-18 11:30 - 2016-11-14 02:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-18 11:29 - 2016-11-12 16:33 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-18 11:29 - 2016-10-18 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-10-18 11:29 - 2016-10-18 11:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-18 11:29 - 2016-10-18 11:29 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-10-18 11:29 - 2016-03-18 15:04 - 22851472 _____ (Malwarebytes ) C:\Users\X\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-18 11:29 - 2016-03-10 13:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-18 11:29 - 2016-03-10 13:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-18 10:46 - 2016-10-18 10:46 - 00118521 _____ C:\Users\X\Documents\Biohazard.pdf
2016-10-18 10:43 - 2016-10-18 10:43 - 00243082 _____ C:\Users\X\Downloads\Entwurf 2.chum
2016-10-16 14:39 - 2016-10-16 14:41 - 37021101 _____ C:\Users\X\Downloads\PathfinderAdventurePath56RaidersOfTheFeverSeaSkullShackles2Of6PFRPGPDF-SingleFile.zip
2016-10-16 14:37 - 2016-10-16 14:38 - 39657194 _____ C:\Users\X\Downloads\WayOfTheWickedBook2CallForthDarknessPFRPGPDF.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-15 12:41 - 2009-07-14 18:58 - 00710030 _____ C:\Windows\system32\perfh007.dat
2016-11-15 12:41 - 2009-07-14 18:58 - 00154466 _____ C:\Windows\system32\perfc007.dat
2016-11-15 12:41 - 2009-07-14 06:13 - 01650140 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-15 12:41 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-15 12:41 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-15 12:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-15 12:37 - 2016-03-19 11:19 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000UA.job
2016-11-15 12:36 - 2013-12-12 13:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-15 12:36 - 2012-10-09 11:55 - 00000000 ____D C:\Program Files (x86)\Avira
2016-11-15 12:36 - 2011-01-03 14:13 - 00000000 ____D C:\ProgramData\Avira
2016-11-15 12:35 - 2014-12-15 18:57 - 00000000 ___RD C:\Users\X\Dropbox
2016-11-15 12:34 - 2010-12-30 00:04 - 00000000 ____D C:\Users\X\AppData\Roaming\OpenOffice.org2
2016-11-15 12:34 - 2010-12-17 19:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-15 12:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-15 12:33 - 2012-10-09 12:01 - 00000000 ____D C:\Users\X\AppData\Roaming\Avira
2016-11-15 02:43 - 2010-12-18 18:12 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-14 14:20 - 2016-09-19 11:30 - 00000000 ____D C:\Users\X\Documents\Way Of The Wicked
2016-11-14 13:42 - 2015-02-23 11:29 - 00000000 ____D C:\Users\X\Documents\Echo
2016-11-10 22:34 - 2015-02-19 12:46 - 00000000 ____D C:\Users\X\AppData\Roaming\TS3Client
2016-11-10 19:40 - 2013-10-02 13:31 - 00000000 ____D C:\Users\X\AppData\Roaming\Dropbox
2016-11-10 18:02 - 2015-03-26 19:23 - 00000000 ____D C:\Users\X\AppData\LocalLow\Obsidian Entertainment
2016-11-10 18:00 - 2016-03-10 19:14 - 00000000 ____D C:\Users\X
2016-11-10 18:00 - 2010-12-20 23:09 - 00000000 ____D C:\Users\X\AppData\Roaming\gtk-2.0
2016-11-10 18:00 - 2010-12-20 23:07 - 00000000 ____D C:\Users\X\.gimp-2.6
2016-11-10 17:30 - 2012-05-12 23:01 - 00051211 _____ C:\Users\X\Desktop\schnelle notizen.txt
2016-11-10 11:37 - 2016-03-19 11:19 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000Core.job
2016-11-10 11:32 - 2016-03-19 11:19 - 00004206 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000UA
2016-11-10 11:32 - 2016-03-19 11:19 - 00003810 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000Core
2016-11-10 11:27 - 2016-03-12 23:01 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-10 11:27 - 2016-03-12 23:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-10 11:27 - 2016-03-12 23:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-10 11:27 - 2016-03-12 23:01 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-10 11:27 - 2014-08-15 09:49 - 00000000 ____D C:\Users\X\AppData\Local\Adobe
2016-11-09 11:11 - 2016-03-11 18:30 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 17:25 - 2011-02-02 20:28 - 00000000 ____D C:\Users\X\AppData\Roaming\Skype
2016-11-08 02:49 - 2015-02-23 11:30 - 00000000 ____D C:\Users\X\Documents\wtf campaign
2016-11-05 22:58 - 2016-03-11 18:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 22:57 - 2016-07-22 14:00 - 00000000 ____D C:\Users\X\Documents\War of the Burning Sky
2016-11-03 22:31 - 2016-03-11 18:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-03 19:09 - 2016-03-11 19:05 - 00000000 ____D C:\Users\X\AppData\Local\CrashDumps
2016-11-01 22:18 - 2012-05-18 22:53 - 00000128 _____ C:\Users\X\Downloads\verkleinerer.set
2016-10-30 16:20 - 2011-04-21 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-10-30 16:20 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-28 13:57 - 2016-06-03 21:09 - 00000000 ____D C:\Program Files\GalaxyClient
2016-10-24 12:13 - 2016-08-15 19:14 - 00000000 ____D C:\Program Files\Cloud Imperium Games
2016-10-22 14:10 - 2016-04-13 22:27 - 00000000 ____D C:\Users\X\Documents\ShareX
2016-10-19 09:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\TAPI
2016-10-18 17:50 - 2016-10-15 18:37 - 00000000 ____D C:\Users\X\Downloads\Chummer4
2016-10-18 17:31 - 2016-10-15 12:20 - 00012374 _____ C:\Users\X\Documents\Fahrten X 2015.ods
2016-10-18 16:48 - 2016-10-15 21:01 - 00241254 _____ C:\Users\X\Documents\Entwurf 1.chum
2016-10-16 16:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-10-16 14:42 - 2016-09-19 11:30 - 00000000 ____D C:\Users\X\Documents\Skull and Shackles
2016-10-16 13:40 - 2009-07-14 05:45 - 00316272 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-16 13:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-16 13:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-16 01:28 - 2016-05-29 12:13 - 00000000 ____D C:\Windows\system32\MRT
2016-10-16 01:23 - 2016-05-29 12:13 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-16 01:22 - 2016-06-06 19:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-16 01:22 - 2012-05-15 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-16 01:22 - 2012-05-15 20:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-04-24 17:32 - 2013-04-24 18:25 - 0000096 _____ () C:\Users\X\AppData\Roaming\Camdata.ini
2013-04-24 17:32 - 2013-04-24 18:25 - 0000408 _____ () C:\Users\X\AppData\Roaming\CamLayout.ini
2013-04-24 17:32 - 2013-04-24 18:25 - 0000408 _____ () C:\Users\X\AppData\Roaming\CamShapes.ini
2013-04-24 17:32 - 2013-04-24 18:25 - 0004509 _____ () C:\Users\X\AppData\Roaming\CamStudio.cfg
2013-04-24 17:56 - 2013-04-24 17:56 - 0000098 _____ () C:\Users\X\AppData\Roaming\CamStudio.Producer.command
2013-04-24 18:04 - 2013-04-24 18:04 - 0000000 _____ () C:\Users\X\AppData\Roaming\CamStudio.Producer.Data.ini
2013-04-24 18:04 - 2013-04-24 18:04 - 0001207 _____ () C:\Users\X\AppData\Roaming\CamStudio.Producer.ini
2011-10-18 18:58 - 2011-10-18 19:39 - 0000002 _____ () C:\Users\X\AppData\Roaming\ceville_console_history.txt
2012-02-19 19:29 - 2012-02-19 19:30 - 0000222 _____ () C:\Users\X\AppData\Roaming\glide_wrapper.zbag.ini
2011-12-24 12:55 - 2011-12-24 12:55 - 0003584 _____ () C:\Users\X\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-19 19:57 - 2013-02-19 19:57 - 0000199 _____ () C:\ProgramData\2ea457cf9e11cd63eb1efd8d7ce4d13ee2b26134
2011-02-02 20:30 - 2011-02-02 20:30 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-12-18 15:28 - 2016-03-18 17:27 - 0009081 _____ () C:\ProgramData\hpzinstall.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\X\ntuser (1).dat
C:\Users\Nehrim\NehrimLauncher.exe
Einige Dateien in TEMP:
====================
C:\Users\X\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-04 00:45
==================== Ende von FRST.txt ============================
Geändert von Klaus_Mittel (15.11.2016 um 13:10 Uhr) |
|
15.11.2016, 12:44
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Ja und???
__________________ Ich möchte nun neue FRST Logs sehen
__________________ |
|
15.11.2016, 12:54
| #19 |
| | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Und hier der (jetzt hoffentlich auch lesbare) Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von X (15-11-2016 12:45:15)
Gestartet von C:\Users\X\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2016-03-10 18:14:28)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3145422843-1996295090-1453084995-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3145422843-1996295090-1453084995-1003 - Limited - Enabled)
X (S-1-5-21-3145422843-1996295090-1453084995-1000 - Administrator - Enabled) => C:\Users\X
Gast (S-1-5-21-3145422843-1996295090-1453084995-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
911 Operator (HKLM\...\Steam App 503560) (Version: - Jutsu Games)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Ahnayro: The Dream World (HKLM\...\Steam App 449730) (Version: - Alice & Smith)
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
American McGee's Grimm - Season 2 (HKLM-x32\...\1207663013_is1) (Version: 2.2.0.7 - GOG.com)
American McGee's Grimm - Season 3 (HKLM-x32\...\1207663023_is1) (Version: 2.2.0.7 - GOG.com)
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Batman - The Telltale Series (HKLM\...\Steam App 498240) (Version: - Telltale Games)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
BOSS (HKLM\...\BOSS) (Version: 2.3.2 - BOSS Development Team)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Darksiders II: Deathinitive Edition (HKLM\...\Steam App 388410) (Version: - Gunfire Games)
DJ_AIO_03_F4200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Dragon Age™ II (HKLM-x32\...\{4D565319-8B91-41CB-961C-0DDC86101AC5}) (Version: 1.04.8524.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
DRAGON BALL XENOVERSE (HKLM\...\Steam App 323470) (Version: - DIMPS)
Dropbox (HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
F4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Ghost Master (HKLM-x32\...\1207658687_is1) (Version: 2.1.0.4 - GOG.com)
Gothic 3 (HKLM-x32\...\1207658986_is1) (Version: 2.1.0.17 - GOG.com)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grabby Driver Installation (64 Bit) (HKLM-x32\...\{90CA4931-4A1F-4D30-A60B-C2BBFD53D30F}) (Version: 5.09.1202.00 - TERRATEC Electronic GmbH)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Headlander (HKLM\...\Steam App 340000) (Version: - Double Fine Productions)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
King's Quest (HKLM\...\Steam App 345390) (Version: - The Odd Gentlemen)
Knee Deep (HKLM\...\Steam App 371300) (Version: - Prologue Games)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{30146B19-5822-4F46-BD61-6D1927DB75C6}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video easy TerraTec Edition (HKLM-x32\...\MX.{7FEE208C-09FB-4B37-B6EC-A589471C03DE}) (Version: 5.0.3.111 - MAGIX Software GmbH)
MAGIX Video easy TerraTec Edition (Version: 5.0.3.111 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel: Ultimate Alliance (HKLM\...\Steam App 433300) (Version: - Zoë Mode)
Marvel: Ultimate Alliance 2 (HKLM\...\Steam App 433320) (Version: - Zoë Mode)
Master Reboot (HKLM\...\Steam App 251850) (Version: - Wales Interactive)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{D68E6605-F852-4936-AB64-04B80E0C85AD}) (Version: 2.2.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Neverwinter Nights Diamond Edition (HKLM-x32\...\1207658890_is1) (Version: 2.1.0.20 - GOG.com)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
Party Hard (HKLM\...\Steam App 356570) (Version: - Pinokl Games)
PCGen60600 (HKLM-x32\...\PCGen60600) (Version: - )
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Police Quest Collection (HKLM\...\Steam App 494740) (Version: - Sierra)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Quadrilateral Cowboy (HKLM\...\Steam App 240440) (Version: - Blendo Games)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25126 - Microsoft Corporation) Hidden
Sam and Max - Season Two - Sam and Max Episode 201 - Ice Station Santa (HKLM-x32\...\Episode 201 - Ice Station Santa) (Version: 1.0.0.1 - Telltale Games)
Sam and Max - Season Two - Sam and Max Episode 202 - Moai Better Blues (HKLM-x32\...\Episode 202 - Moai Better Blues) (Version: 1.0.0.7 - Telltale Games)
Sam and Max - Season Two - Sam and Max Episode 203 - Night of the Raving Dead (HKLM-x32\...\Episode 203 - Night of the Raving Dead) (Version: 1.0.3.9 - Telltale Games)
Sam and Max - Season Two - Sam and Max Episode 204 - Chariots of the Dogs (HKLM-x32\...\Episode 204 - Chariots of the Dogs) (Version: 1.0.1.9 - Telltale Games)
Sam and Max - Season Two - Sam and Max Episode 205 - What's New, Beelzebub? (HKLM-x32\...\Episode 205 - What's New, Beelzebub?) (Version: 1.0.0.9 - Telltale Games)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Sid Meier's Alpha Centauri Planetary Pack (HKLM-x32\...\1207658936_is1) (Version: 2.1.0.24 - GOG.com)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version: - The SKSE Team)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Soul Axiom (HKLM\...\Steam App 279900) (Version: - Wales Interactive)
Space Pilgrim Episode I: Alpha Centauri (HKLM\...\Steam App 429470) (Version: - Pilgrim Adventures)
Space Pilgrim Episode II: Epsilon Indi (HKLM\...\Steam App 431710) (Version: - Pilgrim Adventures)
Space Pilgrim Episode III: Delta Pavonis (HKLM\...\Steam App 439250) (Version: - Pilgrim Adventures)
Space Pilgrim Episode IV: Sol (HKLM\...\Steam App 446640) (Version: - Pilgrim Adventures)
Space Quest Collection (HKLM\...\Steam App 10110) (Version: - Sierra)
Star Citizen Launcher (HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Trek™ - 25th Anniversary (HKLM-x32\...\1427108887_is1) (Version: 2.0.0.5 - GOG.com)
Star Trek™ - Judgment Rites Limited Collector's Edition (HKLM-x32\...\1429089605_is1) (Version: 2.0.0.6 - GOG.com)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Banner Saga 2 (HKLM\...\Steam App 281640) (Version: - Stoic)
The Black Watchmen (HKLM\...\Steam App 349220) (Version: - Alice & Smith)
The Deed: Dynasty (HKLM\...\Steam App 460960) (Version: - Pilgrim Adventures)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Novelist (HKLM\...\Steam App 245150) (Version: - Orthogonal Games)
the static speaks my name (HKLM\...\Steam App 387860) (Version: - Jesse Barksdale)
TimeShift (HKLM\...\Steam App 10130) (Version: - Saber Interactive)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.30.0 - Microsoft Corporation) Hidden
Tyranny (HKLM\...\Steam App 362960) (Version: - Obsidian Entertainment)
Unity (HKLM-x32\...\Unity) (Version: 5.3.4f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\UnityWebPlayer) (Version: 5.3.4f1 - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 22.0 - Ubisoft)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows-Treiberpaket - TERRATEC (USB28xxBGA) Media (03/16/2010 5.09.1202.00) (HKLM\...\22B1739EAEA711117281C678C9005F17A0D9D420) (Version: 03/16/2010 5.09.1202.00 - TERRATEC )
Windows-Treiberpaket - TERRATEC (emAudio) Media (03/16/2010 5.09.1202.00) (HKLM\...\0812DA72EAD4FBFA883430ED6EC04AC1F88DBBAD) (Version: 03/16/2010 5.09.1202.00 - TERRATEC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02E1A326-8414-43CC-A21F-390B79ED8A3D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {28E49C93-ED3A-4829-B62E-B941A78E3317} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000Core => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-03-19] (Dropbox, Inc.)
Task: {3AB5A4B3-CDF6-45D5-99E9-BC7AEE0BD664} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000UA => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-03-19] (Dropbox, Inc.)
Task: {493CEFA2-6A19-4D80-AE74-A992FAFC9477} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {6F2AECF7-B118-4787-86CE-75BA5035D4FC} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-03-22] (Microsoft Corporation)
Task: {8BC02481-F4FC-410B-AEF1-E59F94992D41} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {DCE40910-7AEF-40EE-9F7C-3D15FCFA0A94} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000Core.job => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000UA.job => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-11-18 22:21 - 2016-09-16 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-05-04 15:41 - 2012-05-04 15:41 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2011-11-13 14:30 - 2011-11-13 14:30 - 00676864 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2011-11-13 14:31 - 2011-11-13 14:31 - 03643392 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-05-04 15:41 - 2012-05-04 15:41 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-03-11 18:43 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-03-11 18:42 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-11 18:42 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-11 18:42 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-02-19 23:53 - 2016-10-10 17:29 - 00035792 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-11-10 19:40 - 2016-10-10 17:29 - 00145864 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-11-10 19:40 - 2016-10-10 17:29 - 00019408 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-11-10 19:40 - 2016-10-10 17:29 - 00116688 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-19 23:53 - 2016-10-10 17:29 - 00100296 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-19 23:53 - 2016-10-10 17:29 - 00018888 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-19 23:53 - 2016-11-07 23:59 - 00019760 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-19 23:53 - 2016-10-10 17:29 - 00694224 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-11-10 19:40 - 2016-11-07 23:58 - 00020816 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-19 23:53 - 2016-10-10 17:30 - 00123856 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-11-10 19:40 - 2016-11-07 23:58 - 01682760 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-11-10 19:40 - 2016-11-07 23:58 - 00020808 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00105928 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 19:42 - 2016-11-07 23:59 - 00021312 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00052024 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00038696 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-11-10 19:40 - 2016-10-10 17:29 - 00392144 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-11-10 19:40 - 2016-10-10 17:31 - 00020936 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00024528 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00116176 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-19 23:53 - 2016-11-07 23:59 - 00381752 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00124880 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 19:42 - 2016-11-07 23:59 - 00025424 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00024016 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00175560 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00030160 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00043472 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00048592 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00057808 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00024016 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-11-10 19:40 - 2016-11-07 23:58 - 00246592 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00026456 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-05 19:42 - 2016-10-10 17:30 - 00241104 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-11-10 19:40 - 2016-11-07 23:58 - 00020280 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00028616 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-19 23:53 - 2016-11-07 23:59 - 00023376 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-19 23:53 - 2016-11-07 23:59 - 00020800 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 23:53 - 2016-11-07 23:59 - 00019776 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-19 23:53 - 2016-11-07 23:59 - 00020800 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00350152 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-19 23:53 - 2016-11-07 23:59 - 00022352 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00024392 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-11-10 19:40 - 2016-10-10 17:27 - 00036296 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\librsync.dll
2016-11-10 19:40 - 2016-11-07 23:59 - 00084280 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-11-10 19:40 - 2016-11-07 23:59 - 01826096 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-19 23:53 - 2016-10-10 17:29 - 00083912 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\sip.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00531248 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 03928880 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 01972528 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00133424 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00224056 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00207672 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-05 19:42 - 2016-11-07 23:59 - 00020288 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-11-10 19:40 - 2016-10-10 17:33 - 00017864 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-11-10 19:40 - 2016-10-10 17:34 - 01631184 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-11-10 19:40 - 2016-11-07 23:59 - 00042808 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00168760 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00357680 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-19 23:53 - 2016-10-10 17:31 - 00060880 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-05 19:42 - 2016-11-07 23:59 - 00024904 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-10 19:40 - 2016-11-07 23:59 - 00546096 _____ () C:\Users\X\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2006-08-11 12:49 - 2006-08-11 12:49 - 00828416 _____ () C:\Program Files (x86)\OpenOffice.org 2.0\program\libxml2.dll
2016-03-11 18:42 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-03-11 18:42 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\X\Documents\AQ2_mapswithnolabels_(8996914).zip:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\X\Documents\CAT27000_Shadowrun_5_(8719235).pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\X\Documents\DD2_PS_WellofWorlds_(8244976).pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\X\Documents\Shadowrun_4th_Ed_(6623749).pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\X\Documents\ZGA-The_Investigation_Begins-PF-ONS_(7257351).pdf:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7631 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hama Wireless LAN Utility.lnk => C:\Windows\pss\Hama Wireless LAN Utility.lnk.CommonStartup
MSCONFIG\startupreg: GalaxyClient => C:\Program Files\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A4E70973-2FDE-4BA8-A9AC-3EC673442ED1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4F8398F0-B9CB-4CE6-8BFB-2327AB8942E5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42A1255C-EF33-4DC9-93C0-C847BFBE78A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{35BB552A-A376-4548-9C3A-8A6F559002A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0783B1CB-7049-4B81-85C1-BB1AE425FB27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E83F02DF-C9C6-4E07-BDD3-1018E1A33A5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{135F8AFC-37DB-4379-A659-C9039D3BC8EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{061D2B15-0219-4DA1-B2FB-74C98D29262C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F01CC164-7B39-4A6C-BD3C-92DEAF173710}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9D34AC37-6467-449C-9546-B6429A49B4EB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4B7C3D49-6B37-4B3B-BCBD-0537627EB863}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0ABF3259-5A8B-4094-804D-E5CF7A07A75D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Always Sometimes Monsters\Game.exe
FirewallRules: [{C1451494-137A-49CE-83D1-4311DB67CCE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Always Sometimes Monsters\Game.exe
FirewallRules: [{76D49E2C-B917-4D7D-8B41-9102950083A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HardWest\HardWest.exe
FirewallRules: [{A89CA368-F948-45D0-B0D1-5220DE106CBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HardWest\HardWest.exe
FirewallRules: [{B4F11BA5-1EC5-46CF-BB79-32E18CE4DAAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{542B6B91-2E1B-4378-A505-10BAC209162E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{18E88F4C-980E-4DBE-80D3-78F613E8DE82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Magic Circle\TheMagicCircle.exe
FirewallRules: [{22B75698-FF3A-40B3-88B1-84A7DB4A01BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Magic Circle\TheMagicCircle.exe
FirewallRules: [TCP Query User{43A61847-AF50-450E-83FA-CC829121BB43}C:\program files (x86)\steam\steamapps\common\torment tides of numenera\win\tidesofnumenera.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torment tides of numenera\win\tidesofnumenera.exe
FirewallRules: [UDP Query User{98B76BB3-EAEE-463B-A2C3-3FC75DEB8555}C:\program files (x86)\steam\steamapps\common\torment tides of numenera\win\tidesofnumenera.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torment tides of numenera\win\tidesofnumenera.exe
FirewallRules: [{EDB701CC-ABA0-4517-BCE2-6E9BCC1152D3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{4C293D2D-7A0E-44B8-9704-71B71D36FDFD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{D4C9E7A6-9919-49CA-BC98-A30711BA71CA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6ECCABD8-45DC-4E6B-A595-3A86B34C0BFC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C1E70677-8D7F-4115-B765-40C58A37BD11}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{4E124A2A-AA43-42E7-B4B3-947D562A5EE7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{7A247F53-645B-4542-8BF5-4D48EC78DDBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B55A2BC9-6F29-4167-AAC0-9CCC59864591}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{067FEB93-A5F9-4D61-91C1-E0DCEA31AB29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{D6798387-ACE4-4F9C-8881-83444CBC79AA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{0AA66CA3-71FD-461E-8090-63C436D57F74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{9A5B78C6-95B8-4905-B746-40F7C589C893}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BBC78B21-ACDD-4AF0-9939-F13D1403620B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{210F8E3C-AEA2-48CE-A85C-8C7BAD6ABD36}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{6D4E4359-DEDA-4BFA-944E-460B0D304764}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{13374435-5559-407F-9D5C-A6FDDAA40E31}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B3923CFD-CC57-40B5-A06C-D6216AAEA854}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{C80B3E70-5303-4421-8EBA-69AED33C1E7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{4AD2F1F0-0ED4-4A7C-BD52-F2FC9BD12BE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{10D28DC4-BD16-4D02-BA02-8CD8AD4CC754}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57FDE4D9-5600-4E5A-8135-080158D9B659}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68264353-604F-48C6-8B65-EDACD972B8FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the static speaks my name\thestatic_win.exe
FirewallRules: [{5FACCA97-4B4E-4269-A3E3-B3672B8FC1C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the static speaks my name\thestatic_win.exe
FirewallRules: [TCP Query User{C6D69720-22CD-4783-8CE0-E74B42B7F663}C:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe
FirewallRules: [UDP Query User{1381E8CB-CEF3-49EB-A67D-703FC1ED0184}C:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe
FirewallRules: [TCP Query User{7C4DC2D1-A7F6-4C34-A3D5-CF210EA18ED9}C:\program files (x86)\steam\steamapps\common\shadowrun dragonfall director's cut\dragonfall.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shadowrun dragonfall director's cut\dragonfall.exe
FirewallRules: [UDP Query User{791AE151-4071-4C2F-9BEE-889ACBE9A4D8}C:\program files (x86)\steam\steamapps\common\shadowrun dragonfall director's cut\dragonfall.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shadowrun dragonfall director's cut\dragonfall.exe
FirewallRules: [{727E9964-AA36-456E-A4BF-C7E649A04902}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Decadence\AoD64.exe
FirewallRules: [{A8043BC8-21E3-4CB5-AD6C-6986A65BA99D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Decadence\AoD64.exe
FirewallRules: [{CDB56EB7-A196-441B-97A7-CC3E230C57C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eisenwald\Eisenwald.exe
FirewallRules: [{CA042E88-D34D-4D57-9225-EF0DEE49550A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eisenwald\Eisenwald.exe
FirewallRules: [{6389D0C3-2263-4FB8-9A42-3001AB0EFBC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroesRiseHeroFall\HeroesRiseHeroFall.exe
FirewallRules: [{B5798906-176F-4FB5-98D4-B2793226ED4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroesRiseHeroFall\HeroesRiseHeroFall.exe
FirewallRules: [{FBC22BAE-5E4D-43CF-8CCE-096C301D983E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{6D9049CE-5615-4D64-86BA-F3E6ABCFC85D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{0EECAADD-20AB-4B2F-9FF1-E031023FB0F8}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{DD9B2ECD-DC57-4C26-9602-B2C8F75B40A5}] => (Allow) C:\PROGRA~1\Unity\Editor\Unity.exe
FirewallRules: [TCP Query User{D8A0C47E-43AB-4A92-8121-B10BACBB16E6}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{B90EFB0B-97F9-4746-AC5E-193CFF202F8F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{90909E0D-830E-4F4E-844B-A8C4DA934195}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Deed\Game.exe
FirewallRules: [{23AF37CB-02FB-46C5-84CF-A24856EDEDD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Deed\Game.exe
FirewallRules: [{FA6965F6-4345-4B73-A5A8-67BB514D90BF}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{13A7D245-E77B-4214-97DB-04E8A0F2E13E}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{D7B270D4-6197-41AE-A02A-E6D94C1DE9D4}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{8784B872-9B22-4780-8586-40BC4A9CE22A}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [TCP Query User{559B2184-616D-4F6D-92FB-51986EDAF5B9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{189A7BE9-C52E-40F2-A0B1-612441061087}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4EED539A-1053-4708-BF5F-0B500BB870B9}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{EF41F434-5B3F-4476-9B4B-B77407E01E26}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{39A93A03-7C8C-4CB0-8949-839F0EE4F688}] => (Allow) C:\Users\X\AppData\Local\Temp\7zS23FF\hppiw.exe
FirewallRules: [{19D44352-265F-4DDF-968A-7560AEC69CB0}] => (Allow) C:\Users\X\AppData\Local\Temp\7zS23FF\hppiw.exe
FirewallRules: [{E1478AFB-9D53-4E54-8092-7690CEE9AD57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{AAB3F032-CCF6-4964-B5F4-619E1F1C4DEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{84E229D8-E76C-4214-89E2-028F7374EB03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{F53F44B3-8A94-411B-B08E-EB7A7D7737A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{726EEEB4-9559-4FA7-BD0B-864BA9161EEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{4C7FF55C-E891-46D2-943F-9B1EA0C7AF1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{B3CE13D6-8653-4AA6-8F14-6109E21D2133}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{E45FB30D-8129-4189-ABF0-9581E5C11811}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{BF68FC6E-2976-4A9E-8D15-EF76422CB839}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{EB7ED9B4-0515-44E7-83B9-425FF606EC75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{DA05032B-2525-48D0-BB20-D77F360B6D7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{52989DAD-DD96-4BFB-AFB3-F6EF083203AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{C1B469F9-56A9-404A-B36D-D34C6B9DF230}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{5A975FE3-52A5-4AC5-AE98-4A79AF3DE468}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{70E14885-3829-4965-9696-2C71280402B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Consuming Shadow\consumingshadow.exe
FirewallRules: [{1C66A6D7-EF10-4422-92D4-D1EEDCF30662}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Consuming Shadow\consumingshadow.exe
FirewallRules: [{3AA7FB90-2B10-435F-B971-CB3F2765A8C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\costume quest\Cq.exe
FirewallRules: [{6775EB37-E066-4F1D-A9B0-DE4A39F1CA64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\costume quest\Cq.exe
FirewallRules: [{C2ED132B-B42E-4060-92A9-42A69CC650E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2.exe
FirewallRules: [{C6A4A305-8BB9-4D17-8C02-62F8199E8E99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2.exe
FirewallRules: [{5BAB58BE-9EC8-40CE-9E0C-C703E278EF6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2_DX9.exe
FirewallRules: [{3ECC7FE7-4A9B-4463-ACB0-5C4237E70920}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2_DX9.exe
FirewallRules: [{2FA23132-2715-4242-983A-891A31BCA589}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{AE147611-9453-4E8F-820A-289DA909A42E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{C672D9D8-4D95-4F3F-B48A-3CD7D5161B60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{4068B55C-2908-4841-A320-ACA5AFC326D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{2FB2C769-9D8B-4975-AADF-7E38B1D9061C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{077E2B8E-0B5F-4F92-A6F5-D1F03095255B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{9FA6B1F8-EB5E-4595-B5E8-A4E858BCD16B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dragon age ultimate edition\DAOriginsLauncher.exe
FirewallRules: [{3BA8D674-C14D-4978-977A-9A45CA1587B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dragon age ultimate edition\DAOriginsLauncher.exe
FirewallRules: [{140FF0A9-3A12-4C16-AB03-D6116ADA793F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{480B3DBA-307B-4316-8165-02A64092EDEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{35002D44-52FD-4285-8E19-C0261DFD71DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dex\Dex.exe
FirewallRules: [{37AA7366-C1D7-4661-A125-A26567AB1476}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dex\Dex.exe
FirewallRules: [{4960FE2A-51BD-461E-8E60-E3362A0BB3A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dex\GamepadConfigTool.exe
FirewallRules: [{DA962B5B-F13B-4BAB-8433-E33E3B740CD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dex\GamepadConfigTool.exe
FirewallRules: [{F498DFBA-191E-43DF-A790-3AECA3D36CC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{C50F1D33-31D2-4368-9AD3-D862D29419CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{20CFCDD2-553E-442B-8647-0ED45C553B4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Soul Axiom\SoulAxiom.exe
FirewallRules: [{56308751-6B48-408A-BA68-AF1D9F53D455}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Soul Axiom\SoulAxiom.exe
FirewallRules: [{9D5B4CA7-8C26-4E2D-8A73-2B2DF2341B76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MasterReboot\Binaries\Win32\MasterReboot.exe
FirewallRules: [{08472699-8749-4BC7-9978-5FE92E20A75C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MasterReboot\Binaries\Win32\MasterReboot.exe
FirewallRules: [{147227FD-89E9-42D8-9BD6-C38670C285BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{3AEEBDE3-D4F1-42E2-89A4-E5B8F5B59B3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{F854A822-C6A1-429C-90B6-7BE3285C0591}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2042F614-7F8A-42BB-96DA-59B75F80B2A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{8B2DFC9B-8A4E-44D5-A1B1-0C7EC348484C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{9EB8EF54-CBD3-4BCB-B90E-C4E5EA42F73C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{D621663B-5647-4F1E-9FE8-B846E4B06A44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D2043EEC-A278-4B89-B352-BD48E6B9DB7B}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{9242B4E8-FD47-424E-A427-FCCA1A2B3D9A}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [{08B09B3A-1277-42DC-870D-E7685E8C3CD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Secret Of Magia\EQLauncher.exe
FirewallRules: [{214A1ECB-C9A8-43C6-8471-45BDD5C1DE4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Secret Of Magia\EQLauncher.exe
FirewallRules: [{832FD3B3-6B06-4F1B-8B1F-0DFBE4305803}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{21A78A78-B47C-467F-9B7D-5319E7BD90A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{78227B80-786A-4EBE-B553-218C8D268CF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contradiction\Windows\nw.exe
FirewallRules: [{DB0BD4EC-DED6-4E67-921F-7AC3D6EE4DE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contradiction\Windows\nw.exe
FirewallRules: [{43DD6AB0-EA9F-4A2E-A7CC-3E46CC035163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Decadence\AoD.exe
FirewallRules: [{C4FDE679-97F4-452E-955F-17C9DBC29454}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Decadence\AoD.exe
FirewallRules: [{596BA756-BAF4-4411-BEA3-5368CE79DB1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Deed Dynasty\Game.exe
FirewallRules: [{73086BC1-D110-42B9-8919-EA430241A827}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Deed Dynasty\Game.exe
FirewallRules: [{E8794874-9F2E-4D20-9E07-5FD11108A23B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode One Alpha Centauri\Game.exe
FirewallRules: [{6DFDF235-3DA9-4241-B1DB-BBFDEDE888BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode One Alpha Centauri\Game.exe
FirewallRules: [{179830CB-654A-470D-B9C7-47DEF003BDE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode Two\Game.exe
FirewallRules: [{566F1199-707F-4541-A2DE-3688D25BF0C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode Two\Game.exe
FirewallRules: [{22F8B3A0-D82D-44C8-96F5-996D0B8F302B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode III Delta Pavonis\Game.exe
FirewallRules: [{A06F9093-52B6-4541-8194-342FB975A42E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode III Delta Pavonis\Game.exe
FirewallRules: [{1AD5649C-D38C-4C5B-927B-FFF93D19125C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode IV Sol\Game.exe
FirewallRules: [{5074AAF6-EE7F-4D4F-AEF7-058D76F16A95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode IV Sol\Game.exe
FirewallRules: [TCP Query User{0829C57F-F7C2-4661-A078-AC581CE54C32}C:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{64E5E6D9-61C3-4525-84F8-85D45A25C472}C:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [{C535F910-CFD2-4FEF-81BF-FAB8DC2AC326}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman The Telltale Series\Batman_win8.exe
FirewallRules: [{D57839B0-0A9A-4EBD-AFB6-D59AC9312873}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman The Telltale Series\Batman_win8.exe
FirewallRules: [{19128602-021A-41D0-976B-7184315FF81E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman The Telltale Series\Batman_win7.exe
FirewallRules: [{082711C9-61B6-4541-A467-99D92C6EC8CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman The Telltale Series\Batman_win7.exe
FirewallRules: [{E3F248DD-DE31-49F9-BFE4-298EEA923145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Inquisitor\Game\Inquisitor.exe
FirewallRules: [{6FAB7E6C-ADFA-47D6-B2A8-B1ECE3134E45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Inquisitor\Game\Inquisitor.exe
FirewallRules: [{9961D509-47F3-4D56-8C2A-D74B603144B3}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{8E22674A-E010-42B5-8E87-F8AD9B457607}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [TCP Query User{FA218370-928B-40A4-AD23-27A930B3F3FC}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{05B97A19-001B-4374-96A5-C7CFDBF7857F}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{E0B4B686-C73E-4A94-AF55-C0662ABDC5C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\tbs2\win32\The Banner Saga 2.exe
FirewallRules: [{7014183D-9E04-4D55-8FA0-95C3DFDA823A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\tbs2\win32\The Banner Saga 2.exe
FirewallRules: [{CB51B168-C4AB-4F94-B02E-9C3C81771273}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{4DBC3E84-9489-4D55-9625-DDF84CFAA987}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{D397A13D-FCA8-4464-906F-302E82544BED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Novelist\The Novelist.exe
FirewallRules: [{4F4854ED-1C58-4128-9BF8-72319A964DA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Novelist\The Novelist.exe
FirewallRules: [{160173CE-7941-4FD9-A8A4-DFEA3B8A15A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{C202AE04-467D-4F2C-B950-0AC21ADD70D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{A591DF0F-EEFD-4795-B5D2-7DDD5A9D2B2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TimeShift\bin\TimeShift.Exe
FirewallRules: [{38ED49C5-8B2C-4244-8125-83B778D08C2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TimeShift\bin\TimeShift.Exe
FirewallRules: [{55894420-D580-437C-8D0E-9BC05D0D7137}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Quest Collection\2016_SpaceQuestCollection\SierraLauncher.exe
FirewallRules: [{D3B13504-A832-42D1-9489-68D72A9AC5FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Quest Collection\2016_SpaceQuestCollection\SierraLauncher.exe
FirewallRules: [{D4B5B657-62DA-4B94-8337-64DD606ADA04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Quest Collection\SierraLauncher.exe
FirewallRules: [{4AC50393-D9F1-4224-AEDB-9FEF5D81FE67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Quest Collection\SierraLauncher.exe
FirewallRules: [{05C6BEDE-9BD1-4425-B952-1BD6801A6D1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\911 Operator\911.exe
FirewallRules: [{48FD9FCE-12F4-44C5-AEA1-75B82565E862}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\911 Operator\911.exe
FirewallRules: [{C6A66A53-9AA1-4BCC-953F-B0AAC1337E40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Police Quest Collection\SierraLauncher.exe
FirewallRules: [{67D0CED7-2909-4E8B-8FBB-B2A646A4620D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Police Quest Collection\SierraLauncher.exe
FirewallRules: [{3D13FC7D-C4E9-4E19-87AB-CB59D39EC5A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\quadrilateralcowboy\qc.exe
FirewallRules: [{E5004409-E1C4-43EC-BBD6-C82F631CCBF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\quadrilateralcowboy\qc.exe
FirewallRules: [{0B32A373-4037-4E9D-BD06-3CAC17A0D97E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Headlander\Headlander.exe
FirewallRules: [{B24029D8-575D-4E49-BEB5-5ABEC4A2D0EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Headlander\Headlander.exe
FirewallRules: [{25467C13-8D35-4F48-ACF9-925EB91340D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel - Ultimate Alliance\Marvel.exe
FirewallRules: [{CE7CF8F6-1948-4C3B-89F3-040F89A795F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel - Ultimate Alliance\Marvel.exe
FirewallRules: [{3F50FAAB-7587-4485-A095-4DBC70CB62E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel - Ultimate Alliance 2\Alliance.exe
FirewallRules: [{58FD53BE-CE98-4AC6-BD86-14C03268AD8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel - Ultimate Alliance 2\Alliance.exe
FirewallRules: [{C661932F-2E22-4227-8687-8F0A330C625F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes Rise The Hero Project\HeroesRiseTheHeroProject.exe
FirewallRules: [{20846FD6-A9CA-47A7-B3BF-2FAF10620980}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes Rise The Hero Project\HeroesRiseTheHeroProject.exe
FirewallRules: [{A431F3CD-1518-449C-8D4F-86A15C85AEA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{3231FE71-4487-4BF6-90C7-1FFCD913749A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{C6CCBB46-62F4-46A2-80A0-89D98D857BE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{080FC556-9339-480C-9757-B6CD1BD4F886}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{2A7B882C-EA04-429F-8262-525FB37CBC32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Black Watchmen\tbw.exe
FirewallRules: [{F7658F9F-7E25-421F-8CEE-5639741BCC1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Black Watchmen\tbw.exe
FirewallRules: [{CE26B43C-7E67-4048-9348-33841EA018FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ahnayro\ahnayro.exe
FirewallRules: [{02E87EC2-93FB-4853-9F38-F1C2157DC634}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ahnayro\ahnayro.exe
FirewallRules: [{427E6622-B7C6-469E-A7B6-63E458709CDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tyranny\Tyranny.exe
FirewallRules: [{35FA2CFC-F65B-474B-BE13-50D65E76F41B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tyranny\Tyranny.exe
FirewallRules: [{E49D7ED4-441F-4ED0-819F-D3993B84FBE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knee Deep\Knee Deep.exe
FirewallRules: [{7CBCF85F-5EDC-4133-A0DC-A58FED02BD1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knee Deep\Knee Deep.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/12/2016 05:00:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbar.exe, Version 1.9.3.1001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 524
Startzeit: 01d23cfa15efcba4
Endzeit: 2418
Anwendungspfad: C:\Users\X\Desktop\mbar\mbar.exe
Berichts-ID: 246bfe22-a8f1-11e6-a1fb-d8cb8a731465
Error: (11/11/2016 11:46:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605ac0
Name des fehlerhaften Moduls: MessageBus.dll, Version: 0.0.0.0, Zeitstempel: 0x5760534f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010f73
ID des fehlerhaften Prozesses: 0xe64
Startzeit der fehlerhaften Anwendung: 0x01d23c08cc2eac75
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
Pfad des fehlerhaften Moduls: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
Berichtskennung: 15e82eb6-a7fc-11e6-8f95-24050f78a73a
Error: (11/03/2016 07:09:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Darksiders2.exe, Version: 0.0.0.0, Zeitstempel: 0x56414237
Name des fehlerhaften Moduls: Darksiders2.exe, Version: 0.0.0.0, Zeitstempel: 0x56414237
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000058742d
ID des fehlerhaften Prozesses: 0x1828
Startzeit der fehlerhaften Anwendung: 0x01d235faa56b74ec
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
Berichtskennung: b607d569-a1f0-11e6-a362-d8cb8a731465
Error: (11/02/2016 09:09:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 15.20.20039.7108, Zeitstempel: 0x57eee485
Name des fehlerhaften Moduls: AcroRd32.dll, Version: 15.20.20039.7108, Zeitstempel: 0x57eee462
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0028992b
ID des fehlerhaften Prozesses: 0x1084
Startzeit der fehlerhaften Anwendung: 0x01d235332c58f1a5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
Berichtskennung: 3c43c7ff-a138-11e6-a4f5-d8cb8a731465
Error: (10/28/2016 07:01:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GrimmGame.exe, Version: 0.0.0.0, Zeitstempel: 0x48561d63
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x8b068b57
ID des fehlerhaften Prozesses: 0x19c8
Startzeit der fehlerhaften Anwendung: 0x01d231420e1ea3db
Pfad der fehlerhaften Anwendung: C:\Program Files\GalaxyClient\Games\American McGees Grimm - Season 1\1-1 BoyFear\Binaries\GrimmGame.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 800a914b-9d38-11e6-948b-d8cb8a731465
Error: (10/27/2016 09:50:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 15.20.20039.7108, Zeitstempel: 0x57eee485
Name des fehlerhaften Moduls: AcroRd32.dll, Version: 15.20.20039.7108, Zeitstempel: 0x57eee462
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0028992b
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0x01d23061cfd3008d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
Berichtskennung: ff7aabbb-9c86-11e6-97ff-d8cb8a731465
Error: (10/18/2016 11:47:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\X\Downloads\SoftonicDownloader_fuer_mpeg-streamclip.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (10/16/2016 08:13:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0x1700
Startzeit der fehlerhaften Anwendung: 0x01d227afc1e102a8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: 9a20e304-93d4-11e6-a1b3-d8cb8a731465
Error: (10/06/2016 07:42:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x57d87fc5
Name des fehlerhaften Moduls: NVI2.DLL, Version: 2.1002.224.1962, Zeitstempel: 0x57d880dc
Ausnahmecode: 0x40000015
Fehleroffset: 0x00278476
ID des fehlerhaften Prozesses: 0x1a54
Startzeit der fehlerhaften Anwendung: 0x01d2200144599214
Pfad der fehlerhaften Anwendung: C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
Pfad des fehlerhaften Moduls: C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{0C482131-D588-4F13-B169-4C29AA0CAE47}\NVI2.DLL
Berichtskennung: abecad92-8bf4-11e6-8116-d8cb8a731465
Error: (10/03/2016 06:56:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Marvel.exe, Version: 1.0.0.1, Zeitstempel: 0x57b584fc
Name des fehlerhaften Moduls: XAudio2_7.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4c0643cc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fef1a12891
ID des fehlerhaften Prozesses: 0xd3c
Startzeit der fehlerhaften Anwendung: 0x01d21d9ba44a857a
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Marvel - Ultimate Alliance\Marvel.exe
Pfad des fehlerhaften Moduls: XAudio2_7.dll
Berichtskennung: ba1e08d1-8992-11e6-8026-d8cb8a731465
Systemfehler:
=============
Error: (11/15/2016 12:34:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/15/2016 12:34:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/15/2016 12:14:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/15/2016 12:14:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/14/2016 05:31:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/14/2016 05:31:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/14/2016 01:11:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/14/2016 01:11:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/13/2016 06:31:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/13/2016 06:31:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-6300 Six-Core Processor
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8140.05 MB
Verfügbarer physikalischer RAM: 5321.74 MB
Summe virtueller Speicher: 16278.29 MB
Verfügbarer virtueller Speicher: 13657.66 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:153.77 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 78BCB546)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Geändert von Klaus_Mittel (15.11.2016 um 13:11 Uhr) |
|
15.11.2016, 13:01
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Deine Logs sind kaputt gepostet. Da sind Zeilenümbrüche drin, die alles unlesbar machen. Bitte korrigieren.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2016, 13:11
| #21 | |
| | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.ukZitat:
|
|
15.11.2016, 14:19
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Du hast da ein uraltes Open Office drin. Das muss mal bei Gelegenheit rausfliegen und durch ein aktuelles Libre Office ersetzt werden. OpenOffice ist im Prinzip tot  Bitte deinstalliere auch das völlig untaugliche Spybot. Danach so weitermachen: 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2016, 15:18
| #23 |
| | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Spybot wurde deinstalliert. Ebenso OpenOffice. Gibt es eine Alternative zu Spybot, oder empfiehlst du, davon ganz die Finger zu lassen? Hier das Log von MBAR. Es hat nichts gefunden. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.11.15.08
rootkit: v2016.10.31.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18499
X :: X-PC [administrator]
15.11.2016 14:53:29
mbar-log-2016-11-15 (14-53-29).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 330629
Time elapsed: 17 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 15:13:41.0827 0x00b4 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
15:13:45.0547 0x00b4 ============================================================
15:13:45.0547 0x00b4 Current date / time: 2016/11/15 15:13:45.0547
15:13:45.0547 0x00b4 SystemInfo:
15:13:45.0547 0x00b4
15:13:45.0547 0x00b4 OS Version: 6.1.7601 ServicePack: 1.0
15:13:45.0547 0x00b4 Product type: Workstation
15:13:45.0547 0x00b4 ComputerName: X-PC
15:13:45.0547 0x00b4 UserName: X
15:13:45.0547 0x00b4 Windows directory: C:\Windows
15:13:45.0547 0x00b4 System windows directory: C:\Windows
15:13:45.0547 0x00b4 Running under WOW64
15:13:45.0547 0x00b4 Processor architecture: Intel x64
15:13:45.0547 0x00b4 Number of processors: 6
15:13:45.0547 0x00b4 Page size: 0x1000
15:13:45.0547 0x00b4 Boot type: Normal boot
15:13:45.0547 0x00b4 CodeIntegrityOptions = 0x00000001
15:13:45.0547 0x00b4 ============================================================
15:13:47.0289 0x00b4 KLMD registered as C:\Windows\system32\drivers\95893100.sys
15:13:47.0289 0x00b4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x1
15:13:47.0456 0x00b4 System UUID: {48A2C2C7-E2CD-DCDF-43E2-27F12A37F809}
15:13:47.0807 0x00b4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:13:47.0811 0x00b4 ============================================================
15:13:47.0811 0x00b4 \Device\Harddisk0\DR0:
15:13:47.0812 0x00b4 MBR partitions:
15:13:47.0812 0x00b4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:13:47.0812 0x00b4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
15:13:47.0812 0x00b4 ============================================================
15:13:47.0826 0x00b4 C: <-> \Device\Harddisk0\DR0\Partition2
15:13:47.0826 0x00b4 ============================================================
15:13:47.0826 0x00b4 Initialize success
15:13:47.0826 0x00b4 ============================================================
15:14:26.0925 0x1038 ============================================================
15:14:26.0925 0x1038 Scan started
15:14:26.0925 0x1038 Mode: Manual; SigCheck; TDLFS;
15:14:26.0925 0x1038 ============================================================
15:14:26.0925 0x1038 KSN ping started
15:14:27.0081 0x1038 KSN ping finished: true
15:14:28.0204 0x1038 ================ Scan system memory ========================
15:14:28.0204 0x1038 System memory - ok
15:14:28.0204 0x1038 ================ Scan services =============================
15:14:28.0329 0x1038 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:14:28.0391 0x1038 1394ohci - ok
15:14:28.0469 0x1038 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:14:28.0485 0x1038 ACPI - ok
15:14:28.0547 0x1038 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:14:28.0579 0x1038 AcpiPmi - ok
15:14:28.0719 0x1038 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:14:28.0735 0x1038 AdobeARMservice - ok
15:14:28.0766 0x1038 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:14:28.0781 0x1038 adp94xx - ok
15:14:28.0781 0x1038 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:14:28.0797 0x1038 adpahci - ok
15:14:28.0813 0x1038 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:14:28.0813 0x1038 adpu320 - ok
15:14:28.0859 0x1038 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:14:28.0937 0x1038 AeLookupSvc - ok
15:14:29.0015 0x1038 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
15:14:29.0109 0x1038 AFD - ok
15:14:29.0109 0x1038 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:14:29.0125 0x1038 agp440 - ok
15:14:29.0140 0x1038 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:14:29.0203 0x1038 ALG - ok
15:14:29.0218 0x1038 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:14:29.0218 0x1038 aliide - ok
15:14:29.0265 0x1038 AMD FUEL Service - ok
15:14:29.0281 0x1038 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:14:29.0281 0x1038 amdide - ok
15:14:29.0312 0x1038 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:14:29.0312 0x1038 amdiox64 - ok
15:14:29.0327 0x1038 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:14:29.0359 0x1038 AmdK8 - ok
15:14:29.0374 0x1038 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:14:29.0405 0x1038 AmdPPM - ok
15:14:29.0452 0x1038 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:14:29.0468 0x1038 amdsata - ok
15:14:29.0468 0x1038 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:14:29.0483 0x1038 amdsbs - ok
15:14:29.0499 0x1038 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:14:29.0499 0x1038 amdxata - ok
15:14:29.0515 0x1038 [ D7253A1A7A49FA40EF0BA1955AAFB346, 0C84A844F06D414F1A6793C9330B7B1474641B569EFEB5F64F29C0D11E59E631 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:14:29.0530 0x1038 AODDriver4.1 - ok
15:14:29.0577 0x1038 [ 8B73FEE96B60EE597CBCAA735A842A36, AB3FC01FEC62AC115EC766770D8694DEDA2FF2286E0199DC238ABF2493EC1A22 ] AppID C:\Windows\system32\drivers\appid.sys
15:14:29.0608 0x1038 AppID - ok
15:14:29.0639 0x1038 [ F5800413C0DF45C2CA15FD3ACBB1365F, 741E09EED0FF0152B59704729BD700E7D7A671C88F0708884AAB7A56ECCBD8AB ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:14:29.0671 0x1038 AppIDSvc - ok
15:14:29.0717 0x1038 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
15:14:29.0795 0x1038 Appinfo - ok
15:14:29.0795 0x1038 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:14:29.0811 0x1038 arc - ok
15:14:29.0811 0x1038 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:14:29.0827 0x1038 arcsas - ok
15:14:29.0873 0x1038 aspnet_state - ok
15:14:29.0889 0x1038 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:14:29.0920 0x1038 AsyncMac - ok
15:14:29.0983 0x1038 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:14:29.0983 0x1038 atapi - ok
15:14:30.0061 0x1038 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:14:30.0107 0x1038 AudioEndpointBuilder - ok
15:14:30.0154 0x1038 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:14:30.0170 0x1038 AudioSrv - ok
15:14:30.0232 0x1038 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:14:30.0326 0x1038 AxInstSV - ok
15:14:30.0341 0x1038 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:14:30.0357 0x1038 b06bdrv - ok
15:14:30.0388 0x1038 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:14:30.0404 0x1038 b57nd60a - ok
15:14:30.0435 0x1038 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:14:30.0466 0x1038 BDESVC - ok
15:14:30.0466 0x1038 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:14:30.0497 0x1038 Beep - ok
15:14:30.0575 0x1038 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:14:30.0669 0x1038 BFE - ok
15:14:30.0747 0x1038 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:14:30.0856 0x1038 BITS - ok
15:14:30.0872 0x1038 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:14:30.0887 0x1038 blbdrive - ok
15:14:30.0950 0x1038 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:14:30.0965 0x1038 bowser - ok
15:14:30.0965 0x1038 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:14:30.0997 0x1038 BrFiltLo - ok
15:14:30.0997 0x1038 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:14:31.0043 0x1038 BrFiltUp - ok
15:14:31.0090 0x1038 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:14:31.0153 0x1038 Browser - ok
15:14:31.0153 0x1038 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:14:31.0184 0x1038 Brserid - ok
15:14:31.0184 0x1038 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:14:31.0199 0x1038 BrSerWdm - ok
15:14:31.0199 0x1038 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:14:31.0215 0x1038 BrUsbMdm - ok
15:14:31.0215 0x1038 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:14:31.0215 0x1038 BrUsbSer - ok
15:14:31.0262 0x1038 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
15:14:31.0340 0x1038 BthEnum - ok
15:14:31.0340 0x1038 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:14:31.0355 0x1038 BTHMODEM - ok
15:14:31.0371 0x1038 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:14:31.0387 0x1038 BthPan - ok
15:14:31.0449 0x1038 [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:14:31.0480 0x1038 BTHPORT - ok
15:14:31.0496 0x1038 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:14:31.0527 0x1038 bthserv - ok
15:14:31.0543 0x1038 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:14:31.0558 0x1038 BTHUSB - ok
15:14:31.0574 0x1038 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:14:31.0636 0x1038 cdfs - ok
15:14:31.0714 0x1038 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:14:31.0730 0x1038 cdrom - ok
15:14:31.0808 0x1038 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:14:31.0855 0x1038 CertPropSvc - ok
15:14:31.0886 0x1038 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:14:31.0917 0x1038 circlass - ok
15:14:31.0979 0x1038 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:14:31.0995 0x1038 CLFS - ok
15:14:32.0057 0x1038 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:14:32.0057 0x1038 clr_optimization_v2.0.50727_32 - ok
15:14:32.0135 0x1038 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:14:32.0151 0x1038 clr_optimization_v2.0.50727_64 - ok
15:14:32.0260 0x1038 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:14:32.0260 0x1038 clr_optimization_v4.0.30319_32 - ok
15:14:32.0291 0x1038 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:14:32.0354 0x1038 clr_optimization_v4.0.30319_64 - ok
15:14:32.0385 0x1038 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:14:32.0401 0x1038 CmBatt - ok
15:14:32.0416 0x1038 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:14:32.0416 0x1038 cmdide - ok
15:14:32.0447 0x1038 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
15:14:32.0463 0x1038 CNG - ok
15:14:32.0479 0x1038 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:14:32.0479 0x1038 Compbatt - ok
15:14:32.0541 0x1038 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:14:32.0588 0x1038 CompositeBus - ok
15:14:32.0588 0x1038 COMSysApp - ok
15:14:32.0619 0x1038 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:14:32.0619 0x1038 crcdisk - ok
15:14:32.0681 0x1038 [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:14:32.0713 0x1038 CryptSvc - ok
15:14:32.0775 0x1038 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:14:32.0822 0x1038 DcomLaunch - ok
15:14:32.0853 0x1038 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:14:32.0884 0x1038 defragsvc - ok
15:14:32.0947 0x1038 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:14:32.0962 0x1038 DfsC - ok
15:14:32.0993 0x1038 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:14:33.0025 0x1038 Dhcp - ok
15:14:33.0040 0x1038 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:14:33.0071 0x1038 discache - ok
15:14:33.0087 0x1038 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:14:33.0087 0x1038 Disk - ok
15:14:33.0149 0x1038 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:14:33.0181 0x1038 Dnscache - ok
15:14:33.0243 0x1038 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:14:33.0274 0x1038 dot3svc - ok
15:14:33.0305 0x1038 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:14:33.0337 0x1038 Dot4 - ok
15:14:33.0368 0x1038 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:14:33.0399 0x1038 Dot4Print - ok
15:14:33.0461 0x1038 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:14:33.0493 0x1038 dot4usb - ok
15:14:33.0555 0x1038 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:14:33.0602 0x1038 DPS - ok
15:14:33.0664 0x1038 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:14:33.0680 0x1038 drmkaud - ok
15:14:33.0758 0x1038 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:14:33.0789 0x1038 DXGKrnl - ok
15:14:33.0820 0x1038 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:14:33.0867 0x1038 EapHost - ok
15:14:33.0961 0x1038 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:14:34.0054 0x1038 ebdrv - ok
15:14:34.0101 0x1038 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] EFS C:\Windows\System32\lsass.exe
15:14:34.0163 0x1038 EFS - ok
15:14:34.0257 0x1038 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:14:34.0319 0x1038 ehRecvr - ok
15:14:34.0351 0x1038 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:14:34.0429 0x1038 ehSched - ok
15:14:34.0444 0x1038 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:14:34.0475 0x1038 elxstor - ok
15:14:34.0491 0x1038 [ F1D1966D85FA57F5F91A39C8F31FB9D8, 14E2DDB4DAA928640CB5450EF469ED95DEEC6E22F281025E843ADBA6D188F860 ] emAudio C:\Windows\system32\DRIVERS\emAudio64.sys
15:14:34.0491 0x1038 emAudio - ok
15:14:34.0553 0x1038 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:14:34.0585 0x1038 ErrDev - ok
15:14:34.0600 0x1038 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:14:34.0631 0x1038 EventSystem - ok
15:14:34.0647 0x1038 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:14:34.0678 0x1038 exfat - ok
15:14:34.0694 0x1038 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:14:34.0709 0x1038 fastfat - ok
15:14:34.0787 0x1038 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:14:34.0834 0x1038 Fax - ok
15:14:34.0850 0x1038 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:14:34.0850 0x1038 fdc - ok
15:14:34.0865 0x1038 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:14:34.0912 0x1038 fdPHost - ok
15:14:34.0943 0x1038 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:14:34.0959 0x1038 FDResPub - ok
15:14:34.0975 0x1038 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:14:34.0990 0x1038 FileInfo - ok
15:14:34.0990 0x1038 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:14:35.0021 0x1038 Filetrace - ok
15:14:35.0021 0x1038 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:14:35.0053 0x1038 flpydisk - ok
15:14:35.0084 0x1038 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:14:35.0099 0x1038 FltMgr - ok
15:14:35.0193 0x1038 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
15:14:35.0255 0x1038 FontCache - ok
15:14:35.0349 0x1038 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:14:35.0365 0x1038 FontCache3.0.0.0 - ok
15:14:35.0365 0x1038 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:14:35.0380 0x1038 FsDepends - ok
15:14:35.0396 0x1038 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:14:35.0396 0x1038 Fs_Rec - ok
15:14:35.0458 0x1038 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:14:35.0474 0x1038 fvevol - ok
15:14:35.0489 0x1038 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:14:35.0489 0x1038 gagp30kx - ok
15:14:35.0614 0x1038 [ 73A5AD91799E12105DA2794DF970B5E0, 8A5A1EC85C40412B4B00E346CC8E65B9115BC6892FA54C15826241BE37BAA846 ] GalaxyClientService C:\Program Files\GalaxyClient\GalaxyClientService.exe
15:14:35.0630 0x1038 GalaxyClientService - ok
15:14:35.0895 0x1038 [ BB7EA5ECF0334F48221AD8E0E21A95CC, 5484718AEAEE511A824DEAA95578B7358C7DF79D7F565B0D2AE1729192DE208E ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
15:14:36.0082 0x1038 GalaxyCommunication - ok
15:14:36.0145 0x1038 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
15:14:36.0191 0x1038 gpsvc - ok
15:14:36.0191 0x1038 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:14:36.0269 0x1038 hcw85cir - ok
15:14:36.0347 0x1038 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:14:36.0363 0x1038 HdAudAddService - ok
15:14:36.0425 0x1038 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:14:36.0457 0x1038 HDAudBus - ok
15:14:36.0457 0x1038 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:14:36.0472 0x1038 HidBatt - ok
15:14:36.0488 0x1038 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:14:36.0503 0x1038 HidBth - ok
15:14:36.0503 0x1038 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:14:36.0503 0x1038 HidIr - ok
15:14:36.0535 0x1038 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:14:36.0581 0x1038 hidserv - ok
15:14:36.0659 0x1038 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:14:36.0675 0x1038 HidUsb - ok
15:14:36.0737 0x1038 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:14:36.0769 0x1038 hkmsvc - ok
15:14:36.0815 0x1038 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:14:36.0847 0x1038 HomeGroupListener - ok
15:14:36.0893 0x1038 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:14:36.0925 0x1038 HomeGroupProvider - ok
15:14:37.0018 0x1038 [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:14:37.0018 0x1038 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
15:14:37.0127 0x1038 Detect skipped due to KSN trusted
15:14:37.0127 0x1038 hpqcxs08 - ok
15:14:37.0143 0x1038 [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:14:37.0190 0x1038 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
15:14:37.0252 0x1038 Detect skipped due to KSN trusted
15:14:37.0252 0x1038 hpqddsvc - ok
15:14:37.0346 0x1038 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:14:37.0346 0x1038 HpSAMD - ok
15:14:37.0517 0x1038 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Users\X\AppData\Local\Temp\7zS23FF\hpslpsvc64.dll
15:14:37.0549 0x1038 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
15:14:37.0720 0x1038 Detect skipped due to KSN trusted
15:14:37.0720 0x1038 HPSLPSVC - ok
15:14:37.0845 0x1038 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:14:37.0876 0x1038 HTTP - ok
15:14:37.0939 0x1038 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:14:37.0939 0x1038 hwpolicy - ok
15:14:38.0017 0x1038 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:14:38.0017 0x1038 i8042prt - ok
15:14:38.0048 0x1038 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:14:38.0063 0x1038 iaStorV - ok
15:14:38.0095 0x1038 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:14:38.0141 0x1038 idsvc - ok
15:14:38.0141 0x1038 IEEtwCollectorService - ok
15:14:38.0173 0x1038 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:14:38.0173 0x1038 iirsp - ok
15:14:38.0251 0x1038 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:14:38.0297 0x1038 IKEEXT - ok
15:14:38.0391 0x1038 [ E551BB77E7D436380139977124BDFF62, 34C339D5FDAE67E6A73753D0607B5D9E5735421C2EF93C183844AF5D858BFE82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:14:38.0485 0x1038 IntcAzAudAddService - ok
15:14:38.0500 0x1038 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:14:38.0516 0x1038 intelide - ok
15:14:38.0531 0x1038 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:14:38.0531 0x1038 intelppm - ok
15:14:38.0547 0x1038 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:14:38.0578 0x1038 IPBusEnum - ok
15:14:38.0641 0x1038 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:14:38.0672 0x1038 IpFilterDriver - ok
15:14:38.0687 0x1038 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:14:38.0734 0x1038 iphlpsvc - ok
15:14:38.0765 0x1038 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:14:38.0781 0x1038 IPMIDRV - ok
15:14:38.0797 0x1038 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:14:38.0859 0x1038 IPNAT - ok
15:14:38.0890 0x1038 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:14:38.0921 0x1038 IRENUM - ok
15:14:38.0937 0x1038 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:14:38.0953 0x1038 isapnp - ok
15:14:38.0968 0x1038 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:14:38.0984 0x1038 iScsiPrt - ok
15:14:38.0999 0x1038 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:14:39.0015 0x1038 kbdclass - ok
15:14:39.0062 0x1038 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:14:39.0077 0x1038 kbdhid - ok
15:14:39.0124 0x1038 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] KeyIso C:\Windows\system32\lsass.exe
15:14:39.0140 0x1038 KeyIso - ok
15:14:39.0202 0x1038 [ CF11CC2B73D5155533C67354F9188E09, D59C30B9651F8E0952DFF34A010BC60A1D27AE10F5705C54424BF6BB7ADF9F62 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:14:39.0202 0x1038 KSecDD - ok
15:14:39.0218 0x1038 [ 2E56D51B184EFB8E353B7AF446299DC8, CE7AAFF89F3A0BFE191DE90430A04C7FB899F5CF3B704AA5A96F47D5F37192B2 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:14:39.0233 0x1038 KSecPkg - ok
15:14:39.0233 0x1038 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:14:39.0280 0x1038 ksthunk - ok
15:14:39.0311 0x1038 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:14:39.0405 0x1038 KtmRm - ok
15:14:39.0436 0x1038 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:14:39.0467 0x1038 LanmanServer - ok
15:14:39.0530 0x1038 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:14:39.0545 0x1038 LanmanWorkstation - ok
15:14:39.0561 0x1038 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:14:39.0592 0x1038 lltdio - ok
15:14:39.0608 0x1038 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:14:39.0655 0x1038 lltdsvc - ok
15:14:39.0655 0x1038 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:14:39.0717 0x1038 lmhosts - ok
15:14:39.0748 0x1038 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:14:39.0748 0x1038 LSI_FC - ok
15:14:39.0764 0x1038 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:14:39.0764 0x1038 LSI_SAS - ok
15:14:39.0779 0x1038 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:14:39.0779 0x1038 LSI_SAS2 - ok
15:14:39.0779 0x1038 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:14:39.0795 0x1038 LSI_SCSI - ok
15:14:39.0811 0x1038 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:14:39.0842 0x1038 luafv - ok
15:14:39.0904 0x1038 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:14:39.0920 0x1038 Mcx2Svc - ok
15:14:39.0920 0x1038 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:14:39.0935 0x1038 megasas - ok
15:14:39.0935 0x1038 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:14:39.0951 0x1038 MegaSR - ok
15:14:39.0951 0x1038 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:14:39.0982 0x1038 MMCSS - ok
15:14:39.0982 0x1038 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:14:40.0013 0x1038 Modem - ok
15:14:40.0029 0x1038 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:14:40.0029 0x1038 monitor - ok
15:14:40.0045 0x1038 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
15:14:40.0045 0x1038 mouclass - ok
15:14:40.0060 0x1038 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:14:40.0060 0x1038 mouhid - ok
15:14:40.0138 0x1038 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:14:40.0138 0x1038 mountmgr - ok
15:14:40.0247 0x1038 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe
15:14:40.0263 0x1038 MozillaMaintenance - ok
15:14:40.0310 0x1038 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:14:40.0325 0x1038 mpio - ok
15:14:40.0341 0x1038 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:14:40.0372 0x1038 mpsdrv - ok
15:14:40.0450 0x1038 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:14:40.0497 0x1038 MpsSvc - ok
15:14:40.0544 0x1038 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:14:40.0575 0x1038 MRxDAV - ok
15:14:40.0591 0x1038 [ FCA01B0C70DAE9BE557577E719469D17, F9868B7B50EF6323BF6690F087A83928A1E82B96A19B27F344E10BF11E520C32 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:14:40.0606 0x1038 mrxsmb - ok
15:14:40.0622 0x1038 [ 386BE96797C5B480AD31E8B50CEE337C, 88E826F42BEB38CAA7C84AE6ED4D8EBC4D382A8A37CF9F7B8517B297F168F1B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:14:40.0637 0x1038 mrxsmb10 - ok
15:14:40.0653 0x1038 [ 841474CF2EB14F826038FBCC7D85B857, 4B1BC8AFDA54D1F16AC2AAB7EDDAE07FBF1E3B65D1658F8901A3E3175AF72800 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:14:40.0669 0x1038 mrxsmb20 - ok
15:14:40.0747 0x1038 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:14:40.0747 0x1038 msahci - ok
15:14:40.0762 0x1038 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:14:40.0778 0x1038 msdsm - ok
15:14:40.0793 0x1038 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:14:40.0793 0x1038 MSDTC - ok
15:14:40.0809 0x1038 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:14:40.0840 0x1038 Msfs - ok
15:14:40.0840 0x1038 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:14:40.0887 0x1038 mshidkmdf - ok
15:14:40.0918 0x1038 MSICDSetup - ok
15:14:40.0949 0x1038 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:14:40.0949 0x1038 msisadrv - ok
15:14:40.0996 0x1038 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:14:41.0043 0x1038 MSiSCSI - ok
15:14:41.0043 0x1038 msiserver - ok
15:14:41.0059 0x1038 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:14:41.0090 0x1038 MSKSSRV - ok
15:14:41.0105 0x1038 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:14:41.0137 0x1038 MSPCLOCK - ok
15:14:41.0137 0x1038 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:14:41.0183 0x1038 MSPQM - ok
15:14:41.0246 0x1038 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:14:41.0261 0x1038 MsRPC - ok
15:14:41.0261 0x1038 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:14:41.0277 0x1038 mssmbios - ok
15:14:41.0277 0x1038 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:14:41.0324 0x1038 MSTEE - ok
15:14:41.0339 0x1038 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:14:41.0355 0x1038 MTConfig - ok
15:14:41.0355 0x1038 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:14:41.0371 0x1038 Mup - ok
15:14:41.0433 0x1038 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:14:41.0464 0x1038 napagent - ok
15:14:41.0495 0x1038 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:14:41.0542 0x1038 NativeWifiP - ok
15:14:41.0651 0x1038 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:14:41.0698 0x1038 NDIS - ok
15:14:41.0698 0x1038 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:14:41.0729 0x1038 NdisCap - ok
15:14:41.0729 0x1038 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:14:41.0761 0x1038 NdisTapi - ok
15:14:41.0823 0x1038 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:14:41.0870 0x1038 Ndisuio - ok
15:14:41.0917 0x1038 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:14:41.0963 0x1038 NdisWan - ok
15:14:42.0010 0x1038 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:14:42.0041 0x1038 NDProxy - ok
15:14:42.0073 0x1038 [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:14:42.0104 0x1038 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:14:42.0369 0x1038 Detect skipped due to KSN trusted
15:14:42.0369 0x1038 Net Driver HPZ12 - ok
15:14:42.0385 0x1038 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:14:42.0400 0x1038 NetBIOS - ok
15:14:42.0447 0x1038 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:14:42.0478 0x1038 NetBT - ok
15:14:42.0494 0x1038 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] Netlogon C:\Windows\system32\lsass.exe
15:14:42.0494 0x1038 Netlogon - ok
15:14:42.0525 0x1038 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:14:42.0556 0x1038 Netman - ok
15:14:42.0681 0x1038 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:42.0712 0x1038 NetMsmqActivator - ok
15:14:42.0712 0x1038 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:42.0728 0x1038 NetPipeActivator - ok
15:14:42.0759 0x1038 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:14:42.0790 0x1038 netprofm - ok
15:14:42.0915 0x1038 [ 78DFEAB988E0B0EA4ECF29D908D09AF6, E7D447CBBF4B3B561D5062CE5B7B26E8430D2A0DA7E0F59CC3A07839B37E8136 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
15:14:42.0977 0x1038 netr28ux - ok
15:14:43.0024 0x1038 [ 81B8D0C1CE44A7FDBD596B693783950C, 9F47ACECFE32E935FE03D0134018A9C03698D9E25E6FC9B8A525A4FE4A880642 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
15:14:43.0055 0x1038 netr7364 - ok
15:14:43.0055 0x1038 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:43.0071 0x1038 NetTcpActivator - ok
15:14:43.0071 0x1038 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:43.0087 0x1038 NetTcpPortSharing - ok
15:14:43.0102 0x1038 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:14:43.0102 0x1038 nfrd960 - ok
15:14:43.0165 0x1038 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:14:43.0196 0x1038 NlaSvc - ok
15:14:43.0211 0x1038 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:14:43.0258 0x1038 Npfs - ok
15:14:43.0289 0x1038 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:14:43.0336 0x1038 nsi - ok
15:14:43.0367 0x1038 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:14:43.0414 0x1038 nsiproxy - ok
15:14:43.0508 0x1038 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:14:43.0555 0x1038 Ntfs - ok
15:14:43.0555 0x1038 NTIOLib_1_0_C - ok
15:14:43.0555 0x1038 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:14:43.0586 0x1038 Null - ok
15:14:43.0617 0x1038 [ 67B51A97733B10D716B366C2ED126763, C34B889D39A4443A82BCDF6B9A0BF637D2ECC37BBB1AAE21143EC9E3DC495D90 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:14:43.0633 0x1038 NVHDA - ok
15:14:43.0991 0x1038 [ 71CF83223F3ADC2EC9DC0FDA8702E312, A76E94F73CD1EAB5D49EF8A206B1E4BC141620B482236E0FD17F5FA0CAD05863 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:14:44.0366 0x1038 nvlddmkm - ok
15:14:44.0553 0x1038 [ A6102293847A7A2DF01E7BF7AC1C1F12, 14E4E75711C00DA826136FB531E9AD53787502F441103386C5CD37EEFCE27AFC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:14:44.0584 0x1038 NvNetworkService - ok
15:14:44.0647 0x1038 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:14:44.0662 0x1038 nvraid - ok
15:14:44.0678 0x1038 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:14:44.0678 0x1038 nvstor - ok
15:14:44.0818 0x1038 [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:14:44.0834 0x1038 NvStreamKms - ok
15:14:44.0959 0x1038 [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
15:14:45.0037 0x1038 NvStreamNetworkSvc - ok
15:14:45.0115 0x1038 [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
15:14:45.0177 0x1038 NvStreamSvc - ok
15:14:45.0224 0x1038 [ F07CC5C6A71B002C50D74FD611F44538, 85A341530740A71768947E721B0A979DEE328348F3083806A367DAA0CD628CB4 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:14:45.0255 0x1038 nvsvc - ok
15:14:45.0271 0x1038 [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:14:45.0286 0x1038 nvvad_WaveExtensible - ok
15:14:45.0364 0x1038 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:14:45.0364 0x1038 nv_agp - ok
15:14:45.0380 0x1038 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:14:45.0395 0x1038 ohci1394 - ok
15:14:45.0473 0x1038 [ 22A6759ED051B9D1FBF04E1E088ADBBA, 295D2CB3ED59B6689F594ABF3705E4523FDB91325E3C449CD4B45B184328F01B ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:14:45.0551 0x1038 Origin Client Service - ok
15:14:45.0645 0x1038 [ 32B5DC6EDBD7E1433F4662110BC2A3F8, C2AC56AB98DF3813425A88BD6CF50BBA6FA4CD7EBC67000B4DD776AAAAC0CB86 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
15:14:45.0707 0x1038 Origin Web Helper Service - ok
15:14:45.0739 0x1038 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:14:45.0770 0x1038 p2pimsvc - ok
15:14:45.0785 0x1038 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:14:45.0817 0x1038 p2psvc - ok
15:14:45.0832 0x1038 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:14:45.0848 0x1038 Parport - ok
15:14:45.0879 0x1038 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:14:45.0895 0x1038 partmgr - ok
15:14:45.0926 0x1038 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
15:14:45.0941 0x1038 PcaSvc - ok
15:14:45.0957 0x1038 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:14:45.0973 0x1038 pci - ok
15:14:45.0973 0x1038 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:14:45.0988 0x1038 pciide - ok
15:14:46.0004 0x1038 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:14:46.0004 0x1038 pcmcia - ok
15:14:46.0019 0x1038 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:14:46.0035 0x1038 pcw - ok
15:14:46.0051 0x1038 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:14:46.0082 0x1038 PEAUTH - ok
15:14:46.0129 0x1038 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:14:46.0144 0x1038 PerfHost - ok
15:14:46.0238 0x1038 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:14:46.0300 0x1038 pla - ok
15:14:46.0378 0x1038 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:14:46.0409 0x1038 PlugPlay - ok
15:14:46.0425 0x1038 [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:14:46.0441 0x1038 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:14:46.0565 0x1038 Detect skipped due to KSN trusted
15:14:46.0565 0x1038 Pml Driver HPZ12 - ok
15:14:46.0581 0x1038 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:14:46.0597 0x1038 PNRPAutoReg - ok
15:14:46.0612 0x1038 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:14:46.0628 0x1038 PNRPsvc - ok
15:14:46.0659 0x1038 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:14:46.0690 0x1038 PolicyAgent - ok
15:14:46.0706 0x1038 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:14:46.0768 0x1038 Power - ok
15:14:46.0846 0x1038 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:14:46.0877 0x1038 PptpMiniport - ok
15:14:46.0893 0x1038 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:14:46.0909 0x1038 Processor - ok
15:14:46.0987 0x1038 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:14:47.0127 0x1038 ProfSvc - ok
15:14:47.0236 0x1038 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:14:47.0236 0x1038 ProtectedStorage - ok
15:14:47.0299 0x1038 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:14:47.0330 0x1038 Psched - ok
15:14:47.0377 0x1038 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:14:47.0423 0x1038 ql2300 - ok
15:14:47.0439 0x1038 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:14:47.0455 0x1038 ql40xx - ok
15:14:47.0470 0x1038 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:14:47.0486 0x1038 QWAVE - ok
15:14:47.0486 0x1038 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:14:47.0501 0x1038 QWAVEdrv - ok
15:14:47.0517 0x1038 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:14:47.0548 0x1038 RasAcd - ok
15:14:47.0564 0x1038 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:14:47.0579 0x1038 RasAgileVpn - ok
15:14:47.0595 0x1038 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:14:47.0626 0x1038 RasAuto - ok
15:14:47.0689 0x1038 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:14:47.0720 0x1038 Rasl2tp - ok
15:14:47.0751 0x1038 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:14:47.0798 0x1038 RasMan - ok
15:14:47.0798 0x1038 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:14:47.0829 0x1038 RasPppoe - ok
15:14:47.0845 0x1038 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:14:47.0876 0x1038 RasSstp - ok
15:14:47.0876 0x1038 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:14:47.0923 0x1038 rdbss - ok
15:14:47.0954 0x1038 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:14:48.0001 0x1038 rdpbus - ok
15:14:48.0032 0x1038 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:14:48.0063 0x1038 RDPCDD - ok
15:14:48.0110 0x1038 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:14:48.0125 0x1038 RDPENCDD - ok
15:14:48.0125 0x1038 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:14:48.0157 0x1038 RDPREFMP - ok
15:14:48.0203 0x1038 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:14:48.0235 0x1038 RDPWD - ok
15:14:48.0281 0x1038 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:14:48.0297 0x1038 rdyboost - ok
15:14:48.0328 0x1038 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:14:48.0359 0x1038 RemoteAccess - ok
15:14:48.0391 0x1038 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:14:48.0406 0x1038 RemoteRegistry - ok
15:14:48.0437 0x1038 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:14:48.0453 0x1038 RFCOMM - ok
15:14:48.0469 0x1038 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:14:48.0500 0x1038 RpcEptMapper - ok
15:14:48.0515 0x1038 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:14:48.0531 0x1038 RpcLocator - ok
15:14:48.0593 0x1038 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:14:48.0625 0x1038 RpcSs - ok
15:14:48.0625 0x1038 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:14:48.0687 0x1038 rspndr - ok
15:14:48.0749 0x1038 [ 130DD683DCC902F47A4AC35201D07E2F, A1E7082D93C170CF5855007B26F96E8F8183B15126D34A9DB16CBF190BD8EF53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:14:48.0781 0x1038 RTL8167 - ok
15:14:48.0796 0x1038 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] SamSs C:\Windows\system32\lsass.exe
15:14:48.0812 0x1038 SamSs - ok
15:14:48.0874 0x1038 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:14:48.0890 0x1038 sbp2port - ok
15:14:48.0905 0x1038 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:14:48.0921 0x1038 SCardSvr - ok
15:14:48.0983 0x1038 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:14:49.0030 0x1038 scfilter - ok
15:14:49.0093 0x1038 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
15:14:49.0139 0x1038 Schedule - ok
15:14:49.0202 0x1038 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:14:49.0217 0x1038 SCPolicySvc - ok
15:14:49.0233 0x1038 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:14:49.0264 0x1038 SDRSVC - ok
15:14:49.0280 0x1038 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:14:49.0311 0x1038 secdrv - ok
15:14:49.0373 0x1038 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
15:14:49.0389 0x1038 seclogon - ok
15:14:49.0405 0x1038 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:14:49.0451 0x1038 SENS - ok
15:14:49.0451 0x1038 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:14:49.0467 0x1038 SensrSvc - ok
15:14:49.0483 0x1038 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:14:49.0498 0x1038 Serenum - ok
15:14:49.0514 0x1038 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:14:49.0529 0x1038 Serial - ok
15:14:49.0576 0x1038 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:14:49.0592 0x1038 sermouse - ok
15:14:49.0654 0x1038 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:14:49.0670 0x1038 SessionEnv - ok
15:14:49.0732 0x1038 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:14:49.0732 0x1038 sffdisk - ok
15:14:49.0748 0x1038 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:14:49.0779 0x1038 sffp_mmc - ok
15:14:49.0779 0x1038 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:14:49.0795 0x1038 sffp_sd - ok
15:14:49.0826 0x1038 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:14:49.0841 0x1038 sfloppy - ok
15:14:49.0873 0x1038 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:14:49.0904 0x1038 SharedAccess - ok
15:14:49.0966 0x1038 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:14:49.0997 0x1038 ShellHWDetection - ok
15:14:50.0013 0x1038 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:14:50.0013 0x1038 SiSRaid2 - ok
15:14:50.0029 0x1038 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:14:50.0044 0x1038 SiSRaid4 - ok
15:14:50.0169 0x1038 [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:14:50.0185 0x1038 SkypeUpdate - ok
15:14:50.0200 0x1038 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:14:50.0231 0x1038 Smb - ok
15:14:50.0247 0x1038 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:14:50.0247 0x1038 SNMPTRAP - ok
15:14:50.0263 0x1038 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:14:50.0263 0x1038 spldr - ok
15:14:50.0278 0x1038 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
15:14:50.0325 0x1038 Spooler - ok
15:14:50.0450 0x1038 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:14:50.0575 0x1038 sppsvc - ok
15:14:50.0590 0x1038 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:14:50.0621 0x1038 sppuinotify - ok
15:14:50.0668 0x1038 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:14:50.0746 0x1038 srv - ok
15:14:50.0762 0x1038 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:14:50.0793 0x1038 srv2 - ok
15:14:50.0809 0x1038 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:14:50.0824 0x1038 srvnet - ok
15:14:50.0824 0x1038 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:14:50.0887 0x1038 SSDPSRV - ok
15:14:50.0918 0x1038 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:14:50.0933 0x1038 SstpSvc - ok
15:14:51.0074 0x1038 [ 4AD54C2E540F2364607A26F3585A509F, AB453222A1F9C906478AFA9460C4687F4D40B504C2F29E68F047D2D38A2BFBB8 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
15:14:51.0089 0x1038 Stereo Service - ok
15:14:51.0089 0x1038 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:14:51.0105 0x1038 stexstor - ok
15:14:51.0167 0x1038 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:14:51.0199 0x1038 stisvc - ok
15:14:51.0261 0x1038 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
15:14:51.0261 0x1038 swenum - ok
15:14:51.0292 0x1038 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:14:51.0323 0x1038 swprv - ok
15:14:51.0417 0x1038 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
15:14:51.0479 0x1038 SysMain - ok
15:14:51.0542 0x1038 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:14:51.0542 0x1038 TabletInputService - ok
15:14:51.0557 0x1038 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:14:51.0604 0x1038 TapiSrv - ok
15:14:51.0620 0x1038 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:14:51.0635 0x1038 TBS - ok
15:14:51.0745 0x1038 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:14:51.0791 0x1038 Tcpip - ok
15:14:51.0854 0x1038 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:14:51.0901 0x1038 TCPIP6 - ok
15:14:51.0963 0x1038 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:14:51.0979 0x1038 tcpipreg - ok
15:14:51.0994 0x1038 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:14:52.0010 0x1038 TDPIPE - ok
15:14:52.0057 0x1038 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:14:52.0072 0x1038 TDTCP - ok
15:14:52.0135 0x1038 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:14:52.0135 0x1038 tdx - ok
15:14:52.0150 0x1038 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
15:14:52.0150 0x1038 TermDD - ok
15:14:52.0213 0x1038 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:14:52.0259 0x1038 TermService - ok
15:14:52.0291 0x1038 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:14:52.0306 0x1038 Themes - ok
15:14:52.0322 0x1038 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:14:52.0337 0x1038 THREADORDER - ok
15:14:52.0353 0x1038 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:14:52.0384 0x1038 TrkWks - ok
15:14:52.0462 0x1038 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:14:52.0509 0x1038 TrustedInstaller - ok
15:14:52.0525 0x1038 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:14:52.0540 0x1038 tssecsrv - ok
15:14:52.0587 0x1038 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:14:52.0603 0x1038 TsUsbFlt - ok
15:14:52.0665 0x1038 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:14:52.0696 0x1038 tunnel - ok
15:14:52.0712 0x1038 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:14:52.0712 0x1038 uagp35 - ok
15:14:52.0743 0x1038 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:14:52.0790 0x1038 udfs - ok
15:14:52.0790 0x1038 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:14:52.0805 0x1038 UI0Detect - ok
15:14:52.0821 0x1038 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:14:52.0837 0x1038 uliagpkx - ok
15:14:52.0883 0x1038 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:14:52.0899 0x1038 umbus - ok
15:14:52.0899 0x1038 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:14:52.0915 0x1038 UmPass - ok
15:14:52.0930 0x1038 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:14:52.0977 0x1038 upnphost - ok
15:14:53.0008 0x1038 [ 35FEF2D9BE0276D6CAB3A47B9198ABAF, 3C0BCE624E1AE7BC18F5157F3FB5049F6DD1E29F55F368C240FF5DC18F69E1D2 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
15:14:53.0024 0x1038 USB28xxBGA - ok
15:14:53.0039 0x1038 [ 1378006A1CCDAC5B9E7CCB1EA677CC2D, A23BFCE40701EC71ACA4151898EA04820FF5E5275D0A34352725CFA66CB71515 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
15:14:53.0086 0x1038 USB28xxOEM - ok
15:14:53.0149 0x1038 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:14:53.0164 0x1038 usbccgp - ok
15:14:53.0195 0x1038 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:14:53.0211 0x1038 usbcir - ok
15:14:53.0211 0x1038 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:14:53.0227 0x1038 usbehci - ok
15:14:53.0258 0x1038 [ 76E2FFAD301490BA27B947C6507752FB, A4C6FC5C3BF428C624D0792873CB01C8F16F49B0E8B36422025A1094F0AAE231 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
15:14:53.0273 0x1038 usbfilter - ok
15:14:53.0289 0x1038 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:14:53.0305 0x1038 usbhub - ok
15:14:53.0320 0x1038 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:14:53.0336 0x1038 usbohci - ok
15:14:53.0336 0x1038 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:14:53.0351 0x1038 usbprint - ok
15:14:53.0351 0x1038 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:14:53.0398 0x1038 usbscan - ok
15:14:53.0414 0x1038 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:14:53.0445 0x1038 USBSTOR - ok
15:14:53.0445 0x1038 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:14:53.0461 0x1038 usbuhci - ok
15:14:53.0476 0x1038 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:14:53.0492 0x1038 UxSms - ok
15:14:53.0507 0x1038 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] VaultSvc C:\Windows\system32\lsass.exe
15:14:53.0507 0x1038 VaultSvc - ok
15:14:53.0554 0x1038 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:14:53.0570 0x1038 vdrvroot - ok
15:14:53.0632 0x1038 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:14:53.0679 0x1038 vds - ok
15:14:53.0695 0x1038 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:14:53.0710 0x1038 vga - ok
15:14:53.0726 0x1038 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:14:53.0773 0x1038 VgaSave - ok
15:14:53.0804 0x1038 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:14:53.0819 0x1038 vhdmp - ok
15:14:53.0819 0x1038 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:14:53.0835 0x1038 viaide - ok
15:14:53.0897 0x1038 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:14:53.0897 0x1038 volmgr - ok
15:14:53.0944 0x1038 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:14:53.0960 0x1038 volmgrx - ok
15:14:53.0975 0x1038 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:14:53.0991 0x1038 volsnap - ok
15:14:54.0007 0x1038 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:14:54.0022 0x1038 vsmraid - ok
15:14:54.0100 0x1038 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:14:54.0194 0x1038 VSS - ok
15:14:54.0334 0x1038 [ 558B8E6F99E198519FD87F1575F7D92D, B176F51B72D9BCD6472A710D4E0B78A7A7D1C3CAEC12725289C1EBA54E35083D ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
15:14:54.0350 0x1038 VSStandardCollectorService140 - ok
15:14:54.0365 0x1038 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:14:54.0381 0x1038 vwifibus - ok
15:14:54.0397 0x1038 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:14:54.0443 0x1038 vwififlt - ok
15:14:54.0475 0x1038 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:14:54.0506 0x1038 W32Time - ok
15:14:54.0521 0x1038 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:14:54.0553 0x1038 WacomPen - ok
15:14:54.0584 0x1038 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:14:54.0615 0x1038 WANARP - ok
15:14:54.0615 0x1038 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:14:54.0646 0x1038 Wanarpv6 - ok
15:14:54.0709 0x1038 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:14:54.0755 0x1038 wbengine - ok
15:14:54.0787 0x1038 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:14:54.0802 0x1038 WbioSrvc - ok
15:14:54.0865 0x1038 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:14:54.0896 0x1038 wcncsvc - ok
15:14:54.0896 0x1038 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:14:54.0911 0x1038 WcsPlugInService - ok
15:14:54.0927 0x1038 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:14:54.0927 0x1038 Wd - ok
15:14:55.0005 0x1038 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:14:55.0036 0x1038 Wdf01000 - ok
15:14:55.0052 0x1038 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:14:55.0083 0x1038 WdiServiceHost - ok
15:14:55.0099 0x1038 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:14:55.0114 0x1038 WdiSystemHost - ok
15:14:55.0177 0x1038 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
15:14:55.0192 0x1038 WebClient - ok
15:14:55.0208 0x1038 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:14:55.0255 0x1038 Wecsvc - ok
15:14:55.0270 0x1038 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:14:55.0317 0x1038 wercplsupport - ok
15:14:55.0333 0x1038 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:14:55.0364 0x1038 WerSvc - ok
15:14:55.0364 0x1038 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:14:55.0379 0x1038 WfpLwf - ok
15:14:55.0395 0x1038 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:14:55.0411 0x1038 WIMMount - ok
15:14:55.0442 0x1038 WinDefend - ok
15:14:55.0457 0x1038 WinHttpAutoProxySvc - ok
15:14:55.0489 0x1038 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:14:55.0551 0x1038 Winmgmt - ok
15:14:55.0629 0x1038 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
15:14:55.0707 0x1038 WinRM - ok
15:14:55.0785 0x1038 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:14:55.0801 0x1038 WinUsb - ok
15:14:55.0832 0x1038 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:14:55.0863 0x1038 Wlansvc - ok
15:14:55.0925 0x1038 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:14:55.0925 0x1038 WmiAcpi - ok
15:14:55.0941 0x1038 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:14:55.0957 0x1038 wmiApSrv - ok
15:14:55.0957 0x1038 WMPNetworkSvc - ok
15:14:55.0972 0x1038 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:14:55.0988 0x1038 WPCSvc - ok
15:14:56.0066 0x1038 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:14:56.0081 0x1038 WPDBusEnum - ok
15:14:56.0081 0x1038 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:14:56.0113 0x1038 ws2ifsl - ok
15:14:56.0128 0x1038 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:14:56.0128 0x1038 wscsvc - ok
15:14:56.0144 0x1038 WSearch - ok
15:14:56.0237 0x1038 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
15:14:56.0331 0x1038 wuauserv - ok
15:14:56.0378 0x1038 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:14:56.0409 0x1038 WudfPf - ok
15:14:56.0425 0x1038 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:14:56.0456 0x1038 WUDFRd - ok
15:14:56.0471 0x1038 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:14:56.0503 0x1038 wudfsvc - ok
15:14:56.0518 0x1038 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:14:56.0565 0x1038 WwanSvc - ok
15:14:56.0565 0x1038 ================ Scan global ===============================
15:14:56.0612 0x1038 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:14:56.0674 0x1038 [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
15:14:56.0690 0x1038 [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
15:14:56.0690 0x1038 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:14:56.0752 0x1038 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:14:56.0768 0x1038 [ Global ] - ok
15:14:56.0768 0x1038 ================ Scan MBR ==================================
15:14:56.0799 0x1038 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:14:57.0017 0x1038 \Device\Harddisk0\DR0 - ok
15:14:57.0017 0x1038 ================ Scan VBR ==================================
15:14:57.0017 0x1038 [ 5C10A4E2372B4DB01EA75A876ABD598B ] \Device\Harddisk0\DR0\Partition1
15:14:57.0017 0x1038 \Device\Harddisk0\DR0\Partition1 - ok
15:14:57.0017 0x1038 [ 85CC98D8A95CB8526194B3D0F9C2D5C4 ] \Device\Harddisk0\DR0\Partition2
15:14:57.0017 0x1038 \Device\Harddisk0\DR0\Partition2 - ok
15:14:57.0017 0x1038 ================ Scan generic autorun ======================
15:14:57.0220 0x1038 [ 61389338DF2FE34B240F70B757A7EA27, A8BE0557A3B8BEB706418F27D9C8C4730E1869DC7DF4FDE82BCDF6355628109E ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
15:14:57.0345 0x1038 RTHDVCPL - ok
15:14:57.0532 0x1038 [ BE586B5D1D73E1F07ED5AADDEFBCAA47, 68D957EBE01DD369BF4E2D5D07A7EDF9408066E61056A1C4968DBF8CE5841BBE ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:14:57.0579 0x1038 NvBackend - ok
15:14:57.0626 0x1038 [ 5B4BBAC9467B8DB6BC4A404CF1867FE0, 6CDF6291CE36A94ED50ECAF2F050302619D2FD4915961E968B7E97EC339AE3F0 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:14:57.0657 0x1038 StartCCC - ok
15:14:57.0751 0x1038 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:14:57.0813 0x1038 Sidebar - ok
15:14:57.0829 0x1038 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:14:57.0844 0x1038 mctadmin - ok
15:14:57.0860 0x1038 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:14:57.0891 0x1038 Sidebar - ok
15:14:57.0891 0x1038 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:14:57.0907 0x1038 mctadmin - ok
15:14:57.0985 0x1038 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
15:14:58.0031 0x1038 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
15:14:58.0187 0x1038 Detect skipped due to KSN trusted
15:14:58.0187 0x1038 SpybotPostWindows10UpgradeReInstall - ok
15:14:58.0281 0x1038 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:14:58.0297 0x1038 Dropbox Update - ok
15:14:58.0297 0x1038 Waiting for KSN requests completion. In queue: 72
15:14:59.0311 0x1038 Win FW state via NFP2: enabled ( trusted )
15:14:59.0451 0x1038 ============================================================
15:14:59.0451 0x1038 Scan finished
15:14:59.0451 0x1038 ============================================================
15:14:59.0451 0x00c8 Detected object count: 0
15:14:59.0451 0x00c8 Actual detected object count: 0
|
|
15.11.2016, 15:19
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2016, 15:41
| #25 |
| | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk adwCleaner-Log: Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 15/11/2016 um 15:27:03
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-15.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : X - X-PC
# Gestartet von : C:\Users\X\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\X\AppData\Local\28050
[-] Ordner gelöscht: C:\Users\X\AppData\Roaming\Enigma Software Group
[-] Ordner gelöscht: C:\Users\X\AppData\Roaming\wyupdate au
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Daten wiederhergestellt: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2581 Bytes] - [15/11/2016 15:27:03]
C:\AdwCleaner\AdwCleaner[S0].txt - [3600 Bytes] - [15/11/2016 15:24:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [3673 Bytes] - [15/11/2016 15:26:23]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2800 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64
Ran by X (Administrator) on 15.11.2016 at 15:35:44,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 28
Successfully deleted: C:\Users\X\AppData\Local\{596BF95C-F6AB-4A52-9904-31E23C9C55C2} (Empty Folder)
Successfully deleted: C:\Users\X\AppData\Local\{63830BE7-563E-4DAA-AAFA-5D69AE8FD4D3} (Empty Folder)
Successfully deleted: C:\Users\X\AppData\Local\{B25E8372-90D6-45CC-9AC4-FE93F08CCB56} (Empty Folder)
Successfully deleted: C:\Users\X\AppData\Local\{DC70E5B4-D4F0-4B07-AE0D-8DAEA2415AA4} (Empty Folder)
Successfully deleted: C:\Users\X\AppData\Local\{FA9A96F7-8437-430C-8B93-048708232B97} (Empty Folder)
Successfully deleted: C:\Users\X\AppData\Local\{FF30A6F3-F836-4D82-A510-3A27DB05C360} (Empty Folder)
Successfully deleted: C:\Users\X\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\X\AppData\Roaming\3909 (Folder)
Successfully deleted: C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\searchplugins\google-search.xml (File)
Successfully deleted: C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\user.js (File)
Successfully deleted: C:\Users\X\AppData\Roaming\system (Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\X\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0I8PMVG4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\X\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\X\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\X\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DWHFW3N (Temporary Internet Files Folder)
Successfully deleted: C:\Users\X\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90GKOKP2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\X\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6352U1H (Temporary Internet Files Folder)
Successfully deleted: C:\Users\X\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\X\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0I8PMVG4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DWHFW3N (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90GKOKP2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6352U1H (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.11.2016 at 15:37:50,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
15.11.2016, 16:07
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Anleitung zum adwCleaner bitte richtig lesen. Es waren nicht alle optionen angehakt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2016, 16:26
| #27 | |
| | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.ukZitat:
Hier das aktuellste Log von AdwCleaner: Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 15/11/2016 um 16:23:17
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-15.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : X - X-PC
# Gestartet von : C:\Users\X\Desktop\AdwCleaner_6.030.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2870 Bytes] - [15/11/2016 15:27:03]
C:\AdwCleaner\AdwCleaner[S0].txt - [3600 Bytes] - [15/11/2016 15:24:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [3673 Bytes] - [15/11/2016 15:26:23]
C:\AdwCleaner\AdwCleaner[S2].txt - [1585 Bytes] - [15/11/2016 15:33:40]
C:\AdwCleaner\AdwCleaner[S3].txt - [1506 Bytes] - [15/11/2016 16:23:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1579 Bytes] ##########
|
|
15.11.2016, 16:40
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2016, 16:49
| #29 |
| | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk Hier ist das FRST.Log: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
durchgeführt von X (Administrator) auf X-PC (15-11-2016 16:42:54)
Gestartet von C:\Users\X\Desktop
Geladene Profile: X (Verfügbare Profile: X)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.bin
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Run: [Dropbox Update] => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-19] (Dropbox, Inc.)
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\MountPoints2: {f6631e24-558c-11e6-b4ac-d8cb8a731465} - E:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-03-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-06-04]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\X\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk [2010-12-30]
ShortcutTarget: OpenOffice.org 2.0.lnk -> C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{094D41E0-F3C1-4A18-84B8-F8606D692EE3}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1332CAA2-6C1E-42E5-80D3-405D8A72D810}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Kein Name -> {0347C33E-8762-4905-BF09-768834316C61} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Kein Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> Keine Datei
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default [2016-11-15]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\8fwb6c52.default -> Search
FF Keyword.URL: Mozilla\Firefox\Profiles\8fwb6c52.default -> hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=1STLI09F&q=
FF NetworkProxy: Mozilla\Firefox\Profiles\8fwb6c52.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\8fwb6c52.default -> type", 0
FF Extension: (Firebug) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-11]
FF Extension: (FoxyProxy Standard) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\foxyproxy@eric.h.jung [2016-09-01]
FF Extension: (RefControl) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.xpi [2016-04-27]
FF Extension: (Live HTTP headers) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2016-04-27]
FF Extension: (Tamper Data) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2016-04-27]
FF Extension: (Web Developer) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-08-19]
FF Extension: (Adblock Plus) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF Extension: (DownThemAll!) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (User Agent Switcher) - C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\8fwb6c52.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-04-27]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-10-20] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-10-20] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-10-20] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-10-20] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-06-11] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3145422843-1996295090-1453084995-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\X\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\nppdf32.dll [2013-09-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin2.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin3.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin4.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npqtplugin5.dll [2013-05-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npstrlnk.dll [2010-07-20] ( )
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 GalaxyClientService; C:\Program Files\GalaxyClient\GalaxyClientService.exe [284224 2016-10-28] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6581824 2016-10-28] (GOG.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Users\X\AppData\Local\Temp\7zS23FF\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe [146888 2016-03-19] (Mozilla Foundation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2130440 2016-09-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2195984 2016-09-12] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-15 16:42 - 2016-11-15 16:43 - 00015671 _____ C:\Users\X\Desktop\FRST.txt
2016-11-15 15:37 - 2016-11-15 15:37 - 00004644 _____ C:\Users\X\Desktop\JRT.txt
2016-11-15 15:35 - 2016-11-15 15:35 - 01631928 _____ (Malwarebytes) C:\Users\X\Desktop\JRT.exe
2016-11-15 15:23 - 2016-11-15 16:23 - 00000000 ____D C:\AdwCleaner
2016-11-15 15:20 - 2016-11-15 15:21 - 03910208 _____ C:\Users\X\Desktop\AdwCleaner_6.030.exe
2016-11-15 15:18 - 2016-11-15 15:18 - 00096988 _____ C:\Users\X\Desktop\Neues Textdokument.txt
2016-11-15 15:13 - 2016-11-15 15:18 - 00194106 _____ C:\TDSSKiller.3.1.0.12_15.11.2016_15.13.41_log.txt
2016-11-15 14:54 - 2016-11-15 14:54 - 04747704 _____ (AO Kaspersky Lab) C:\Users\X\Desktop\tdsskiller.exe
2016-11-14 19:27 - 2016-11-14 19:27 - 00000000 ____D C:\Users\X\AppData\LocalLow\Prologue Games
2016-11-14 14:14 - 2016-11-14 14:16 - 69796004 _____ C:\Users\X\Downloads\WayOfTheWickedBook7TalesOfTalingardePFRPGPDF.zip
2016-11-14 14:12 - 2016-11-14 14:13 - 57222280 _____ C:\Users\X\Downloads\WayOfTheWickedBook6TheWagesOfSinPFRPGPDF.zip
2016-11-14 14:09 - 2016-11-14 14:10 - 42997798 _____ C:\Users\X\Downloads\WayOfTheWickedBook5TheDevilMyOnlyMasterPFRPGPDF.zip
2016-11-14 14:08 - 2016-11-14 14:08 - 48175625 _____ C:\Users\X\Downloads\WayOfTheWickedBook4OfDragonsAndPrincessesPFRPGPDF.zip
2016-11-14 14:06 - 2016-11-14 14:07 - 38282616 _____ C:\Users\X\Downloads\WayOfTheWickedBook3TearsOfTheBlessedPFRPGPDF.zip
2016-11-12 16:32 - 2016-11-12 16:32 - 00001235 _____ C:\mbam-log-2016-11-12 (16.32).txt
2016-11-12 15:45 - 2016-11-15 12:52 - 00081266 _____ C:\Users\X\Downloads\Addition.txt
2016-11-12 15:43 - 2016-11-15 16:42 - 00000000 ____D C:\FRST
2016-11-12 15:43 - 2016-11-15 12:49 - 00032741 _____ C:\Users\X\Downloads\FRST.txt
2016-11-12 15:43 - 2016-11-12 15:43 - 02411520 _____ (Farbar) C:\Users\X\Desktop\FRST64.exe
2016-11-11 18:42 - 2016-11-15 15:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-11 18:33 - 2016-11-15 15:10 - 00000000 ____D C:\Users\X\Desktop\mbar
2016-11-11 18:13 - 2016-11-11 18:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\X\Downloads\mbar-1.09.3.1001.exe
2016-11-10 19:40 - 2016-11-10 19:40 - 00000000 ____D C:\Users\X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 18:00 - 2016-11-10 18:00 - 00007561 _____ C:\Users\X\.recently-used.xbel
2016-11-09 19:32 - 2016-11-09 19:32 - 00332768 _____ C:\Users\X\Downloads\Werewolf the Forsaken Merits.pdf
2016-11-09 16:26 - 2016-11-09 16:47 - 00012023 _____ C:\Users\X\Documents\Etikett 2.odt
2016-11-07 12:29 - 2016-11-07 12:29 - 00680619 _____ C:\Users\X\Documents\KfB Einladung X 15.11.16.pdf
2016-11-05 20:33 - 2016-11-05 20:33 - 00055177 _____ C:\Users\X\Downloads\Randommagicitems-3rd.pdf
2016-11-05 18:36 - 2016-11-05 18:40 - 00013982 _____ C:\Users\X\Documents\Etikett.odt
2016-11-01 11:48 - 2016-11-01 11:48 - 00061992 _____ C:\Users\X\Downloads\Konto_75106278-Auszug_2016_010.PDF
2016-11-01 11:47 - 2016-11-01 11:48 - 00059223 _____ C:\Users\X\Downloads\Konto_75106765-Auszug_2016_010.PDF
2016-11-01 11:47 - 2016-11-01 11:47 - 00064963 _____ C:\Users\X\Downloads\Konto_74102302-Auszug_2016_010.PDF
2016-11-01 11:42 - 2016-11-01 11:42 - 02228626 _____ C:\Users\X\Documents\Amtsgericht HX 2016.pdf
2016-10-31 12:17 - 2016-10-31 12:17 - 00105878 _____ C:\Users\X\Documents\Absage Expertum.pdf
2016-10-29 18:15 - 2016-10-29 18:15 - 00000222 _____ C:\Users\X\Desktop\The Age of Decadence.url
2016-10-28 17:27 - 2016-10-28 17:39 - 00008931 _____ C:\Users\X\Documents\Echogeld.ods
2016-10-26 11:52 - 2016-10-26 11:59 - 00012670 _____ C:\Users\X\Documents\Außergewöhnliche Belastungen X 2016.ods
2016-10-23 13:43 - 2016-11-04 13:31 - 00011529 _____ C:\Users\X\Documents\Bewerbungstagebuch X X.ods
2016-10-21 18:43 - 2016-10-21 22:29 - 00276146 _____ C:\Users\X\Downloads\Biohazard.chum
2016-10-20 22:53 - 2016-10-21 15:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-20 16:06 - 2016-10-20 16:52 - 00016294 _____ C:\Users\X\Documents\Fahrten 2015 HX.ods
2016-10-20 10:18 - 2016-10-20 10:18 - 01138551 _____ C:\Users\X\Documents\X X Anmeldung Martinsmarkt.pdf
2016-10-19 11:29 - 2016-10-19 11:44 - 00013543 _____ C:\Users\X\Documents\X Haus der Seelen.odt
2016-10-18 17:50 - 2016-10-18 17:50 - 00123297 _____ C:\Users\X\Documents\Biohazard SR 4.pdf
2016-10-18 17:07 - 2016-10-21 11:48 - 00272618 _____ C:\Users\X\Downloads\Entwurf 4.chum
2016-10-18 16:39 - 2016-10-18 17:07 - 00256890 _____ C:\Users\X\Downloads\Entwurf 3.chum
2016-10-18 11:31 - 2016-10-18 11:31 - 00089859 _____ C:\Users\X\Downloads\17379917_Kontoauszug_20161006.pdf
2016-10-18 11:30 - 2016-11-15 14:53 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-18 11:29 - 2016-11-15 14:51 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-18 11:29 - 2016-10-18 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-10-18 11:29 - 2016-10-18 11:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-18 11:29 - 2016-10-18 11:29 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-10-18 11:29 - 2016-03-18 15:04 - 22851472 _____ (Malwarebytes ) C:\Users\X\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-18 11:29 - 2016-03-10 13:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-18 11:29 - 2016-03-10 13:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-18 10:46 - 2016-10-18 10:46 - 00118521 _____ C:\Users\X\Documents\Biohazard.pdf
2016-10-18 10:43 - 2016-10-18 10:43 - 00243082 _____ C:\Users\X\Downloads\Entwurf 2.chum
2016-10-16 14:39 - 2016-10-16 14:41 - 37021101 _____ C:\Users\X\Downloads\PathfinderAdventurePath56RaidersOfTheFeverSeaSkullShackles2Of6PFRPGPDF-SingleFile.zip
2016-10-16 14:37 - 2016-10-16 14:38 - 39657194 _____ C:\Users\X\Downloads\WayOfTheWickedBook2CallForthDarknessPFRPGPDF.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-15 16:37 - 2016-03-19 11:19 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000UA.job
2016-11-15 15:36 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-15 15:36 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-15 15:35 - 2009-07-14 18:58 - 00710030 _____ C:\Windows\system32\perfh007.dat
2016-11-15 15:35 - 2009-07-14 18:58 - 00154466 _____ C:\Windows\system32\perfc007.dat
2016-11-15 15:35 - 2009-07-14 06:13 - 01650140 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-15 15:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-15 15:28 - 2014-12-15 18:57 - 00000000 ___RD C:\Users\X\Dropbox
2016-11-15 15:28 - 2010-12-30 00:04 - 00000000 ____D C:\Users\X\AppData\Roaming\OpenOffice.org2
2016-11-15 15:28 - 2010-12-17 19:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-15 15:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-15 14:50 - 2016-03-11 18:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-15 14:50 - 2009-07-14 05:45 - 00297696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-15 12:36 - 2013-12-12 13:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-15 12:36 - 2012-10-09 11:55 - 00000000 ____D C:\Program Files (x86)\Avira
2016-11-15 12:36 - 2011-01-03 14:13 - 00000000 ____D C:\ProgramData\Avira
2016-11-15 12:33 - 2012-10-09 12:01 - 00000000 ____D C:\Users\X\AppData\Roaming\Avira
2016-11-15 02:43 - 2010-12-18 18:12 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-14 14:20 - 2016-09-19 11:30 - 00000000 ____D C:\Users\X\Documents\Way Of The Wicked
2016-11-14 13:42 - 2015-02-23 11:29 - 00000000 ____D C:\Users\X\Documents\Echo
2016-11-10 22:34 - 2015-02-19 12:46 - 00000000 ____D C:\Users\X\AppData\Roaming\TS3Client
2016-11-10 19:40 - 2013-10-02 13:31 - 00000000 ____D C:\Users\X\AppData\Roaming\Dropbox
2016-11-10 18:02 - 2015-03-26 19:23 - 00000000 ____D C:\Users\X\AppData\LocalLow\Obsidian Entertainment
2016-11-10 18:00 - 2016-03-10 19:14 - 00000000 ____D C:\Users\X
2016-11-10 18:00 - 2010-12-20 23:09 - 00000000 ____D C:\Users\X\AppData\Roaming\gtk-2.0
2016-11-10 18:00 - 2010-12-20 23:07 - 00000000 ____D C:\Users\X\.gimp-2.6
2016-11-10 17:30 - 2012-05-12 23:01 - 00051211 _____ C:\Users\X\Desktop\schnelle notizen.txt
2016-11-10 11:37 - 2016-03-19 11:19 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000Core.job
2016-11-10 11:32 - 2016-03-19 11:19 - 00004206 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000UA
2016-11-10 11:32 - 2016-03-19 11:19 - 00003810 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000Core
2016-11-10 11:27 - 2016-03-12 23:01 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-10 11:27 - 2016-03-12 23:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-10 11:27 - 2016-03-12 23:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-10 11:27 - 2016-03-12 23:01 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-10 11:27 - 2014-08-15 09:49 - 00000000 ____D C:\Users\X\AppData\Local\Adobe
2016-11-09 11:11 - 2016-03-11 18:30 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 17:25 - 2011-02-02 20:28 - 00000000 ____D C:\Users\X\AppData\Roaming\Skype
2016-11-08 02:49 - 2015-02-23 11:30 - 00000000 ____D C:\Users\X\Documents\wtf campaign
2016-11-05 22:58 - 2016-03-11 18:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 22:57 - 2016-07-22 14:00 - 00000000 ____D C:\Users\X\Documents\War of the Burning Sky
2016-11-03 19:09 - 2016-03-11 19:05 - 00000000 ____D C:\Users\X\AppData\Local\CrashDumps
2016-11-01 22:18 - 2012-05-18 22:53 - 00000128 _____ C:\Users\X\Downloads\verkleinerer.set
2016-10-30 16:20 - 2011-04-21 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-10-30 16:20 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-28 13:57 - 2016-06-03 21:09 - 00000000 ____D C:\Program Files\GalaxyClient
2016-10-24 12:13 - 2016-08-15 19:14 - 00000000 ____D C:\Program Files\Cloud Imperium Games
2016-10-22 14:10 - 2016-04-13 22:27 - 00000000 ____D C:\Users\X\Documents\ShareX
2016-10-19 09:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\TAPI
2016-10-18 17:50 - 2016-10-15 18:37 - 00000000 ____D C:\Users\X\Downloads\Chummer4
2016-10-18 17:31 - 2016-10-15 12:20 - 00012374 _____ C:\Users\X\Documents\Fahrten X2015.ods
2016-10-18 16:48 - 2016-10-15 21:01 - 00241254 _____ C:\Users\X\Documents\Entwurf 1.chum
2016-10-16 16:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-10-16 14:42 - 2016-09-19 11:30 - 00000000 ____D C:\Users\X\Documents\Skull and Shackles
2016-10-16 13:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-16 13:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-16 01:28 - 2016-05-29 12:13 - 00000000 ____D C:\Windows\system32\MRT
2016-10-16 01:23 - 2016-05-29 12:13 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-16 01:22 - 2016-06-06 19:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-16 01:22 - 2012-05-15 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-16 01:22 - 2012-05-15 20:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-04-24 17:32 - 2013-04-24 18:25 - 0000096 _____ () C:\Users\X\AppData\Roaming\Camdata.ini
2013-04-24 17:32 - 2013-04-24 18:25 - 0000408 _____ () C:\Users\X\AppData\Roaming\CamLayout.ini
2013-04-24 17:32 - 2013-04-24 18:25 - 0000408 _____ () C:\Users\X\AppData\Roaming\CamShapes.ini
2013-04-24 17:32 - 2013-04-24 18:25 - 0004509 _____ () C:\Users\X\AppData\Roaming\CamStudio.cfg
2013-04-24 17:56 - 2013-04-24 17:56 - 0000098 _____ () C:\Users\X\AppData\Roaming\CamStudio.Producer.command
2013-04-24 18:04 - 2013-04-24 18:04 - 0000000 _____ () C:\Users\X\AppData\Roaming\CamStudio.Producer.Data.ini
2013-04-24 18:04 - 2013-04-24 18:04 - 0001207 _____ () C:\Users\X\AppData\Roaming\CamStudio.Producer.ini
2011-10-18 18:58 - 2011-10-18 19:39 - 0000002 _____ () C:\Users\X\AppData\Roaming\ceville_console_history.txt
2012-02-19 19:29 - 2012-02-19 19:30 - 0000222 _____ () C:\Users\X\AppData\Roaming\glide_wrapper.zbag.ini
2011-12-24 12:55 - 2011-12-24 12:55 - 0003584 _____ () C:\Users\X\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-19 19:57 - 2013-02-19 19:57 - 0000199 _____ () C:\ProgramData\2ea457cf9e11cd63eb1efd8d7ce4d13ee2b26134
2011-02-02 20:30 - 2011-02-02 20:30 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-12-18 15:28 - 2016-03-18 17:27 - 0009081 _____ () C:\ProgramData\hpzinstall.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\X\ntuser (1).dat
C:\Users\Nehrim\NehrimLauncher.exe
Einige Dateien in TEMP:
====================
C:\Users\X\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-04 00:45
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von X (15-11-2016 16:43:25)
Gestartet von C:\Users\X\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-03-10 18:14:28)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3145422843-1996295090-1453084995-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3145422843-1996295090-1453084995-1003 - Limited - Enabled)
X (S-1-5-21-3145422843-1996295090-1453084995-1000 - Administrator - Enabled) => C:\Users\X
Gast (S-1-5-21-3145422843-1996295090-1453084995-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
911 Operator (HKLM\...\Steam App 503560) (Version: - Jutsu Games)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Ahnayro: The Dream World (HKLM\...\Steam App 449730) (Version: - Alice & Smith)
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
American McGee's Grimm - Season 2 (HKLM-x32\...\1207663013_is1) (Version: 2.2.0.7 - GOG.com)
American McGee's Grimm - Season 3 (HKLM-x32\...\1207663023_is1) (Version: 2.2.0.7 - GOG.com)
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Batman - The Telltale Series (HKLM\...\Steam App 498240) (Version: - Telltale Games)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
BOSS (HKLM\...\BOSS) (Version: 2.3.2 - BOSS Development Team)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Darksiders II: Deathinitive Edition (HKLM\...\Steam App 388410) (Version: - Gunfire Games)
DJ_AIO_03_F4200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Dragon Age™ II (HKLM-x32\...\{4D565319-8B91-41CB-961C-0DDC86101AC5}) (Version: 1.04.8524.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
DRAGON BALL XENOVERSE (HKLM\...\Steam App 323470) (Version: - DIMPS)
Dropbox (HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
F4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Ghost Master (HKLM-x32\...\1207658687_is1) (Version: 2.1.0.4 - GOG.com)
Gothic 3 (HKLM-x32\...\1207658986_is1) (Version: 2.1.0.17 - GOG.com)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grabby Driver Installation (64 Bit) (HKLM-x32\...\{90CA4931-4A1F-4D30-A60B-C2BBFD53D30F}) (Version: 5.09.1202.00 - TERRATEC Electronic GmbH)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Headlander (HKLM\...\Steam App 340000) (Version: - Double Fine Productions)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
King's Quest (HKLM\...\Steam App 345390) (Version: - The Odd Gentlemen)
Knee Deep (HKLM\...\Steam App 371300) (Version: - Prologue Games)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{30146B19-5822-4F46-BD61-6D1927DB75C6}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video easy TerraTec Edition (HKLM-x32\...\MX.{7FEE208C-09FB-4B37-B6EC-A589471C03DE}) (Version: 5.0.3.111 - MAGIX Software GmbH)
MAGIX Video easy TerraTec Edition (Version: 5.0.3.111 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel: Ultimate Alliance (HKLM\...\Steam App 433300) (Version: - Zoë Mode)
Marvel: Ultimate Alliance 2 (HKLM\...\Steam App 433320) (Version: - Zoë Mode)
Master Reboot (HKLM\...\Steam App 251850) (Version: - Wales Interactive)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{D68E6605-F852-4936-AB64-04B80E0C85AD}) (Version: 2.2.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Neverwinter Nights Diamond Edition (HKLM-x32\...\1207658890_is1) (Version: 2.1.0.20 - GOG.com)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
Party Hard (HKLM\...\Steam App 356570) (Version: - Pinokl Games)
PCGen60600 (HKLM-x32\...\PCGen60600) (Version: - )
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Police Quest Collection (HKLM\...\Steam App 494740) (Version: - Sierra)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Quadrilateral Cowboy (HKLM\...\Steam App 240440) (Version: - Blendo Games)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25126 - Microsoft Corporation) Hidden
Sam and Max - Season Two - Sam and Max Episode 201 - Ice Station Santa (HKLM-x32\...\Episode 201 - Ice Station Santa) (Version: 1.0.0.1 - Telltale Games)
Sam and Max - Season Two - Sam and Max Episode 202 - Moai Better Blues (HKLM-x32\...\Episode 202 - Moai Better Blues) (Version: 1.0.0.7 - Telltale Games)
Sam and Max - Season Two - Sam and Max Episode 203 - Night of the Raving Dead (HKLM-x32\...\Episode 203 - Night of the Raving Dead) (Version: 1.0.3.9 - Telltale Games)
Sam and Max - Season Two - Sam and Max Episode 204 - Chariots of the Dogs (HKLM-x32\...\Episode 204 - Chariots of the Dogs) (Version: 1.0.1.9 - Telltale Games)
Sam and Max - Season Two - Sam and Max Episode 205 - What's New, Beelzebub? (HKLM-x32\...\Episode 205 - What's New, Beelzebub?) (Version: 1.0.0.9 - Telltale Games)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Sid Meier's Alpha Centauri Planetary Pack (HKLM-x32\...\1207658936_is1) (Version: 2.1.0.24 - GOG.com)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version: - The SKSE Team)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Soul Axiom (HKLM\...\Steam App 279900) (Version: - Wales Interactive)
Space Pilgrim Episode I: Alpha Centauri (HKLM\...\Steam App 429470) (Version: - Pilgrim Adventures)
Space Pilgrim Episode II: Epsilon Indi (HKLM\...\Steam App 431710) (Version: - Pilgrim Adventures)
Space Pilgrim Episode III: Delta Pavonis (HKLM\...\Steam App 439250) (Version: - Pilgrim Adventures)
Space Pilgrim Episode IV: Sol (HKLM\...\Steam App 446640) (Version: - Pilgrim Adventures)
Space Quest Collection (HKLM\...\Steam App 10110) (Version: - Sierra)
Star Citizen Launcher (HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Trek™ - 25th Anniversary (HKLM-x32\...\1427108887_is1) (Version: 2.0.0.5 - GOG.com)
Star Trek™ - Judgment Rites Limited Collector's Edition (HKLM-x32\...\1429089605_is1) (Version: 2.0.0.6 - GOG.com)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Banner Saga 2 (HKLM\...\Steam App 281640) (Version: - Stoic)
The Black Watchmen (HKLM\...\Steam App 349220) (Version: - Alice & Smith)
The Deed: Dynasty (HKLM\...\Steam App 460960) (Version: - Pilgrim Adventures)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Novelist (HKLM\...\Steam App 245150) (Version: - Orthogonal Games)
the static speaks my name (HKLM\...\Steam App 387860) (Version: - Jesse Barksdale)
TimeShift (HKLM\...\Steam App 10130) (Version: - Saber Interactive)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.30.0 - Microsoft Corporation) Hidden
Tyranny (HKLM\...\Steam App 362960) (Version: - Obsidian Entertainment)
Unity (HKLM-x32\...\Unity) (Version: 5.3.4f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\UnityWebPlayer) (Version: 5.3.4f1 - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 22.0 - Ubisoft)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows-Treiberpaket - TERRATEC (USB28xxBGA) Media (03/16/2010 5.09.1202.00) (HKLM\...\22B1739EAEA711117281C678C9005F17A0D9D420) (Version: 03/16/2010 5.09.1202.00 - TERRATEC )
Windows-Treiberpaket - TERRATEC (emAudio) Media (03/16/2010 5.09.1202.00) (HKLM\...\0812DA72EAD4FBFA883430ED6EC04AC1F88DBBAD) (Version: 03/16/2010 5.09.1202.00 - TERRATEC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\X\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02E1A326-8414-43CC-A21F-390B79ED8A3D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {28E49C93-ED3A-4829-B62E-B941A78E3317} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000Core => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-03-19] (Dropbox, Inc.)
Task: {3AB5A4B3-CDF6-45D5-99E9-BC7AEE0BD664} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000UA => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-03-19] (Dropbox, Inc.)
Task: {6F2AECF7-B118-4787-86CE-75BA5035D4FC} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-03-22] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000Core.job => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3145422843-1996295090-1453084995-1000UA.job => C:\Users\X\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-05-04 15:41 - 2012-05-04 15:41 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2011-11-13 14:30 - 2011-11-13 14:30 - 00676864 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2011-11-13 14:31 - 2011-11-13 14:31 - 03643392 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-05-04 15:41 - 2012-05-04 15:41 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-03-11 18:43 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-29 13:30 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-11 18:43 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-11 18:43 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-29 13:30 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-03-29 13:30 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-03-29 13:30 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-11 18:43 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-03-29 13:30 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-03-29 13:30 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2012-11-18 22:21 - 2016-09-16 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2006-08-11 12:49 - 2006-08-11 12:49 - 00828416 _____ () C:\Program Files (x86)\OpenOffice.org 2.0\program\libxml2.dll
2016-03-11 18:43 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\X\Documents\AQ2_mapswithnolabels_(8996914).zip:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\X\Documents\CAT27000_Shadowrun_5_(8719235).pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\X\Documents\DD2_PS_WellofWorlds_(8244976).pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\X\Documents\Shadowrun_4th_Ed_(6623749).pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\X\Documents\ZGA-The_Investigation_Begins-PF-ONS_(7257351).pdf:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7631 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hama Wireless LAN Utility.lnk => C:\Windows\pss\Hama Wireless LAN Utility.lnk.CommonStartup
MSCONFIG\startupreg: GalaxyClient => C:\Program Files\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A4E70973-2FDE-4BA8-A9AC-3EC673442ED1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4F8398F0-B9CB-4CE6-8BFB-2327AB8942E5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42A1255C-EF33-4DC9-93C0-C847BFBE78A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{35BB552A-A376-4548-9C3A-8A6F559002A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0783B1CB-7049-4B81-85C1-BB1AE425FB27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E83F02DF-C9C6-4E07-BDD3-1018E1A33A5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{135F8AFC-37DB-4379-A659-C9039D3BC8EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{061D2B15-0219-4DA1-B2FB-74C98D29262C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F01CC164-7B39-4A6C-BD3C-92DEAF173710}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9D34AC37-6467-449C-9546-B6429A49B4EB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4B7C3D49-6B37-4B3B-BCBD-0537627EB863}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0ABF3259-5A8B-4094-804D-E5CF7A07A75D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Always Sometimes Monsters\Game.exe
FirewallRules: [{C1451494-137A-49CE-83D1-4311DB67CCE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Always Sometimes Monsters\Game.exe
FirewallRules: [{76D49E2C-B917-4D7D-8B41-9102950083A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HardWest\HardWest.exe
FirewallRules: [{A89CA368-F948-45D0-B0D1-5220DE106CBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HardWest\HardWest.exe
FirewallRules: [{B4F11BA5-1EC5-46CF-BB79-32E18CE4DAAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{542B6B91-2E1B-4378-A505-10BAC209162E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{18E88F4C-980E-4DBE-80D3-78F613E8DE82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Magic Circle\TheMagicCircle.exe
FirewallRules: [{22B75698-FF3A-40B3-88B1-84A7DB4A01BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Magic Circle\TheMagicCircle.exe
FirewallRules: [TCP Query User{43A61847-AF50-450E-83FA-CC829121BB43}C:\program files (x86)\steam\steamapps\common\torment tides of numenera\win\tidesofnumenera.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torment tides of numenera\win\tidesofnumenera.exe
FirewallRules: [UDP Query User{98B76BB3-EAEE-463B-A2C3-3FC75DEB8555}C:\program files (x86)\steam\steamapps\common\torment tides of numenera\win\tidesofnumenera.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torment tides of numenera\win\tidesofnumenera.exe
FirewallRules: [{EDB701CC-ABA0-4517-BCE2-6E9BCC1152D3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{4C293D2D-7A0E-44B8-9704-71B71D36FDFD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{D4C9E7A6-9919-49CA-BC98-A30711BA71CA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6ECCABD8-45DC-4E6B-A595-3A86B34C0BFC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C1E70677-8D7F-4115-B765-40C58A37BD11}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{4E124A2A-AA43-42E7-B4B3-947D562A5EE7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{7A247F53-645B-4542-8BF5-4D48EC78DDBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B55A2BC9-6F29-4167-AAC0-9CCC59864591}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{067FEB93-A5F9-4D61-91C1-E0DCEA31AB29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{D6798387-ACE4-4F9C-8881-83444CBC79AA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{0AA66CA3-71FD-461E-8090-63C436D57F74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{9A5B78C6-95B8-4905-B746-40F7C589C893}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BBC78B21-ACDD-4AF0-9939-F13D1403620B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{210F8E3C-AEA2-48CE-A85C-8C7BAD6ABD36}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{6D4E4359-DEDA-4BFA-944E-460B0D304764}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{13374435-5559-407F-9D5C-A6FDDAA40E31}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B3923CFD-CC57-40B5-A06C-D6216AAEA854}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{C80B3E70-5303-4421-8EBA-69AED33C1E7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{4AD2F1F0-0ED4-4A7C-BD52-F2FC9BD12BE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{10D28DC4-BD16-4D02-BA02-8CD8AD4CC754}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57FDE4D9-5600-4E5A-8135-080158D9B659}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68264353-604F-48C6-8B65-EDACD972B8FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the static speaks my name\thestatic_win.exe
FirewallRules: [{5FACCA97-4B4E-4269-A3E3-B3672B8FC1C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the static speaks my name\thestatic_win.exe
FirewallRules: [TCP Query User{C6D69720-22CD-4783-8CE0-E74B42B7F663}C:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe
FirewallRules: [UDP Query User{1381E8CB-CEF3-49EB-A67D-703FC1ED0184}C:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe
FirewallRules: [TCP Query User{7C4DC2D1-A7F6-4C34-A3D5-CF210EA18ED9}C:\program files (x86)\steam\steamapps\common\shadowrun dragonfall director's cut\dragonfall.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shadowrun dragonfall director's cut\dragonfall.exe
FirewallRules: [UDP Query User{791AE151-4071-4C2F-9BEE-889ACBE9A4D8}C:\program files (x86)\steam\steamapps\common\shadowrun dragonfall director's cut\dragonfall.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shadowrun dragonfall director's cut\dragonfall.exe
FirewallRules: [{727E9964-AA36-456E-A4BF-C7E649A04902}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Decadence\AoD64.exe
FirewallRules: [{A8043BC8-21E3-4CB5-AD6C-6986A65BA99D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Decadence\AoD64.exe
FirewallRules: [{CDB56EB7-A196-441B-97A7-CC3E230C57C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eisenwald\Eisenwald.exe
FirewallRules: [{CA042E88-D34D-4D57-9225-EF0DEE49550A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eisenwald\Eisenwald.exe
FirewallRules: [{6389D0C3-2263-4FB8-9A42-3001AB0EFBC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroesRiseHeroFall\HeroesRiseHeroFall.exe
FirewallRules: [{B5798906-176F-4FB5-98D4-B2793226ED4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroesRiseHeroFall\HeroesRiseHeroFall.exe
FirewallRules: [{FBC22BAE-5E4D-43CF-8CCE-096C301D983E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{6D9049CE-5615-4D64-86BA-F3E6ABCFC85D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{0EECAADD-20AB-4B2F-9FF1-E031023FB0F8}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{DD9B2ECD-DC57-4C26-9602-B2C8F75B40A5}] => (Allow) C:\PROGRA~1\Unity\Editor\Unity.exe
FirewallRules: [TCP Query User{D8A0C47E-43AB-4A92-8121-B10BACBB16E6}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{B90EFB0B-97F9-4746-AC5E-193CFF202F8F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{90909E0D-830E-4F4E-844B-A8C4DA934195}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Deed\Game.exe
FirewallRules: [{23AF37CB-02FB-46C5-84CF-A24856EDEDD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Deed\Game.exe
FirewallRules: [{FA6965F6-4345-4B73-A5A8-67BB514D90BF}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{13A7D245-E77B-4214-97DB-04E8A0F2E13E}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{D7B270D4-6197-41AE-A02A-E6D94C1DE9D4}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{8784B872-9B22-4780-8586-40BC4A9CE22A}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [TCP Query User{559B2184-616D-4F6D-92FB-51986EDAF5B9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{189A7BE9-C52E-40F2-A0B1-612441061087}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4EED539A-1053-4708-BF5F-0B500BB870B9}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{EF41F434-5B3F-4476-9B4B-B77407E01E26}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{39A93A03-7C8C-4CB0-8949-839F0EE4F688}] => (Allow) C:\Users\X\AppData\Local\Temp\7zS23FF\hppiw.exe
FirewallRules: [{19D44352-265F-4DDF-968A-7560AEC69CB0}] => (Allow) C:\Users\X\AppData\Local\Temp\7zS23FF\hppiw.exe
FirewallRules: [{E1478AFB-9D53-4E54-8092-7690CEE9AD57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{AAB3F032-CCF6-4964-B5F4-619E1F1C4DEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{84E229D8-E76C-4214-89E2-028F7374EB03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{F53F44B3-8A94-411B-B08E-EB7A7D7737A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{726EEEB4-9559-4FA7-BD0B-864BA9161EEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{4C7FF55C-E891-46D2-943F-9B1EA0C7AF1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{B3CE13D6-8653-4AA6-8F14-6109E21D2133}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{E45FB30D-8129-4189-ABF0-9581E5C11811}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{BF68FC6E-2976-4A9E-8D15-EF76422CB839}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{EB7ED9B4-0515-44E7-83B9-425FF606EC75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{DA05032B-2525-48D0-BB20-D77F360B6D7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{52989DAD-DD96-4BFB-AFB3-F6EF083203AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{C1B469F9-56A9-404A-B36D-D34C6B9DF230}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{5A975FE3-52A5-4AC5-AE98-4A79AF3DE468}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{70E14885-3829-4965-9696-2C71280402B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Consuming Shadow\consumingshadow.exe
FirewallRules: [{1C66A6D7-EF10-4422-92D4-D1EEDCF30662}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Consuming Shadow\consumingshadow.exe
FirewallRules: [{3AA7FB90-2B10-435F-B971-CB3F2765A8C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\costume quest\Cq.exe
FirewallRules: [{6775EB37-E066-4F1D-A9B0-DE4A39F1CA64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\costume quest\Cq.exe
FirewallRules: [{C2ED132B-B42E-4060-92A9-42A69CC650E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2.exe
FirewallRules: [{C6A4A305-8BB9-4D17-8C02-62F8199E8E99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2.exe
FirewallRules: [{5BAB58BE-9EC8-40CE-9E0C-C703E278EF6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2_DX9.exe
FirewallRules: [{3ECC7FE7-4A9B-4463-ACB0-5C4237E70920}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2_DX9.exe
FirewallRules: [{2FA23132-2715-4242-983A-891A31BCA589}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{AE147611-9453-4E8F-820A-289DA909A42E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{C672D9D8-4D95-4F3F-B48A-3CD7D5161B60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{4068B55C-2908-4841-A320-ACA5AFC326D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{2FB2C769-9D8B-4975-AADF-7E38B1D9061C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{077E2B8E-0B5F-4F92-A6F5-D1F03095255B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{9FA6B1F8-EB5E-4595-B5E8-A4E858BCD16B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dragon age ultimate edition\DAOriginsLauncher.exe
FirewallRules: [{3BA8D674-C14D-4978-977A-9A45CA1587B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dragon age ultimate edition\DAOriginsLauncher.exe
FirewallRules: [{140FF0A9-3A12-4C16-AB03-D6116ADA793F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{480B3DBA-307B-4316-8165-02A64092EDEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{35002D44-52FD-4285-8E19-C0261DFD71DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dex\Dex.exe
FirewallRules: [{37AA7366-C1D7-4661-A125-A26567AB1476}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dex\Dex.exe
FirewallRules: [{4960FE2A-51BD-461E-8E60-E3362A0BB3A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dex\GamepadConfigTool.exe
FirewallRules: [{DA962B5B-F13B-4BAB-8433-E33E3B740CD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dex\GamepadConfigTool.exe
FirewallRules: [{F498DFBA-191E-43DF-A790-3AECA3D36CC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{C50F1D33-31D2-4368-9AD3-D862D29419CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{20CFCDD2-553E-442B-8647-0ED45C553B4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Soul Axiom\SoulAxiom.exe
FirewallRules: [{56308751-6B48-408A-BA68-AF1D9F53D455}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Soul Axiom\SoulAxiom.exe
FirewallRules: [{9D5B4CA7-8C26-4E2D-8A73-2B2DF2341B76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MasterReboot\Binaries\Win32\MasterReboot.exe
FirewallRules: [{08472699-8749-4BC7-9978-5FE92E20A75C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MasterReboot\Binaries\Win32\MasterReboot.exe
FirewallRules: [{147227FD-89E9-42D8-9BD6-C38670C285BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{3AEEBDE3-D4F1-42E2-89A4-E5B8F5B59B3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{F854A822-C6A1-429C-90B6-7BE3285C0591}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2042F614-7F8A-42BB-96DA-59B75F80B2A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{8B2DFC9B-8A4E-44D5-A1B1-0C7EC348484C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{9EB8EF54-CBD3-4BCB-B90E-C4E5EA42F73C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{D621663B-5647-4F1E-9FE8-B846E4B06A44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D2043EEC-A278-4B89-B352-BD48E6B9DB7B}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{9242B4E8-FD47-424E-A427-FCCA1A2B3D9A}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [{08B09B3A-1277-42DC-870D-E7685E8C3CD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Secret Of Magia\EQLauncher.exe
FirewallRules: [{214A1ECB-C9A8-43C6-8471-45BDD5C1DE4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Secret Of Magia\EQLauncher.exe
FirewallRules: [{832FD3B3-6B06-4F1B-8B1F-0DFBE4305803}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{21A78A78-B47C-467F-9B7D-5319E7BD90A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{78227B80-786A-4EBE-B553-218C8D268CF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contradiction\Windows\nw.exe
FirewallRules: [{DB0BD4EC-DED6-4E67-921F-7AC3D6EE4DE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contradiction\Windows\nw.exe
FirewallRules: [{43DD6AB0-EA9F-4A2E-A7CC-3E46CC035163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Decadence\AoD.exe
FirewallRules: [{C4FDE679-97F4-452E-955F-17C9DBC29454}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Decadence\AoD.exe
FirewallRules: [{596BA756-BAF4-4411-BEA3-5368CE79DB1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Deed Dynasty\Game.exe
FirewallRules: [{73086BC1-D110-42B9-8919-EA430241A827}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Deed Dynasty\Game.exe
FirewallRules: [{E8794874-9F2E-4D20-9E07-5FD11108A23B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode One Alpha Centauri\Game.exe
FirewallRules: [{6DFDF235-3DA9-4241-B1DB-BBFDEDE888BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode One Alpha Centauri\Game.exe
FirewallRules: [{179830CB-654A-470D-B9C7-47DEF003BDE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode Two\Game.exe
FirewallRules: [{566F1199-707F-4541-A2DE-3688D25BF0C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode Two\Game.exe
FirewallRules: [{22F8B3A0-D82D-44C8-96F5-996D0B8F302B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode III Delta Pavonis\Game.exe
FirewallRules: [{A06F9093-52B6-4541-8194-342FB975A42E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode III Delta Pavonis\Game.exe
FirewallRules: [{1AD5649C-D38C-4C5B-927B-FFF93D19125C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode IV Sol\Game.exe
FirewallRules: [{5074AAF6-EE7F-4D4F-AEF7-058D76F16A95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Pilgrim Episode IV Sol\Game.exe
FirewallRules: [TCP Query User{0829C57F-F7C2-4661-A078-AC581CE54C32}C:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{64E5E6D9-61C3-4525-84F8-85D45A25C472}C:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe
FirewallRules: [{C535F910-CFD2-4FEF-81BF-FAB8DC2AC326}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman The Telltale Series\Batman_win8.exe
FirewallRules: [{D57839B0-0A9A-4EBD-AFB6-D59AC9312873}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman The Telltale Series\Batman_win8.exe
FirewallRules: [{19128602-021A-41D0-976B-7184315FF81E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman The Telltale Series\Batman_win7.exe
FirewallRules: [{082711C9-61B6-4541-A467-99D92C6EC8CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman The Telltale Series\Batman_win7.exe
FirewallRules: [{E3F248DD-DE31-49F9-BFE4-298EEA923145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Inquisitor\Game\Inquisitor.exe
FirewallRules: [{6FAB7E6C-ADFA-47D6-B2A8-B1ECE3134E45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Inquisitor\Game\Inquisitor.exe
FirewallRules: [{9961D509-47F3-4D56-8C2A-D74B603144B3}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{8E22674A-E010-42B5-8E87-F8AD9B457607}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [TCP Query User{FA218370-928B-40A4-AD23-27A930B3F3FC}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{05B97A19-001B-4374-96A5-C7CFDBF7857F}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{E0B4B686-C73E-4A94-AF55-C0662ABDC5C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\tbs2\win32\The Banner Saga 2.exe
FirewallRules: [{7014183D-9E04-4D55-8FA0-95C3DFDA823A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\tbs2\win32\The Banner Saga 2.exe
FirewallRules: [{CB51B168-C4AB-4F94-B02E-9C3C81771273}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{4DBC3E84-9489-4D55-9625-DDF84CFAA987}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{D397A13D-FCA8-4464-906F-302E82544BED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Novelist\The Novelist.exe
FirewallRules: [{4F4854ED-1C58-4128-9BF8-72319A964DA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Novelist\The Novelist.exe
FirewallRules: [{160173CE-7941-4FD9-A8A4-DFEA3B8A15A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{C202AE04-467D-4F2C-B950-0AC21ADD70D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{A591DF0F-EEFD-4795-B5D2-7DDD5A9D2B2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TimeShift\bin\TimeShift.Exe
FirewallRules: [{38ED49C5-8B2C-4244-8125-83B778D08C2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TimeShift\bin\TimeShift.Exe
FirewallRules: [{55894420-D580-437C-8D0E-9BC05D0D7137}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Quest Collection\2016_SpaceQuestCollection\SierraLauncher.exe
FirewallRules: [{D3B13504-A832-42D1-9489-68D72A9AC5FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Quest Collection\2016_SpaceQuestCollection\SierraLauncher.exe
FirewallRules: [{D4B5B657-62DA-4B94-8337-64DD606ADA04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Quest Collection\SierraLauncher.exe
FirewallRules: [{4AC50393-D9F1-4224-AEDB-9FEF5D81FE67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Quest Collection\SierraLauncher.exe
FirewallRules: [{05C6BEDE-9BD1-4425-B952-1BD6801A6D1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\911 Operator\911.exe
FirewallRules: [{48FD9FCE-12F4-44C5-AEA1-75B82565E862}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\911 Operator\911.exe
FirewallRules: [{C6A66A53-9AA1-4BCC-953F-B0AAC1337E40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Police Quest Collection\SierraLauncher.exe
FirewallRules: [{67D0CED7-2909-4E8B-8FBB-B2A646A4620D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Police Quest Collection\SierraLauncher.exe
FirewallRules: [{3D13FC7D-C4E9-4E19-87AB-CB59D39EC5A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\quadrilateralcowboy\qc.exe
FirewallRules: [{E5004409-E1C4-43EC-BBD6-C82F631CCBF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\quadrilateralcowboy\qc.exe
FirewallRules: [{0B32A373-4037-4E9D-BD06-3CAC17A0D97E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Headlander\Headlander.exe
FirewallRules: [{B24029D8-575D-4E49-BEB5-5ABEC4A2D0EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Headlander\Headlander.exe
FirewallRules: [{25467C13-8D35-4F48-ACF9-925EB91340D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel - Ultimate Alliance\Marvel.exe
FirewallRules: [{CE7CF8F6-1948-4C3B-89F3-040F89A795F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel - Ultimate Alliance\Marvel.exe
FirewallRules: [{3F50FAAB-7587-4485-A095-4DBC70CB62E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel - Ultimate Alliance 2\Alliance.exe
FirewallRules: [{58FD53BE-CE98-4AC6-BD86-14C03268AD8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Marvel - Ultimate Alliance 2\Alliance.exe
FirewallRules: [{C661932F-2E22-4227-8687-8F0A330C625F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes Rise The Hero Project\HeroesRiseTheHeroProject.exe
FirewallRules: [{20846FD6-A9CA-47A7-B3BF-2FAF10620980}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes Rise The Hero Project\HeroesRiseTheHeroProject.exe
FirewallRules: [{A431F3CD-1518-449C-8D4F-86A15C85AEA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{3231FE71-4487-4BF6-90C7-1FFCD913749A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{C6CCBB46-62F4-46A2-80A0-89D98D857BE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{080FC556-9339-480C-9757-B6CD1BD4F886}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{2A7B882C-EA04-429F-8262-525FB37CBC32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Black Watchmen\tbw.exe
FirewallRules: [{F7658F9F-7E25-421F-8CEE-5639741BCC1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Black Watchmen\tbw.exe
FirewallRules: [{CE26B43C-7E67-4048-9348-33841EA018FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ahnayro\ahnayro.exe
FirewallRules: [{02E87EC2-93FB-4853-9F38-F1C2157DC634}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ahnayro\ahnayro.exe
FirewallRules: [{427E6622-B7C6-469E-A7B6-63E458709CDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tyranny\Tyranny.exe
FirewallRules: [{35FA2CFC-F65B-474B-BE13-50D65E76F41B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tyranny\Tyranny.exe
FirewallRules: [{E49D7ED4-441F-4ED0-819F-D3993B84FBE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knee Deep\Knee Deep.exe
FirewallRules: [{7CBCF85F-5EDC-4133-A0DC-A58FED02BD1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knee Deep\Knee Deep.exe
==================== Wiederherstellungspunkte =========================
15-11-2016 14:47:00 OpenOffice 4.1.2 wird entfernt
15-11-2016 15:35:47 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/12/2016 05:00:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbar.exe, Version 1.9.3.1001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 524
Startzeit: 01d23cfa15efcba4
Endzeit: 2418
Anwendungspfad: C:\Users\X\Desktop\mbar\mbar.exe
Berichts-ID: 246bfe22-a8f1-11e6-a1fb-d8cb8a731465
Error: (11/11/2016 11:46:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605ac0
Name des fehlerhaften Moduls: MessageBus.dll, Version: 0.0.0.0, Zeitstempel: 0x5760534f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010f73
ID des fehlerhaften Prozesses: 0xe64
Startzeit der fehlerhaften Anwendung: 0x01d23c08cc2eac75
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
Pfad des fehlerhaften Moduls: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
Berichtskennung: 15e82eb6-a7fc-11e6-8f95-24050f78a73a
Error: (11/03/2016 07:09:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Darksiders2.exe, Version: 0.0.0.0, Zeitstempel: 0x56414237
Name des fehlerhaften Moduls: Darksiders2.exe, Version: 0.0.0.0, Zeitstempel: 0x56414237
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000058742d
ID des fehlerhaften Prozesses: 0x1828
Startzeit der fehlerhaften Anwendung: 0x01d235faa56b74ec
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
Berichtskennung: b607d569-a1f0-11e6-a362-d8cb8a731465
Error: (11/02/2016 09:09:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 15.20.20039.7108, Zeitstempel: 0x57eee485
Name des fehlerhaften Moduls: AcroRd32.dll, Version: 15.20.20039.7108, Zeitstempel: 0x57eee462
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0028992b
ID des fehlerhaften Prozesses: 0x1084
Startzeit der fehlerhaften Anwendung: 0x01d235332c58f1a5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
Berichtskennung: 3c43c7ff-a138-11e6-a4f5-d8cb8a731465
Error: (10/28/2016 07:01:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GrimmGame.exe, Version: 0.0.0.0, Zeitstempel: 0x48561d63
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x8b068b57
ID des fehlerhaften Prozesses: 0x19c8
Startzeit der fehlerhaften Anwendung: 0x01d231420e1ea3db
Pfad der fehlerhaften Anwendung: C:\Program Files\GalaxyClient\Games\American McGees Grimm - Season 1\1-1 BoyFear\Binaries\GrimmGame.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 800a914b-9d38-11e6-948b-d8cb8a731465
Error: (10/27/2016 09:50:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 15.20.20039.7108, Zeitstempel: 0x57eee485
Name des fehlerhaften Moduls: AcroRd32.dll, Version: 15.20.20039.7108, Zeitstempel: 0x57eee462
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0028992b
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0x01d23061cfd3008d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
Berichtskennung: ff7aabbb-9c86-11e6-97ff-d8cb8a731465
Error: (10/18/2016 11:47:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\X\Downloads\SoftonicDownloader_fuer_mpeg-streamclip.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (10/16/2016 08:13:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0x1700
Startzeit der fehlerhaften Anwendung: 0x01d227afc1e102a8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: 9a20e304-93d4-11e6-a1b3-d8cb8a731465
Error: (10/06/2016 07:42:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x57d87fc5
Name des fehlerhaften Moduls: NVI2.DLL, Version: 2.1002.224.1962, Zeitstempel: 0x57d880dc
Ausnahmecode: 0x40000015
Fehleroffset: 0x00278476
ID des fehlerhaften Prozesses: 0x1a54
Startzeit der fehlerhaften Anwendung: 0x01d2200144599214
Pfad der fehlerhaften Anwendung: C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
Pfad des fehlerhaften Moduls: C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{0C482131-D588-4F13-B169-4C29AA0CAE47}\NVI2.DLL
Berichtskennung: abecad92-8bf4-11e6-8116-d8cb8a731465
Error: (10/03/2016 06:56:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Marvel.exe, Version: 1.0.0.1, Zeitstempel: 0x57b584fc
Name des fehlerhaften Moduls: XAudio2_7.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4c0643cc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fef1a12891
ID des fehlerhaften Prozesses: 0xd3c
Startzeit der fehlerhaften Anwendung: 0x01d21d9ba44a857a
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Marvel - Ultimate Alliance\Marvel.exe
Pfad des fehlerhaften Moduls: XAudio2_7.dll
Berichtskennung: ba1e08d1-8992-11e6-8026-d8cb8a731465
Systemfehler:
=============
Error: (11/15/2016 03:28:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/15/2016 03:28:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/15/2016 03:27:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (11/15/2016 03:27:27 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
Die Anforderung wird nicht unterstützt.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/15/2016 03:27:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (11/15/2016 03:27:27 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
Die Anforderung wird nicht unterstützt.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/15/2016 03:26:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/15/2016 03:26:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/15/2016 03:26:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/15/2016 03:26:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-6300 Six-Core Processor
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 8140.05 MB
Verfügbarer physikalischer RAM: 6277.7 MB
Summe virtueller Speicher: 16278.29 MB
Verfügbarer virtueller Speicher: 14384.31 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:153.82 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 78BCB546)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
15.11.2016, 23:36
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-21-3145422843-1996295090-1453084995-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\Users\X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk [2010-12-30]
ShortcutTarget: OpenOffice.org 2.0.lnk -> C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
BHO-x32: Kein Name -> {0347C33E-8762-4905-BF09-768834316C61} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Kein Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> Keine Datei
FF Keyword.URL: Mozilla\Firefox\Profiles\8fwb6c52.default -> hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=1STLI09F&q=
FF NetworkProxy: Mozilla\Firefox\Profiles\8fwb6c52.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\8fwb6c52.default -> type", 0
C:\Users\X\AppData\Roaming\OpenOffice.org2
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\Program Files (x86)\Avira
C:\ProgramData\Avira
C:\Users\X\AppData\Roaming\Avira
C:\ProgramData\2ea457cf9e11cd63eb1efd8d7ce4d13ee2b26134
C:\Users\X\ntuser (1).dat
C:\Users\Nehrim\NehrimLauncher.exe
cmd: dir /oge-d "C:\Users\Nehrim"
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Erhalte Emails von mailer-daemon@mail.corp.ru und versende Mails an litemill@yahoo.co.uk |
| .dll, administrator, antivirus, avira, defender, desktop, explorer, firefox, helper, home, hängen, mozilla, nvidia, prozesse, realtek, registry, scan, secur, services.exe, software, spam, system, temp, windows, winlogon.exe |
Linear-Darstellung
