Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- FIRST.TXT :
- [SPOILER]
- [Code]
- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
- Ran by Giommi (administrator) on GIOMMI-PC on 27-04-2015 18:57:27
- Running from C:\Users\Giommi\Downloads
- Loaded Profiles: Giommi (Available profiles: Giommi & fbwuser)
- Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
- Internet Explorer Version 10 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
- (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
- (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
- (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
- (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
- () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
- () C:\Windows\SysWOW64\srvany.exe
- () C:\Windows\KMService.exe
- (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
- () C:\Windows\SysWOW64\PnkBstrA.exe
- (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe
- (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
- (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
- (Perfect Privacy) C:\Program Files (x86)\Perfect Privacy VPN Manager\VPNManagerService.exe
- (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
- (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
- (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
- (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
- (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
- (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
- (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
- (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
- (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
- (Microsoft Corporation) C:\Windows\System32\alg.exe
- (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
- (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
- (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
- () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
- () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
- () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
- (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Registry (Whitelisted) ==================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
- HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Run: [GoogleChromeAutoLaunch_7E290A021AA3DB674CDF04B2A02A17DA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Policies\system: [EnableLUA] 0
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\MountPoints2: F - F:\setup.exe
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\MountPoints2: {a979fb4b-4bc3-11e3-b891-ed20bf864bd7} - F:\setup.exe
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Winlogon: [Shell] C:\Users\Giommi\AppData\Local\Temp\Jldht\Jldht.exe <==== ATTENTION
- HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2009-07-14] (Microsoft Corporation)
- ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
- ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
- ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
- GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
- CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
- CHR HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- ProxyServer: [S-1-5-21-3551031480-2449454405-1511854611-1000] => 210.210.183.210:80
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN&q={searchTerms}
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN&q={searchTerms}
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN&q={searchTerms}
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN&q={searchTerms}
- HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
- HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q={searchTerms}
- HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q={searchTerms}
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q={searchTerms}
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ch.msn.com/
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnsp5KW8n0fOw0_a38_kYiVoblSdu0xc7kIIpPSrDdDDGww4IqazXmBbEAzAsDVgvA,,
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q={searchTerms}
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
- SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
- SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
- SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
- SearchScopes: HKU\S-1-5-21-3551031480-2449454405-1511854611-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
- BHO: No Name -> {34D5A80A-992D-4F07-9509-66E9E133BAAF} -> No File
- BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
- BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
- BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
- BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
- BHO-x32: iMacros Browser Helper Object -> {34D5A80A-992D-4F07-9509-66E9E133BAAF} -> D:\iMacros\iMacrosBHO.dll No File
- BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
- BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-30] (Oracle Corporation)
- BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
- BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
- BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
- BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-30] (Oracle Corporation)
- Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
- Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
- Toolbar: HKU\S-1-5-21-3551031480-2449454405-1511854611-1000 -> No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No File
- Toolbar: HKU\S-1-5-21-3551031480-2449454405-1511854611-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
- Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
- Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
- Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
- Winsock: Catalog5 09 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2014-09-29] ()
- Winsock: Catalog5-x64 09 C:\Windows\system32\PrxerNsp.dll [57448 2014-09-29] ()
- Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
- Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61
- StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
- FireFox:
- ========
- FF ProfilePath: C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default
- FF NewTab: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnsvfkgQS6di7tVwkNZkHtW-0E8QsKdGGmS5f7QRDrf5VSFOHG_LUIzr8zyJjpi19A,,
- FF SelectedSearchEngine: Web Search
- FF Homepage: hxxp://www.hackforums.net/
- FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q=
- FF NetworkProxy: "http", "61.166.55.153"
- FF NetworkProxy: "http_port", 11110
- FF NetworkProxy: "type", 0
- FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll [2013-03-16] ()
- FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-08] (Oracle Corporation)
- FF Plugin: @microsoft.com/GENUINE -> disabled No File
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
- FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
- FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
- FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-16] ()
- FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
- FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
- FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-30] (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-30] (Oracle Corporation)
- FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
- FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
- FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
- FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
- FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.)
- FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
- FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
- FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
- FF Plugin HKU\S-1-5-21-3551031480-2449454405-1511854611-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-05-28] ()
- FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-06-12]
- FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-06-11]
- FF Extension: Avira Browser Safety - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\abs@avira.com [2015-03-15]
- FF Extension: shortcut - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\shortcutff@gmail.com [2014-07-28]
- FF Extension: iMacros for Firefox - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-02-22]
- FF Extension: Snap.Do - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{89ee5e93-fb7c-cd6f-bcd5-bb193fd46fd4} [2014-03-16]
- FF Extension: Live HTTP headers - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-07-27]
- FF Extension: Flash and Video Download - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-23]
- FF Extension: Acunetix Web Scanner - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\acunetixwebscanner@attila.gerendi.xpi [2014-01-01]
- FF Extension: Elite Proxy Switcher - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\eliteproxyswitcher@my-proxy.com.xpi [2013-08-01]
- FF Extension: IPFlood - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\ipfuck@p4ul.info.xpi [2014-11-16]
- FF Extension: One Click Proxy - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2015-03-27]
- FF Extension: Firefox Plug-n-Hack - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\jid1-CZ1BeoFM9Mmlzg@jetpack.xpi [2013-10-22]
- FF Extension: Proxy Tool - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\proxytool@proxylist.co.xpi [2014-11-26]
- FF Extension: Tab Auto Reload - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\TabAutoReload@schuzak.jp.xpi [2014-11-16]
- FF Extension: Adblock Plus - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-30]
- FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-03-23]
- FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-23]
- FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
- FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\extensions\quick_start@gmail.com
- FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\extensions\faststartff@gmail.com
- FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\extensions\shortcutff@gmail.com
- Chrome:
- =======
- CHR HomePage: Default -> hxxp://www.hackforums.net/
- CHR StartupUrls: Default -> "hxxp://www.hackforums.net/"
- CHR Profile: C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Google Translate) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-01-29]
- CHR Extension: (Google Slides) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
- CHR Extension: (Google Docs) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
- CHR Extension: (Google Drive) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
- CHR Extension: (YouTube) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
- CHR Extension: (Adblock Plus) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-01]
- CHR Extension: (Google Search) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
- CHR Extension: (Google Sheets) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
- CHR Extension: (Avira Browser Safety) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-18]
- CHR Extension: (Bookmark Manager) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
- CHR Extension: (Live HTTP Headers) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaiioopjkcekapmldfgbebdclcnpgnlo [2014-12-01]
- CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
- CHR Extension: (Skype Click to Call) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-01]
- CHR Extension: (Google Wallet) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
- CHR Extension: (WebRTC Block) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphkkbaidamjmhfanlpblblcadhfbkdm [2015-02-02]
- CHR Extension: (Header Hacker) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\phnffahgegfkcobeaapbenpmdnkifigc [2014-12-01]
- CHR Extension: (Gmail) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]
- CHR Extension: (Custom JavaScript for websites ) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\poakhlngfciodnhlhhgnaaelnpjljija [2014-12-29]
- CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
- CHR HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Giommi\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [Not Found]
- CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
- ==================== Services (Whitelisted) =================
- (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
- Locked "4fb3a122aa14784e" service could not be unlocked. <===== ATTENTION
- S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
- R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
- R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
- S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
- R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
- R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
- R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
- S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-29] (EasyAntiCheat Ltd)
- S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
- R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
- S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
- R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
- R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-04-22] () [File not signed]
- S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
- R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-29] ()
- R2 postgresql-x64-9.2; C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe [88576 2014-10-20] (PostgreSQL Global Development Group) [File not signed]
- S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
- S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
- S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
- R2 VPNManager; C:\Program Files (x86)\Perfect Privacy VPN Manager\VPNManagerService.exe [17408 2015-02-13] (Perfect Privacy) [File not signed]
- U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
- S4 AcuWVSSchedulerv8; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [X]
- S2 metasploitPostgreSQL; "D:\Metasploit\postgresql\bin\pg_ctl.exe" runservice -N "metasploitPostgreSQL" -D "D:/Metasploit/postgresql/data" [X]
- S2 metasploitProSvc; D:\Metasploit\ruby\bin\ruby.exe -C "D:\Metasploit\apps\pro\engine" prosvc_service.rb -E production
- S2 metasploitThin; D:\Metasploit\ruby\bin\ruby.exe -C "D:\Metasploit\apps\pro\ui" thin_service.rb
- S2 metasploitWorker; D:\Metasploit\ruby\bin\ruby.exe -C "D:\Metasploit\apps\pro\ui" worker_service.rb
- S4 nlsvc; "C:\Program Files\NetLimiter 3\nlsvc.exe" [X]
- ==================== Drivers (Whitelisted) ====================
- (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
- U5 4fb3a122aa14784e; C:\Windows\System32\Drivers\4fb3a122aa14784e.sys [75704 2014-11-27] () <===== ATTENTION Necurs Rootkit?
- S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] () [File not signed]
- S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] () [File not signed]
- S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] () [File not signed]
- R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] () [File not signed]
- R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] () [File not signed]
- R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2736640 2011-08-31] () [File not signed]
- S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
- S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
- S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
- S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
- S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] () [File not signed]
- S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] () [File not signed]
- U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] () [File not signed]
- R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] ()
- R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] () [File not signed]
- R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] () [File not signed]
- S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] () [File not signed]
- S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] () [File not signed]
- S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] () [File not signed]
- S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] () [File not signed]
- S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] () [File not signed]
- S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] () [File not signed]
- S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-14] () [File not signed]
- S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] () [File not signed]
- R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] () [File not signed]
- S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] () [File not signed]
- R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] () [File not signed]
- S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] () [File not signed]
- S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] () [File not signed]
- R0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] () [File not signed]
- S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-14] () [File not signed]
- R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] () [File not signed]
- S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] () [File not signed]
- R1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] () [File not signed]
- R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] () [File not signed]
- S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [103064 2013-05-02] () [File not signed]
- R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] () [File not signed]
- R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] () [File not signed]
- S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] () [File not signed]
- S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] () [File not signed]
- R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2013-11-13] () [File not signed]
- R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-05] () [File not signed]
- R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983488 2013-08-01] () [File not signed]
- S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] () [File not signed]
- S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] () [File not signed]
- S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] () [File not signed]
- R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2013-08-05] () [File not signed]
- S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] () [File not signed]
- S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] () [File not signed]
- S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] () [File not signed]
- R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] () [File not signed]
- S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] () [File not signed]
- S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] () [File not signed]
- R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] () [File not signed]
- S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] () [File not signed]
- U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] ()
- R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] () [File not signed]
- S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] () [File not signed]
- S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] () [File not signed]
- S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] () [File not signed]
- S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] () [File not signed]
- R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] () [File not signed]
- S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] () [File not signed]
- S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] () [File not signed]
- S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] () [File not signed]
- R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] () [File not signed]
- S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] () [File not signed]
- R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] () [File not signed]
- S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] () [File not signed]
- S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2012-12-07] () [File not signed]
- R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] () [File not signed]
- R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] () [File not signed]
- S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] () [File not signed]
- S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] () [File not signed]
- S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] () [File not signed]
- R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [3707864 2013-11-05] () [File not signed]
- S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] () [File not signed]
- R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] () [File not signed]
- S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] () [File not signed]
- S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] () [File not signed]
- R3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] () [File not signed]
- S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] () [File not signed]
- S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] () [File not signed]
- S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-21] () [File not signed]
- R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] () [File not signed]
- R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-21] () [File not signed]
- S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-29] () [File not signed]
- S3 KProcessHacker2; C:\Program Files\Process Hacker 2\kprocesshacker.sys [39576 2013-11-13] (wj32)
- R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2013-09-25] () [File not signed]
- R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [154560 2013-09-25] () [File not signed]
- R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] () [File not signed]
- R3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCamd64.sys [410008 2013-04-15] () [File not signed]
- R3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRamd64.sys [102808 2013-04-15] () [File not signed]
- R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [22408 2009-11-24] () [File not signed]
- R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] () [File not signed]
- S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [16008 2009-11-24] () [File not signed]
- S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-01-11] () [File not signed]
- R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] () [File not signed]
- S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] () [File not signed]
- S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] () [File not signed]
- S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] () [File not signed]
- S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] () [File not signed]
- R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] () [File not signed]
- S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] () [File not signed]
- S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] () [File not signed]
- S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] () [File not signed]
- R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] () [File not signed]
- S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-03-30] () [File not signed]
- R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] () [File not signed]
- R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] () [File not signed]
- R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] () [File not signed]
- S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] () [File not signed]
- R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] () [File not signed]
- S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] () [File not signed]
- R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] () [File not signed]
- R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] () [File not signed]
- R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] () [File not signed]
- R0 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] () [File not signed]
- S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] () [File not signed]
- R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] ()
- S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] () [File not signed]
- R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] () [File not signed]
- S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] () [File not signed]
- S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] () [File not signed]
- S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] () [File not signed]
- S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] ()
- R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-14] () [File not signed]
- S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] () [File not signed]
- S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] () [File not signed]
- R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] () [File not signed]
- R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] () [File not signed]
- R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] () [File not signed]
- S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] () [File not signed]
- R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] () [File not signed]
- R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] () [File not signed]
- R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] () [File not signed]
- R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] ()
- R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] () [File not signed]
- R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] () [File not signed]
- S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] () [File not signed]
- R3 NLNdisMP; C:\Windows\System32\DRIVERS\nlndis.sys [32688 2013-06-12] () [File not signed]
- S3 NLNdisPT; C:\Windows\System32\DRIVERS\nlndis.sys [32688 2013-06-12] () [File not signed]
- R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] () [File not signed]
- R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] ()
- R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] () [File not signed]
- R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1656680 2013-04-12] ()
- R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] () [File not signed]
- R3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [196384 2013-06-16] () [File not signed]
- R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [12613408 2013-11-14] () [File not signed]
- S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] () [File not signed]
- S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] () [File not signed]
- S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] () [File not signed]
- S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] () [File not signed]
- S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] () [File not signed]
- R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] () [File not signed]
- R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] () [File not signed]
- S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] () [File not signed]
- S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] () [File not signed]
- R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] () [File not signed]
- R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] () [File not signed]
- R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] () [File not signed]
- S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] () [File not signed]
- R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] () [File not signed]
- S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] () [File not signed]
- S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] () [File not signed]
- S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] () [File not signed]
- S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] () [File not signed]
- S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] () [File not signed]
- R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] () [File not signed]
- R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] () [File not signed]
- R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] () [File not signed]
- R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] () [File not signed]
- R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] () [File not signed]
- R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] () [File not signed]
- R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] () [File not signed]
- S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] () [File not signed]
- R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] () [File not signed]
- R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] () [File not signed]
- S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [20992 2010-11-21] () [File not signed]
- S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] ()
- R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] () [File not signed]
- R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] () [File not signed]
- S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] () [File not signed]
- S3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [180584 2012-12-05] () [File not signed]
- R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-02-01] () [File not signed]
- R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-02-01] () [File not signed]
- S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
- S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] () [File not signed]
- S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] () [File not signed]
- R3 ScreamBAudioSvc; C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992 2014-02-07] () [File not signed]
- R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] ()
- S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23552 2009-07-14] () [File not signed]
- S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] () [File not signed]
- S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] () [File not signed]
- S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] () [File not signed]
- S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] () [File not signed]
- S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] () [File not signed]
- S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] () [File not signed]
- S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] () [File not signed]
- S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] () [File not signed]
- S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] () [File not signed]
- R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] ()
- R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] () [File not signed]
- R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] () [File not signed]
- R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] () [File not signed]
- S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [203672 2013-05-02] () [File not signed]
- S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] () [File not signed]
- R3 StillCam; C:\Windows\system32\drivers\serscan.sys [12288 2009-07-14] () [File not signed]
- R0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] () [File not signed]
- S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-21] () [File not signed]
- R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] () [File not signed]
- S3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [88960 2010-11-21] () [File not signed]
- S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2014-11-05] () [File not signed]
- S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] () [File not signed]
- S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [38632 2012-07-24] () [File not signed]
- R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] () [File not signed]
- S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] () [File not signed]
- R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2013-09-08] () [File not signed]
- S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2013-09-08] () [File not signed]
- R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] () [File not signed]
- S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] () [File not signed]
- S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] () [File not signed]
- R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] () [File not signed]
- R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-21] () [File not signed]
- S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [34816 2010-11-21] () [File not signed]
- R3 TPM; C:\Windows\System32\drivers\tpm.sys [38400 2009-07-14] () [File not signed]
- S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] () [File not signed]
- S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-21] () [File not signed]
- S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-21] () [File not signed]
- S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-21] () [File not signed]
- R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] () [File not signed]
- S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] () [File not signed]
- S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] () [File not signed]
- S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] () [File not signed]
- R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] () [File not signed]
- S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-14] () [File not signed]
- S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] () [File not signed]
- R3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] () [File not signed]
- R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-09-04] () [File not signed]
- S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] () [File not signed]
- R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52736 2013-09-04] () [File not signed]
- R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-09-04] () [File not signed]
- S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-09-04] () [File not signed]
- S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] () [File not signed]
- S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [42496 2013-07-03] () [File not signed]
- S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] () [File not signed]
- S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-09-04] () [File not signed]
- S1 VBoxDrv; C:\Windows\System32\DRIVERS\VBoxDrv.sys [922704 2015-03-16] () [File not signed]
- S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [141440 2015-03-16] () [File not signed]
- S3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [156360 2015-03-16] () [File not signed]
- S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-09-09] () [File not signed]
- S1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [128592 2015-03-16] () [File not signed]
- R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] () [File not signed]
- S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] () [File not signed]
- R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] () [File not signed]
- S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] () [File not signed]
- S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] () [File not signed]
- S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [199552 2010-11-21] () [File not signed]
- S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] () [File not signed]
- R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] () [File not signed]
- R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] () [File not signed]
- R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] () [File not signed]
- S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] () [File not signed]
- S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] () [File not signed]
- R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] () [File not signed]
- R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] () [File not signed]
- R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] () [File not signed]
- S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] () [File not signed]
- S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [File not signed]
- R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [File not signed]
- S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] () [File not signed]
- R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] () [File not signed]
- R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] () [File not signed]
- S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] () [File not signed]
- S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] () [File not signed]
- R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-14] () [File not signed]
- S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] () [File not signed]
- S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] () [File not signed]
- S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] () [File not signed]
- S3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [74960 2010-08-19] () [File not signed]
- S3 zttap200; C:\Windows\System32\DRIVERS\zttap200.sys [31896 2014-03-05] ()
- S1 A2DDA; \??\D:\EEK\bin\a2ddax64.sys [X]
- S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
- S3 cleanhlp; \??\D:\EEK\bin\cleanhlp64.sys [X]
- S3 EagleX64; \??\C:\Users\Giommi\AppData\Local\Temp\EagleX64.sys [X]
- S1 nltdi; \??\C:\Program Files\NetLimiter 3\nltdi.sys [X]
- S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
- S3 VGPU; System32\drivers\rdvgkmd.sys [X]
- S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
- S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
- S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
- ==================== One Month Created Files and Folders ========
- (If an entry is included in the fixlist, the file\folder will be moved.)
- 2015-04-27 18:57 - 2015-04-27 18:57 - 02100736 _____ (Farbar) C:\Users\Giommi\Downloads\FRST64.exe
- 2015-04-27 18:57 - 2015-04-27 18:57 - 00057469 _____ () C:\Users\Giommi\Downloads\FRST.txt
- 2015-04-27 18:57 - 2015-04-27 18:57 - 00000000 ____D () C:\FRST
- 2015-04-26 22:12 - 2015-04-26 22:12 - 00028132 _____ () C:\Users\Giommi\Downloads\wp-admin-bar-removal.zip
- 2015-04-26 16:35 - 2015-04-26 16:35 - 00141475 _____ () C:\Users\Giommi\Desktop\timelessshishalounge.wordpress.2015-04-26.xml
- 2015-04-25 18:44 - 2015-04-25 18:44 - 00000433 _____ () C:\Users\Giommi\Desktop\TEST.bat
- 2015-04-25 18:44 - 2004-06-11 15:33 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\subinacl.exe
- 2015-04-25 18:43 - 2015-04-25 18:43 - 00000000 ____D () C:\Program Files (x86)\Windows Resource Kits
- 2015-04-25 18:42 - 2015-04-25 18:42 - 00379392 _____ () C:\Users\Giommi\Downloads\subinacl.msi
- 2015-04-25 18:32 - 2015-04-25 18:32 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (7).diagcab
- 2015-04-25 18:29 - 2015-04-25 18:29 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.LB.12635343534526075.1.1.Run.exe
- 2015-04-25 18:26 - 2015-04-27 18:51 - 00000952 _____ () C:\Windows\setupact.log
- 2015-04-25 18:26 - 2015-04-25 18:26 - 00000000 _____ () C:\Windows\setuperr.log
- 2015-04-25 16:28 - 2015-04-25 16:28 - 00000677 _____ () C:\Users\Giommi\Desktop\Start Emsisoft Emergency Kit.lnk
- 2015-04-25 16:23 - 2015-04-25 16:24 - 154627352 _____ () C:\Users\Giommi\Downloads\EmsisoftEmergencyKit.exe
- 2015-04-25 01:29 - 2015-04-25 01:30 - 11093840 _____ () C:\Users\Giommi\Desktop\ts3_recording_15_04_25_1_29_54.wav
- 2015-04-25 00:49 - 2015-04-25 00:49 - 00199924 _____ () C:\Users\Giommi\Downloads\ClownfishVoiceChanger-v1.30.ts3_plugin
- 2015-04-24 22:01 - 2015-04-24 22:01 - 00005920 _____ () C:\Users\Giommi\Downloads\LOL_OPGG_Observer_2079025603_replay (2).bat
- 2015-04-21 20:50 - 2015-04-21 20:50 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (6).diagcab
- 2015-04-21 20:46 - 2015-04-21 20:47 - 00689664 _____ () C:\Users\Giommi\Downloads\MicrosoftFixit50202.msi
- 2015-04-21 20:32 - 2015-04-21 20:32 - 11313360 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\WindowsUpdateAgent-7.6-x64 (1).exe
- 2015-04-21 20:32 - 2015-04-21 20:32 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.Run (1).exe
- 2015-04-21 20:15 - 2015-04-21 20:15 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (5).diagcab
- 2015-04-21 20:07 - 2015-04-21 20:08 - 22660464 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\LifeCam3.60 (1).exe
- 2015-04-21 20:07 - 2015-04-21 20:07 - 03272560 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\StudioFW1033.exe
- 2015-04-21 19:05 - 2015-04-21 19:05 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.LB.182353091937150.1.1.Run.exe
- 2015-04-20 22:35 - 2015-04-20 22:35 - 00394754 _____ () C:\Users\Giommi\Downloads\soundboard-1.0b5-win64.ts3_plugin
- 2015-04-19 22:00 - 2015-04-19 22:02 - 00000227 _____ () C:\Users\Giommi\Desktop\Information.txt
- 2015-04-19 21:52 - 2015-04-19 22:03 - 02450341 _____ () C:\Users\Giommi\Desktop\Drophack Pack.rar
- 2015-04-16 20:57 - 2015-04-16 20:59 - 00000000 ____D () C:\Program Files (x86)\Perfect Privacy VPN Manager
- 2015-04-16 20:57 - 2015-04-16 20:57 - 00001154 _____ () C:\Users\Public\Desktop\VPN Manager.lnk
- 2015-04-16 20:57 - 2015-04-16 20:57 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Perfect_Privacy
- 2015-04-16 20:57 - 2015-04-16 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Privacy VPN
- 2015-04-16 13:12 - 2015-04-16 13:12 - 00233063 _____ () C:\Users\Giommi\Downloads\ppConfig_win.zip
- 2015-04-16 13:06 - 2015-04-16 13:06 - 00000000 ____D () C:\Users\Giommi\Desktop\Tor Browser
- 2015-04-16 13:04 - 2015-04-16 13:06 - 34736426 _____ () C:\Users\Giommi\Downloads\torbrowser-install-4.0.8_de.exe
- 2015-04-15 23:31 - 2015-04-15 23:33 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Drophack
- 2015-04-15 22:55 - 2015-04-15 22:55 - 00743424 _____ () C:\Users\Giommi\Downloads\ILMerge.msi
- 2015-04-15 22:28 - 2015-04-15 22:31 - 00000000 ____D () C:\Program Files (x86)\Eazfuscator.NET
- 2015-04-15 22:28 - 2015-04-15 22:30 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Gapotchenko
- 2015-04-15 22:28 - 2015-04-15 22:28 - 06230016 _____ () C:\Users\Giommi\Downloads\Eazfuscator.NET 4.8 Setup.msi
- 2015-04-15 13:37 - 2015-04-18 22:19 - 00000000 ____D () C:\Users\Giommi\Desktop\BH
- 2015-04-13 22:10 - 2015-04-13 22:10 - 00000121 _____ () C:\Users\Giommi\Desktop\Netflix.url
- 2015-04-13 21:47 - 2015-04-13 21:47 - 00314908 _____ () C:\Users\Giommi\Downloads\netflix.7z
- 2015-04-12 19:29 - 2015-04-12 19:32 - 00000000 ____D () C:\Program Files (x86)\Nmap
- 2015-04-12 16:42 - 2015-04-12 16:42 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (4).diagcab
- 2015-04-12 03:44 - 2015-04-12 03:44 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.LB.1035225393423321.4.1.Run.exe
- 2015-04-12 02:30 - 2015-04-12 02:30 - 11313360 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\WindowsUpdateAgent-7.6-x64.exe
- 2015-04-12 02:30 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
- 2015-04-12 02:30 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
- 2015-04-12 02:30 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
- 2015-04-12 02:30 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
- 2015-04-12 02:30 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
- 2015-04-12 02:30 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
- 2015-04-12 02:30 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
- 2015-04-12 02:30 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
- 2015-04-12 02:30 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
- 2015-04-12 02:30 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
- 2015-04-12 02:30 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
- 2015-04-12 02:30 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
- 2015-04-12 02:30 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
- 2015-04-12 02:30 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
- 2015-04-12 02:21 - 2015-04-12 02:21 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.Run.exe
- 2015-04-12 02:20 - 2015-04-12 02:20 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (3).diagcab
- 2015-04-12 02:20 - 2015-04-12 02:20 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (2).diagcab
- 2015-04-10 20:33 - 2015-04-10 20:33 - 00000955 _____ () C:\Users\Giommi\Desktop\Vega.lnk
- 2015-04-10 20:33 - 2015-04-10 20:33 - 00000955 _____ () C:\Users\fbwuser\Desktop\Vega.lnk
- 2015-04-10 20:33 - 2015-04-10 20:33 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vega
- 2015-04-10 20:33 - 2015-04-10 20:33 - 00000000 ____D () C:\Program Files (x86)\Vega
- 2015-04-10 20:32 - 2015-04-10 20:32 - 28647618 _____ () C:\Users\Giommi\Downloads\VegaSetup64 (2).exe
- 2015-04-08 17:46 - 2015-04-08 17:48 - 27694160 _____ () C:\Users\Giommi\Desktop\ts3_recording_15_04_08_17_46_21.wav
- 2015-04-08 11:56 - 2015-04-08 11:56 - 00000000 ____D () C:\Users\Default
- 2015-04-06 15:23 - 2015-04-06 15:23 - 00159144 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\WindowsActivationUpdate.exe
- 2015-04-06 15:06 - 2015-04-06 15:07 - 31603056 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\LifeCam3.0.exe
- 2015-04-06 15:06 - 2015-04-06 15:06 - 29546352 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\LifeCam3.22.exe
- 2015-04-05 21:00 - 2015-04-05 21:00 - 11835440 _____ () C:\Users\Giommi\Downloads\-Kamui-+Cookiezi+skin+original+(Okinawa6).rar
- 2015-04-03 22:46 - 2005-10-28 17:53 - 00000000 ____D () C:\Users\Giommi\Desktop\sharpSsh.bin
- 2015-04-03 22:45 - 2015-04-03 22:46 - 00148111 _____ () C:\Users\Giommi\Downloads\sharpSsh_Binaries (2).zip
- 2015-04-03 02:47 - 2015-04-03 02:47 - 00000000 ____D () C:\Users\Giommi\Desktop\Drophack
- 2015-04-03 02:39 - 2005-10-28 17:47 - 00167936 _____ (tamirgal.com) C:\Users\Giommi\Desktop\Tamir.sharpSsh.dll
- 2015-04-03 02:38 - 2015-04-03 02:39 - 00000124 _____ () C:\Users\Giommi\Downloads\sharpSsh_Binaries.zip
- 2015-04-02 23:07 - 2015-04-02 23:07 - 00010240 _____ () C:\Users\Giommi\Downloads\Get LOL IP.exe
- 2015-04-02 20:48 - 2015-04-02 20:51 - 00000194 _____ () C:\Users\Giommi\Downloads\LeagueSharp-master.zip
- 2015-04-02 20:46 - 2015-04-02 20:46 - 00000000 ____D () C:\Users\Giommi\AppData\Local\LeagueSharp
- 2015-04-02 20:45 - 2015-04-03 01:44 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\LS5E39C1A3
- 2015-04-01 20:10 - 2015-04-01 20:10 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Microsoft Games
- 2015-04-01 17:35 - 2015-04-01 17:35 - 01118920 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\NDP452-KB2901954-Web.exe
- 2015-04-01 15:51 - 2015-04-19 21:52 - 00000000 ____D () C:\Users\Giommi\Desktop\Drophack Server
- 2015-04-01 15:37 - 2015-04-16 21:21 - 00001472 _____ () C:\Users\Giommi\Desktop\smsniff.cfg
- 2015-04-01 15:23 - 2015-04-01 15:23 - 00215136 _____ (NirSoft) C:\Users\Giommi\Desktop\smsniff.exe
- 2015-04-01 14:01 - 2015-04-19 14:12 - 00000000 ____D () C:\Users\Giommi\Downloads\LeagueSharp
- 2015-04-01 13:53 - 2015-04-01 13:56 - 04512659 _____ ( ) C:\Users\Giommi\Downloads\LeagueSharp-update (1).exe
- 2015-04-01 13:41 - 2015-04-01 13:49 - 04512659 _____ ( ) C:\Users\Giommi\Downloads\LeagueSharp-update.exe
- 2015-04-01 13:34 - 2015-04-01 13:34 - 00000218 _____ () C:\Users\Giommi\.recently-used.xbel
- 2015-03-31 21:34 - 2015-03-31 21:34 - 00011713 _____ () C:\Users\Giommi\Downloads\ack (1)
- 2015-03-31 21:34 - 2015-03-31 21:34 - 00011713 _____ () C:\Users\Giommi\Desktop\ack
- 2015-03-31 21:12 - 2015-03-31 21:18 - 00001162 _____ () C:\Users\Giommi\Desktop\ntp.pl
- 2015-03-31 21:12 - 2013-01-27 20:20 - 00001638 _____ () C:\Users\Giommi\Desktop\dos.pl
- 2015-03-31 20:52 - 2015-03-31 20:52 - 00001179 _____ () C:\Users\Giommi\Desktop\g3m.pl
- 2015-03-31 20:50 - 2014-12-07 22:44 - 00007168 _____ () C:\Users\Giommi\Desktop\LOLIP.exe
- 2015-03-30 23:25 - 2015-03-30 23:25 - 00009266 _____ () C:\Users\Giommi\Downloads\SocksiPy.zip
- 2015-03-30 23:19 - 2015-03-30 23:19 - 00037271 _____ () C:\Users\Giommi\Desktop\rudy.py.txt
- 2015-03-30 23:19 - 2015-03-30 23:19 - 00000000 _____ () C:\Users\Giommi\Desktop\Neues Textdokument (5).txt
- 2015-03-30 12:53 - 2015-03-30 12:53 - 00000000 ____D () C:\ProgramData\Sun
- 2015-03-30 12:51 - 2015-03-30 12:51 - 00001814 _____ () C:\Users\Giommi\Downloads\download.vv
- 2015-03-30 12:45 - 2015-03-30 12:45 - 00561064 _____ (Oracle Corporation) C:\Users\Giommi\Downloads\chromeinstall-8u40.exe
- 2015-03-29 22:29 - 2015-04-05 18:04 - 00000000 ____D () C:\Users\Giommi\AppData\Local\LoLFrencher
- 2015-03-29 20:27 - 2015-03-29 20:27 - 00000000 ____D () C:\Users\Giommi\Desktop\Sedona
- 2015-03-29 16:22 - 2015-04-25 20:10 - 00058430 _____ () C:\Windows\WindowsUpdate.log
- 2015-03-29 16:10 - 2015-03-29 16:10 - 00002061 _____ () C:\Users\Public\Desktop\EasyTax 2014 AG.lnk
- 2015-03-29 16:10 - 2015-03-29 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyTax 2014 AG
- 2015-03-29 16:09 - 2015-03-29 16:10 - 44057112 _____ (HWI Solutions AG) C:\Users\Giommi\Downloads\EasyTax2014AG_windowsJRE_1_1-2.exe
- 2015-03-29 16:07 - 2015-03-29 16:07 - 00000000 _____ () C:\Users\Giommi\java0.log.lck
- 2015-03-29 16:07 - 2015-03-29 16:07 - 00000000 _____ () C:\Users\Giommi\java0.log
- 2015-03-28 20:38 - 2015-03-28 20:38 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (1).diagcab
- 2015-03-28 19:35 - 2015-03-28 19:35 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic.diagcab
- 2015-03-28 18:45 - 2015-03-28 18:45 - 03273584 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\StudioFW1031 (1).exe
- 2015-03-28 17:34 - 2015-03-28 17:34 - 00002043 _____ () C:\Users\Public\Desktop\Microsoft LifeCam.lnk
- 2015-03-28 17:34 - 2015-03-28 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
- 2015-03-28 17:34 - 2015-03-28 17:34 - 00000000 ____D () C:\Program Files\Microsoft LifeCam
- 2015-03-28 17:34 - 2015-03-28 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft LifeCam
- 2015-03-28 17:22 - 2015-03-28 17:22 - 03273584 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\StudioFW1031.exe
- 2015-03-28 17:20 - 2015-03-28 17:20 - 22660464 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\LifeCam3.60.exe
- ==================== One Month Modified Files and Folders =======
- (If an entry is included in the fixlist, the file\folder will be moved.)
- 2015-04-27 18:57 - 2012-08-28 06:28 - 00700804 _____ () C:\Windows\system32\perfh007.dat
- 2015-04-27 18:57 - 2012-08-28 06:28 - 00150272 _____ () C:\Windows\system32\perfc007.dat
- 2015-04-27 18:57 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
- 2015-04-27 18:54 - 2013-07-26 22:42 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\TS3Client
- 2015-04-27 18:54 - 2012-08-28 18:25 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Skype
- 2015-04-27 18:53 - 2013-12-04 23:48 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2015-04-27 18:51 - 2015-01-02 20:47 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
- 2015-04-27 18:51 - 2013-03-03 22:10 - 00000000 ____D () C:\ProgramData\NVIDIA
- 2015-04-27 18:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
- 2015-04-27 13:14 - 2013-12-04 23:48 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2015-04-27 13:12 - 2012-08-27 23:04 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2A523F14-06ED-41FB-A4ED-8DAFF72BBBD1}
- 2015-04-27 12:33 - 2012-08-28 18:21 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Adobe
- 2015-04-27 12:31 - 2009-07-14 06:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2015-04-27 12:31 - 2009-07-14 06:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2015-04-26 01:24 - 2014-07-30 17:19 - 00109680 _____ () C:\Users\Giommi\AppData\Local\GDIPFONTCACHEV1.DAT
- 2015-04-26 01:24 - 2009-07-14 06:45 - 05074424 _____ () C:\Windows\system32\FNTCACHE.DAT
- 2015-04-25 18:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
- 2015-04-25 18:21 - 2015-01-26 21:44 - 00000000 ____D () C:\Users\Giommi\Desktop\LazyAim
- 2015-04-25 18:21 - 2014-06-04 13:41 - 00000000 ____D () C:\ProgramData\Performancer
- 2015-04-25 16:47 - 2013-08-05 22:21 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Winamp
- 2015-04-25 16:47 - 2013-06-24 18:25 - 00000000 ____D () C:\Program Files (x86)\Steam
- 2015-04-25 16:47 - 2012-09-18 20:05 - 00000000 ____D () C:\Users\Giommi\AppData\Local\CrashDumps
- 2015-04-25 16:35 - 2014-09-17 13:00 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Nano
- 2015-04-22 22:20 - 2015-03-23 13:53 - 00000035 _____ () C:\Windows\vidplaylist.ini
- 2015-04-19 22:22 - 2015-01-15 23:36 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Tox
- 2015-04-19 16:48 - 2015-01-17 04:38 - 00000104 _____ () C:\Users\Giommi\Desktop\Neues Textdokument (3).txt
- 2015-04-19 03:09 - 2014-10-26 17:11 - 00000600 _____ () C:\Users\Giommi\AppData\Local\PUTTY.RND
- 2015-04-18 21:53 - 2009-07-14 07:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
- 2015-04-17 19:15 - 2014-12-01 14:14 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
- 2015-04-15 23:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\catroot2.bak
- 2015-04-15 22:42 - 2013-04-25 18:43 - 00000000 ____D () C:\Users\Giommi\Documents\Visual Studio 2012
- 2015-04-15 22:04 - 2013-08-01 21:25 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\FileZilla
- 2015-04-14 12:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
- 2015-04-13 21:43 - 2015-02-27 14:54 - 00000811 _____ () C:\netflixacc.txt
- 2015-04-13 21:43 - 2012-08-28 18:30 - 00000000 ____D () C:\Users\Giommi\Documents\Visual Studio 2010
- 2015-04-12 19:34 - 2014-06-11 02:01 - 00000000 ____D () C:\Users\Giommi\.zenmap
- 2015-04-08 20:17 - 2014-12-10 16:03 - 00000000 ____D () C:\Users\Giommi\AppData\Local\osu!
- 2015-04-08 11:56 - 2015-02-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
- 2015-04-08 11:56 - 2015-02-18 14:37 - 00000000 ____D () C:\Program Files (x86)\Avira
- 2015-04-08 11:56 - 2012-12-22 17:47 - 00000000 ____D () C:\ProgramData\Package Cache
- 2015-04-02 23:42 - 2013-11-10 17:01 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\.purple
- 2015-04-02 20:27 - 2014-08-10 13:00 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\BoL
- 2015-04-01 17:39 - 2012-08-28 18:29 - 01600288 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
- 2015-04-01 15:52 - 2014-12-25 04:52 - 00000600 _____ () C:\Users\Giommi\AppData\Roaming\winscp.rnd
- 2015-04-01 13:34 - 2012-08-27 22:12 - 00000000 ____D () C:\Users\Giommi
- 2015-04-01 13:01 - 2013-11-11 21:35 - 00000000 ____D () C:\Users\Giommi\AppData\Local\gtk-2.0
- 2015-04-01 12:44 - 2015-02-18 14:41 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Avira
- 2015-04-01 12:43 - 2015-02-18 14:37 - 00000000 ____D () C:\ProgramData\Avira
- 2015-03-30 23:11 - 2015-03-20 22:45 - 00000000 ____D () C:\Users\Giommi\Desktop\Projekt Offshore Server
- 2015-03-30 13:03 - 2015-03-15 03:12 - 00000000 ____D () C:\Users\Giommi\Desktop\Xtreme
- 2015-03-30 12:53 - 2015-03-23 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
- 2015-03-30 12:53 - 2014-05-14 22:31 - 00000000 ____D () C:\Program Files (x86)\Java
- 2015-03-30 12:46 - 2014-09-17 17:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
- 2015-03-29 23:34 - 2015-01-26 21:21 - 00000000 ____D () C:\Users\Giommi\Desktop\VPS CHEAP
- 2015-03-29 16:10 - 2014-02-19 13:58 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\EasyTax
- 2015-03-29 16:10 - 2013-02-17 20:15 - 00000000 ____D () C:\Program Files (x86)\EasyTax
- ==================== Files in the root of some directories =======
- 2014-12-25 04:52 - 2015-04-01 15:52 - 0000600 _____ () C:\Users\Giommi\AppData\Roaming\winscp.rnd
- 2014-08-24 20:04 - 2015-01-04 21:20 - 0004608 _____ () C:\Users\Giommi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
- 2014-12-25 14:37 - 2014-12-25 21:06 - 0000276 _____ () C:\Users\Giommi\AppData\Local\logs.dat
- 2014-12-25 22:03 - 2014-12-25 22:03 - 0000135 _____ () C:\Users\Giommi\AppData\Local\melt.bat
- 2014-10-26 17:11 - 2015-04-19 03:09 - 0000600 _____ () C:\Users\Giommi\AppData\Local\PUTTY.RND
- 2014-11-25 20:59 - 2014-11-25 20:59 - 0001467 _____ () C:\Users\Giommi\AppData\Local\recently-used.xbel
- 2012-11-05 20:18 - 2012-11-05 20:18 - 0000057 _____ () C:\ProgramData\Ament.ini
- 2014-03-16 22:14 - 2014-03-16 22:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
- Some content of TEMP:
- ====================
- C:\Users\Giommi\AppData\Local\Temp\avgnt.exe
- ==================== Bamital & volsnap Check =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\System32\winlogon.exe => File is digitally signed
- C:\Windows\System32\wininit.exe => File is digitally signed
- C:\Windows\SysWOW64\wininit.exe => File is digitally signed
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\SysWOW64\explorer.exe => File is digitally signed
- C:\Windows\System32\svchost.exe => File is digitally signed
- C:\Windows\SysWOW64\svchost.exe => File is digitally signed
- C:\Windows\System32\services.exe => File is digitally signed
- C:\Windows\System32\User32.dll => File is digitally signed
- C:\Windows\SysWOW64\User32.dll => File is digitally signed
- C:\Windows\System32\userinit.exe => File is digitally signed
- C:\Windows\SysWOW64\userinit.exe => File is digitally signed
- C:\Windows\System32\rpcss.dll => File is digitally signed
- C:\Windows\System32\Drivers\volsnap.sys
- [2010-11-21 05:23] - [2010-11-21 05:23] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E
- C:\Windows\System32\Drivers\volsnap.sys No Company Name <===== ATTENTION!
- testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!
- LastRegBack: 2015-04-14 12:45
- ==================== End Of Log ============================
- [/Code]
- [/spoiler]
- Addition.txt
- [Spoiler]
- [Code]
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
- Ran by Giommi at 2015-04-27 18:57:45
- Running from C:\Users\Giommi\Downloads
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-3551031480-2449454405-1511854611-500 - Administrator - Disabled)
- fbwuser (S-1-5-21-3551031480-2449454405-1511854611-1005 - Limited - Enabled) => C:\Users\fbwuser
- Giommi (S-1-5-21-3551031480-2449454405-1511854611-1000 - Administrator - Enabled) => C:\Users\Giommi
- Guest (S-1-5-21-3551031480-2449454405-1511854611-501 - Limited - Disabled)
- HomeGroupUser$ (S-1-5-21-3551031480-2449454405-1511854611-1007 - Limited - Enabled)
- UpdatusUser (S-1-5-21-3551031480-2449454405-1511854611-1008 - Limited - Enabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
- AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\uTorrent) (Version: 3.4.2.34537 - BitTorrent Inc.)
- 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
- Acunetix Web Vulnerability Scanner 8.0 (HKLM-x32\...\{DBD76811-6CF0-4A15-9436-B779C3A36929}_is1) (Version: 8.0 - Acunetix)
- Acunetix Web Vulnerability Scanner 9.5 (HKLM-x32\...\{ffec63c3-090d-45ea-afd7-eab07edb5822}_is1) (Version: 9.5 - Acunetix)
- Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.0 - Adobe Systems Incorporated)
- Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
- Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.265 - Adobe Systems Incorporated)
- Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.6.602.180 - Adobe Systems Incorporated)
- Adobe Photoshop CC 2014 (32 Bit) (HKLM-x32\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.0 - Adobe Systems Incorporated)
- Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
- Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve)
- AMIP (remove only) (HKLM-x32\...\AMIP) (Version: - )
- Andy OS (HKLM-x32\...\Andy OS) (Version: 0.41 - Andy OS, Inc)
- Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.3.2 - Angry IP Scanner)
- APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
- Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
- Assassins Creed IV Black Flag (HKLM-x32\...\Assassins Creed IV Black Flag_is1) (Version: 1.0.4.0 - )
- Assassins Creed Unity (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - )
- Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
- AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version: - )
- AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
- Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
- Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
- Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
- Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
- Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
- Bitcoin Core (64-bit) (HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
- Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
- Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: - )
- Call of Duty Ghosts (HKLM-x32\...\Q2FsbG9mRHV0eUdob3N0cw==_is1) (Version: 1 - )
- Camtasia Studio 8 (HKLM-x32\...\{B1F8F5EB-75E2-40C3-9A50-7907F1C910F1}) (Version: 8.0.3.994 - TechSmith Corporation)
- CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
- Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)
- CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)
- Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
- Cross DJ LE 2.0.2 (HKLM-x32\...\MixVibes Cross DJ LE 2.0.2) (Version: 2.0.2 - MixVibes)
- Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
- D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
- DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
- DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.4.0 - oldsch00l)
- Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
- Dethroned! (HKLM-x32\...\Steam App 269390) (Version: - Treehouse Ltd)
- DLL Suite 2013 (HKLM-x32\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version: - )
- Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
- Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
- Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
- EasyTax 2012 AG 1.02 (HKLM-x32\...\3785-6780-1293-3574) (Version: 1.02 - HWI Solutions AG)
- EasyTax 2013 AG 1.0 (HKLM-x32\...\4093-4123-1528-3000) (Version: 1.0 - HWI Solutions AG)
- EasyTax 2014 AG 1.1 (HKLM-x32\...\5677-8571-9647-3678) (Version: 1.1 - HWI Solutions AG)
- Eazfuscator.NET (HKLM-x32\...\{6CC522B4-DFF7-4BA4-9DBD-149C8BCED8C8}) (Version: 4.8.144 - Gapotchenko)
- FileZilla Client 3.7.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.2 - Tim Kosse)
- FlorensiaEN 2.01.01 (HKLM-x32\...\FlorensiaEN) (Version: 2.01.01 - AHA Entertainment)
- Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
- Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
- Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
- GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
- Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
- Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
- Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)
- Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - )
- HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
- Horizon Assistant (HKLM-x32\...\Horizon Assistant) (Version: 1.4.7.12 - upc cablecom GmbH)
- Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
- HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{A9C5381E-F415-4EDC-95A2-9164218FEA8A}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
- HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
- HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
- HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
- HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
- ILMerge (HKLM-x32\...\{B7B9AF9F-408C-4168-985B-9861055B58C5}) (Version: 2.12.0803 - Microsoft)
- iMacros Version 9.0.0.2379 (HKLM-x32\...\{9C5118F7-E26D-4fc0-B7F4-4A067A0808FA}_is1) (Version: 9.0.0.2379 - iOpus)
- Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
- IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
- Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
- Java SE Development Kit 7 Update 13 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170130}) (Version: 1.7.0.130 - Oracle)
- JetBrains dotPeek 1.2 (HKLM-x32\...\{2F536C85-F8AF-4A7C-ACC5-67566B8C810A}) (Version: 1.2.1.226 - JetBrains Inc)
- League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
- Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
- LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
- LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
- Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
- LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
- MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
- MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
- Metasploit (HKLM-x32\...\Metasploit 4.11.0) (Version: 4.11.0 - Rapid7)
- Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
- Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
- Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
- Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
- Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
- Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
- Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
- Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
- Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
- Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
- Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
- Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
- Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
- Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
- Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
- Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
- Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{f9024a51-ab45-4a46-b597-ce12f74963c7}) (Version: 11.0.50727.1 - Microsoft Corporation)
- Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
- Minecraft1.6.2 (HKLM-x32\...\Minecraft1.6.2) (Version: - )
- Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version: - Virtual Heroes)
- MorphVOX Pro (HKLM-x32\...\{87e86c41-0052-42d8-b164-60f261e1708c}) (Version: 4.4.17.22603 - Screaming Bee)
- MorphVOX Pro (x32 Version: 4.4.17.22603 - Screaming Bee) Hidden
- Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
- Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
- MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
- MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
- Naruto Shippuden Ultimate Ninja Storm Revolution (HKLM-x32\...\Naruto Shippuden Ultimate Ninja Storm Revolution_is1) (Version: - )
- NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software)
- NetLimiter 3 (Version: 3.0.0.11 - Locktime Software) Hidden
- Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
- Nmap 6.40 (HKLM-x32\...\Nmap) (Version: - )
- No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
- Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2 - )
- Notification Center (HKLM-x32\...\{384FA0C0-BB19-4CA0-8DB4-5FD4E938277F}) (Version: 0.7.7.813 - BlueStack Systems, Inc.)
- NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
- NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
- NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
- NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
- NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
- Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
- OpenAL (HKLM-x32\...\OpenAL) (Version: - )
- OpenVPN 2.3.6-I601 (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
- Opera Mobile Emulator (HKLM-x32\...\{1826D0CA-F479-4430-9EFE-86E8E783505B}_is1) (Version: - Opera Software ASA)
- Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
- Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
- osu! (HKLM-x32\...\{9303881e-fc8f-4490-9b42-d7e35019b81f}) (Version: latest - ppy Pty Ltd)
- Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
- PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: 1.0.0.0 - )
- PAYDAY 2 version 1.23.2 (Update 50) (HKLM-x32\...\{1D0A2701-07CF-4E21-87CE-88EC3EB61BC1}_is1) (Version: 1.23.2 (Update 50) - DigitalZone)
- Performancer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{dfc86759}) (Version: - 24soft) <==== ATTENTION
- Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
- Portal 2 (HKLM-x32\...\Postal 2_is1) (Version: - )
- PostgreSQL 9.2 (HKLM\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group)
- PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
- Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
- Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
- PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
- Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
- Rome: Total War (HKLM-x32\...\Steam App 4760) (Version: - The Creative Assembly)
- S4 League_EU (HKLM-x32\...\{2D99FCE1-6594-4F2D-86C6-EC1436C699F7}) (Version: 1.00.0000 - )
- S4 League_EU (HKLM-x32\...\{3A5C0E18-0AA4-4304-A212-B1E0BC303000}) (Version: 1.00.0000 - )
- S4 League_EU (HKLM-x32\...\{7AE7FB08-2C7B-4A02-8134-7582652A3C3E}) (Version: 1.00.0000 - )
- Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
- SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
- Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
- SixaxisPairTool 0.2.5 (HKLM-x32\...\SixaxisPairTool_is1) (Version: 0.2.5 - Dancing Pixel Studios)
- Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
- Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
- Smart Technology Programming Software 7.0.24.8 (HKLM\...\{F31F1F66-5685-4C21-906E-20CB74C7BCDF}) (Version: 7.0.24.8 - Mad Catz)
- Smart Technology Volume Tracker 7.0.23.0 (HKLM\...\{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}) (Version: 7.0.23.0 - Mad Catz)
- SongReference Video Playlist v1.0 (HKLM-x32\...\SongReference Video Playlist) (Version: 1_0 - SongReference.com)
- Spotify (HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
- Spotnet (HKLM-x32\...\{12947715-B6F0-4597-816F-5E13FB647921}_is1) (Version: 1.8.1 - Spotnet)
- Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
- SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version: - Image&Form)
- Strawberry Perl (64-bit) (HKLM\...\{70919690-6C9B-1014-A8F1-1DC63567E6CE}) (Version: 5.18.2002 - strawberryperl.com project)
- Studie zur Verbesserung von HP Deskjet 3520 series Produkten (HKLM\...\{E75A77D7-A854-44D6-A46B-82332AD79E9E}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
- TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
- Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
- TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
- Telerik JustDecompile Q3 2014 (HKLM-x32\...\{593F0F6D-77CC-45E2-832D-03B0AF44253B}) (Version: 14.3.1021.0 - Telerik AD)
- Thief (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - )
- Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
- TP-LINK Wireless Client Utility (HKLM-x32\...\{385C8E5A-0B4F-4DCD-BBBD-2A8AE0400A76}) (Version: 7.0 - TP-LINK)
- Tunngle Version Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
- Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
- Vega 1.0 (HKLM-x32\...\Vega) (Version: 1.0 - Subgraph)
- Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
- Virtual DJ Pro Full - Atomix Productions (HKLM-x32\...\Virtual DJ Pro Full - Atomix Productions) (Version: - )
- VirtualDJ 8 (HKLM-x32\...\{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}) (Version: 8.0.2139.0 - Atomix Productions)
- Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
- VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
- VPN Manager 1.6.71.0 (HKLM-x32\...\VPN Manager) (Version: 1.6.71.0 - Perfect-Privacy)
- War of the Roses (HKLM-x32\...\Steam App 42160) (Version: - Fatshark)
- Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version: - Ino-Co Plus)
- WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
- WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
- WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
- Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
- Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
- Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
- Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
- WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
- WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
- WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
- WinSCP 5.1.2 (HKLM-x32\...\winscp3_is1) (Version: 5.1.2 - Martin Prikryl)
- Wireshark 1.8.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.2 - The Wireshark developer community, http://www.wireshark.org)
- WTFast 3.5 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.5.3.400 - Initex & AAA Internet Publishing)
- XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
- XSplit Broadcaster (HKLM-x32\...\{F8A47958-47CC-4B57-AE7D-7DDC0A86BEF5}) (Version: 1.3.1311.1201 - SplitMediaLabs)
- ==================== Custom CLSID (selected items): ==========================
- (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
- ==================== Restore Points =========================
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-14 04:34 - 2014-12-25 15:33 - 00001499 ____A C:\Windows\system32\Drivers\etc\hosts
- 127.0.0.1 bsbackup.mine.nu
- 127.0.0.1 bshades.eu
- 127.0.0.1 blackshades.ru
- 0.0.0.0 rad.msn.com127.0.0.1 anchorfree.net
- 127.0.0.1 rss2search.com
- 127.0.0.1 techbrowsing.com
- 127.0.0.1 box.anchorfree.net
- 127.0.0.2 www.mefeedia.com
- 127.0.0.1 anchorfree.us
- 127.0.0.1 a433.com
- 127.0.0.3 www.anchorfree.net
- 127.0.0.1 rpt.anchorfree.net
- 127.0.0.1 delivery.anchorfree.us/land.php
- 127.0.0.1 hsselite.com
- 127.0.0.1 www.hsselite.com
- ==================== Scheduled Tasks (whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
- Task: {198E9081-9C68-4058-ACBF-2C74BC2404FF} - System32\Tasks\{83CAD12B-C0D7-48D5-8297-2D57095572DF} => pcalua.exe -a C:\Users\Giommi\Downloads\lgs510.exe -d C:\Users\Giommi\Downloads
- Task: {1B0E1B7B-FD70-42EF-95DB-96CCBF6A3F0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-01] (Google Inc.)
- Task: {1C720E01-9076-449C-A371-5DA91E867A4A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
- Task: {289D9832-ADAC-4FAB-B6F9-27F0F0D17C1C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
- Task: {2A440229-F0B4-4AFB-AB13-5D6FCFA3ADE0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
- Task: {4D0A4F34-A9C7-4FEA-9F27-5CD071C23752} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe
- Task: {55DCEC9C-F276-4B28-85F7-757F626B821D} - System32\Tasks\{6E98C2CE-90EB-47E5-BC67-F8D5667FF0F5} => pcalua.exe -a C:\Users\Giommi\Desktop\WebHacking\Symlink\SYMLINK\KalydoPlayer_4.10.01.exe -d C:\Users\Giommi\Desktop\WebHacking\Symlink\SYMLINK
- Task: {7DB04E06-2438-4D5D-B2B1-16ABBEF9CF94} - System32\Tasks\{0F78F309-C2DE-456C-BCCE-FE88EE282F71} => Chrome.exe http://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
- Task: {8A8A9D09-90AC-4C81-B762-40BA15DFA0DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
- Task: {9B75CC75-7C5E-4624-8274-093920B07849} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-01] (Google Inc.)
- Task: {9E3F1BDC-C022-4942-9241-FCC8949F0720} - System32\Tasks\{FCAEF866-F598-4FEB-A391-9282ED6EB66C} => pcalua.exe -a "C:\Users\Giommi\Downloads\V7_Keyboard_SD7_0_23_0_x64_Drivers (1).exe" -d C:\Users\Giommi\Downloads
- Task: {B1E352F7-62E9-4161-9652-F1CE58BB8D01} - System32\Tasks\{0F54EE2E-781A-44DC-BB3C-20AC6B137D39} => pcalua.exe -a C:\Users\Giommi\Desktop\JRATS\Jar2Exe.exe -d C:\Users\Giommi\Desktop\JRATS
- Task: {BE1ED2DC-3F23-42F5-A4A3-02E9466427DE} - \BrowserProtect No Task File <==== ATTENTION
- Task: {EA38D5C3-B510-40F1-B53F-1B084193158F} - System32\Tasks\AdobeAAMUpdater-1.0-Giommi-PC-Giommi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
- Task: {F367E66D-2962-41DD-8CAC-3F15861B02EA} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe <==== ATTENTION
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Loaded Modules (whitelisted) ==============
- 2013-09-11 17:10 - 2013-08-02 04:12 - 00043520 _____ () C:\Windows\system32\CSRSRV.dll
- 2009-07-14 01:19 - 2009-07-14 03:41 - 00036864 _____ () C:\Windows\system32\pcwum.dll
- 2009-07-14 01:19 - 2009-07-14 03:41 - 00036864 _____ () C:\Windows\system32\pcwum.DLL
- 2009-07-14 01:19 - 2009-07-14 03:41 - 00036864 _____ () C:\Windows\System32\pcwum.dll
- 2014-09-29 02:06 - 2012-11-22 18:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
- 2009-07-14 01:19 - 2009-07-14 03:41 - 00036864 _____ () c:\windows\system32\pcwum.dll
- 2013-11-19 20:30 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
- 2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
- 2014-04-22 22:47 - 2014-04-22 22:46 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
- 2014-04-22 22:47 - 2014-04-22 22:46 - 00151552 _____ () C:\Windows\KMService.exe
- 2012-10-23 19:05 - 2014-10-29 20:39 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
- 2015-01-07 19:37 - 2014-10-20 09:40 - 00176640 _____ () C:\Program Files\PostgreSQL\9.2\bin\LIBPQ.dll
- 2015-01-07 19:37 - 2014-02-05 11:16 - 01336832 _____ () C:\Program Files\PostgreSQL\9.2\bin\libxml2.dll
- 2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
- 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
- 2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
- 2014-03-15 03:08 - 2014-03-15 03:08 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
- 2014-03-15 03:08 - 2014-03-15 03:08 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
- 2014-03-15 03:08 - 2014-03-15 03:08 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
- 2012-07-30 16:13 - 2014-08-17 01:49 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
- 2012-07-30 16:13 - 2014-08-17 01:49 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
- 2014-03-15 03:08 - 2014-03-15 03:08 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
- 2014-03-15 03:08 - 2014-03-15 03:08 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
- 2015-04-25 00:50 - 2015-04-25 00:51 - 00207360 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\ClownfishForTeamspeak_win64.dll
- 2012-07-30 16:13 - 2014-08-17 01:49 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
- 2015-04-20 22:35 - 2015-04-20 22:35 - 00486912 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
- 2013-10-27 00:05 - 2014-08-17 01:49 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
- 2014-03-15 03:08 - 2014-03-15 03:08 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
- 2012-08-28 18:01 - 2012-05-29 11:47 - 01300376 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
- 2015-04-08 09:55 - 2015-04-08 09:55 - 02324472 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
- 2015-04-08 09:55 - 2015-04-08 09:55 - 03800568 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
- 2013-07-25 21:29 - 2013-07-25 21:29 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
- 2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
- 2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
- 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
- 2013-03-08 07:17 - 2013-03-08 07:17 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
- 2013-03-08 07:17 - 2013-03-08 07:17 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
- 2013-03-08 07:17 - 2013-03-08 07:17 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
- 2013-03-08 07:17 - 2013-03-08 07:17 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
- 2013-03-08 07:17 - 2013-03-08 07:17 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
- 2013-08-06 19:43 - 2013-08-06 19:43 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
- 2015-04-17 19:15 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
- 2015-04-17 19:15 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
- 2015-04-08 09:55 - 2015-04-08 09:55 - 01672184 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\RiotLauncher.dll
- 2013-07-25 21:29 - 2013-07-25 21:29 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
- ==================== Alternate Data Streams (whitelisted) =========
- (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
- ==================== Safe Mode (whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
- ==================== EXE Association (whitelisted) ===============
- (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, the associated entry will be removed from the registry.)
- IE trusted site: HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\localhost -> hxxps://localhost
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Control Panel\Desktop\\Wallpaper ->
- DNS Servers: 62.2.24.158 - 62.2.17.60
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- MSCONFIG\Services: AcuWVSSchedulerv8 => 2
- MSCONFIG\Services: BstHdLogRotatorSvc => 2
- MSCONFIG\Services: DefaultTabSearch => 2
- MSCONFIG\Services: DefaultTabUpdate => 2
- MSCONFIG\Services: Disc Soft Bus Service => 3
- MSCONFIG\Services: Hamachi2Svc => 2
- MSCONFIG\Services: LMIGuardianSvc => 2
- MSCONFIG\Services: LPTSystemUpdater => 2
- MSCONFIG\Services: metasploitProSvc => 2
- MSCONFIG\Services: metasploitThin => 2
- MSCONFIG\Services: metasploitWorker => 2
- MSCONFIG\Services: nlsvc => 2
- MSCONFIG\Services: NvStreamSvc => 2
- MSCONFIG\Services: OverwolfUpdaterService => 3
- MSCONFIG\Services: PassThru Service => 2
- MSCONFIG\Services: Update lucky leap => 2
- MSCONFIG\Services: Util lucky leap => 2
- MSCONFIG\Services: Wpm => 2
- MSCONFIG\Services: wuauserv => 2
- MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
- MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrivateTunnel.lnk => C:\Windows\pss\PrivateTunnel.lnk.CommonStartup
- MSCONFIG\startupfolder: C:^Users^Giommi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
- MSCONFIG\startupfolder: C:^Users^Giommi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
- MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
- MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
- MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
- MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Giommi\AppData\Local\Akamai\netsession_win.exe"
- MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
- MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
- MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
- MSCONFIG\startupreg: Application Experience => C:\Users\Giommi\AppData\Roaming\Microsoft\AeLookupSvi.exe
- MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
- MSCONFIG\startupreg: Audio Treiber x64 => C:\Users\Giommi\AppData\Roaming\AudioTreiber_x64.exe
- MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
- MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
- MSCONFIG\startupreg: Avirnt => C:\Users\Giommi\AppData\Roaming\Microsoft\Pluguin.exe
- MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
- MSCONFIG\startupreg: Coin Miner => C:\Program Files (x86)\CoinMiner\coinminer.exe a
- MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
- MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
- MSCONFIG\startupreg: EADM => "D:\origin\Origin.exe" -AutoStart
- MSCONFIG\startupreg: GoogleChromeAutoLaunch_7E290A021AA3DB674CDF04B2A02A17DA => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
- MSCONFIG\startupreg: HKCU => C:\Windows\SysWOW64\InstallDir\svchost.exe
- MSCONFIG\startupreg: HKLM => C:\Windows\system32\InstallDir\svchost.exe
- MSCONFIG\startupreg: HP Deskjet 3520 series (NET) => "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN27A111C905SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
- MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
- MSCONFIG\startupreg: InstaShot => C:\Users\Giommi\Desktop\InstaShot\InstaShot\bin\Debug\InstaShot.exe
- MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
- MSCONFIG\startupreg: KiloByte => C:\Users\Giommi\Desktop\KiloByte\KiloByte\bin\Debug\KiloByte.exe
- MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
- MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
- MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
- MSCONFIG\startupreg: Microsoft => C:\Users\Giommi\Desktop\Hacking\Pandora Rat v2.0\Pandora Rat\crypted.exe
- MSCONFIG\startupreg: MurGee.com Auto Clicker => C:\Program Files (x86)\Auto Clicker\AutoClicker.exe :silent
- MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
- MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
- MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
- MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
- MSCONFIG\startupreg: S4Linject => C:\ProgramData\Microsoft\Windows\Start Menu\Programs\msupdt\microsoftUp2date.exe
- MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
- MSCONFIG\startupreg: SaiVolume => C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
- MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
- MSCONFIG\startupreg: Server => "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -jar "C:\Users\Giommi\AppData\Local\Temp\Server9060676699719166660.jar"
- MSCONFIG\startupreg: serverDELETE => C:\Users\Giommi\AppData\Roaming\server.exe
- MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
- MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
- MSCONFIG\startupreg: Spotify => "C:\Users\Giommi\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
- MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Giommi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
- MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
- MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
- MSCONFIG\startupreg: uTorrent => "C:\Users\Giommi\Downloads\uTorrent.exe" /MINIMIZED
- MSCONFIG\startupreg: wincores => C:\Users\Giommi\AppData\Roaming\wincores\wincores.exe
- MSCONFIG\startupreg: Windef.exe => "C:\Windows\WinLog.exe"
- MSCONFIG\startupreg: windows => C:\Users\Giommi\AppData\Local\Temp\Rar$EXa0.124\Twitch Viewer Faker 2014 FINAL Multi Proxy Bot\Twitch Viewer Faker 2014 Multi Proxy Bot.exe
- MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
- MSCONFIG\startupreg: WSHelperSetup.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
- ==================== FirewallRules (whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
- FirewallRules: [{BD47E202-D74B-448B-987B-1475B674FD1F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
- FirewallRules: [{5F0B204C-8739-48F9-A416-0511CA3B5224}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
- FirewallRules: [{356508C6-D943-43AD-982D-04A982AA8C69}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
- FirewallRules: [{C28B0847-B6D8-4913-A196-DE2DB1744BD3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
- FirewallRules: [{03207705-DBFD-4348-BB91-D737DEA20CD1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
- FirewallRules: [{48ABB4CE-C2BF-4A69-887E-ACD5C484F32B}] => (Allow) LPort=51563
- FirewallRules: [{080DDD60-5AD0-4281-BB3B-D44F2C738814}] => (Allow) LPort=5000
- FirewallRules: [{9E66B158-9D63-4A42-90DA-DBE5ED6FB3A6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
- FirewallRules: [{1BFAFB86-7614-4A36-98F5-13588D65134F}] => (Allow) LPort=2869
- FirewallRules: [{26B0874C-F883-42D1-A869-A90F90EF3E0F}] => (Allow) LPort=1900
- FirewallRules: [{07BA6593-4F57-4C34-9D76-7FD3F0A7FF42}] => (Allow) D:\games\AC3SP.exe
- FirewallRules: [{02663718-AC3D-4D86-96DE-DF1F00113F2A}] => (Allow) D:\games\AC3SP.exe
- FirewallRules: [{2DF0723D-842B-48CB-BB8C-FAE944F1F46E}] => (Allow) D:\games\AC3MP.exe
- FirewallRules: [{776A3519-E94E-4AF8-859E-08475BA5FEAB}] => (Allow) D:\games\AC3MP.exe
- FirewallRules: [{FA4D73DF-2766-4858-9841-0B65418B4497}] => (Allow) D:\games\AssassinsCreed3.exe
- FirewallRules: [{D7D8A0AC-1D0A-42EC-AF2A-E3B465D65249}] => (Allow) D:\games\AssassinsCreed3.exe
- FirewallRules: [{045C310A-9D6F-4B0C-97CA-D28166E12183}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
- FirewallRules: [{5E3F75F1-3D71-40BA-92D6-2BEF2CF5EEDE}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
- FirewallRules: [{FDE6C95E-4F94-4CDE-B146-CD6E26BC6821}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
- FirewallRules: [{59647ED8-BCD5-4B72-B755-D9ED7AC25414}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
- FirewallRules: [{E2B508C0-8E87-4B13-8837-442DE630C480}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
- FirewallRules: [{E924E688-5A00-4A42-BE91-95345A5D0666}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
- FirewallRules: [{B7BE5FEE-422B-4E85-8C47-36B54D8976C2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
- FirewallRules: [{E632628D-2491-4E70-B936-AF065AFCB174}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{6E04FCA3-2A00-463C-B65C-7F2A177F7BFC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{CD05DF48-4A20-4BB8-9DB7-A8AA55FD29E5}] => (Allow) D:\games\AC3SP.exe
- FirewallRules: [{D7AE4187-7C74-4BE3-8D22-B0BAAEFA988A}] => (Allow) D:\games\AC3SP.exe
- FirewallRules: [{B605C5C9-8FB4-40E7-999F-D0FA6CC7ED08}] => (Allow) D:\games\AC3MP.exe
- FirewallRules: [{91136FA3-5EC7-4493-AD44-8E8F6120F1AC}] => (Allow) D:\games\AC3MP.exe
- FirewallRules: [{C15F5C76-E480-49A6-8C8F-ED528047299E}] => (Allow) D:\games\AssassinsCreed3.exe
- FirewallRules: [{21FD760E-67B7-48AC-8963-686F6E596950}] => (Allow) D:\games\AssassinsCreed3.exe
- FirewallRules: [{EE254CBC-47AF-4E39-8CB9-93097D843934}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
- FirewallRules: [{34AB3929-B4ED-44F2-BAF2-C6931CC5CA6C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
- FirewallRules: [{26898CB7-E7D3-4BE2-9C71-C957275DA762}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
- FirewallRules: [{C59DC812-FEEB-4F6E-9727-4081B8D518B0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
- FirewallRules: [{AF04F5C6-F5B2-4AD1-AB00-D54B20FA9330}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
- FirewallRules: [{AA5E1613-5394-42BE-98DD-405725FFB29F}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
- FirewallRules: [{8E2C80F9-5000-48B2-B939-E718419882CC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- FirewallRules: [{16842496-844B-4948-824E-E81933416A3B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- FirewallRules: [{B867A8F1-19A2-409D-BE2C-02D7339186EA}] => (Allow) D:\games\Battlefield 4\bf4_x86.exe
- FirewallRules: [{49228F6F-7FD0-4C1D-8F24-A90C7E657217}] => (Allow) D:\games\Battlefield 4\bf4_x86.exe
- FirewallRules: [{F91C8B85-7611-4F8E-A459-32B8F81C9136}] => (Allow) D:\games\Battlefield 4\bf4.exe
- FirewallRules: [{2E057AA9-17EE-46C8-8F2B-8C6A68690260}] => (Allow) D:\games\Battlefield 4\bf4.exe
- FirewallRules: [{4FDD16B5-FB22-48A6-BD57-D6AE06720E58}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- FirewallRules: [{EED2D2A7-3A53-4D5A-8F0B-EAA07F395EDA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- FirewallRules: [{C2CE0D8D-AEE4-446D-A56A-FD8D65AD554F}] => (Allow) D:\games\WoR\SteamApps\common\Left 4 Dead 2\left4dead2.exe
- FirewallRules: [{9764E6AC-E288-441F-B62E-6A983FFA07B2}] => (Allow) D:\games\WoR\SteamApps\common\Left 4 Dead 2\left4dead2.exe
- FirewallRules: [{0A4664F3-1844-49F7-B2AC-3577DFFC579F}] => (Allow) D:\games\WoR\SteamApps\common\Left 4 Dead 2\left4dead2.exe
- FirewallRules: [{7FF54C10-0440-4ED0-BBF6-510A7A5D53E1}] => (Allow) D:\games\WoR\SteamApps\common\Left 4 Dead 2\left4dead2.exe
- FirewallRules: [{2196FF98-B850-4121-8C0D-A27A618A2D08}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
- FirewallRules: [{E976C0BF-B806-46DC-9888-58FD9A1D13F5}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
- FirewallRules: [{B58ECC6E-2F7A-4CEF-B999-9113B6112298}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{AE6563FC-CF14-4FEB-A0F5-8FC2F951F4F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{9088D182-088C-4935-B8AD-A8786A008B3A}] => (Allow) D:\games\WoR\SteamApps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
- FirewallRules: [{ED561A2D-1D98-4D29-8B51-C61F834810C8}] => (Allow) D:\games\WoR\SteamApps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
- FirewallRules: [{C83F690E-333F-4A8F-A869-800EFCB021BB}] => (Allow) D:\games\WoR\SteamApps\common\Alien Swarm\swarm.exe
- FirewallRules: [{7D0F9A16-029B-4A11-9738-F12A624532AB}] => (Allow) D:\games\WoR\SteamApps\common\Alien Swarm\swarm.exe
- FirewallRules: [{932BBE79-E59F-4AE1-A8EA-E702AF663DED}] => (Allow) D:\games\SimCity\SimCity\SimCity.exe
- FirewallRules: [{3B292A4A-8AE8-4FCD-8768-3D2872CA84E5}] => (Allow) D:\games\SimCity\SimCity\SimCity.exe
- FirewallRules: [{ABA9A7B4-1A0D-453C-840E-78CE6717DB49}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
- FirewallRules: [{24C90EF6-FCD7-4648-B44E-090DA67563C6}] => (Allow) D:\games\Watchdogs\bin\Watch_Dogs.exe
- FirewallRules: [{917E8FBD-6002-4B53-B3A8-03C995E5DC03}] => (Allow) D:\games\Watchdogs\bin\Watch_Dogs.exe
- FirewallRules: [{E9581E44-8EBE-45E9-860D-051AAFC7FCE3}] => (Allow) D:\games\WoR\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
- FirewallRules: [{0B1CDF1A-8CE0-4678-B259-92322BC80938}] => (Allow) D:\games\WoR\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
- FirewallRules: [{A15AF55B-103C-4322-BB3C-532CD10102B6}] => (Allow) D:\games\WoR\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
- FirewallRules: [{E17A7667-78ED-4F6B-BA50-C74EC7F86614}] => (Allow) D:\games\WoR\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
- FirewallRules: [{14362DF8-CEA1-4567-AD47-2515094DE51C}] => (Allow) D:\games\WoR\SteamApps\common\Torchlight II\ModLauncher.exe
- FirewallRules: [{87484B3A-1F3A-4655-85FA-9F54633B0DEC}] => (Allow) D:\games\WoR\SteamApps\common\Torchlight II\ModLauncher.exe
- FirewallRules: [{EE7D60FF-C019-4FBE-9116-A375D82094BF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{5DAA6912-205A-4005-AAEE-CE3CC5A63A11}] => (Block) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{77B6550C-F720-4AE8-B892-D9110FB34B99}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{542B261B-0676-4CE1-BAE5-763A9D47C829}] => (Block) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{CD69DC97-DB26-4ED4-BF15-407C07660E7C}] => (Block) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{7AB834B0-0845-4A30-B39F-818FC14DD463}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{A712905A-539C-4BC2-9737-BC32EFDEBA81}] => (Allow) D:\games\WoR\SteamApps\common\dota 2 beta\dota.exe
- FirewallRules: [{084E6F88-5592-4E3D-B684-83960983BF47}] => (Allow) D:\games\WoR\SteamApps\common\dota 2 beta\dota.exe
- FirewallRules: [{88AD6BEA-E222-4BA8-8499-EDA8DA9850C6}] => (Allow) D:\games\WoR\SteamApps\common\Team Fortress 2\hl2.exe
- FirewallRules: [{5C8A850B-5DB9-454C-ABA7-CF60CABBEEC7}] => (Allow) D:\games\WoR\SteamApps\common\Team Fortress 2\hl2.exe
- FirewallRules: [{BFFBEE7D-EDF7-4B7B-BB6C-888FCF04CB08}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\run_game.exe
- FirewallRules: [{D91FE9C6-174D-4215-8DB8-3E30AB15D9AE}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\run_game.exe
- FirewallRules: [{01C44A0C-BA7B-44C1-A24B-9E4DFE5E2A5F}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\wotr.exe
- FirewallRules: [{366BBC42-484F-494F-8E5D-419AB338D60B}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\wotr.exe
- FirewallRules: [{810D65AF-4FD0-49C1-8D82-DD9A0A882D82}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\loader.exe
- FirewallRules: [{4D6E71A3-8A18-4181-A465-9D951DF44088}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\loader.exe
- FirewallRules: [{CA93EB4F-4380-4827-8EE3-80F3CAB009EA}] => (Allow) D:\games\WoR\SteamApps\common\Nidhogg\Nidhogg.exe
- FirewallRules: [{12899C65-3E42-4759-B1E0-A769F9026410}] => (Allow) D:\games\WoR\SteamApps\common\Nidhogg\Nidhogg.exe
- FirewallRules: [{CE345921-3FCC-4CBC-AFA1-B65AA9851981}] => (Allow) C:\Users\Giommi\AppData\Roaming\Spotify\spotify.exe
- FirewallRules: [{DF9ECC27-639B-49B4-A685-1E74321E6C47}] => (Allow) C:\Users\Giommi\AppData\Roaming\Spotify\spotify.exe
- FirewallRules: [{D0FB9CE4-6AB3-4360-BE1A-44F23CFBE4B5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{B26DFAEB-5F6B-4A91-9290-8A2A48533075}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{DFC70A10-8877-434D-82F3-97FF34923292}] => (Allow) D:\games\WoR\SteamApps\common\Gunpoint\Gunpoint.exe
- FirewallRules: [{870D2F3A-4BE6-473A-889A-DD128B90141D}] => (Allow) D:\games\WoR\SteamApps\common\Gunpoint\Gunpoint.exe
- FirewallRules: [{B534C9F7-424F-4501-86AF-05236702878C}] => (Allow) D:\games\WoR\SteamApps\common\Hammerwatch\Hammerwatch.exe
- FirewallRules: [{2B2FFE48-ADAF-4997-B417-3B2E94D35BED}] => (Allow) D:\games\WoR\SteamApps\common\Hammerwatch\Hammerwatch.exe
- FirewallRules: [{8C11838C-6FAE-4D44-A882-F01743EFF4DC}] => (Allow) D:\games\WoR\SteamApps\common\SteamWorld Dig\SteamWorldDig.exe
- FirewallRules: [{8DF2A991-AF9E-421A-948E-A166A447FD63}] => (Allow) D:\games\WoR\SteamApps\common\SteamWorld Dig\SteamWorldDig.exe
- FirewallRules: [{0171A1E5-3FA5-41FA-B40E-32B1B972F7A6}] => (Allow) D:\games\WoR\SteamApps\common\Warlock - Master of the Arcane\Game.exe
- FirewallRules: [{5CC736C8-E665-4C0D-A9F4-B7D1EF40710D}] => (Allow) D:\games\WoR\SteamApps\common\Warlock - Master of the Arcane\Game.exe
- FirewallRules: [{B5B6F803-8ACB-4C16-8CC8-515467A14741}] => (Allow) D:\games\WoR\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
- FirewallRules: [{EB5F08B5-D4B8-411C-B9FF-D81925D7FEC6}] => (Allow) D:\games\WoR\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
- FirewallRules: [{9564D200-D537-4569-80DB-2400DBBA99FC}] => (Allow) C:\Users\Giommi\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{E77C7795-6775-4140-AEBF-9E1EABA1B88B}] => (Allow) C:\Users\Giommi\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{CA1C4C19-B3DF-4296-8087-4A1FDA841A20}] => (Allow) D:\games\WoR\SteamApps\common\Rome Total War Gold\RomeTW.exe
- FirewallRules: [{0518D09F-90BD-4058-A460-2EFBD8242970}] => (Allow) D:\games\WoR\SteamApps\common\Rome Total War Gold\RomeTW.exe
- FirewallRules: [{E56617F3-AAB2-460A-A8BB-AED536E3E83B}] => (Allow) D:\games\WoR\SteamApps\common\Rome Total War Gold\RomeTW-BI.exe
- FirewallRules: [{7DD8902C-CB1E-4CC8-B712-EE50109EA39A}] => (Allow) D:\games\WoR\SteamApps\common\Rome Total War Gold\RomeTW-BI.exe
- FirewallRules: [{C1C38A51-04EC-4344-A278-9F4F697FF5AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{C3CE5C2A-CA46-4957-A538-ED98E8DA80F3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{BEE5429C-3EEE-42D4-B0FC-7195CF978AAE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{C8564025-3B0D-474B-BE27-FEFE80A14CF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{9B18B27F-B430-4AA6-9793-DC9A97EF9433}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
- FirewallRules: [{CA6595CA-9023-41DE-B959-B2D0C0E45067}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
- FirewallRules: [{30562F16-0B4D-4327-B0B3-CB8C526A6FA1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
- FirewallRules: [{743486D9-C8B3-457D-ACE8-EDA55B7DEFD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
- FirewallRules: [{E8227159-8DA5-4480-AFED-2D0B10FB5A06}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
- FirewallRules: [{D1A58D8A-80FD-40C5-93E9-A625619E98CE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
- FirewallRules: [{49A8E7B2-532D-4F3B-A75E-CE481FFDCFFD}] => (Allow) D:\games\WoR\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{527B724C-133F-4F86-A746-12EA3704E3F0}] => (Allow) D:\games\WoR\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{B70E7F06-D3AE-48B9-8178-0F74A02AB72D}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Binaries\APB.exe
- FirewallRules: [{CBDB3E4E-BA8B-440D-BE70-A1C94A4B8655}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Binaries\APB.exe
- FirewallRules: [{0B01713A-25CA-4506-86FE-30C07A1069C4}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
- FirewallRules: [{95B1CF4D-C5F6-496C-BC3F-4C28E6AEB6F6}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
- FirewallRules: [{62F0FEF4-D490-4419-AF0A-FF36B4E17F9A}] => (Allow) D:\games\WoR\SteamApps\common\insurgency2\insurgency.exe
- FirewallRules: [{1A3DB179-BB1A-48A3-B148-76AADB4DCCC2}] => (Allow) D:\games\WoR\SteamApps\common\insurgency2\insurgency.exe
- FirewallRules: [{0BD15D11-758A-4C8C-8F31-D0BA74AABB51}] => (Allow) D:\games\WoR\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
- FirewallRules: [{C6774F96-1D7F-40A9-9584-829D63003DEC}] => (Allow) D:\games\WoR\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
- FirewallRules: [{2A9535E9-C2AE-4BA7-9FDE-5CF0345A2E8C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{C05E5E4D-B4B0-4111-A482-C8B144F32F9E}] => (Allow) C:\Users\Giommi\AppData\Roaming\Spotify\spotify.exe
- FirewallRules: [{09E65526-5739-44CB-8788-AE74A9826CE7}] => (Allow) C:\Users\Giommi\AppData\Roaming\Spotify\spotify.exe
- FirewallRules: [{164026D6-3279-41B4-BCFF-D4C8D5DCE37B}] => (Allow) D:\games\WoR\SteamApps\common\GarrysMod\hl2.exe
- FirewallRules: [{40637AFD-E2E5-4258-B940-415A90F7EF7A}] => (Allow) D:\games\WoR\SteamApps\common\GarrysMod\hl2.exe
- FirewallRules: [{C6BDF3F8-CC73-44A3-A246-26D40F290438}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
- FirewallRules: [{B9921114-3DE9-43C0-BB36-F1748574BDA3}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
- FirewallRules: [{EED64F62-BBC5-40BD-8983-5E50FCD2556C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
- FirewallRules: [{351C7EDD-C804-49A5-97D3-58010F1A386A}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
- FirewallRules: [{42B35CC9-2A05-4D17-ACC2-86F987548502}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
- FirewallRules: [{848CFA92-9E5B-4559-BB2A-EA9B4E6EB702}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
- FirewallRules: [{5ABF3251-E561-4125-8230-7668CC0FCF5F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
- FirewallRules: [{FADF2C75-665A-4AFA-8946-DC41889EF6AE}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
- FirewallRules: [{09E0B7F1-755C-4983-939E-49D7F95147D4}] => (Allow) C:\ProgramData\PAYDAY 2\crime.exe
- FirewallRules: [{96A0BAA7-2FF0-4544-A083-5F759EE7E2D5}] => (Allow) C:\ProgramData\PAYDAY 2\crime.exe
- FirewallRules: [{CE92688E-E2A8-4659-A3E4-C6C78D97B883}] => (Allow) \crime.exe
- FirewallRules: [{2DC6DBEC-F723-4B2E-BEB7-8E9B37BFB5D7}] => (Allow) \crime.exe
- FirewallRules: [{461E45A6-136B-42EA-BB7E-FE222F5481ED}] => (Allow) D:\games\PAYDAY 2\payday2_win32_release.exe
- FirewallRules: [{BC97FC17-6A75-4755-9517-9E83921959F7}] => (Allow) D:\games\PAYDAY 2\payday2_win32_release.exe
- FirewallRules: [{73551F7B-5B33-4F3D-B9E1-37426BA0021B}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\game_launcher.exe
- FirewallRules: [{CC63B070-CBAF-4D92-8D76-5F4A7CF75E8B}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\game_launcher.exe
- FirewallRules: [{86E5F8D0-CD8F-4FE1-8836-51E358C919F5}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
- FirewallRules: [{DA76937B-1662-4B19-AE21-6826B744A218}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
- FirewallRules: [{07CF3DA2-030E-41B4-B123-C449347D3AA7}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
- FirewallRules: [{1759793F-7A94-4C23-B8D3-EB1C30DACC57}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
- FirewallRules: [{0394E522-9B84-4E79-8D6D-7041881A1B16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{CCA3CC1B-5C75-467E-B3CD-3D4AA9204234}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{D0E29EA3-976C-4F86-BBE6-3E15DD8B2124}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
- FirewallRules: [{B5F6D15B-E4E7-4A63-A246-26BDF3B7B7CE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
- FirewallRules: [{3D8BBA2D-74F5-4182-BBE7-B89121D96828}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
- FirewallRules: [{7E6F57D2-7EAA-412A-AE59-1C613232A485}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
- FirewallRules: [{AFA9AE46-276B-4712-880C-2ABB9A4CAA34}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
- FirewallRules: [{68B215BF-5634-4757-B745-C25BB8B0813C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
- FirewallRules: [{B67806CA-16E9-41AF-A3D3-7A1D7A5F8C6B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
- FirewallRules: [{49724FA5-3CC4-4723-ABB4-B0E4F139D0C7}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
- FirewallRules: [{CA865D17-D0D1-421C-B68B-3485FFC54281}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- StandardProfile\AuthorizedApplications: [C:\Users\Giommi\AppData\Roaming\AudioTreiber_x64.exe] => Enabled:
- ==================== Faulty Device Manager Devices =============
- Name: Universal Serial Bus (USB) Controller
- Description: Universal Serial Bus (USB) Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: TAP-Win32 Adapter V9 (Tunngle)
- Description: TAP-Win32 Adapter V9 (Tunngle)
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: TAP-Win32 Provider V9 (Tunngle)
- Service: tap0901t
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: TAP-Win32 Adapter V9 (Tunngle) - VirtualBox Bridged Networking Driver Miniport
- Description: VirtualBox Bridged Networking Driver Miniport
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: TAP-Windows Provider V9
- Service: VBoxNetFlt
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: VirtualBox Host-Only Ethernet Adapter
- Description: VirtualBox Host-Only Ethernet Adapter
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: Oracle Corporation
- Service: VBoxNetAdp
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: Universal Serial Bus (USB) Controller
- Description: Universal Serial Bus (USB) Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: ZeroTier One Virtual Network Port - VirtualBox Bridged Networking Driver Miniport
- Description: VirtualBox Bridged Networking Driver Miniport
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: TAP-Windows Provider V9
- Service: VBoxNetFlt
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: TAP-Windows Adapter V9
- Description: TAP-Windows Adapter V9
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: TAP-Windows Provider V9
- Service: tap0901
- Problem: : This device cannot start. (Code10)
- Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
- On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
- Name: PCI Simple Communications Controller
- Description: PCI Simple Communications Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: TAP-Windows Adapter V9 #2
- Description: TAP-Windows Adapter V9
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: TAP-Windows Provider V9
- Service: tap0901
- Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
- Resolution: Update the driver
- Name: SAMSUNG Mobile USB Remote NDIS Network Device - VirtualBox Bridged Networking Driver Miniport
- Description: VirtualBox Bridged Networking Driver Miniport
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: TAP-Windows Provider V9
- Service: VBoxNetFlt
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: ZeroTier One Virtual Network Port
- Description: ZeroTier One Virtual Network Port
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: ZeroTier Networks LLC
- Service: zttap200
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: Base System Device
- Description: Base System Device
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: Microsoft Virtual WiFi Miniport Adapter - VirtualBox Bridged Networking Driver Miniport
- Description: VirtualBox Bridged Networking Driver Miniport
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: TAP-Windows Provider V9
- Service: VBoxNetFlt
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: Base System Device
- Description: Base System Device
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: avkmgr
- Description: avkmgr
- Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
- Manufacturer:
- Service: avkmgr
- Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
- Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
- Devices stay in this state if they have been prepared for removal.
- After you remove the device, this error disappears.Remove the device, and this error should be resolved.
- Name: System Interrupt Controller
- Description: System Interrupt Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: nltdi
- Description: nltdi
- Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
- Manufacturer:
- Service: nltdi
- Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
- Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
- Devices stay in this state if they have been prepared for removal.
- After you remove the device, this error disappears.Remove the device, and this error should be resolved.
- Name: Microsoft LifeCam Studio
- Description: Microsoft LifeCam Studio
- Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
- Manufacturer: Microsoft
- Service: usbvideo
- Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
- Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
- Name: SM Bus Controller
- Description: SM Bus Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: Programmable Root Enumerator
- Description: Programming Support
- Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
- Manufacturer: Mad Catz
- Service: SaiNtBus
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: Ethernet Controller
- Description: Ethernet Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (04/27/2015 06:53:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/27/2015 00:25:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/26/2015 09:21:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/26/2015 02:10:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/26/2015 01:26:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/25/2015 06:43:18 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-3551031480-2449454405-1511854611-1003.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, The security ID structure is invalid.
- .
- Operation:
- OnIdentify event
- Gathering Writer Data
- Context:
- Execution Context: Shadow Copy Optimization Writer
- Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
- Writer Name: Shadow Copy Optimization Writer
- Writer Instance ID: {f7c538ee-c47e-498d-9ac7-f7cd235332d5}
- Error: (04/25/2015 06:43:15 PM) (Source: MsiInstaller) (EventID: 11314) (User: Giommi-PC)
- Description: Product: Windows Resource Kit Tools - SubInAcl.exe -- Error 1314. The specified path '%windir%\system32' is unavailable.
- Error: (04/25/2015 06:28:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/25/2015 04:11:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/25/2015 00:26:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- System errors:
- =============
- Error: (04/27/2015 06:51:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
- Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
- avipbb
- avkmgr
- nltdi
- VBoxDrv
- VBoxUSBMon
- Error: (04/27/2015 06:51:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
- Description: Der Dienst "Avira Mail Protection" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
- Error: (04/27/2015 06:51:45 PM) (Source: ipnathlp) (EventID: 30013) (User: )
- Description: 192.168.0.15192.168.137.0255.255.255.0
- Error: (04/27/2015 06:51:45 PM) (Source: ipnathlp) (EventID: 1233) (User: )
- Description:
- Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
- %%1069
- Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
- Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
- %%1326
- Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
- Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: Der Dienst "Metasploit Worker" wurde aufgrund folgenden Fehlers nicht gestartet:
- %%2
- Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: Der Dienst "Metasploit Thin Service" wurde aufgrund folgenden Fehlers nicht gestartet:
- %%2
- Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: Der Dienst "Metasploit Pro Service" wurde aufgrund folgenden Fehlers nicht gestartet:
- %%2
- Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: Der Dienst "metasploitPostgreSQL" wurde aufgrund folgenden Fehlers nicht gestartet:
- %%2
- Microsoft Office Sessions:
- =========================
- Error: (04/27/2015 06:53:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/27/2015 00:25:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/26/2015 09:21:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/26/2015 02:10:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/26/2015 01:26:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/25/2015 06:43:18 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: ConvertStringSidToSid(S-1-5-21-3551031480-2449454405-1511854611-1003.bak)0x80070539, The security ID structure is invalid.
- Operation:
- OnIdentify event
- Gathering Writer Data
- Context:
- Execution Context: Shadow Copy Optimization Writer
- Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
- Writer Name: Shadow Copy Optimization Writer
- Writer Instance ID: {f7c538ee-c47e-498d-9ac7-f7cd235332d5}
- Error: (04/25/2015 06:43:15 PM) (Source: MsiInstaller) (EventID: 11314) (User: Giommi-PC)
- Description: Product: Windows Resource Kit Tools - SubInAcl.exe -- Error 1314. The specified path '%windir%\system32' is unavailable.(NULL)(NULL)(NULL)(NULL)(NULL)
- Error: (04/25/2015 06:28:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/25/2015 04:11:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (04/25/2015 00:26:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- CodeIntegrity Errors:
- ===================================
- Date: 2014-11-27 19:03:12.050
- Description: N/A
- Date: 2014-11-27 19:03:12.007
- Description: N/A
- Date: 2013-03-03 12:37:46.275
- Description: N/A
- Date: 2013-03-03 12:37:46.259
- Description: N/A
- Date: 2013-03-02 11:55:31.166
- Description: N/A
- Date: 2013-03-02 11:55:31.166
- Description: N/A
- Date: 2013-03-01 17:53:24.322
- Description: N/A
- Date: 2013-03-01 17:53:24.306
- Description: N/A
- Date: 2013-02-28 19:33:25.400
- Description: N/A
- Date: 2013-02-28 19:33:25.384
- Description: N/A
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i7-3820 CPU @ 3.60GHz
- Percentage of memory in use: 11%
- Total physical RAM: 32692.18 MB
- Available physical RAM: 28950.68 MB
- Total Pagefile: 34568.55 MB
- Available Pagefile: 30402.32 MB
- Total Virtual: 8192 MB
- Available Virtual: 8191.81 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:111.69 GB) (Free:8.21 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 58CED179)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
- ========================================================
- Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 58CED179)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
- ========================================================
- Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2E9A6991)
- Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
- ==================== End Of Log ============================
- [/Code]
- [/Spoiler]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement