Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: DNS Unlocker loswerden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.09.2015, 15:32   #1
Atom95
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Gute Tag,

Ich habe mir den DNS Unlocker Trojaner eingefangen.
Ich bin nach dieser Anleitung aus dem Forum vorgegangen jedoch erfolglos. http://www.trojaner-board.de/169694-...wser_entfernen

Aufgefallen ist mir der Trojaner beim surfen unter Firefox. Habe aber unter "Erweiterungen" nichts verdächtiges gefunden. Ich kann jetzt zwar wieder normal surfen allerdings popen immer wieder Warnungen von MBAM auf diese schauen so aus: hxxp://prntscr.com/8j71ou

Falls jemand bereit ist mir über Teamviewer zu helfen wäre ich sehr dankbar.
Anbei die Logs.

Danke,
Alex
Angehängte Dateien
Dateityp: txt MBAM Anwendungsprotokoll.txt (1,2 KB, 108x aufgerufen)
Dateityp: txt sc-cleaner.txt (1,8 KB, 103x aufgerufen)
Dateityp: txt JRT.txt (1,0 KB, 114x aufgerufen)

Alt 22.09.2015, 15:43   #2
M-K-D-B
/// TB-Ausbilder
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 22.09.2015, 15:56   #3
Atom95
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Hallo Matthias,

danke für deine Hilfe.


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Alex (Administrator) auf ALEX-PC (22-09-2015 15:49:56)
Gestartet von C:\Users\Alex\Downloads
Geladene Profile: Alex (Verfügbare Profile: Alex)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Prio\prio_svc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(CMedia) C:\Program Files\ASUS Essence STX II Audio Device\Customapp\AsusAudioCenter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
() C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\eXtra Buttons\xb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(LINE Corporation) C:\Program Files (x86)\LINE\LINE.exe
(EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(hxxp://www.ruby-lang.org/) C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(hxxp://www.ruby-lang.org/) C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CmiCnfgSTXII.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Amazon Music] => C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [eXtra Buttons] => C:\Program Files (x86)\eXtra Buttons\xb.exe [2800128 2013-07-08] ()
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Voobly] => [X]
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [LINE] => C:\Program Files (x86)\LINE\line.exe [15664152 2015-08-18] (LINE Corporation)
AppInit_DLLs: prio.dll => C:\Program Files\Prio\prio.dll [17264 2012-11-08] (O&K Software)
AppInit_DLLs-x32: prio32.dll => C:\Program Files\Prio\prio32.dll [15216 2012-11-08] (O&K Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2015-05-30]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78A7E6A4-8C3E-4DC9-ACC6-2E6A0AD66A09}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}: [DhcpNameServer] 209.222.18.222 209.222.18.218

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-922301408-332873160-1376262277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net
SearchScopes: HKLM -> DefaultScope {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> DefaultScope {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {A4EC09D4-13F1-4C49-9308-2A10EA44511C} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472
FF Homepage: www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-27] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\searchplugins\katcr.xml [2015-06-20]
FF Extension: ColorfulTabs - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-09-21]
FF Extension: FEBE - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-06-27]
FF Extension: savetexttofile - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\HighlightedTextToFile@bobbyrne01.org.xpi [2015-06-27]
FF Extension: Art Project - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\jid1-2owcJCGUIo2yBA@jetpack.xpi [2015-06-29]
FF Extension: S3.Google Translator - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\s3google@translator.xpi [2015-06-27]
FF Extension: Tab Auto Reload - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\TabAutoReload@schuzak.jp.xpi [2015-06-27]
FF Extension: Tab Scope - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\tabscope@xuldev.org.xpi [2015-06-27]
FF Extension: Tile Tabs - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\tiletabs@DW-dev.xpi [2015-09-22]
FF Extension: Session Manager - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-06-27]
FF Extension: Capture & Print - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2015-06-27]
FF Extension: ReloadEvery - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-09-07]
FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2015-06-27]
FF Extension: RightToClick - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-06-27]
FF Extension: Adblock Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-27]
FF Extension: BetterPrivacy - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-06-27]
FF Extension: Tab Mix Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-06-27]
FF Extension: DownThemAll! - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-06-27]
FF Extension: Greasemonkey - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-06-27]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.at/"
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-19]
CHR Extension: (Skype Click to Call) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-28]
CHR Extension: (AgarioMods Evergreen Script) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2015-07-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-09-19] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-01-27] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-06-28] ()
R2 prio_svc; C:\Program Files\Prio\prio_svc.exe [12656 2012-11-08] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2014-09-29] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-01-27] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-02-25] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 STXIIService; C:\Windows\System32\drivers\STXII.sys [2736640 2014-02-18] (C-Media Inc)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-22 15:49 - 2015-09-22 15:49 - 02191360 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2015-09-22 15:49 - 2015-09-22 15:49 - 00024706 _____ C:\Users\Alex\Downloads\FRST.txt
2015-09-22 15:49 - 2015-09-22 15:49 - 00000000 ____D C:\FRST
2015-09-22 15:21 - 2015-09-22 15:21 - 00001058 _____ C:\Users\Alex\Desktop\JRT.txt
2015-09-22 15:16 - 2015-09-22 15:16 - 00001217 _____ C:\Users\Alex\Desktop\MBAM Anwendungsprotokoll.txt
2015-09-22 14:23 - 2015-09-22 14:23 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-22 14:15 - 2015-09-22 14:23 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe
2015-09-22 14:15 - 2015-09-22 14:23 - 00001868 _____ C:\Users\Alex\Desktop\sc-cleaner.txt
2015-09-22 14:15 - 2015-09-22 14:15 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Alex\Downloads\sc-cleaner.exe
2015-09-22 14:14 - 2015-09-22 14:14 - 01798976 _____ (Malwarebytes) C:\Users\Alex\Downloads\JRT.exe
2015-09-22 14:13 - 2015-09-22 14:13 - 01662976 _____ C:\Users\Alex\Downloads\AdwCleaner_5.008.exe
2015-09-22 13:59 - 2015-09-22 15:43 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-22 13:59 - 2015-09-22 13:59 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-22 13:59 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-22 13:59 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-22 13:59 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-22 13:58 - 2015-09-22 13:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Alex\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-21 02:22 - 2015-09-21 02:30 - 00000000 ____D C:\Users\Alex\AppData\Local\Arma 3 Launcher
2015-09-21 02:22 - 2015-09-21 02:29 - 00000000 ____D C:\Users\Alex\AppData\Local\Arma 3
2015-09-21 02:22 - 2015-09-21 02:23 - 00000000 ____D C:\Users\Alex\Documents\Arma 3
2015-09-21 02:22 - 2015-09-21 02:22 - 00000000 ____D C:\Users\Alex\AppData\Local\Bohemia_Interactive
2015-09-21 02:22 - 2015-09-21 02:22 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2015-09-19 21:53 - 2015-09-19 21:53 - 00000222 _____ C:\Users\Alex\Desktop\Arma 3.url
2015-09-19 00:53 - 2015-09-19 00:53 - 00000025 _____ C:\Users\Alex\Desktop\gallier produktion.txt
2015-09-17 17:03 - 2015-09-19 11:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-15 21:55 - 2015-09-22 00:00 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-15 21:55 - 2015-09-15 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-15 21:54 - 2015-09-22 15:22 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-15 21:54 - 2015-09-22 14:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-15 21:54 - 2015-09-15 21:54 - 00929872 _____ (Google Inc.) C:\Users\Alex\Downloads\ChromeSetup.exe
2015-09-15 21:54 - 2015-09-15 21:54 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 21:54 - 2015-09-15 21:54 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-10 19:29 - 2015-09-10 19:29 - 00000038 _____ C:\Users\Alex\Desktop\zravian benefit account.txt
2015-09-09 14:06 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 14:06 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 14:06 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 14:06 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 14:06 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 14:06 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 14:06 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 14:06 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 14:06 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 14:06 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 14:06 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 14:06 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 14:06 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 14:06 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 14:06 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 14:06 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 14:06 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 14:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 14:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 14:06 - 2015-08-22 16:40 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 14:06 - 2015-08-22 15:51 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 14:06 - 2015-08-22 15:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 14:06 - 2015-08-22 15:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 14:06 - 2015-08-22 15:51 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 14:06 - 2015-08-22 15:50 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 14:06 - 2015-08-22 15:50 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 14:06 - 2015-08-20 20:53 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 14:06 - 2015-08-20 20:46 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 14:06 - 2015-08-20 20:21 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 14:06 - 2015-08-20 20:19 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 14:06 - 2015-08-20 19:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-09-09 14:06 - 2015-08-20 19:55 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-09-09 14:06 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 14:06 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 14:06 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 14:06 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 14:06 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 14:06 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 14:06 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 14:06 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 14:06 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 14:06 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 14:06 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 14:06 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 14:06 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 14:01 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 14:01 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 14:01 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 14:01 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 14:01 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 14:01 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 14:01 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 14:01 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 14:01 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 14:01 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-08 18:49 - 2015-09-08 18:49 - 00000222 _____ C:\Users\Alex\Desktop\Total War Arena.url
2015-09-08 03:28 - 2015-09-08 04:20 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TS3Client
2015-09-08 03:28 - 2015-09-08 03:28 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-09-08 03:28 - 2015-09-08 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-09-08 03:27 - 2015-09-08 03:28 - 31071896 _____ (TeamSpeak Systems GmbH) C:\Users\Alex\Downloads\TeamSpeak3-Client-win64-3.0.17.exe
2015-09-02 06:10 - 2015-09-02 06:10 - 00000054 _____ C:\Users\Alex\Desktop\seleren irc screenshots.txt
2015-09-02 04:27 - 2015-09-02 04:28 - 00000000 ____D C:\Users\Alex\AppData\Local\LINE
2015-09-02 04:27 - 2015-09-02 04:27 - 00000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-09-02 04:27 - 2015-09-02 04:27 - 00000951 _____ C:\Users\Public\Desktop\LINE.lnk
2015-09-02 04:27 - 2015-09-02 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-09-02 04:27 - 2015-09-02 04:27 - 00000000 ____D C:\Program Files (x86)\LINE
2015-09-02 04:14 - 2015-09-02 04:19 - 28198424 _____ (LINE Corporation) C:\Users\Alex\Downloads\LineInst.exe
2015-09-01 00:05 - 2015-09-01 00:05 - 00001317 _____ C:\Users\Alex\Desktop\ZRAVIAN STUFF.txt
2015-08-31 16:39 - 2015-08-31 16:39 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Sun
2015-08-31 16:39 - 2015-08-31 16:39 - 00000000 ____D C:\Users\Alex\.oracle_jre_usage
2015-08-28 15:26 - 2015-08-29 19:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-26 09:07 - 2015-08-26 09:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Alex\Downloads\Xbox360_64Deu.exe
2015-08-26 09:07 - 2015-08-26 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-08-26 09:07 - 2015-08-26 09:07 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-08-26 09:04 - 2015-08-26 09:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2015-08-25 05:43 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-08-25 05:43 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-22 15:36 - 2015-05-27 20:04 - 01325485 _____ C:\Windows\WindowsUpdate.log
2015-09-22 15:30 - 2009-07-14 06:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-22 15:30 - 2009-07-14 06:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-22 15:28 - 2015-05-28 05:58 - 00699726 _____ C:\Windows\system32\perfh007.dat
2015-09-22 15:28 - 2015-05-28 05:58 - 00149364 _____ C:\Windows\system32\perfc007.dat
2015-09-22 15:28 - 2009-07-14 07:13 - 01621742 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-22 15:24 - 2015-05-27 21:02 - 00006467 _____ C:\Windows\SysWOW64\Gms.log
2015-09-22 15:22 - 2015-07-01 19:59 - 00016087 _____ C:\Windows\setupact.log
2015-09-22 15:22 - 2015-05-27 20:33 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-22 15:22 - 2015-05-27 20:04 - 00000000 ____D C:\Users\Alex
2015-09-22 15:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-22 15:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-22 15:18 - 2015-06-27 13:06 - 00000000 ____D C:\AdwCleaner
2015-09-22 14:58 - 2015-05-27 21:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-22 14:53 - 2015-05-27 21:11 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-22 14:19 - 2015-07-16 22:42 - 00002718 _____ C:\Windows\PFRO.log
2015-09-22 14:13 - 2015-05-27 20:51 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Skype
2015-09-22 13:53 - 2015-05-27 20:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-21 20:58 - 2015-05-27 21:13 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 20:58 - 2015-05-27 21:13 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-21 20:58 - 2015-05-27 21:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 20:39 - 2015-05-27 20:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-21 03:19 - 2015-08-19 06:40 - 00000122 _____ C:\Users\Alex\Desktop\ZRAVIAN.txt
2015-09-21 02:21 - 2015-05-27 20:17 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-20 19:20 - 2015-05-27 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-15 21:55 - 2015-05-27 20:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-11 01:13 - 2015-05-27 21:28 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2015-09-10 08:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-10 03:19 - 2009-07-14 06:45 - 00296480 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 03:18 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 03:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 03:03 - 2015-05-27 21:43 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 13:19 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-08 18:50 - 2015-05-27 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-08 03:28 - 2015-05-27 20:53 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-08-31 16:39 - 2015-05-27 21:14 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\ProgramData\Oracle
2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-31 16:34 - 2015-05-28 22:07 - 00000000 ____D C:\Program Files (x86)\Voobly
2015-08-29 02:17 - 2015-06-19 01:00 - 00001159 _____ C:\Users\Alex\Desktop\Mozilla Firefox.lnk
2015-08-29 01:59 - 2015-05-27 21:22 - 00000000 ____D C:\Users\Alex\Desktop\Games
2015-08-26 18:37 - 2015-05-27 21:43 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-26 09:07 - 2015-07-19 00:32 - 00046990 _____ C:\Windows\DirectX.log
2015-08-25 05:43 - 2015-05-27 20:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-23 01:31 - 2015-06-04 19:59 - 00000000 ____D C:\Users\Alex\Documents\My Games

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-27 02:42 - 2015-07-27 03:26 - 0000058 _____ () C:\Users\Alex\AppData\Roaming\prio.ini
2015-05-27 23:55 - 2015-05-27 23:55 - 0000000 _____ () C:\Users\Alex\AppData\Local\Driver_LOM_8161Present.flag
2015-06-21 05:22 - 2015-07-27 03:26 - 0007621 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
2015-08-18 03:42 - 2015-08-18 03:42 - 0000003 _____ () C:\Users\Alex\AppData\Local\updater.log
2015-08-18 03:42 - 2015-08-18 03:42 - 0000424 _____ () C:\Users\Alex\AppData\Local\UserProducts.xml

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Alex\Notepad2.exe


Einige Dateien in TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\avgnt.exe
C:\Users\Alex\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Alex\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Alex\AppData\Local\Temp\OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\Alex\AppData\Local\Temp\update.exe
C:\Users\Alex\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-21 00:15

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Alex (2015-09-22 15:50:07)
Gestartet von C:\Users\Alex\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-27 18:04:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-922301408-332873160-1376262277-500 - Administrator - Disabled)
Alex (S-1-5-21-922301408-332873160-1376262277-1000 - Administrator - Enabled) => C:\Users\Alex
Gast (S-1-5-21-922301408-332873160-1376262277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-922301408-332873160-1376262277-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Akamai NetSession Interface (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.1.0 - Amazon Services LLC) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASUS Essence STX II Audio Device (HKLM-x32\...\{1A01B996-F7F7-473C-9EA4-B22801713A83}) (Version:   - ASUSTek Computer Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version:  - EnTech Taiwan)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
eXtra Buttons (HKLM-x32\...\eXtra Buttons) (Version:  - )
Geeks3D FurMark 1.15.2.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Network Connections 19.5.303.0 (HKLM\...\PROSetDX) (Version: 19.5.303.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.27 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.26 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
LINE (HKLM-x32\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaHuman YouTube to MP3 Converter Version 3.8.1 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.8.1 - )
Metin2 Singapore (HKLM-x32\...\Metin2 Singapore) (Version:  - Tec Interactive Pte Ltd)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.2.1 - Popcorn Time)
Popcorn Time (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Popcorn Time) (Version:  - Popcorn Official)
Prio (HKLM\...\Prio) (Version: 2.0.0.2960 - )
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Revive BF2 (HKLM\...\{72427ED2-72A7-4DB3-99CE-D0E36B24307A}_is1) (Version: 1.5 - Battlelog.co)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version:  - Creative Assembly)
TP-LINK Wireless Client Utility (HKLM-x32\...\{385C8E5A-0B4F-4DCD-BBBD-2A8AE0400A76}) (Version: 7.0 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Websuche (HKLM-x32\...\Websuche) (Version:  - Websuche)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-922301408-332873160-1376262277-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

21-09-2015 02:21:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
21-09-2015 02:21:31 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
22-09-2015 13:51:17 calculadora-setup wird entfernt
22-09-2015 14:15:13 JRT Pre-Junkware Removal
22-09-2015 14:20:59 JRT Pre-Junkware Removal
22-09-2015 15:19:36 JRT Pre-Junkware Removal
22-09-2015 15:21:20 Wiederherstellungsvorgang

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08B135AF-3070-4757-A915-B0239CE0E993} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {326F8FFA-04FB-4CA2-BB2F-0CB814848E47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {68596127-0212-412A-B1B4-0126A02F168E} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-06-12] ()
Task: {6ED1DDD7-3171-4E44-ABC3-F20948DF2F91} - System32\Tasks\{07EF5ACA-E114-4FDB-81C2-3F9D928C9482} => pcalua.exe -a C:\Users\Alex\Downloads\Metin2-SG_installer.exe -d C:\Users\Alex\Downloads
Task: {AD1849D5-A0DA-4A97-8888-F418AFAECBA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {AF21D5D8-6711-48A3-BD91-B10EFF68DC2E} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D96732E7-FAFE-46C6-8130-AD39EA0FDD41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {FC893FD4-3133-4120-BB74-96E80525CE75} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-27 20:32 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-03 01:27 - 2015-06-28 22:16 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-08 21:30 - 2012-11-08 21:30 - 00012656 _____ () C:\Program Files\Prio\prio_svc.exe
2015-05-27 23:49 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2015-05-27 23:49 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2015-05-27 21:44 - 2015-07-21 07:02 - 05887808 _____ () C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-07-08 11:05 - 2013-07-08 11:05 - 02800128 _____ () C:\Program Files (x86)\eXtra Buttons\xb.exe
2015-05-27 21:43 - 2015-06-12 21:27 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-27 20:33 - 2015-08-18 01:30 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-05-27 20:33 - 2015-08-18 01:31 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-05-27 20:33 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-27 23:49 - 2013-12-16 12:05 - 00143360 ____N () C:\Program Files\ASUS Essence STX II Audio Device\Customapp\VmixP8.dll
2015-08-18 04:20 - 2015-08-18 04:20 - 03129368 _____ () C:\Program Files (x86)\LINE\ampkit_windows.dll
2015-07-03 07:44 - 2015-07-03 07:44 - 00123416 _____ () C:\Program Files (x86)\LINE\PlayerHelper.dll
2015-09-22 15:22 - 2015-09-22 15:22 - 00012800 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00009728 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00014848 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\src\rgloader\rgloader193.mswin.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00009216 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00126976 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00016384 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00127316 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\bin\libffi-6.dll
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00013312 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00095744 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00012800 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00009728 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00014848 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\src\rgloader\rgloader193.mswin.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00118784 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00069120 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00083968 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\bin\zlib1.dll
2015-09-22 15:22 - 2015-09-22 15:22 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00275968 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00015360 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008192 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00009216 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00023552 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00036352 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00126976 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00016384 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00127316 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\bin\libffi-6.dll
2015-09-22 15:22 - 2015-09-22 15:22 - 00013312 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00095744 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-05-27 21:43 - 2015-06-12 21:27 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-02-25 14:15 - 2015-02-25 14:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-922301408-332873160-1376262277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Voobly => "C:\Program Files (x86)\Voobly\voobly.exe" --startup

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{5B64105A-C666-4CE8-B359-D30B082E0CA0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2C40850-A5AA-4ED9-8305-1F508A0BE65A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5A1315B2-CFD8-4AC1-A017-6CB4BCB002FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{330407AD-6A7B-4D23-B304-75D744A07BC2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E6450CA3-0928-4DA2-9879-23C4EC818A6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA1B7172-B0A5-4AEE-B194-2A8E393C025A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8DF01D04-A169-4013-ACFF-17C4F281B3D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FFC5AB27-CE90-46EF-8D1E-7C50312413E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{877A2798-DC72-4DD3-8E2B-CF4EC857EE39}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{270CCFC5-E177-442E-A312-D8C5D0EFF0EF}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BD17E38C-8B8F-4D28-95A6-4693CAEC76D5}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E34E6BF-A746-4EF2-BAAE-2FD8043577B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DE9990F3-09FA-4D85-9D2C-9F72DA932B6F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BB816CE2-A4C9-4BBD-A155-FDE6D61CFAF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3862A5E1-B38D-4842-9026-AC2C62DA1F9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{B4EB3307-C8CB-4843-A4B4-3377082144C7}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{87A0A2AC-7365-4213-8C6B-1345F5AF1702}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{A275C0BC-AEA9-4445-ADED-D9028FA8EEB1}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{400ECE11-9C93-4A80-9580-107A678BC1AB}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{AE693290-433D-4872-BF53-B527571D330A}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{EC123608-59F5-47D8-99FB-4642119DFDD2}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{4D6AB7F9-DE85-406E-AC04-297AA1AC59DB}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{2B6447A5-46DC-41A3-8A2E-8B8EC7E0874A}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [TCP Query User{6AB9E431-1DD3-4F43-9217-D6B2A21BAF33}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{CD055AFE-39AE-4113-8B8B-97AE7A5EFD68}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [TCP Query User{ECA5F127-1BB3-420B-9464-AB368E892FD2}C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{66905585-6CB9-49E9-93E4-5264759118FB}C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{7E0BAC1F-FA84-46E8-A81B-EC8FC4BDDED0}] => (Block) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{21471CFD-29EA-405E-B039-503CAFF35FE3}] => (Block) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{F68CFCDD-063F-4D98-91A7-DDF988AC23A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{7340655E-3C42-45C3-A4B1-3BAC6D81E78A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{0AAA37E5-E4AD-4F7A-ADD6-97DA8BB6705D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{B23FC7BD-54B7-4E4D-A61C-9046B8A2B60D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{C32BE6A7-9F84-4DF6-8480-7C01A83E2097}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{5F0CBFD2-2F9B-48A0-A2CA-9B578DD086A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DAB3C782-D79F-478E-A1F0-11EE6B349E08}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DB39D13B-F79C-495E-8440-8A8AA02C0900}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{4011400D-EC8A-4682-860F-AABB0100CBC0}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{8414FFD5-5902-42B4-BB56-646CB264C935}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{F10EF931-0A90-4B93-BE3E-EC093418FBFC}] => (Block) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{E6274DFC-5D95-441F-9BDF-F2DDCB3799C9}] => (Block) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{853CCFFB-C5DA-4FBA-AACE-E7E2B439EC87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D03653C8-45EA-477C-818A-EEED672B41B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3817FB66-A021-4861-BF46-4CBF329250E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FD2DAA03-8142-4067-BB72-BB1B40575F6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8F8DB2F7-ADA1-4273-A31A-37CB4BC8FD43}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{087BAA49-73A3-4EE0-A9EB-BE3DA85DE082}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B9962A2F-B162-49B7-AD8D-9CCE17B694DA}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{A7BF42BA-33F5-47B1-A0F1-65488D199546}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{6B672278-D07E-4F07-AB1B-5CB3FF2383F0}C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe
FirewallRules: [UDP Query User{22E6417E-03A7-4851-8876-F40174BE6D70}C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe
FirewallRules: [TCP Query User{320B5154-D197-4332-82DB-F05CA56D0F73}C:\users\alex\desktop\games\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\aom\aomxnocd.exe
FirewallRules: [UDP Query User{5C5D940D-ACE1-4A06-91D4-674A1E023DB8}C:\users\alex\desktop\games\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\aom\aomxnocd.exe
FirewallRules: [{8056A593-8640-4E48-AE1B-6D65FC41C2C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D0712E2-7834-47F3-8A0A-C18239968099}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C75AEA7-1A49-457A-9D10-C80BB2D19FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{21546473-4648-4B28-BA8D-3FA569F65FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{334074C8-6C57-4D94-8533-A340375F8618}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [UDP Query User{156F8C93-4E8D-4EE1-86B1-5D3DB9C73B50}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [{5519A36E-6D4C-4D8D-8018-56A11F099D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{EC028352-8DD8-491A-A030-2447B1EE4F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{6D8719E4-D075-4B44-AB15-6E81348606DE}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6CE4E723-4C78-4FAA-AC46-0199FDB6C20A}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D5272A81-4AF5-4588-A1E2-1FA3FE9066BC}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{9CE42FEE-E36A-45CF-A0B2-B1484E80C498}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [TCP Query User{C01F5E34-8B04-495F-891A-3B6AD0ADF5BA}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{52FB8920-61F6-4117-9FC5-D71F7631034B}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [{FCE05C0A-61EA-4427-B73F-3365BEBF6A73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{925B2254-BCCF-4EAD-B305-94B68DF7295F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{59C810B3-1BF1-45BB-8D5D-C9F8C8BB4B8F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{0CBC8BBD-9B89-4BD0-843D-BDD7F456A875}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{05C8AEE7-635B-4FFF-BDFD-7A4E8A6BE5E1}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{830AF29B-681F-42B6-AD15-A37259D79ED4}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [{CDB41466-6B95-4991-A859-8721A569DD0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1EB6A4F1-E0DC-4874-BD5D-BFFD5D5A462A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4DA1CA31-B1EA-48E9-9678-D92323456ED6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AC6C871D-277B-4116-A812-7521A00EE05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E4BC80B-0D59-49A9-B0E6-CFDB30579A82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F8BE2A13-C6BC-4439-B869-58F875EFC8F0}C:\users\alex\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{93350CC3-C1AD-4361-9994-FA5EEA1A0960}C:\users\alex\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{B3B62059-B393-4B8D-935E-84E60B21952A}] => (Block) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{88F5271D-F0AC-48ED-AD84-A5C9CE5BE53A}] => (Block) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{97016943-6291-4A5F-A5BB-B3F254342466}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{1BBFDF3B-7E31-4D72-A1F1-C90F06B38F2B}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{4AF77ECA-E1FE-4DDB-AEE4-190B8C5D3BC8}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{EFECB1B9-D8A3-4AF1-9CD3-FAB76AE5D80D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{C4B674C4-50BF-42B1-8330-393DE274D58D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{7E7D31A5-8127-4265-8B68-3637BA9CCF9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{92290EFF-8A05-430F-A94D-FF85D8E03409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{C695DCD9-57B3-4F25-8A42-6D4B70D908D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5E7E4103-8D7D-4F73-8EC9-68816A30C166}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{08526CBC-1EB4-420C-94D8-CA6A03B29DC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{EC498E06-A410-4437-9014-DA902BCA1C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{81A3C3AD-1226-4635-8656-FCC8C3254427}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1EFA3522-2D65-4AD2-8CC5-3A01603411B0}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FFC2418C-EE22-4129-9AF3-E7B7B792014D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FD19B638-5CAF-4034-AB88-7CB4360CE6A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DBDB38A6-263E-402F-9820-64757152E223}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D9E25726-FEFC-4D93-A172-98B2498EA621}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D94FF140-DA62-40DF-9820-608CB9B7D8B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/22/2015 03:36:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 03:36:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 03:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 03:17:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 02:23:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 02:23:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 02:19:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 01:53:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 12:04:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2015 10:33:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (09/22/2015 03:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/22/2015 03:37:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/22/2015 03:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/22/2015 03:37:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/22/2015 03:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/22/2015 03:37:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/22/2015 03:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/22/2015 03:37:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/22/2015 03:37:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/22/2015 03:37:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


CodeIntegrity:
===================================
  Date: 2015-06-01 16:16:40.648
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ntdll.dll" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16197.21 MB
Verfügbarer physikalischer RAM: 12996.3 MB
Summe virtueller Speicher: 32392.62 MB
Verfügbarer virtueller Speicher: 28095.49 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:953.77 GB) (Free:816.56 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: 09E0FDF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 22.09.2015, 15:58   #4
Atom95
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Code:
ATTFilter
15:50:57.0701 0x0a9c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:51:01.0005 0x0a9c  ============================================================
15:51:01.0005 0x0a9c  Current date / time: 2015/09/22 15:51:01.0005
15:51:01.0005 0x0a9c  SystemInfo:
15:51:01.0005 0x0a9c  
15:51:01.0005 0x0a9c  OS Version: 6.1.7601 ServicePack: 1.0
15:51:01.0005 0x0a9c  Product type: Workstation
15:51:01.0005 0x0a9c  ComputerName: ALEX-PC
15:51:01.0005 0x0a9c  UserName: Alex
15:51:01.0005 0x0a9c  Windows directory: C:\Windows
15:51:01.0005 0x0a9c  System windows directory: C:\Windows
15:51:01.0005 0x0a9c  Running under WOW64
15:51:01.0005 0x0a9c  Processor architecture: Intel x64
15:51:01.0005 0x0a9c  Number of processors: 8
15:51:01.0005 0x0a9c  Page size: 0x1000
15:51:01.0005 0x0a9c  Boot type: Normal boot
15:51:01.0005 0x0a9c  ============================================================
15:51:01.0195 0x0a9c  KLMD registered as C:\Windows\system32\drivers\11778521.sys
15:51:01.0277 0x0a9c  System UUID: {60829599-3F0A-0196-106D-017BDA7164C9}
15:51:01.0571 0x0a9c  Drive \Device\Harddisk0\DR0 - Size: 0xEE77A56000 ( 953.87 Gb ), SectorSize: 0x200, Cylinders: 0x1E667, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:51:01.0574 0x0a9c  ============================================================
15:51:01.0574 0x0a9c  \Device\Harddisk0\DR0:
15:51:01.0574 0x0a9c  MBR partitions:
15:51:01.0574 0x0a9c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:51:01.0574 0x0a9c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7738A000
15:51:01.0574 0x0a9c  ============================================================
15:51:01.0575 0x0a9c  C: <-> \Device\Harddisk0\DR0\Partition2
15:51:01.0575 0x0a9c  ============================================================
15:51:01.0576 0x0a9c  Initialize success
15:51:01.0576 0x0a9c  ============================================================
15:51:07.0320 0x0aa4  ============================================================
15:51:07.0320 0x0aa4  Scan started
15:51:07.0320 0x0aa4  Mode: Manual; 
15:51:07.0320 0x0aa4  ============================================================
15:51:07.0320 0x0aa4  KSN ping started
15:51:10.0046 0x0aa4  KSN ping finished: true
15:51:10.0780 0x0aa4  ================ Scan system memory ========================
15:51:10.0780 0x0aa4  System memory - ok
15:51:10.0781 0x0aa4  ================ Scan services =============================
15:51:10.0797 0x0aa4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:51:10.0799 0x0aa4  1394ohci - ok
15:51:10.0810 0x0aa4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:51:10.0814 0x0aa4  ACPI - ok
15:51:10.0815 0x0aa4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:51:10.0816 0x0aa4  AcpiPmi - ok
15:51:10.0828 0x0aa4  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:51:10.0830 0x0aa4  AdobeFlashPlayerUpdateSvc - ok
15:51:10.0838 0x0aa4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:51:10.0842 0x0aa4  adp94xx - ok
15:51:10.0848 0x0aa4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:51:10.0851 0x0aa4  adpahci - ok
15:51:10.0854 0x0aa4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:51:10.0856 0x0aa4  adpu320 - ok
15:51:10.0859 0x0aa4  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:51:10.0860 0x0aa4  AeLookupSvc - ok
15:51:10.0867 0x0aa4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:51:10.0871 0x0aa4  AFD - ok
15:51:10.0874 0x0aa4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:51:10.0874 0x0aa4  agp440 - ok
15:51:10.0877 0x0aa4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:51:10.0877 0x0aa4  ALG - ok
15:51:10.0879 0x0aa4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:51:10.0879 0x0aa4  aliide - ok
15:51:10.0881 0x0aa4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:51:10.0881 0x0aa4  amdide - ok
15:51:10.0883 0x0aa4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:51:10.0884 0x0aa4  AmdK8 - ok
15:51:10.0886 0x0aa4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:51:10.0886 0x0aa4  AmdPPM - ok
15:51:10.0889 0x0aa4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:51:10.0890 0x0aa4  amdsata - ok
15:51:10.0894 0x0aa4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:51:10.0895 0x0aa4  amdsbs - ok
15:51:10.0897 0x0aa4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:51:10.0897 0x0aa4  amdxata - ok
15:51:10.0912 0x0aa4  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
15:51:10.0920 0x0aa4  AntiVirMailService - ok
15:51:10.0927 0x0aa4  [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
15:51:10.0932 0x0aa4  AntiVirSchedulerService - ok
15:51:10.0939 0x0aa4  [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
15:51:10.0943 0x0aa4  AntiVirService - ok
15:51:10.0959 0x0aa4  [ D9A8EE3F4A1E604B9315B34A5AA4569E, 287BA8FA1949646E03D39F36F50C016251358A8A454EE19D249E76A723F1455E ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
15:51:10.0970 0x0aa4  AntiVirWebService - ok
15:51:10.0972 0x0aa4  [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID           C:\Windows\system32\drivers\appid.sys
15:51:10.0973 0x0aa4  AppID - ok
15:51:10.0975 0x0aa4  [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:51:10.0975 0x0aa4  AppIDSvc - ok
15:51:10.0977 0x0aa4  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
15:51:10.0978 0x0aa4  Appinfo - ok
15:51:10.0981 0x0aa4  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:51:10.0982 0x0aa4  Apple Mobile Device Service - ok
15:51:10.0985 0x0aa4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:51:10.0986 0x0aa4  arc - ok
15:51:10.0988 0x0aa4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:51:10.0989 0x0aa4  arcsas - ok
15:51:10.0995 0x0aa4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:51:10.0997 0x0aa4  aspnet_state - ok
15:51:10.0999 0x0aa4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:51:10.0999 0x0aa4  AsyncMac - ok
15:51:11.0001 0x0aa4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:51:11.0001 0x0aa4  atapi - ok
15:51:11.0033 0x0aa4  [ 40734F3A5EEC4C4AC6A1FAF10B293714, 069885A5EED99E51E5D8621CF5174DCCC6C56B3F950A11C14A3A97A8DADD9D5C ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:51:11.0057 0x0aa4  athr - ok
15:51:11.0069 0x0aa4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:51:11.0075 0x0aa4  AudioEndpointBuilder - ok
15:51:11.0085 0x0aa4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:51:11.0092 0x0aa4  AudioSrv - ok
15:51:11.0095 0x0aa4  [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:51:11.0097 0x0aa4  avgntflt - ok
15:51:11.0100 0x0aa4  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:51:11.0101 0x0aa4  avipbb - ok
15:51:11.0106 0x0aa4  [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:51:11.0108 0x0aa4  Avira.ServiceHost - ok
15:51:11.0110 0x0aa4  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:51:11.0110 0x0aa4  avkmgr - ok
15:51:11.0112 0x0aa4  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
15:51:11.0113 0x0aa4  avnetflt - ok
15:51:11.0115 0x0aa4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:51:11.0117 0x0aa4  AxInstSV - ok
15:51:11.0123 0x0aa4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:51:11.0127 0x0aa4  b06bdrv - ok
15:51:11.0132 0x0aa4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:51:11.0135 0x0aa4  b57nd60a - ok
15:51:11.0138 0x0aa4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:51:11.0139 0x0aa4  BDESVC - ok
15:51:11.0140 0x0aa4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:51:11.0141 0x0aa4  Beep - ok
15:51:11.0155 0x0aa4  [ 56805606D40B1EC96AE8442E21318C13, 3CBCB50EA8D2124B5E322D38F721670B4997F5F6865D3C7D5F819B9EF9620394 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
15:51:11.0166 0x0aa4  BEService - ok
15:51:11.0176 0x0aa4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:51:11.0182 0x0aa4  BFE - ok
15:51:11.0185 0x0aa4  [ 35BAC943C9C9C501B2DB888858D41F99, 4EDA511CC7029ECB757E2B7B90903503DC649B7B5060238D6418EF4506E172A5 ] BfLwf           C:\Windows\system32\DRIVERS\bflwfx64.sys
15:51:11.0186 0x0aa4  BfLwf - ok
15:51:11.0197 0x0aa4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:51:11.0205 0x0aa4  BITS - ok
15:51:11.0207 0x0aa4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:51:11.0208 0x0aa4  blbdrive - ok
15:51:11.0214 0x0aa4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:51:11.0219 0x0aa4  Bonjour Service - ok
15:51:11.0221 0x0aa4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:51:11.0222 0x0aa4  bowser - ok
15:51:11.0224 0x0aa4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:51:11.0224 0x0aa4  BrFiltLo - ok
15:51:11.0226 0x0aa4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:51:11.0226 0x0aa4  BrFiltUp - ok
15:51:11.0229 0x0aa4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:51:11.0231 0x0aa4  Browser - ok
15:51:11.0235 0x0aa4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:51:11.0238 0x0aa4  Brserid - ok
15:51:11.0240 0x0aa4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:51:11.0240 0x0aa4  BrSerWdm - ok
15:51:11.0242 0x0aa4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:51:11.0242 0x0aa4  BrUsbMdm - ok
15:51:11.0243 0x0aa4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:51:11.0244 0x0aa4  BrUsbSer - ok
15:51:11.0246 0x0aa4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:51:11.0246 0x0aa4  BTHMODEM - ok
15:51:11.0249 0x0aa4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:51:11.0250 0x0aa4  bthserv - ok
15:51:11.0267 0x0aa4  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
15:51:11.0280 0x0aa4  c2cautoupdatesvc - ok
15:51:11.0302 0x0aa4  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
15:51:11.0317 0x0aa4  c2cpnrsvc - ok
15:51:11.0321 0x0aa4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:51:11.0322 0x0aa4  cdfs - ok
15:51:11.0325 0x0aa4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:51:11.0326 0x0aa4  cdrom - ok
15:51:11.0329 0x0aa4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:51:11.0330 0x0aa4  CertPropSvc - ok
15:51:11.0332 0x0aa4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:51:11.0332 0x0aa4  circlass - ok
15:51:11.0338 0x0aa4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:51:11.0341 0x0aa4  CLFS - ok
15:51:11.0345 0x0aa4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:11.0346 0x0aa4  clr_optimization_v2.0.50727_32 - ok
15:51:11.0350 0x0aa4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:51:11.0351 0x0aa4  clr_optimization_v2.0.50727_64 - ok
15:51:11.0356 0x0aa4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:51:11.0359 0x0aa4  clr_optimization_v4.0.30319_32 - ok
15:51:11.0362 0x0aa4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:51:11.0364 0x0aa4  clr_optimization_v4.0.30319_64 - ok
15:51:11.0366 0x0aa4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:51:11.0366 0x0aa4  CmBatt - ok
15:51:11.0367 0x0aa4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:51:11.0368 0x0aa4  cmdide - ok
15:51:11.0374 0x0aa4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
15:51:11.0379 0x0aa4  CNG - ok
15:51:11.0381 0x0aa4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:51:11.0381 0x0aa4  Compbatt - ok
15:51:11.0383 0x0aa4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:51:11.0383 0x0aa4  CompositeBus - ok
15:51:11.0384 0x0aa4  COMSysApp - ok
15:51:11.0396 0x0aa4  [ 7C3EF8B5521499E47D2C5402031831C4, C71DD1BC87DCD34F97D809B66F6081E17D3C135E8E185DE2451484543A08D23A ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:51:11.0399 0x0aa4  cphs - ok
15:51:11.0401 0x0aa4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:51:11.0401 0x0aa4  crcdisk - ok
15:51:11.0405 0x0aa4  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:51:11.0407 0x0aa4  CryptSvc - ok
15:51:11.0415 0x0aa4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:51:11.0420 0x0aa4  DcomLaunch - ok
15:51:11.0425 0x0aa4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:51:11.0428 0x0aa4  defragsvc - ok
15:51:11.0431 0x0aa4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:51:11.0432 0x0aa4  DfsC - ok
15:51:11.0437 0x0aa4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:51:11.0440 0x0aa4  Dhcp - ok
15:51:11.0457 0x0aa4  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:51:11.0470 0x0aa4  DiagTrack - ok
15:51:11.0473 0x0aa4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:51:11.0473 0x0aa4  discache - ok
15:51:11.0475 0x0aa4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:51:11.0476 0x0aa4  Disk - ok
15:51:11.0480 0x0aa4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:51:11.0482 0x0aa4  Dnscache - ok
15:51:11.0486 0x0aa4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:51:11.0489 0x0aa4  dot3svc - ok
15:51:11.0492 0x0aa4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:51:11.0494 0x0aa4  DPS - ok
15:51:11.0495 0x0aa4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:51:11.0495 0x0aa4  drmkaud - ok
15:51:11.0508 0x0aa4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:51:11.0517 0x0aa4  DXGKrnl - ok
15:51:11.0523 0x0aa4  [ A82585AA7B7DD775CB0FFCC2401C35E9, 0EB6D898EA260D3E60AD77AA4875C378719173D159B5945FDBBFB20E2B3C2927 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
15:51:11.0527 0x0aa4  e1dexpress - ok
15:51:11.0530 0x0aa4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:51:11.0531 0x0aa4  EapHost - ok
15:51:11.0569 0x0aa4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:51:11.0598 0x0aa4  ebdrv - ok
15:51:11.0602 0x0aa4  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS             C:\Windows\System32\lsass.exe
15:51:11.0603 0x0aa4  EFS - ok
15:51:11.0613 0x0aa4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:51:11.0619 0x0aa4  ehRecvr - ok
15:51:11.0622 0x0aa4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:51:11.0623 0x0aa4  ehSched - ok
15:51:11.0631 0x0aa4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:51:11.0636 0x0aa4  elxstor - ok
15:51:11.0637 0x0aa4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:51:11.0638 0x0aa4  ErrDev - ok
15:51:11.0645 0x0aa4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:51:11.0649 0x0aa4  EventSystem - ok
15:51:11.0652 0x0aa4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:51:11.0654 0x0aa4  exfat - ok
15:51:11.0658 0x0aa4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:51:11.0660 0x0aa4  fastfat - ok
15:51:11.0669 0x0aa4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:51:11.0676 0x0aa4  Fax - ok
15:51:11.0678 0x0aa4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:51:11.0678 0x0aa4  fdc - ok
15:51:11.0679 0x0aa4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:51:11.0680 0x0aa4  fdPHost - ok
15:51:11.0682 0x0aa4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:51:11.0682 0x0aa4  FDResPub - ok
15:51:11.0684 0x0aa4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:51:11.0685 0x0aa4  FileInfo - ok
15:51:11.0687 0x0aa4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:51:11.0688 0x0aa4  Filetrace - ok
15:51:11.0689 0x0aa4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:51:11.0689 0x0aa4  flpydisk - ok
15:51:11.0694 0x0aa4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:51:11.0697 0x0aa4  FltMgr - ok
15:51:11.0711 0x0aa4  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
15:51:11.0722 0x0aa4  FontCache - ok
15:51:11.0725 0x0aa4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:51:11.0726 0x0aa4  FontCache3.0.0.0 - ok
15:51:11.0728 0x0aa4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:51:11.0728 0x0aa4  FsDepends - ok
15:51:11.0730 0x0aa4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:51:11.0731 0x0aa4  Fs_Rec - ok
15:51:11.0735 0x0aa4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:51:11.0737 0x0aa4  fvevol - ok
15:51:11.0739 0x0aa4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:51:11.0740 0x0aa4  gagp30kx - ok
15:51:11.0741 0x0aa4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:51:11.0742 0x0aa4  GEARAspiWDM - ok
15:51:11.0757 0x0aa4  [ 4B015AACA104091DF767273653B1B883, 7141B30D54F7DFE2B4718FB2EBAC7FA407D9BEA1D00F664C0278AC7E3B716A67 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:51:11.0767 0x0aa4  GfExperienceService - ok
15:51:11.0778 0x0aa4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:51:11.0786 0x0aa4  gpsvc - ok
15:51:11.0790 0x0aa4  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:51:11.0791 0x0aa4  gupdate - ok
15:51:11.0794 0x0aa4  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:51:11.0796 0x0aa4  gupdatem - ok
15:51:11.0797 0x0aa4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:51:11.0798 0x0aa4  hcw85cir - ok
15:51:11.0803 0x0aa4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:51:11.0806 0x0aa4  HdAudAddService - ok
15:51:11.0809 0x0aa4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:51:11.0810 0x0aa4  HDAudBus - ok
15:51:11.0812 0x0aa4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:51:11.0812 0x0aa4  HidBatt - ok
15:51:11.0814 0x0aa4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:51:11.0815 0x0aa4  HidBth - ok
15:51:11.0817 0x0aa4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:51:11.0818 0x0aa4  HidIr - ok
15:51:11.0820 0x0aa4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:51:11.0820 0x0aa4  hidserv - ok
15:51:11.0822 0x0aa4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:51:11.0822 0x0aa4  HidUsb - ok
15:51:11.0824 0x0aa4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:51:11.0826 0x0aa4  hkmsvc - ok
15:51:11.0830 0x0aa4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:51:11.0832 0x0aa4  HomeGroupListener - ok
15:51:11.0836 0x0aa4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:51:11.0838 0x0aa4  HomeGroupProvider - ok
15:51:11.0840 0x0aa4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:51:11.0841 0x0aa4  HpSAMD - ok
15:51:11.0851 0x0aa4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:51:11.0858 0x0aa4  HTTP - ok
15:51:11.0860 0x0aa4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:51:11.0861 0x0aa4  hwpolicy - ok
15:51:11.0863 0x0aa4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:51:11.0864 0x0aa4  i8042prt - ok
15:51:11.0882 0x0aa4  [ 9E47BCE5F240C13331A493E156270589, 21BCBB18CAD5BC5CED3A8D9C3868D4AB4B781A2F8E40A49AABFD4AC8DC2FBC9F ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
15:51:11.0894 0x0aa4  iaStorA - ok
15:51:11.0897 0x0aa4  [ 2FAE62EA1F9516603FE399B0340BC68B, BB534D8209566D7F44C034AF62439EB764875BB138FE5C6C5DA86EDC6203B077 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:51:11.0898 0x0aa4  IAStorDataMgrSvc - ok
15:51:11.0899 0x0aa4  [ 9ADE730DBDC336D4DED0C70AC720994E, F36353CE4C136B97F4A478AB08845BE00377BA10A42F480C651B96CDB0D2094F ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
15:51:11.0900 0x0aa4  iaStorF - ok
15:51:11.0906 0x0aa4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:51:11.0910 0x0aa4  iaStorV - ok
15:51:11.0922 0x0aa4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:51:11.0930 0x0aa4  idsvc - ok
15:51:11.0987 0x0aa4  [ C5E23116B13704940651AD1694B1A37D, 2FF3E2D16799B0D896E1CE9AB22637FF290CD9D03EBE773EBC2C23281A9C6F8C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:51:12.0030 0x0aa4  igfx - ok
15:51:12.0039 0x0aa4  [ F5BBF0F3A5F2FE6B292038132D483A25, C4E3BF543E5F83A56FC6BD48A54191592F242EF64DFD7F5277E13BDD66554B4C ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
15:51:12.0042 0x0aa4  igfxCUIService1.0.0.0 - ok
15:51:12.0044 0x0aa4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:51:12.0044 0x0aa4  iirsp - ok
15:51:12.0056 0x0aa4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:51:12.0064 0x0aa4  IKEEXT - ok
15:51:12.0077 0x0aa4  [ 5E7F2CE9E9BF48521298D1C6729145C5, 0FD2350D5A26EDEA4F83F2E3D22FD0047AEA4623096C6FF7A70F8248B185FBC8 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:51:12.0085 0x0aa4  Intel(R) Capability Licensing Service TCP IP Interface - ok
15:51:12.0090 0x0aa4  [ 27A82EC9FD1CA4A5526A61828D2053AB, 863E0650BCD4F112A1B187D6B5770C8E4F5322B7E1CBD12DC790B46F0EF75D11 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
15:51:12.0092 0x0aa4  Intel(R) PROSet Monitoring Service - ok
15:51:12.0094 0x0aa4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:51:12.0094 0x0aa4  intelide - ok
15:51:12.0096 0x0aa4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:51:12.0097 0x0aa4  intelppm - ok
15:51:12.0100 0x0aa4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:51:12.0101 0x0aa4  IPBusEnum - ok
15:51:12.0103 0x0aa4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:51:12.0104 0x0aa4  IpFilterDriver - ok
15:51:12.0112 0x0aa4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:51:12.0118 0x0aa4  iphlpsvc - ok
15:51:12.0120 0x0aa4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:51:12.0121 0x0aa4  IPMIDRV - ok
15:51:12.0124 0x0aa4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:51:12.0125 0x0aa4  IPNAT - ok
15:51:12.0134 0x0aa4  [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:51:12.0140 0x0aa4  iPod Service - ok
15:51:12.0142 0x0aa4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:51:12.0142 0x0aa4  IRENUM - ok
15:51:12.0144 0x0aa4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:51:12.0144 0x0aa4  isapnp - ok
15:51:12.0149 0x0aa4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:51:12.0152 0x0aa4  iScsiPrt - ok
15:51:12.0154 0x0aa4  [ 487DD6972C62E3997DAE859C65E49BC4, 9DB73DFFB447A02A4661B4F98B65AAB9E24AB3A95A1DBFA6A7FACC8A763919F2 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:51:12.0154 0x0aa4  iusb3hcs - ok
15:51:12.0160 0x0aa4  [ 49A1C5EB879FB54A16BFCBA90C55B261, 14DDF2178DF5869244A43394F995F704753F51AF196B5B400DEC33B0282C8A42 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
15:51:12.0163 0x0aa4  iusb3hub - ok
15:51:12.0174 0x0aa4  [ 30036C8A4FC1B4833CE1E3868E109EB9, A2E6A7DF284BE79FC785CEAA91BE71B79562D908E7D74FB745DA59F04B0FF51F ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:51:12.0181 0x0aa4  iusb3xhc - ok
15:51:12.0185 0x0aa4  [ 1C3EF75B521DB60E951711440648B0D5, 95F594ADB6CCDE5CB7E0601B90A611D3A39485419D078CEB6DB84FFC0AC7E6A7 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:51:12.0187 0x0aa4  jhi_service - ok
15:51:12.0189 0x0aa4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:51:12.0190 0x0aa4  kbdclass - ok
15:51:12.0191 0x0aa4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:51:12.0192 0x0aa4  kbdhid - ok
15:51:12.0195 0x0aa4  [ 819433A6CFC8771F0A2B0BB8EF6125B1, 37BE3545E3782CFA56F1A890B389CDF37C48F177CEE3EF23F4FDDF3D2A094DD3 ] Ke2200          C:\Windows\system32\DRIVERS\e22w7x64.sys
15:51:12.0196 0x0aa4  Ke2200 - ok
15:51:12.0198 0x0aa4  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso          C:\Windows\system32\lsass.exe
15:51:12.0199 0x0aa4  KeyIso - ok
15:51:12.0201 0x0aa4  [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:51:12.0202 0x0aa4  KSecDD - ok
15:51:12.0205 0x0aa4  [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:51:12.0207 0x0aa4  KSecPkg - ok
15:51:12.0209 0x0aa4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:51:12.0209 0x0aa4  ksthunk - ok
15:51:12.0215 0x0aa4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:51:12.0219 0x0aa4  KtmRm - ok
15:51:12.0223 0x0aa4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:51:12.0226 0x0aa4  LanmanServer - ok
15:51:12.0229 0x0aa4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:51:12.0230 0x0aa4  LanmanWorkstation - ok
15:51:12.0233 0x0aa4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:51:12.0234 0x0aa4  lltdio - ok
15:51:12.0240 0x0aa4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:51:12.0243 0x0aa4  lltdsvc - ok
15:51:12.0245 0x0aa4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:51:12.0246 0x0aa4  lmhosts - ok
15:51:12.0252 0x0aa4  [ 631ABC3E8FF50F9B70B9A52568B1F5F6, 9F3286C95A2D2BFA0D7082F648E2FBBA339C06188F950AE1FE3A797B644AD813 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:51:12.0255 0x0aa4  LMS - ok
15:51:12.0259 0x0aa4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:51:12.0260 0x0aa4  LSI_FC - ok
15:51:12.0263 0x0aa4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:51:12.0264 0x0aa4  LSI_SAS - ok
15:51:12.0266 0x0aa4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:51:12.0267 0x0aa4  LSI_SAS2 - ok
15:51:12.0269 0x0aa4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:51:12.0270 0x0aa4  LSI_SCSI - ok
15:51:12.0273 0x0aa4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:51:12.0274 0x0aa4  luafv - ok
15:51:12.0277 0x0aa4  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:51:12.0277 0x0aa4  MBAMProtector - ok
15:51:12.0300 0x0aa4  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
15:51:12.0317 0x0aa4  MBAMScheduler - ok
15:51:12.0332 0x0aa4  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:51:12.0342 0x0aa4  MBAMService - ok
15:51:12.0346 0x0aa4  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:51:12.0347 0x0aa4  MBAMSwissArmy - ok
15:51:12.0349 0x0aa4  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:51:12.0350 0x0aa4  MBAMWebAccessControl - ok
15:51:12.0352 0x0aa4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:51:12.0353 0x0aa4  Mcx2Svc - ok
15:51:12.0355 0x0aa4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:51:12.0355 0x0aa4  megasas - ok
15:51:12.0360 0x0aa4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:51:12.0363 0x0aa4  MegaSR - ok
15:51:12.0365 0x0aa4  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
15:51:12.0367 0x0aa4  MEIx64 - ok
15:51:12.0369 0x0aa4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:51:12.0370 0x0aa4  MMCSS - ok
15:51:12.0371 0x0aa4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:51:12.0372 0x0aa4  Modem - ok
15:51:12.0374 0x0aa4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:51:12.0374 0x0aa4  monitor - ok
15:51:12.0376 0x0aa4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:51:12.0376 0x0aa4  mouclass - ok
15:51:12.0378 0x0aa4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:51:12.0379 0x0aa4  mouhid - ok
15:51:12.0382 0x0aa4  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:51:12.0383 0x0aa4  mountmgr - ok
15:51:12.0386 0x0aa4  [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:51:12.0387 0x0aa4  MozillaMaintenance - ok
15:51:12.0391 0x0aa4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:51:12.0392 0x0aa4  mpio - ok
15:51:12.0394 0x0aa4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:51:12.0395 0x0aa4  mpsdrv - ok
15:51:12.0406 0x0aa4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:51:12.0414 0x0aa4  MpsSvc - ok
15:51:12.0417 0x0aa4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:51:12.0419 0x0aa4  MRxDAV - ok
15:51:12.0422 0x0aa4  [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:51:12.0424 0x0aa4  mrxsmb - ok
15:51:12.0428 0x0aa4  [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:51:12.0431 0x0aa4  mrxsmb10 - ok
15:51:12.0434 0x0aa4  [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:51:12.0436 0x0aa4  mrxsmb20 - ok
15:51:12.0437 0x0aa4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:51:12.0438 0x0aa4  msahci - ok
15:51:12.0441 0x0aa4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:51:12.0442 0x0aa4  msdsm - ok
15:51:12.0445 0x0aa4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:51:12.0447 0x0aa4  MSDTC - ok
15:51:12.0450 0x0aa4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:51:12.0450 0x0aa4  Msfs - ok
15:51:12.0452 0x0aa4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:51:12.0452 0x0aa4  mshidkmdf - ok
15:51:12.0453 0x0aa4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:51:12.0454 0x0aa4  msisadrv - ok
15:51:12.0457 0x0aa4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:51:12.0458 0x0aa4  MSiSCSI - ok
15:51:12.0460 0x0aa4  msiserver - ok
15:51:12.0461 0x0aa4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:51:12.0462 0x0aa4  MSKSSRV - ok
15:51:12.0463 0x0aa4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:51:12.0463 0x0aa4  MSPCLOCK - ok
15:51:12.0464 0x0aa4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:51:12.0465 0x0aa4  MSPQM - ok
15:51:12.0470 0x0aa4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:51:12.0475 0x0aa4  MsRPC - ok
15:51:12.0478 0x0aa4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:51:12.0478 0x0aa4  mssmbios - ok
15:51:12.0479 0x0aa4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:51:12.0480 0x0aa4  MSTEE - ok
15:51:12.0481 0x0aa4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:51:12.0481 0x0aa4  MTConfig - ok
15:51:12.0483 0x0aa4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:51:12.0484 0x0aa4  Mup - ok
15:51:12.0491 0x0aa4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:51:12.0496 0x0aa4  napagent - ok
15:51:12.0501 0x0aa4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:51:12.0504 0x0aa4  NativeWifiP - ok
15:51:12.0517 0x0aa4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:51:12.0526 0x0aa4  NDIS - ok
15:51:12.0528 0x0aa4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:51:12.0528 0x0aa4  NdisCap - ok
15:51:12.0530 0x0aa4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:51:12.0530 0x0aa4  NdisTapi - ok
15:51:12.0532 0x0aa4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:51:12.0533 0x0aa4  Ndisuio - ok
15:51:12.0536 0x0aa4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:51:12.0538 0x0aa4  NdisWan - ok
15:51:12.0540 0x0aa4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:51:12.0541 0x0aa4  NDProxy - ok
15:51:12.0543 0x0aa4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:51:12.0543 0x0aa4  NetBIOS - ok
15:51:12.0547 0x0aa4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:51:12.0550 0x0aa4  NetBT - ok
15:51:12.0552 0x0aa4  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon        C:\Windows\system32\lsass.exe
15:51:12.0552 0x0aa4  Netlogon - ok
15:51:12.0558 0x0aa4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:51:12.0561 0x0aa4  Netman - ok
15:51:12.0568 0x0aa4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:12.0569 0x0aa4  NetMsmqActivator - ok
15:51:12.0572 0x0aa4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:12.0573 0x0aa4  NetPipeActivator - ok
15:51:12.0580 0x0aa4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:51:12.0585 0x0aa4  netprofm - ok
15:51:12.0587 0x0aa4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:12.0589 0x0aa4  NetTcpActivator - ok
15:51:12.0591 0x0aa4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:12.0593 0x0aa4  NetTcpPortSharing - ok
15:51:12.0595 0x0aa4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:51:12.0595 0x0aa4  nfrd960 - ok
15:51:12.0600 0x0aa4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:51:12.0603 0x0aa4  NlaSvc - ok
15:51:12.0605 0x0aa4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:51:12.0606 0x0aa4  Npfs - ok
15:51:12.0608 0x0aa4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:51:12.0609 0x0aa4  nsi - ok
15:51:12.0610 0x0aa4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:51:12.0611 0x0aa4  nsiproxy - ok
15:51:12.0632 0x0aa4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:51:12.0651 0x0aa4  Ntfs - ok
15:51:12.0653 0x0aa4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:51:12.0653 0x0aa4  Null - ok
15:51:12.0656 0x0aa4  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
15:51:12.0656 0x0aa4  nusb3hub - ok
15:51:12.0660 0x0aa4  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
15:51:12.0662 0x0aa4  nusb3xhc - ok
15:51:12.0666 0x0aa4  [ 14B5D48DC0220A6E5E4A757B6E082060, 5B506C14291AEDF1A6AF2191B28B23F3FE15B72D268D3CCA61655652B149C5E7 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:51:12.0668 0x0aa4  NVHDA - ok
15:51:12.0793 0x0aa4  [ 9D411EBA92A9C28E36059AC75049BCC2, 8FCADB4B2F2B200598C9E27D4BA6A32D356B726CAF34B761C95F6E5353284AF0 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:51:12.0892 0x0aa4  nvlddmkm - ok
15:51:12.0922 0x0aa4  [ FF23D09C29FBC3AC854692CE4535EBC0, A309606A7DD6771E505532E56C77EA94BCC34C6A485C083B2C259F152A50666D ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:51:12.0939 0x0aa4  NvNetworkService - ok
15:51:12.0943 0x0aa4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:51:12.0945 0x0aa4  nvraid - ok
15:51:12.0948 0x0aa4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:51:12.0950 0x0aa4  nvstor - ok
15:51:12.0951 0x0aa4  [ 6DB62AA6DF3CAA4E2D9DBEBD0D554035, 5C4A61E605F703468132AC0EB4B8058C8FE328D1C8A7919E2B1CC564F2FD7003 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:51:12.0952 0x0aa4  NvStreamKms - ok
15:51:13.0014 0x0aa4  [ 30524DD64CF6E47D093FAF5DD22BEB4D, F929FF5C6089709EEE02A3971D571C7F391F89622833DB79984D99D115656DC3 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
15:51:13.0063 0x0aa4  NvStreamSvc - ok
15:51:13.0079 0x0aa4  [ 1BC6175DAFB0BFEAF8C927F109F912BF, EDEAC4AD10518FEDA9E827E60B840F8CBD2E22CC796E798941A8C64268115224 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:51:13.0088 0x0aa4  nvsvc - ok
15:51:13.0091 0x0aa4  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:51:13.0091 0x0aa4  nvvad_WaveExtensible - ok
15:51:13.0094 0x0aa4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:51:13.0095 0x0aa4  nv_agp - ok
15:51:13.0097 0x0aa4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:51:13.0098 0x0aa4  ohci1394 - ok
15:51:13.0122 0x0aa4  [ FCE83ABDE761C87D17EA65960455F0E5, E59C13E26845FE0537AEBF0E4A9DC0AF3E6DF55C7A54247FC8078AC5DE666AD4 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:51:13.0140 0x0aa4  Origin Client Service - ok
15:51:13.0147 0x0aa4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:51:13.0150 0x0aa4  p2pimsvc - ok
15:51:13.0157 0x0aa4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:51:13.0162 0x0aa4  p2psvc - ok
15:51:13.0164 0x0aa4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:51:13.0165 0x0aa4  Parport - ok
15:51:13.0168 0x0aa4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:51:13.0169 0x0aa4  partmgr - ok
15:51:13.0172 0x0aa4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:51:13.0174 0x0aa4  PcaSvc - ok
15:51:13.0178 0x0aa4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:51:13.0180 0x0aa4  pci - ok
15:51:13.0181 0x0aa4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:51:13.0182 0x0aa4  pciide - ok
15:51:13.0186 0x0aa4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:51:13.0188 0x0aa4  pcmcia - ok
15:51:13.0190 0x0aa4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:51:13.0191 0x0aa4  pcw - ok
15:51:13.0200 0x0aa4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:51:13.0206 0x0aa4  PEAUTH - ok
15:51:13.0216 0x0aa4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:51:13.0217 0x0aa4  PerfHost - ok
15:51:13.0236 0x0aa4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:51:13.0249 0x0aa4  pla - ok
15:51:13.0256 0x0aa4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:51:13.0260 0x0aa4  PlugPlay - ok
15:51:13.0262 0x0aa4  PnkBstrA - ok
15:51:13.0264 0x0aa4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:51:13.0264 0x0aa4  PNRPAutoReg - ok
15:51:13.0270 0x0aa4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:51:13.0273 0x0aa4  PNRPsvc - ok
15:51:13.0280 0x0aa4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:51:13.0285 0x0aa4  PolicyAgent - ok
15:51:13.0290 0x0aa4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:51:13.0292 0x0aa4  Power - ok
15:51:13.0295 0x0aa4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:51:13.0296 0x0aa4  PptpMiniport - ok
15:51:13.0298 0x0aa4  [ 9EF7419948DA708D0F570C8A61C28783, 0C932CAAF1D63C6A23C06AA9280DDD97F6304B92715B15CC0E3400EF1385589B ] prio_svc        C:\Program Files\Prio\prio_svc.exe
15:51:13.0298 0x0aa4  prio_svc - ok
15:51:13.0300 0x0aa4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:51:13.0301 0x0aa4  Processor - ok
15:51:13.0305 0x0aa4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:51:13.0307 0x0aa4  ProfSvc - ok
15:51:13.0309 0x0aa4  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:51:13.0310 0x0aa4  ProtectedStorage - ok
15:51:13.0312 0x0aa4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:51:13.0314 0x0aa4  Psched - ok
15:51:13.0333 0x0aa4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:51:13.0346 0x0aa4  ql2300 - ok
15:51:13.0350 0x0aa4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:51:13.0351 0x0aa4  ql40xx - ok
15:51:13.0357 0x0aa4  [ 86D9A906B8467AE1E331296AFE0F083F, 01B332F0A291C64EB537D17E8B971D0157C72606F9396BAAF2C4479519E26353 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
15:51:13.0360 0x0aa4  Qualcomm Atheros Killer Service V2 - ok
15:51:13.0365 0x0aa4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:51:13.0368 0x0aa4  QWAVE - ok
15:51:13.0369 0x0aa4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:51:13.0370 0x0aa4  QWAVEdrv - ok
15:51:13.0372 0x0aa4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:51:13.0372 0x0aa4  RasAcd - ok
15:51:13.0374 0x0aa4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:51:13.0375 0x0aa4  RasAgileVpn - ok
15:51:13.0377 0x0aa4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:51:13.0379 0x0aa4  RasAuto - ok
15:51:13.0382 0x0aa4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:51:13.0383 0x0aa4  Rasl2tp - ok
15:51:13.0388 0x0aa4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:51:13.0392 0x0aa4  RasMan - ok
15:51:13.0394 0x0aa4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:51:13.0395 0x0aa4  RasPppoe - ok
15:51:13.0398 0x0aa4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:51:13.0399 0x0aa4  RasSstp - ok
15:51:13.0404 0x0aa4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:51:13.0407 0x0aa4  rdbss - ok
15:51:13.0408 0x0aa4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:51:13.0409 0x0aa4  rdpbus - ok
15:51:13.0410 0x0aa4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:51:13.0411 0x0aa4  RDPCDD - ok
15:51:13.0413 0x0aa4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:51:13.0413 0x0aa4  RDPENCDD - ok
15:51:13.0415 0x0aa4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:51:13.0415 0x0aa4  RDPREFMP - ok
15:51:13.0418 0x0aa4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:51:13.0418 0x0aa4  RdpVideoMiniport - ok
15:51:13.0422 0x0aa4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:51:13.0425 0x0aa4  RDPWD - ok
15:51:13.0429 0x0aa4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:51:13.0431 0x0aa4  rdyboost - ok
15:51:13.0433 0x0aa4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:51:13.0435 0x0aa4  RemoteAccess - ok
15:51:13.0438 0x0aa4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:51:13.0440 0x0aa4  RemoteRegistry - ok
15:51:13.0442 0x0aa4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:51:13.0443 0x0aa4  RpcEptMapper - ok
15:51:13.0445 0x0aa4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:51:13.0445 0x0aa4  RpcLocator - ok
15:51:13.0452 0x0aa4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:51:13.0457 0x0aa4  RpcSs - ok
15:51:13.0460 0x0aa4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:51:13.0461 0x0aa4  rspndr - ok
15:51:13.0462 0x0aa4  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs           C:\Windows\system32\lsass.exe
15:51:13.0463 0x0aa4  SamSs - ok
15:51:13.0466 0x0aa4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:51:13.0467 0x0aa4  sbp2port - ok
15:51:13.0470 0x0aa4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:51:13.0473 0x0aa4  SCardSvr - ok
15:51:13.0474 0x0aa4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:51:13.0475 0x0aa4  scfilter - ok
15:51:13.0489 0x0aa4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
15:51:13.0499 0x0aa4  Schedule - ok
15:51:13.0502 0x0aa4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:51:13.0503 0x0aa4  SCPolicySvc - ok
15:51:13.0507 0x0aa4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:51:13.0509 0x0aa4  SDRSVC - ok
15:51:13.0510 0x0aa4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:51:13.0511 0x0aa4  secdrv - ok
15:51:13.0513 0x0aa4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:51:13.0514 0x0aa4  seclogon - ok
15:51:13.0516 0x0aa4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:51:13.0517 0x0aa4  SENS - ok
15:51:13.0519 0x0aa4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:51:13.0520 0x0aa4  SensrSvc - ok
15:51:13.0521 0x0aa4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:51:13.0521 0x0aa4  Serenum - ok
15:51:13.0524 0x0aa4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:51:13.0525 0x0aa4  Serial - ok
15:51:13.0526 0x0aa4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:51:13.0527 0x0aa4  sermouse - ok
15:51:13.0531 0x0aa4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:51:13.0533 0x0aa4  SessionEnv - ok
15:51:13.0534 0x0aa4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:51:13.0535 0x0aa4  sffdisk - ok
15:51:13.0536 0x0aa4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:51:13.0536 0x0aa4  sffp_mmc - ok
15:51:13.0538 0x0aa4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:51:13.0538 0x0aa4  sffp_sd - ok
15:51:13.0540 0x0aa4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:51:13.0540 0x0aa4  sfloppy - ok
15:51:13.0545 0x0aa4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:51:13.0549 0x0aa4  SharedAccess - ok
15:51:13.0555 0x0aa4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:51:13.0559 0x0aa4  ShellHWDetection - ok
15:51:13.0561 0x0aa4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:51:13.0561 0x0aa4  SiSRaid2 - ok
15:51:13.0563 0x0aa4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:51:13.0564 0x0aa4  SiSRaid4 - ok
15:51:13.0570 0x0aa4  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:51:13.0573 0x0aa4  SkypeUpdate - ok
15:51:13.0575 0x0aa4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:51:13.0576 0x0aa4  Smb - ok
15:51:13.0579 0x0aa4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:51:13.0579 0x0aa4  SNMPTRAP - ok
15:51:13.0581 0x0aa4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:51:13.0582 0x0aa4  spldr - ok
15:51:13.0589 0x0aa4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:51:13.0595 0x0aa4  Spooler - ok
15:51:13.0636 0x0aa4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:51:13.0668 0x0aa4  sppsvc - ok
15:51:13.0673 0x0aa4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:51:13.0674 0x0aa4  sppuinotify - ok
15:51:13.0680 0x0aa4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:51:13.0685 0x0aa4  srv - ok
15:51:13.0691 0x0aa4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:51:13.0695 0x0aa4  srv2 - ok
15:51:13.0698 0x0aa4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:51:13.0700 0x0aa4  srvnet - ok
15:51:13.0704 0x0aa4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:51:13.0706 0x0aa4  SSDPSRV - ok
15:51:13.0708 0x0aa4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:51:13.0710 0x0aa4  SstpSvc - ok
15:51:13.0720 0x0aa4  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:51:13.0728 0x0aa4  Steam Client Service - ok
15:51:13.0735 0x0aa4  [ 0E952C9DDE28962922CCDEFA0BF8C425, 41AEA8777DDDE907E94B69A0D03D4EAD4983DB1B798CB01A77E4D8E57CA4A9AD ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:51:13.0739 0x0aa4  Stereo Service - ok
15:51:13.0741 0x0aa4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:51:13.0741 0x0aa4  stexstor - ok
15:51:13.0749 0x0aa4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:51:13.0755 0x0aa4  stisvc - ok
15:51:13.0788 0x0aa4  [ EDD288D69C3F9739832F162F28532781, 2B041F4CDC07776F6104B749985E5FDB30F29C506A30B3306F102E82380A8A3E ] STXIIService    C:\Windows\system32\drivers\STXII.sys
15:51:13.0812 0x0aa4  STXIIService - ok
15:51:13.0815 0x0aa4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:51:13.0815 0x0aa4  swenum - ok
15:51:13.0822 0x0aa4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:51:13.0828 0x0aa4  swprv - ok
15:51:13.0849 0x0aa4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:51:13.0865 0x0aa4  SysMain - ok
15:51:13.0868 0x0aa4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:51:13.0870 0x0aa4  TabletInputService - ok
15:51:13.0871 0x0aa4  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
15:51:13.0872 0x0aa4  tap0901 - ok
15:51:13.0877 0x0aa4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:51:13.0880 0x0aa4  TapiSrv - ok
15:51:13.0882 0x0aa4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:51:13.0883 0x0aa4  TBS - ok
15:51:13.0906 0x0aa4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:51:13.0923 0x0aa4  Tcpip - ok
15:51:13.0946 0x0aa4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:51:13.0964 0x0aa4  TCPIP6 - ok
15:51:13.0967 0x0aa4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:51:13.0968 0x0aa4  tcpipreg - ok
15:51:13.0970 0x0aa4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:51:13.0971 0x0aa4  TDPIPE - ok
15:51:13.0972 0x0aa4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:51:13.0973 0x0aa4  TDTCP - ok
15:51:13.0975 0x0aa4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:51:13.0977 0x0aa4  tdx - ok
15:51:14.0047 0x0aa4  [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
15:51:14.0098 0x0aa4  TeamViewer - ok
15:51:14.0104 0x0aa4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:51:14.0105 0x0aa4  TermDD - ok
15:51:14.0114 0x0aa4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:51:14.0121 0x0aa4  TermService - ok
15:51:14.0123 0x0aa4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:51:14.0124 0x0aa4  Themes - ok
15:51:14.0127 0x0aa4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:51:14.0128 0x0aa4  THREADORDER - ok
15:51:14.0130 0x0aa4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:51:14.0132 0x0aa4  TrkWks - ok
15:51:14.0135 0x0aa4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:51:14.0137 0x0aa4  TrustedInstaller - ok
15:51:14.0140 0x0aa4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:51:14.0140 0x0aa4  tssecsrv - ok
15:51:14.0142 0x0aa4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:51:14.0143 0x0aa4  TsUsbFlt - ok
15:51:14.0145 0x0aa4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:51:14.0145 0x0aa4  TsUsbGD - ok
15:51:14.0148 0x0aa4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:51:14.0149 0x0aa4  tunnel - ok
15:51:14.0151 0x0aa4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:51:14.0152 0x0aa4  uagp35 - ok
15:51:14.0157 0x0aa4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:51:14.0160 0x0aa4  udfs - ok
15:51:14.0163 0x0aa4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:51:14.0164 0x0aa4  UI0Detect - ok
15:51:14.0166 0x0aa4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:51:14.0167 0x0aa4  uliagpkx - ok
15:51:14.0169 0x0aa4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:51:14.0169 0x0aa4  umbus - ok
15:51:14.0171 0x0aa4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:51:14.0171 0x0aa4  UmPass - ok
15:51:14.0177 0x0aa4  [ 37567E01AC541BD72DAF6260F7E82216, 26C96B349A57A1C0264FD95AB2D4BE6FFAD1A845FEFEAD52AF606669BFBF8108 ] Update service  C:\Program Files (x86)\Popcorn Time\Updater.exe
15:51:14.0180 0x0aa4  Update service - ok
15:51:14.0186 0x0aa4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:51:14.0190 0x0aa4  upnphost - ok
15:51:14.0192 0x0aa4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:51:14.0193 0x0aa4  usbccgp - ok
15:51:14.0196 0x0aa4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:51:14.0197 0x0aa4  usbcir - ok
15:51:14.0199 0x0aa4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:51:14.0199 0x0aa4  usbehci - ok
15:51:14.0205 0x0aa4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:51:14.0208 0x0aa4  usbhub - ok
15:51:14.0210 0x0aa4  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:51:14.0210 0x0aa4  usbohci - ok
15:51:14.0212 0x0aa4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:51:14.0212 0x0aa4  usbprint - ok
15:51:14.0214 0x0aa4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
15:51:14.0215 0x0aa4  USBSTOR - ok
15:51:14.0217 0x0aa4  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:51:14.0218 0x0aa4  usbuhci - ok
15:51:14.0219 0x0aa4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:51:14.0220 0x0aa4  UxSms - ok
15:51:14.0222 0x0aa4  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc        C:\Windows\system32\lsass.exe
15:51:14.0223 0x0aa4  VaultSvc - ok
15:51:14.0224 0x0aa4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:51:14.0225 0x0aa4  vdrvroot - ok
15:51:14.0233 0x0aa4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:51:14.0238 0x0aa4  vds - ok
15:51:14.0241 0x0aa4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:51:14.0241 0x0aa4  vga - ok
15:51:14.0243 0x0aa4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:51:14.0243 0x0aa4  VgaSave - ok
15:51:14.0247 0x0aa4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:51:14.0249 0x0aa4  vhdmp - ok
15:51:14.0251 0x0aa4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:51:14.0251 0x0aa4  viaide - ok
15:51:14.0253 0x0aa4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:51:14.0254 0x0aa4  volmgr - ok
15:51:14.0259 0x0aa4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:51:14.0263 0x0aa4  volmgrx - ok
15:51:14.0268 0x0aa4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:51:14.0271 0x0aa4  volsnap - ok
15:51:14.0274 0x0aa4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:51:14.0276 0x0aa4  vsmraid - ok
15:51:14.0295 0x0aa4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:51:14.0310 0x0aa4  VSS - ok
15:51:14.0313 0x0aa4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:51:14.0313 0x0aa4  vwifibus - ok
15:51:14.0315 0x0aa4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:51:14.0316 0x0aa4  vwififlt - ok
15:51:14.0322 0x0aa4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:51:14.0326 0x0aa4  W32Time - ok
15:51:14.0328 0x0aa4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:51:14.0329 0x0aa4  WacomPen - ok
15:51:14.0331 0x0aa4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:51:14.0332 0x0aa4  WANARP - ok
15:51:14.0334 0x0aa4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:51:14.0335 0x0aa4  Wanarpv6 - ok
15:51:14.0351 0x0aa4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:51:14.0363 0x0aa4  WatAdminSvc - ok
15:51:14.0383 0x0aa4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:51:14.0397 0x0aa4  wbengine - ok
15:51:14.0401 0x0aa4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:51:14.0404 0x0aa4  WbioSrvc - ok
15:51:14.0409 0x0aa4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:51:14.0413 0x0aa4  wcncsvc - ok
15:51:14.0415 0x0aa4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:51:14.0416 0x0aa4  WcsPlugInService - ok
15:51:14.0418 0x0aa4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:51:14.0418 0x0aa4  Wd - ok
15:51:14.0428 0x0aa4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:51:14.0436 0x0aa4  Wdf01000 - ok
15:51:14.0438 0x0aa4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:51:14.0440 0x0aa4  WdiServiceHost - ok
15:51:14.0442 0x0aa4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:51:14.0443 0x0aa4  WdiSystemHost - ok
15:51:14.0447 0x0aa4  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
15:51:14.0450 0x0aa4  WebClient - ok
15:51:14.0455 0x0aa4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:51:14.0457 0x0aa4  Wecsvc - ok
15:51:14.0460 0x0aa4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:51:14.0461 0x0aa4  wercplsupport - ok
15:51:14.0464 0x0aa4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:51:14.0466 0x0aa4  WerSvc - ok
15:51:14.0467 0x0aa4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:51:14.0468 0x0aa4  WfpLwf - ok
15:51:14.0469 0x0aa4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:51:14.0469 0x0aa4  WIMMount - ok
15:51:14.0471 0x0aa4  WinDefend - ok
15:51:14.0473 0x0aa4  WinHttpAutoProxySvc - ok
15:51:14.0479 0x0aa4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:51:14.0482 0x0aa4  Winmgmt - ok
15:51:14.0507 0x0aa4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:51:14.0525 0x0aa4  WinRM - ok
15:51:14.0539 0x0aa4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:51:14.0548 0x0aa4  Wlansvc - ok
15:51:14.0550 0x0aa4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:51:14.0550 0x0aa4  WmiAcpi - ok
15:51:14.0555 0x0aa4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:51:14.0557 0x0aa4  wmiApSrv - ok
15:51:14.0558 0x0aa4  WMPNetworkSvc - ok
15:51:14.0560 0x0aa4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:51:14.0560 0x0aa4  WPCSvc - ok
15:51:14.0563 0x0aa4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:51:14.0565 0x0aa4  WPDBusEnum - ok
15:51:14.0566 0x0aa4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:51:14.0567 0x0aa4  ws2ifsl - ok
15:51:14.0569 0x0aa4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:51:14.0571 0x0aa4  wscsvc - ok
15:51:14.0572 0x0aa4  WSearch - ok
15:51:14.0603 0x0aa4  [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv        C:\Windows\system32\wuaueng.dll
15:51:14.0627 0x0aa4  wuauserv - ok
15:51:14.0631 0x0aa4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:51:14.0632 0x0aa4  WudfPf - ok
15:51:14.0635 0x0aa4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:51:14.0636 0x0aa4  wudfsvc - ok
15:51:14.0640 0x0aa4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:51:14.0643 0x0aa4  WwanSvc - ok
15:51:14.0646 0x0aa4  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
15:51:14.0647 0x0aa4  xusb21 - ok
15:51:14.0649 0x0aa4  ================ Scan global ===============================
15:51:14.0651 0x0aa4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:51:14.0655 0x0aa4  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
15:51:14.0662 0x0aa4  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
15:51:14.0665 0x0aa4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:51:14.0671 0x0aa4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:51:14.0674 0x0aa4  [ Global ] - ok
15:51:14.0675 0x0aa4  ================ Scan MBR ==================================
15:51:14.0675 0x0aa4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:51:14.0698 0x0aa4  \Device\Harddisk0\DR0 - ok
15:51:14.0699 0x0aa4  ================ Scan VBR ==================================
15:51:14.0700 0x0aa4  [ 9DFD66DA4EEA7C4B2EE178F1C63F2FDC ] \Device\Harddisk0\DR0\Partition1
15:51:14.0700 0x0aa4  \Device\Harddisk0\DR0\Partition1 - ok
15:51:14.0701 0x0aa4  [ E2F910E40942892B79ACB8C968002154 ] \Device\Harddisk0\DR0\Partition2
15:51:14.0702 0x0aa4  \Device\Harddisk0\DR0\Partition2 - ok
15:51:14.0702 0x0aa4  ================ Scan generic autorun ======================
15:51:14.0732 0x0aa4  [ A202423724FAA9524036A2741FABB623, 17C48FBA1E1AC3F1E11209C77DC81AD49614337CF8C79D35F0466CEB9265D142 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:51:14.0755 0x0aa4  NvBackend - ok
15:51:14.0758 0x0aa4  [ E59A630B65679AC7B5A58DF3299E6AC4, 99B7CA31D8E7679C45203D2287DB6F13B669C95ABEB2E2F0AE7290DCF84F273E ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
15:51:14.0759 0x0aa4  IAStorIcon - ok
15:51:14.0768 0x0aa4  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
15:51:14.0769 0x0aa4  Cmaudio8788 - ok
15:51:14.0772 0x0aa4  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
15:51:14.0775 0x0aa4  Cmaudio8788GX - ok
15:51:14.0779 0x0aa4  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
15:51:14.0782 0x0aa4  Cmaudio8788GX64 - ok
15:51:14.0784 0x0aa4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:51:14.0785 0x0aa4  ShadowPlay - ok
15:51:14.0788 0x0aa4  [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
15:51:14.0790 0x0aa4  iTunesHelper - ok
15:51:14.0800 0x0aa4  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
15:51:14.0810 0x0aa4  XboxStat - ok
15:51:14.0823 0x0aa4  [ 27F8A7A78773427E5D931628F89D6839, 61A312590322109BEA9EA70345E6FB40435D9BACE2B9CFF3ADF68C7B3D6FA163 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
15:51:14.0830 0x0aa4  avgnt - ok
15:51:14.0835 0x0aa4  [ 20218284E050B0C671CC5456214CA335, 5890424D7D17E1BC7D577A8C2615BD99F67C654B9928D72824A721285EBAE706 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:51:14.0837 0x0aa4  USB3MON - ok
15:51:14.0841 0x0aa4  [ 53C6C41356D532FEFD8056AB2906D129, C5E54C571FA44AF7FD1974464CC5D5DD30BA0D31ED20CF6B3DBB5A49FC5F0AC7 ] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
15:51:14.0843 0x0aa4  Lightshot - ok
15:51:14.0851 0x0aa4  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:51:14.0857 0x0aa4  SunJavaUpdateSched - ok
15:51:14.0859 0x0aa4  [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
15:51:14.0860 0x0aa4  Avira SystrayStartTrigger - ok
15:51:14.0874 0x0aa4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:51:14.0886 0x0aa4  Sidebar - ok
15:51:14.0889 0x0aa4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:51:14.0891 0x0aa4  mctadmin - ok
15:51:14.0905 0x0aa4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:51:14.0915 0x0aa4  Sidebar - ok
15:51:14.0918 0x0aa4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:51:14.0919 0x0aa4  mctadmin - ok
15:51:14.0997 0x0aa4  [ B0E08F135E64D4D9BE120E7236617875, B2DF285CD6A5C646614BBDA3655764DB67CA2F90F8B423484B15D095D70F099D ] C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe
15:51:15.0048 0x0aa4  Amazon Music - ok
15:51:15.0151 0x0aa4  [ 47DBCC66CF9A3DCEF2D42051431160D3, 5E99CB8333471E80590AED8CA139EF859AD617D1C7BD9406913A86016DCA08F6 ] C:\Program Files\CCleaner\CCleaner64.exe
15:51:15.0241 0x0aa4  CCleaner Monitoring - ok
15:51:15.0281 0x0aa4  [ 686A9B880E5428E06DE44CFC825EE0A8, 1782F283AD06BDE1DD777050E5E3DB65DF599F5CAA186A4B8F0A969C27190901 ] C:\Program Files (x86)\eXtra Buttons\xb.exe
15:51:15.0305 0x0aa4  eXtra Buttons - ok
15:51:15.0361 0x0aa4  [ 5721B5C4CBEBBD0C85AE311366783386, C2A780D6F49A0F75CF53C6A032BC9C4494D6F0FB5A0B767845AE5052179C7C40 ] C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
15:51:15.0401 0x0aa4  Akamai NetSession Interface - ok
15:51:15.0587 0x0aa4  [ C038CF7F6C1989C878382AA1F86981D3, 3EC4B3FE56E7F22F7CF253051BE7ADAC06298DEA112960FB4FC80A28CB5EF558 ] C:\Program Files (x86)\LINE\line.exe
15:51:15.0723 0x0aa4  LINE - ok
15:51:15.0732 0x0aa4  Waiting for KSN requests completion. In queue: 229
15:51:16.0732 0x0aa4  Waiting for KSN requests completion. In queue: 144
15:51:17.0733 0x0aa4  Waiting for KSN requests completion. In queue: 117
15:51:18.0743 0x0aa4  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.12.420 ), 0x41000 ( enabled : updated )
15:51:18.0765 0x0aa4  Win FW state via NFP2: enabled ( trusted )
15:51:21.0439 0x0aa4  ============================================================
15:51:21.0439 0x0aa4  Scan finished
15:51:21.0439 0x0aa4  ============================================================
15:51:21.0444 0x18d4  Detected object count: 0
15:51:21.0444 0x18d4  Actual detected object count: 0
         

Alt 22.09.2015, 16:05   #5
M-K-D-B
/// TB-Ausbilder
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Zukünftig bitte beachten:
Zitat:
Gestartet von C:\Users\Alex\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.



Alt 22.09.2015, 16:17   #6
Atom95
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Alles klar, werde ich zukünftig beachten. Soll ich die Antivirensoftware nun wieder aktivieren?

Code:
ATTFilter
ComboFix 15-09-21.01 - Alex 22.09.2015  16:11:01.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.16197.12627 [GMT 2:00]
ausgeführt von:: c:\users\Alex\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Alex\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-08-22 bis 2015-09-22  ))))))))))))))))))))))))))))))
.
.
2015-09-22 14:12 . 2015-09-22 14:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-09-22 13:49 . 2015-09-22 13:50	--------	d-----w-	C:\FRST
2015-09-22 12:23 . 2015-09-22 12:23	--------	d-----w-	c:\program files (x86)\ESET
2015-09-22 11:59 . 2015-09-22 14:14	113880	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-22 11:59 . 2015-09-22 11:59	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-09-22 11:59 . 2015-09-22 11:59	--------	d-----w-	c:\programdata\Malwarebytes
2015-09-22 11:59 . 2015-06-18 06:41	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-09-22 11:59 . 2015-06-18 06:41	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-09-22 11:59 . 2015-06-18 06:41	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-09-21 00:22 . 2015-09-21 00:29	--------	d-----w-	c:\users\Alex\AppData\Local\Arma 3
2015-09-21 00:22 . 2015-09-21 00:22	--------	d-----w-	c:\programdata\Bohemia Interactive
2015-09-21 00:22 . 2015-09-21 00:30	--------	d-----w-	c:\users\Alex\AppData\Local\Arma 3 Launcher
2015-09-21 00:22 . 2015-09-21 00:22	--------	d-----w-	c:\users\Alex\AppData\Local\Bohemia_Interactive
2015-09-17 15:03 . 2015-09-19 09:51	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2015-09-09 12:01 . 2015-08-26 18:07	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-09-08 01:28 . 2015-09-08 02:20	--------	d-----w-	c:\users\Alex\AppData\Roaming\TS3Client
2015-09-02 02:27 . 2015-09-02 02:28	--------	d-----w-	c:\users\Alex\AppData\Local\LINE
2015-09-02 02:27 . 2015-09-02 02:27	--------	d-----w-	c:\program files (x86)\LINE
2015-08-31 14:39 . 2015-08-31 14:39	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-08-31 14:39 . 2015-08-31 14:39	--------	d-----w-	c:\users\Alex\.oracle_jre_usage
2015-08-26 07:07 . 2015-08-26 07:07	--------	d-----w-	c:\program files\Microsoft Xbox 360 Accessories
2015-08-25 03:43 . 2015-08-11 04:52	69416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-08-25 03:43 . 2015-08-11 04:52	50472	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-21 18:58 . 2015-05-27 19:13	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-21 18:58 . 2015-05-27 19:13	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-31 14:39 . 2015-05-27 19:14	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-26 16:37 . 2015-05-27 19:43	134753440	----a-w-	c:\windows\system32\MRT.exe
2015-08-17 23:30 . 2015-05-27 18:33	1423120	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-08-17 23:30 . 2015-05-27 18:33	1316184	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-08-17 23:29 . 2015-05-27 18:33	1756608	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-08-17 23:29 . 2015-05-27 18:33	1710568	----a-w-	c:\windows\system32\nvspcap64.dll
2015-08-11 04:52 . 2015-05-27 18:32	72504	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-08-10 23:18 . 2015-05-27 18:32	17624328	----a-w-	c:\windows\system32\nvwgf2umx.dll
2015-08-10 23:18 . 2015-05-27 18:32	15139256	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2015-08-10 23:18 . 2015-08-10 23:18	948832	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2015-08-10 23:18 . 2015-08-10 23:18	30496400	----a-w-	c:\windows\system32\nvoglv64.dll
2015-08-10 23:18 . 2015-08-10 23:18	22960768	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2015-08-10 23:18 . 2015-08-10 23:18	16160424	----a-w-	c:\windows\system32\nvopencl.dll
2015-08-10 23:18 . 2015-08-10 23:18	13278968	----a-w-	c:\windows\SysWow64\nvopencl.dll
2015-08-10 23:18 . 2015-08-10 23:18	11063440	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2015-08-10 23:18 . 2015-06-28 07:04	1110768	----a-w-	c:\windows\system32\nvumdshimx.dll
2015-08-10 23:18 . 2015-08-10 23:18	991888	----a-w-	c:\windows\SysWow64\NvIFR.dll
2015-08-10 23:18 . 2015-08-10 23:18	986752	----a-w-	c:\windows\SysWow64\NvFBC.dll
2015-08-10 23:18 . 2015-08-10 23:18	48992	----a-w-	c:\windows\system32\nvhdap64.dll
2015-08-10 23:18 . 2015-08-10 23:18	417360	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll
2015-08-10 23:18 . 2015-08-10 23:18	417096	----a-w-	c:\windows\system32\NvIFROpenGL.dll
2015-08-10 23:18 . 2015-08-10 23:18	372880	----a-w-	c:\windows\SysWow64\NvIFROpenGL.dll
2015-08-10 23:18 . 2015-08-10 23:18	214880	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2015-08-10 23:18 . 2015-08-10 23:18	1906832	----a-w-	c:\windows\system32\nvdispco6435382.dll
2015-08-10 23:18 . 2015-08-10 23:18	187152	----a-w-	c:\windows\system32\nvinitx.dll
2015-08-10 23:18 . 2015-08-10 23:18	164192	----a-w-	c:\windows\SysWow64\nvinit.dll
2015-08-10 23:18 . 2015-08-10 23:18	160896	----a-w-	c:\windows\system32\nvoglshim64.dll
2015-08-10 23:18 . 2015-08-10 23:18	1576288	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2015-08-10 23:18 . 2015-08-10 23:18	1568056	----a-w-	c:\windows\system32\nvdispgenco6435382.dll
2015-08-10 23:18 . 2015-08-10 23:18	137424	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2015-08-10 23:18 . 2015-08-10 23:18	1069896	----a-w-	c:\windows\system32\NvIFR64.dll
2015-08-10 23:18 . 2015-05-27 18:32	512320	----a-w-	c:\windows\system32\nvEncodeAPI64.dll
2015-08-10 23:18 . 2015-05-27 18:32	15902640	----a-w-	c:\windows\system32\nvd3dumx.dll
2015-08-10 23:18 . 2015-05-27 18:32	12886592	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-08-10 23:18 . 2015-05-27 18:32	1061520	----a-w-	c:\windows\system32\NvFBC64.dll
2015-08-10 23:18 . 2015-08-10 23:18	42740536	----a-w-	c:\windows\system32\nvcompiler.dll
2015-08-10 23:18 . 2015-08-10 23:18	37759104	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2015-08-10 23:18 . 2015-08-10 23:18	2943800	----a-w-	c:\windows\system32\nvcuvid.dll
2015-08-10 23:18 . 2015-08-10 23:18	2611000	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2015-08-10 23:18 . 2015-08-10 23:18	14514128	----a-w-	c:\windows\system32\nvcuda.dll
2015-08-10 23:18 . 2015-08-10 23:18	11845224	----a-w-	c:\windows\SysWow64\nvcuda.dll
2015-08-10 23:18 . 2015-05-27 18:32	3417208	----a-w-	c:\windows\system32\nvapi64.dll
2015-08-10 23:18 . 2015-05-27 18:32	3017608	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-08-07 00:44 . 2015-05-27 18:32	937592	----a-w-	c:\windows\system32\nvvsvc.exe
2015-08-07 00:44 . 2015-05-27 18:32	62584	----a-w-	c:\windows\system32\nvshext.dll
2015-08-07 00:44 . 2015-05-27 18:32	385328	----a-w-	c:\windows\system32\nvmctray.dll
2015-08-07 00:44 . 2015-05-27 18:32	2558768	----a-w-	c:\windows\system32\nvsvcr.dll
2015-08-07 00:44 . 2015-05-27 18:32	6873904	----a-w-	c:\windows\system32\nvcpl.dll
2015-08-07 00:44 . 2015-05-27 18:32	3492984	----a-w-	c:\windows\system32\nvsvc64.dll
2015-08-07 00:04 . 2015-08-18 19:38	572024	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-08-03 13:07 . 2015-05-27 18:32	5133709	----a-w-	c:\windows\system32\nvcoproc.bin
2015-07-30 18:06 . 2015-08-17 23:29	1648128	----a-w-	c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-17 23:29	1180160	----a-w-	c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-17 23:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-17 23:29	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2015-07-30 17:57 . 2015-08-17 23:29	1251328	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-07-30 13:13 . 2015-08-18 01:03	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-18 01:03	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-28 20:09 . 2015-08-17 23:29	17344	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-28 20:05 . 2015-08-17 23:29	774656	----a-w-	c:\windows\system32\invagent.dll
2015-07-28 20:05 . 2015-08-17 23:29	743424	----a-w-	c:\windows\system32\generaltel.dll
2015-07-28 20:05 . 2015-08-17 23:29	437760	----a-w-	c:\windows\system32\devinv.dll
2015-07-28 20:05 . 2015-08-17 23:29	1116672	----a-w-	c:\windows\system32\appraiser.dll
2015-07-28 20:05 . 2015-08-17 23:29	69120	----a-w-	c:\windows\system32\acmigration.dll
2015-07-28 20:05 . 2015-08-17 23:29	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-28 19:55 . 2015-08-17 23:29	1148416	----a-w-	c:\windows\system32\aeinv.dll
2015-07-27 22:16 . 2015-05-27 18:16	162528	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-07-27 22:16 . 2015-05-27 18:16	141416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-07-23 00:06 . 2015-08-18 19:32	5568960	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-07-23 00:06 . 2015-08-18 19:32	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-07-23 00:06 . 2015-08-18 19:32	155584	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2015-07-23 00:03 . 2015-08-18 19:32	1730496	----a-w-	c:\windows\system32\ntdll.dll
2015-07-23 00:03 . 2015-08-18 19:32	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-07-23 00:03 . 2015-08-18 19:32	243712	----a-w-	c:\windows\system32\wow64.dll
2015-07-23 00:03 . 2015-08-18 19:32	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-07-23 00:03 . 2015-08-18 19:32	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-07-23 00:02 . 2015-08-18 19:32	210944	----a-w-	c:\windows\system32\wdigest.dll
2015-07-23 00:02 . 2015-08-18 19:32	1390592	----a-w-	c:\windows\system32\diagtrack.dll
2015-07-23 00:02 . 2015-08-18 19:32	879104	----a-w-	c:\windows\system32\tdh.dll
2015-07-23 00:02 . 2015-08-18 19:32	86528	----a-w-	c:\windows\system32\TSpkg.dll
2015-07-23 00:02 . 2015-08-18 19:32	29184	----a-w-	c:\windows\system32\sspisrv.dll
2015-07-23 00:02 . 2015-08-18 19:32	136192	----a-w-	c:\windows\system32\sspicli.dll
2015-07-23 00:02 . 2015-08-18 19:32	503808	----a-w-	c:\windows\system32\srcore.dll
2015-07-23 00:02 . 2015-08-18 19:32	50176	----a-w-	c:\windows\system32\srclient.dll
2015-07-23 00:02 . 2015-08-18 19:32	342016	----a-w-	c:\windows\system32\schannel.dll
2015-07-23 00:02 . 2015-08-18 19:32	28160	----a-w-	c:\windows\system32\secur32.dll
2015-07-23 00:02 . 2015-08-18 19:32	1216512	----a-w-	c:\windows\system32\rpcrt4.dll
2015-07-23 00:02 . 2015-08-18 19:32	309760	----a-w-	c:\windows\system32\ncrypt.dll
2015-07-23 00:02 . 2015-08-18 19:32	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-07-23 00:02 . 2015-08-18 19:32	315392	----a-w-	c:\windows\system32\msv1_0.dll
2015-07-23 00:02 . 2015-08-18 19:32	729088	----a-w-	c:\windows\system32\kerberos.dll
2015-07-23 00:02 . 2015-08-18 19:32	424448	----a-w-	c:\windows\system32\KernelBase.dll
2015-07-23 00:02 . 2015-08-18 19:32	1461760	----a-w-	c:\windows\system32\lsasrv.dll
2015-07-23 00:02 . 2015-08-18 19:32	1163264	----a-w-	c:\windows\system32\kernel32.dll
2015-07-23 00:02 . 2015-08-18 19:32	44032	----a-w-	c:\windows\system32\cryptbase.dll
2015-07-23 00:02 . 2015-08-18 19:32	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-07-23 00:02 . 2015-08-18 19:32	22016	----a-w-	c:\windows\system32\credssp.dll
2015-07-23 00:02 . 2015-08-18 19:32	879104	----a-w-	c:\windows\system32\advapi32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amazon Music"="c:\users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2015-07-21 5887808]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-07-17 8418584]
"eXtra Buttons"="c:\program files (x86)\eXtra Buttons\xb.exe" [2013-07-08 2800128]
"Akamai NetSession Interface"="c:\users\Alex\AppData\Local\Akamai\netsession_win.exe" [2015-07-23 4691384]
"LINE"="c:\program files (x86)\LINE\line.exe" [2015-08-18 15664152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2015-08-26 782008]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 296216]
"Lightshot"="c:\program files (x86)\Skillbrains\lightshot\Lightshot.exe" [2014-11-18 226560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-08-13 66936]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Display Manager.lnk - c:\program files (x86)\Dell\Dell Display Manager\ddm.exe [2015-5-30 690880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"RequireSignedAppInit_DLLs"=0 (0x0)
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 prio_svc;Prio Service;c:\program files\Prio\prio_svc.exe;c:\program files\Prio\prio_svc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 Update service;Update service;c:\program files (x86)\Popcorn Time\Updater.exe;c:\program files (x86)\Popcorn Time\Updater.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 STXIIService;ASUS Essence STX II Audio Interface;c:\windows\system32\drivers\STXII.sys;c:\windows\SYSNATIVE\drivers\STXII.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - NAL
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-09-21 22:00	997704	----a-w-	c:\program files (x86)\Google\Chrome\Application\45.0.2454.99\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-27 18:58]
.
2015-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 19:54]
.
2015-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 19:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-17 2634872]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2015-01-27 36352]
"Cmaudio8788"="c:\windows\Syswow64\CmiCnfgSTXII.dll" [2014-01-27 13463552]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-17 1710568]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-08-13 170256]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.startseite24.net
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\
FF - prefs.js: browser.startup.homepage - www.google.at
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Voobly - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\program files\pia_manager\pia_manager.exe
c:\users\Alex\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
c:\users\Alex\AppData\Local\Temp\ocr4FB4.tmp\bin\rubyw.exe
c:\program files\pia_manager\pia_manager.exe
c:\users\Alex\AppData\Local\Temp\ocr6067.tmp\bin\rubyw.exe
c:\program files\pia_manager\pia_tray\pia_tray.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-09-22  16:15:03 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-09-22 14:15
.
Vor Suchlauf: 14 Verzeichnis(se), 875.205.779.456 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 890.419.462.144 Bytes frei
.
- - End Of File - - 3F026A1032E5680E2584898236FA09A3
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 22.09.2015, 16:20   #7
M-K-D-B
/// TB-Ausbilder
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Servus,


ja, kannst du wieder aktivieren.




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).








Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

Alt 22.09.2015, 16:51   #8
Atom95
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Code:
ATTFilter
# AdwCleaner v5.008 - Bericht erstellt am 22/09/2015 um 16:46:16
# Aktualisiert am 18/09/2015 von Xplode
# Datenbank : 2015-09-20.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Alex - ALEX-PC
# Gestartet von : C:\Users\Alex\Desktop\AdwCleaner_5.008.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [791 Bytes] ##########
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Alex (Administrator) auf ALEX-PC (22-09-2015 16:50:23)
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Prio\prio_svc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(CMedia) C:\Program Files\ASUS Essence STX II Audio Device\Customapp\AsusAudioCenter.exe
() C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files (x86)\eXtra Buttons\xb.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(LINE Corporation) C:\Program Files (x86)\LINE\LINE.exe
(EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(NVIDIA Corporation) C:\Users\Alex\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\pia_manager\pia_manager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(hxxp://www.ruby-lang.org/) C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\bin\rubyw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\pia_manager\pia_manager.exe
(hxxp://www.ruby-lang.org/) C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\bin\rubyw.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CmiCnfgSTXII.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Amazon Music] => C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [eXtra Buttons] => C:\Program Files (x86)\eXtra Buttons\xb.exe [2800128 2013-07-08] ()
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [LINE] => C:\Program Files (x86)\LINE\line.exe [15664152 2015-08-18] (LINE Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2015-05-30]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78A7E6A4-8C3E-4DC9-ACC6-2E6A0AD66A09}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}: [DhcpNameServer] 209.222.18.222 209.222.18.218

Internet Explorer:
==================
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-922301408-332873160-1376262277-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-922301408-332873160-1376262277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net
SearchScopes: HKLM -> DefaultScope {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> DefaultScope {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {A4EC09D4-13F1-4C49-9308-2A10EA44511C} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472
FF Homepage: www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-27] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\searchplugins\katcr.xml [2015-06-20]
FF Extension: ColorfulTabs - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-09-21]
FF Extension: FEBE - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-06-27]
FF Extension: savetexttofile - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\HighlightedTextToFile@bobbyrne01.org.xpi [2015-06-27]
FF Extension: Art Project - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\jid1-2owcJCGUIo2yBA@jetpack.xpi [2015-06-29]
FF Extension: S3.Google Translator - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\s3google@translator.xpi [2015-06-27]
FF Extension: Tab Auto Reload - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\TabAutoReload@schuzak.jp.xpi [2015-06-27]
FF Extension: Tab Scope - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\tabscope@xuldev.org.xpi [2015-06-27]
FF Extension: Tile Tabs - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\tiletabs@DW-dev.xpi [2015-09-22]
FF Extension: Session Manager - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-06-27]
FF Extension: Capture & Print - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2015-06-27]
FF Extension: ReloadEvery - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-09-07]
FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2015-06-27]
FF Extension: RightToClick - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-06-27]
FF Extension: Adblock Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-27]
FF Extension: BetterPrivacy - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-06-27]
FF Extension: Tab Mix Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-06-27]
FF Extension: DownThemAll! - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-06-27]
FF Extension: Greasemonkey - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-06-27]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.at/"
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-19]
CHR Extension: (Skype Click to Call) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-28]
CHR Extension: (AgarioMods Evergreen Script) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2015-07-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-09-19] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-01-27] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-06-28] ()
R2 prio_svc; C:\Program Files\Prio\prio_svc.exe [12656 2012-11-08] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2014-09-29] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-01-27] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-02-25] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 STXIIService; C:\Windows\System32\drivers\STXII.sys [2736640 2014-02-18] (C-Media Inc)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-22 16:50 - 2015-09-22 16:50 - 00025011 _____ C:\Users\Alex\Desktop\FRST.txt
2015-09-22 16:15 - 2015-09-22 16:15 - 00024806 _____ C:\ComboFix.txt
2015-09-22 16:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-22 16:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-22 16:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-22 16:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-22 16:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-22 16:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-22 16:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-22 16:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-22 16:08 - 2015-09-22 16:15 - 00000000 ____D C:\Qoobox
2015-09-22 16:08 - 2015-09-22 16:14 - 00000000 ____D C:\Windows\erdnt
2015-09-22 16:07 - 2015-09-22 16:07 - 05635484 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2015-09-22 15:50 - 2015-09-22 15:50 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Alex\Downloads\tdsskiller.exe
2015-09-22 15:50 - 2015-09-22 15:50 - 00052947 _____ C:\Users\Alex\Downloads\Addition.txt
2015-09-22 15:49 - 2015-09-22 16:50 - 00000000 ____D C:\FRST
2015-09-22 15:49 - 2015-09-22 15:50 - 00048110 _____ C:\Users\Alex\Downloads\FRST.txt
2015-09-22 15:49 - 2015-09-22 15:49 - 02191360 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2015-09-22 15:21 - 2015-09-22 15:21 - 00001058 _____ C:\Users\Alex\Desktop\JRT.txt
2015-09-22 15:16 - 2015-09-22 15:16 - 00001217 _____ C:\Users\Alex\Desktop\MBAM Anwendungsprotokoll.txt
2015-09-22 14:23 - 2015-09-22 14:23 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-22 14:15 - 2015-09-22 14:23 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe
2015-09-22 14:15 - 2015-09-22 14:23 - 00001868 _____ C:\Users\Alex\Desktop\sc-cleaner.txt
2015-09-22 14:15 - 2015-09-22 14:15 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Alex\Downloads\sc-cleaner.exe
2015-09-22 14:14 - 2015-09-22 14:14 - 01798976 _____ (Malwarebytes) C:\Users\Alex\Downloads\JRT.exe
2015-09-22 14:13 - 2015-09-22 14:13 - 01662976 _____ C:\Users\Alex\Desktop\AdwCleaner_5.008.exe
2015-09-22 13:59 - 2015-09-22 16:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-22 13:59 - 2015-09-22 13:59 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-22 13:59 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-22 13:59 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-22 13:59 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-22 13:58 - 2015-09-22 13:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Alex\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-21 02:22 - 2015-09-21 02:30 - 00000000 ____D C:\Users\Alex\AppData\Local\Arma 3 Launcher
2015-09-21 02:22 - 2015-09-21 02:29 - 00000000 ____D C:\Users\Alex\AppData\Local\Arma 3
2015-09-21 02:22 - 2015-09-21 02:23 - 00000000 ____D C:\Users\Alex\Documents\Arma 3
2015-09-21 02:22 - 2015-09-21 02:22 - 00000000 ____D C:\Users\Alex\AppData\Local\Bohemia_Interactive
2015-09-21 02:22 - 2015-09-21 02:22 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2015-09-19 21:53 - 2015-09-19 21:53 - 00000222 _____ C:\Users\Alex\Desktop\Arma 3.url
2015-09-19 00:53 - 2015-09-19 00:53 - 00000025 _____ C:\Users\Alex\Desktop\gallier produktion.txt
2015-09-17 17:03 - 2015-09-19 11:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-15 21:55 - 2015-09-22 00:00 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-15 21:55 - 2015-09-15 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-15 21:54 - 2015-09-22 16:47 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-15 21:54 - 2015-09-22 15:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-15 21:54 - 2015-09-15 21:54 - 00929872 _____ (Google Inc.) C:\Users\Alex\Downloads\ChromeSetup.exe
2015-09-15 21:54 - 2015-09-15 21:54 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 21:54 - 2015-09-15 21:54 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-10 19:29 - 2015-09-10 19:29 - 00000038 _____ C:\Users\Alex\Desktop\zravian benefit account.txt
2015-09-09 14:06 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 14:06 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 14:06 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 14:06 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 14:06 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 14:06 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 14:06 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 14:06 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 14:06 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 14:06 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 14:06 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 14:06 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 14:06 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 14:06 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 14:06 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 14:06 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 14:06 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 14:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 14:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 14:06 - 2015-08-22 16:40 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 14:06 - 2015-08-22 16:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 14:06 - 2015-08-22 15:51 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 14:06 - 2015-08-22 15:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 14:06 - 2015-08-22 15:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 14:06 - 2015-08-22 15:51 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 14:06 - 2015-08-22 15:50 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 14:06 - 2015-08-22 15:50 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 14:06 - 2015-08-22 15:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 14:06 - 2015-08-20 20:53 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 14:06 - 2015-08-20 20:46 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 14:06 - 2015-08-20 20:21 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 14:06 - 2015-08-20 20:19 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 14:06 - 2015-08-20 19:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-09-09 14:06 - 2015-08-20 19:55 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-09-09 14:06 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 14:06 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 14:06 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 14:06 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 14:06 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 14:06 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 14:06 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 14:06 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 14:06 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 14:06 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 14:06 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 14:06 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 14:06 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 14:01 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 14:01 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 14:01 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 14:01 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 14:01 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 14:01 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 14:01 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 14:01 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 14:01 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 14:01 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 14:01 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-08 18:49 - 2015-09-08 18:49 - 00000222 _____ C:\Users\Alex\Desktop\Total War Arena.url
2015-09-08 03:28 - 2015-09-08 04:20 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TS3Client
2015-09-08 03:28 - 2015-09-08 03:28 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-09-08 03:28 - 2015-09-08 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-09-08 03:27 - 2015-09-08 03:28 - 31071896 _____ (TeamSpeak Systems GmbH) C:\Users\Alex\Downloads\TeamSpeak3-Client-win64-3.0.17.exe
2015-09-02 06:10 - 2015-09-02 06:10 - 00000054 _____ C:\Users\Alex\Desktop\seleren irc screenshots.txt
2015-09-02 04:27 - 2015-09-02 04:28 - 00000000 ____D C:\Users\Alex\AppData\Local\LINE
2015-09-02 04:27 - 2015-09-02 04:27 - 00000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-09-02 04:27 - 2015-09-02 04:27 - 00000951 _____ C:\Users\Public\Desktop\LINE.lnk
2015-09-02 04:27 - 2015-09-02 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-09-02 04:27 - 2015-09-02 04:27 - 00000000 ____D C:\Program Files (x86)\LINE
2015-09-02 04:14 - 2015-09-02 04:19 - 28198424 _____ (LINE Corporation) C:\Users\Alex\Downloads\LineInst.exe
2015-09-01 00:05 - 2015-09-01 00:05 - 00001317 _____ C:\Users\Alex\Desktop\ZRAVIAN STUFF.txt
2015-08-31 16:39 - 2015-08-31 16:39 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Sun
2015-08-31 16:39 - 2015-08-31 16:39 - 00000000 ____D C:\Users\Alex\.oracle_jre_usage
2015-08-28 15:26 - 2015-08-29 19:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-26 09:07 - 2015-08-26 09:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Alex\Downloads\Xbox360_64Deu.exe
2015-08-26 09:07 - 2015-08-26 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-08-26 09:07 - 2015-08-26 09:07 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-08-26 09:04 - 2015-08-26 09:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2015-08-25 05:43 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-08-25 05:43 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-22 16:50 - 2015-05-27 20:04 - 01337423 _____ C:\Windows\WindowsUpdate.log
2015-09-22 16:49 - 2015-05-27 21:02 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
2015-09-22 16:47 - 2015-07-01 19:59 - 00016423 _____ C:\Windows\setupact.log
2015-09-22 16:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-22 16:46 - 2015-06-27 13:06 - 00000000 ____D C:\AdwCleaner
2015-09-22 16:46 - 2015-05-27 20:33 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-22 16:22 - 2009-07-14 06:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-22 16:22 - 2009-07-14 06:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-22 16:20 - 2015-05-28 05:58 - 00699726 _____ C:\Windows\system32\perfh007.dat
2015-09-22 16:20 - 2015-05-28 05:58 - 00149364 _____ C:\Windows\system32\perfc007.dat
2015-09-22 16:20 - 2009-07-14 07:13 - 01621742 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-22 16:15 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-22 16:14 - 2015-07-16 22:42 - 00003264 _____ C:\Windows\PFRO.log
2015-09-22 16:14 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-22 16:02 - 2015-05-27 20:51 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Skype
2015-09-22 15:58 - 2015-05-27 21:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-22 15:22 - 2015-05-27 20:04 - 00000000 ____D C:\Users\Alex
2015-09-22 15:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-22 14:53 - 2015-05-27 21:11 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-22 13:53 - 2015-05-27 20:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-21 20:58 - 2015-05-27 21:13 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 20:58 - 2015-05-27 21:13 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-21 20:58 - 2015-05-27 21:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 20:39 - 2015-05-27 20:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-21 03:19 - 2015-08-19 06:40 - 00000122 _____ C:\Users\Alex\Desktop\ZRAVIAN.txt
2015-09-21 02:21 - 2015-05-27 20:17 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-20 19:20 - 2015-05-27 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-15 21:55 - 2015-05-27 20:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-11 01:13 - 2015-05-27 21:28 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2015-09-10 08:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-10 03:19 - 2009-07-14 06:45 - 00296480 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 03:18 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 03:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 03:03 - 2015-05-27 21:43 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 13:19 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-08 18:50 - 2015-05-27 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-08 03:28 - 2015-05-27 20:53 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-08-31 16:39 - 2015-05-27 21:14 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\ProgramData\Oracle
2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-31 16:34 - 2015-05-28 22:07 - 00000000 ____D C:\Program Files (x86)\Voobly
2015-08-29 02:17 - 2015-06-19 01:00 - 00001159 _____ C:\Users\Alex\Desktop\Mozilla Firefox.lnk
2015-08-29 01:59 - 2015-05-27 21:22 - 00000000 ____D C:\Users\Alex\Desktop\Games
2015-08-26 18:37 - 2015-05-27 21:43 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-26 09:07 - 2015-07-19 00:32 - 00046990 _____ C:\Windows\DirectX.log
2015-08-25 05:43 - 2015-05-27 20:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-23 01:31 - 2015-06-04 19:59 - 00000000 ____D C:\Users\Alex\Documents\My Games

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-27 02:42 - 2015-07-27 03:26 - 0000058 _____ () C:\Users\Alex\AppData\Roaming\prio.ini
2015-05-27 23:55 - 2015-05-27 23:55 - 0000000 _____ () C:\Users\Alex\AppData\Local\Driver_LOM_8161Present.flag
2015-06-21 05:22 - 2015-07-27 03:26 - 0007621 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
2015-08-18 03:42 - 2015-08-18 03:42 - 0000003 _____ () C:\Users\Alex\AppData\Local\updater.log
2015-08-18 03:42 - 2015-08-18 03:42 - 0000424 _____ () C:\Users\Alex\AppData\Local\UserProducts.xml

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Alex\Notepad2.exe


Einige Dateien in TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\avgnt.exe
C:\Users\Alex\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-21 00:15

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Alex (2015-09-22 16:50:33)
Gestartet von C:\Users\Alex\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-27 18:04:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-922301408-332873160-1376262277-500 - Administrator - Disabled)
Alex (S-1-5-21-922301408-332873160-1376262277-1000 - Administrator - Enabled) => C:\Users\Alex
Gast (S-1-5-21-922301408-332873160-1376262277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-922301408-332873160-1376262277-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Akamai NetSession Interface (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.1.0 - Amazon Services LLC) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASUS Essence STX II Audio Device (HKLM-x32\...\{1A01B996-F7F7-473C-9EA4-B22801713A83}) (Version:   - ASUSTek Computer Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version:  - EnTech Taiwan)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
eXtra Buttons (HKLM-x32\...\eXtra Buttons) (Version:  - )
Geeks3D FurMark 1.15.2.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Network Connections 19.5.303.0 (HKLM\...\PROSetDX) (Version: 19.5.303.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.27 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.26 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
LINE (HKLM-x32\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaHuman YouTube to MP3 Converter Version 3.8.1 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.8.1 - )
Metin2 Singapore (HKLM-x32\...\Metin2 Singapore) (Version:  - Tec Interactive Pte Ltd)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.2.1 - Popcorn Time)
Popcorn Time (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Popcorn Time) (Version:  - Popcorn Official)
Prio (HKLM\...\Prio) (Version: 2.0.0.2960 - )
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Revive BF2 (HKLM\...\{72427ED2-72A7-4DB3-99CE-D0E36B24307A}_is1) (Version: 1.5 - Battlelog.co)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version:  - Creative Assembly)
TP-LINK Wireless Client Utility (HKLM-x32\...\{385C8E5A-0B4F-4DCD-BBBD-2A8AE0400A76}) (Version: 7.0 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Websuche (HKLM-x32\...\Websuche) (Version:  - Websuche)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-922301408-332873160-1376262277-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

21-09-2015 02:21:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
21-09-2015 02:21:31 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
22-09-2015 13:51:17 calculadora-setup wird entfernt
22-09-2015 14:15:13 JRT Pre-Junkware Removal
22-09-2015 14:20:59 JRT Pre-Junkware Removal
22-09-2015 15:19:36 JRT Pre-Junkware Removal
22-09-2015 15:21:20 Wiederherstellungsvorgang

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-09-22 16:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08B135AF-3070-4757-A915-B0239CE0E993} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {326F8FFA-04FB-4CA2-BB2F-0CB814848E47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {68596127-0212-412A-B1B4-0126A02F168E} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-06-12] ()
Task: {6ED1DDD7-3171-4E44-ABC3-F20948DF2F91} - System32\Tasks\{07EF5ACA-E114-4FDB-81C2-3F9D928C9482} => pcalua.exe -a C:\Users\Alex\Downloads\Metin2-SG_installer.exe -d C:\Users\Alex\Downloads
Task: {AD1849D5-A0DA-4A97-8888-F418AFAECBA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {AF21D5D8-6711-48A3-BD91-B10EFF68DC2E} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D96732E7-FAFE-46C6-8130-AD39EA0FDD41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {FC893FD4-3133-4120-BB74-96E80525CE75} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-27 20:32 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-03 01:27 - 2015-06-28 22:16 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-08 21:30 - 2012-11-08 21:30 - 00012656 _____ () C:\Program Files\Prio\prio_svc.exe
2015-05-27 23:49 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2015-05-27 23:49 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2015-05-27 21:44 - 2015-07-21 07:02 - 05887808 _____ () C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-07-08 11:05 - 2013-07-08 11:05 - 02800128 _____ () C:\Program Files (x86)\eXtra Buttons\xb.exe
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-27 20:33 - 2015-08-18 01:30 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-05-27 20:33 - 2015-08-18 01:31 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-05-27 21:43 - 2015-06-12 21:27 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-05-27 20:33 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-27 23:49 - 2013-12-16 12:05 - 00143360 ____N () C:\Program Files\ASUS Essence STX II Audio Device\Customapp\VmixP8.dll
2015-08-18 04:20 - 2015-08-18 04:20 - 03129368 _____ () C:\Program Files (x86)\LINE\ampkit_windows.dll
2015-07-03 07:44 - 2015-07-03 07:44 - 00123416 _____ () C:\Program Files (x86)\LINE\PlayerHelper.dll
2015-09-22 16:47 - 2015-09-22 16:47 - 00012800 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00009728 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00014848 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\src\rgloader\rgloader193.mswin.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00009216 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00126976 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00016384 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00127316 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\bin\libffi-6.dll
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00013312 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00095744 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00012800 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00009728 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00014848 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\src\rgloader\rgloader193.mswin.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00118784 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00069120 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00083968 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\bin\zlib1.dll
2015-09-22 16:47 - 2015-09-22 16:47 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00275968 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00015360 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008192 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00009216 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00023552 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00036352 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00126976 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00016384 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00127316 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\bin\libffi-6.dll
2015-09-22 16:47 - 2015-09-22 16:47 - 00013312 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00095744 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-05-27 21:43 - 2015-06-12 21:27 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-02-25 14:15 - 2015-02-25 14:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-922301408-332873160-1376262277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Voobly => "C:\Program Files (x86)\Voobly\voobly.exe" --startup

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{5B64105A-C666-4CE8-B359-D30B082E0CA0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2C40850-A5AA-4ED9-8305-1F508A0BE65A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5A1315B2-CFD8-4AC1-A017-6CB4BCB002FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{330407AD-6A7B-4D23-B304-75D744A07BC2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E6450CA3-0928-4DA2-9879-23C4EC818A6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA1B7172-B0A5-4AEE-B194-2A8E393C025A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8DF01D04-A169-4013-ACFF-17C4F281B3D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FFC5AB27-CE90-46EF-8D1E-7C50312413E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{877A2798-DC72-4DD3-8E2B-CF4EC857EE39}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{270CCFC5-E177-442E-A312-D8C5D0EFF0EF}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BD17E38C-8B8F-4D28-95A6-4693CAEC76D5}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E34E6BF-A746-4EF2-BAAE-2FD8043577B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DE9990F3-09FA-4D85-9D2C-9F72DA932B6F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BB816CE2-A4C9-4BBD-A155-FDE6D61CFAF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3862A5E1-B38D-4842-9026-AC2C62DA1F9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{B4EB3307-C8CB-4843-A4B4-3377082144C7}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{87A0A2AC-7365-4213-8C6B-1345F5AF1702}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{A275C0BC-AEA9-4445-ADED-D9028FA8EEB1}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{400ECE11-9C93-4A80-9580-107A678BC1AB}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{AE693290-433D-4872-BF53-B527571D330A}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{EC123608-59F5-47D8-99FB-4642119DFDD2}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{4D6AB7F9-DE85-406E-AC04-297AA1AC59DB}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{2B6447A5-46DC-41A3-8A2E-8B8EC7E0874A}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [TCP Query User{6AB9E431-1DD3-4F43-9217-D6B2A21BAF33}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{CD055AFE-39AE-4113-8B8B-97AE7A5EFD68}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [TCP Query User{ECA5F127-1BB3-420B-9464-AB368E892FD2}C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{66905585-6CB9-49E9-93E4-5264759118FB}C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{7E0BAC1F-FA84-46E8-A81B-EC8FC4BDDED0}] => (Block) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{21471CFD-29EA-405E-B039-503CAFF35FE3}] => (Block) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{F68CFCDD-063F-4D98-91A7-DDF988AC23A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{7340655E-3C42-45C3-A4B1-3BAC6D81E78A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{0AAA37E5-E4AD-4F7A-ADD6-97DA8BB6705D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{B23FC7BD-54B7-4E4D-A61C-9046B8A2B60D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{C32BE6A7-9F84-4DF6-8480-7C01A83E2097}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{5F0CBFD2-2F9B-48A0-A2CA-9B578DD086A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DAB3C782-D79F-478E-A1F0-11EE6B349E08}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DB39D13B-F79C-495E-8440-8A8AA02C0900}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{4011400D-EC8A-4682-860F-AABB0100CBC0}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{8414FFD5-5902-42B4-BB56-646CB264C935}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{F10EF931-0A90-4B93-BE3E-EC093418FBFC}] => (Block) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{E6274DFC-5D95-441F-9BDF-F2DDCB3799C9}] => (Block) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{853CCFFB-C5DA-4FBA-AACE-E7E2B439EC87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D03653C8-45EA-477C-818A-EEED672B41B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3817FB66-A021-4861-BF46-4CBF329250E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FD2DAA03-8142-4067-BB72-BB1B40575F6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8F8DB2F7-ADA1-4273-A31A-37CB4BC8FD43}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{087BAA49-73A3-4EE0-A9EB-BE3DA85DE082}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B9962A2F-B162-49B7-AD8D-9CCE17B694DA}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{A7BF42BA-33F5-47B1-A0F1-65488D199546}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{6B672278-D07E-4F07-AB1B-5CB3FF2383F0}C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe
FirewallRules: [UDP Query User{22E6417E-03A7-4851-8876-F40174BE6D70}C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe
FirewallRules: [TCP Query User{320B5154-D197-4332-82DB-F05CA56D0F73}C:\users\alex\desktop\games\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\aom\aomxnocd.exe
FirewallRules: [UDP Query User{5C5D940D-ACE1-4A06-91D4-674A1E023DB8}C:\users\alex\desktop\games\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\aom\aomxnocd.exe
FirewallRules: [{8056A593-8640-4E48-AE1B-6D65FC41C2C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D0712E2-7834-47F3-8A0A-C18239968099}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C75AEA7-1A49-457A-9D10-C80BB2D19FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{21546473-4648-4B28-BA8D-3FA569F65FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{334074C8-6C57-4D94-8533-A340375F8618}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [UDP Query User{156F8C93-4E8D-4EE1-86B1-5D3DB9C73B50}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [{5519A36E-6D4C-4D8D-8018-56A11F099D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{EC028352-8DD8-491A-A030-2447B1EE4F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{6D8719E4-D075-4B44-AB15-6E81348606DE}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6CE4E723-4C78-4FAA-AC46-0199FDB6C20A}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D5272A81-4AF5-4588-A1E2-1FA3FE9066BC}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{9CE42FEE-E36A-45CF-A0B2-B1484E80C498}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [TCP Query User{C01F5E34-8B04-495F-891A-3B6AD0ADF5BA}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{52FB8920-61F6-4117-9FC5-D71F7631034B}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [{FCE05C0A-61EA-4427-B73F-3365BEBF6A73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{925B2254-BCCF-4EAD-B305-94B68DF7295F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{59C810B3-1BF1-45BB-8D5D-C9F8C8BB4B8F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{0CBC8BBD-9B89-4BD0-843D-BDD7F456A875}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{05C8AEE7-635B-4FFF-BDFD-7A4E8A6BE5E1}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{830AF29B-681F-42B6-AD15-A37259D79ED4}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [{CDB41466-6B95-4991-A859-8721A569DD0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1EB6A4F1-E0DC-4874-BD5D-BFFD5D5A462A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4DA1CA31-B1EA-48E9-9678-D92323456ED6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AC6C871D-277B-4116-A812-7521A00EE05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E4BC80B-0D59-49A9-B0E6-CFDB30579A82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F8BE2A13-C6BC-4439-B869-58F875EFC8F0}C:\users\alex\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{93350CC3-C1AD-4361-9994-FA5EEA1A0960}C:\users\alex\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{B3B62059-B393-4B8D-935E-84E60B21952A}] => (Block) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{88F5271D-F0AC-48ED-AD84-A5C9CE5BE53A}] => (Block) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{97016943-6291-4A5F-A5BB-B3F254342466}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{1BBFDF3B-7E31-4D72-A1F1-C90F06B38F2B}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{4AF77ECA-E1FE-4DDB-AEE4-190B8C5D3BC8}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{EFECB1B9-D8A3-4AF1-9CD3-FAB76AE5D80D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{C4B674C4-50BF-42B1-8330-393DE274D58D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{7E7D31A5-8127-4265-8B68-3637BA9CCF9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{92290EFF-8A05-430F-A94D-FF85D8E03409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{C695DCD9-57B3-4F25-8A42-6D4B70D908D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5E7E4103-8D7D-4F73-8EC9-68816A30C166}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{08526CBC-1EB4-420C-94D8-CA6A03B29DC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{EC498E06-A410-4437-9014-DA902BCA1C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{81A3C3AD-1226-4635-8656-FCC8C3254427}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1EFA3522-2D65-4AD2-8CC5-3A01603411B0}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FFC2418C-EE22-4129-9AF3-E7B7B792014D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FD19B638-5CAF-4034-AB88-7CB4360CE6A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DBDB38A6-263E-402F-9820-64757152E223}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D9E25726-FEFC-4D93-A172-98B2498EA621}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D94FF140-DA62-40DF-9820-608CB9B7D8B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/22/2015 04:47:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 04:35:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 04:14:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 03:36:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 03:36:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 03:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 03:17:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 02:23:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 02:23:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/22/2015 02:19:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (09/22/2015 04:47:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-09-22 16:12:35.542
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-09-22 16:12:35.528
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-01 16:16:40.648
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ntdll.dll" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16197.21 MB
Verfügbarer physikalischer RAM: 12780.89 MB
Summe virtueller Speicher: 32392.62 MB
Verfügbarer virtueller Speicher: 28325.91 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:953.77 GB) (Free:829.22 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: 09E0FDF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 22.09.2015, 16:58   #9
M-K-D-B
/// TB-Ausbilder
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Wir entfernen noch die letzten Reste und kontrollieren anschließend nochmal alles mit weiteren Scannern.
Bitte berichte mir, ob das Problem nach den Schritten weg ist oder nicht.
Hinweis: Die Suchläufe mit EEK und ESET können länger dauern.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
Tcpip\..\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}: [DhcpNameServer] 209.222.18.222 209.222.18.218
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {A4EC09D4-13F1-4C49-9308-2A10EA44511C} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
RemoveProxy:
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Lade Dir bitte von hier Emsisoft Emergency Kit Download Emsisoft Emergency Kit herunter.
  • Bitte installiere das Programm in den vorgegebenen Pfad.
  • Starte das Programm durch Doppelklick der Desktopverknüpfung.
  • Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
  • Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von EEK,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET.

Alt 22.09.2015, 17:05   #10
Atom95
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Hallo,

ich habe den frst Ordner auf den Desktop verschoben. Wenn ich nun das Pogramm starte und auf entfernen drücke bekomme ich folgende Warnung: Es scheint als wüssten Sie nicht was sie tun. Um Schaden zu vermeiden wird sich das Pogramm nun beenden.

Alt 22.09.2015, 17:10   #11
M-K-D-B
/// TB-Ausbilder
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Zitat:
Zitat von Atom95 Beitrag anzeigen
Hallo,

ich habe den frst Ordner auf den Desktop verschoben. Wenn ich nun das Pogramm starte und auf entfernen drücke bekomme ich folgende Warnung: Es scheint als wüssten Sie nicht was sie tun. Um Schaden zu vermeiden wird sich das Pogramm nun beenden.
Ja weil du meine Anleitung nicht richtig ausführst....
Mit einem Ordner hat das nichts zu tun.


Schritt 1 nochmal durchlesen...
Den Inhalt der Code-Box, den ich unter Schritt 1 gepostet hab, in eine leere txt Datei packen und die txt Datei als fixlist.txt abspeichern.
FRST.exe starten und auf entfernen klicken...
Eigentlich ganz einfach...

Alt 22.09.2015, 17:12   #12
Atom95
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Das ist mir schon klar, dass das nichts mit dem Ordner zu tun hat. Ich wollte nur anmerken dass das möglicherweise das Problem ist.

Die Fixlist ist selbstverständlich schon erstellt und ebenfalls am Desktop abgespeichter. Hätte ich wohl extra anmerken sollen.

Alt 22.09.2015, 17:16   #13
M-K-D-B
/// TB-Ausbilder
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Zitat:
Zitat von Atom95 Beitrag anzeigen
Das ist mir schon klar, dass das nichts mit dem Ordner zu tun hat. Ich wollte nur anmerken dass das möglicherweise das Problem ist.

Die Fixlist ist selbstverständlich schon erstellt und ebenfalls am Desktop abgespeichter. Hätte ich wohl extra anmerken sollen.
Auf dem Desktop sollen sein:
fixlist.txt
FRST.exe

Im Systemlaufwerk muss der Ordner FRST sein:
C:\FRST

kA, welchen Ordner du meinst...evtl. einen FRST-Ordner, der auf dem Desktop erstellt wird, wenn sich FRST neu updatet. Dann befinet sich darin die alte FRST.exe, den ordner kannst du dann eigentlich sofort löschen.


Die Warnung kommt meist dann, wenn du einfach eine komplette Logdatei von FRST als fixlist.txt abspeicherst und nicht die paar wenigen Zeilen wie in meinem Schritt 1 gepostet.

Alt 22.09.2015, 17:28   #14
Atom95
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Du hattest recht, ich hab einen frst log abgespeichert

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Alex (2015-09-22 17:18:54) Run:1
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
Tcpip\..\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}: [DhcpNameServer] 209.222.18.222 209.222.18.218
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {A4EC09D4-13F1-4C49-9308-2A10EA44511C} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
RemoveProxy:
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}\\DhcpNameServer => Wert erfolgreich entfernt
"HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A4EC09D4-13F1-4C49-9308-2A10EA44511C}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{A4EC09D4-13F1-4C49-9308-2A10EA44511C} => Schlüssel nicht gefunden. 

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========

EmptyTemp: => 2.2 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 17:19:02 ====
         
Code:
ATTFilter
Emsisoft Emergency Kit - Version 10.0
Letztes Update: 22.09.2015 17:26:00
Benutzerkonto: Alex-PC\Alex

Scan-Einstellungen:

Scan-Methode: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien

PUPs-Erkennung: An
Archiv-Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan-Beginn:	22.09.2015 17:30:15
Key: HKEY_USERS\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\CLASSES\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5} 	Gefunden: Application.Toolbar (A)
Key: HKEY_USERS\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326} 	Gefunden: Application.Toolbar (A)

Gescannt:	83044
Gefunden	2

Scan-Ende:	22.09.2015 17:30:28
Scan-Zeit:	0:00:13


Gelöscht	0
         
Habe versucht alle zu löschen 2 wollen sich aber nicht löschen lassen.
PS: Das ist jetzt der zweite Scan, da ich beim ersten nur in die Quarantäne vershoben habe und dann gelöscht statt direkt zu löschen.

Alt 22.09.2015, 17:30   #15
M-K-D-B
/// TB-Ausbilder
 
DNS Unlocker loswerden - Standard

DNS Unlocker loswerden



Zitat:
Zitat von Atom95 Beitrag anzeigen
Du hattest recht, ich hab einen frst log abgespeichert
hehe

Macht ja nichts.

Antwort

Themen zu DNS Unlocker loswerden
anleitung, bereit, dns, dns unlocker, erweiterungen, gefunde, immer wieder, leitung, locker, loswerden, mbam, nichts, popen, surfe, surfen, teamviewer, troja, trojaner, unlocker, unter, verdächtiges, warnungen



Ähnliche Themen: DNS Unlocker loswerden


  1. Windows 10: DNS-Unlocker o.ä. nicht entfernbar
    Log-Analyse und Auswertung - 03.11.2015 (4)
  2. DNS Unlocker nervt - Löschung nicht möglich!
    Plagegeister aller Art und deren Bekämpfung - 12.10.2015 (9)
  3. DNS Unlocker entfernen (NEU)
    Diskussionsforum - 11.10.2015 (4)
  4. Windows 7 DNS-Unlocker öffnet bei jedem Klick Werbefenster
    Log-Analyse und Auswertung - 06.10.2015 (13)
  5. Windows 7: Ad by DNS Unlocker
    Log-Analyse und Auswertung - 14.09.2015 (21)
  6. Ads DNS Unlocker Mozilla Firefox
    Plagegeister aller Art und deren Bekämpfung - 09.09.2015 (9)
  7. DNS-Unlocker auf Steam
    Plagegeister aller Art und deren Bekämpfung - 06.09.2015 (4)
  8. Ads by DNS Unlocker entfernen
    Anleitungen, FAQs & Links - 10.08.2015 (2)
  9. GVU-Trojaner: Systemwiederherstellung, Unlocker und Hitman funktionieren nicht
    Log-Analyse und Auswertung - 16.11.2014 (17)
  10. Bundespolizei Virus - keine Möglichkeit mit unlocker
    Alles rund um Windows - 27.04.2014 (18)
  11. Polizeivirus am PX PC mit Kaspersky Win unlocker freigeschallten
    Plagegeister aller Art und deren Bekämpfung - 19.01.2013 (2)
  12. neuer gvu trojaner kaspersky unlocker ohne eefolg
    Plagegeister aller Art und deren Bekämpfung - 19.12.2012 (14)
  13. Nach Windows unlocker Desktop icons weg..
    Plagegeister aller Art und deren Bekämpfung - 15.10.2012 (29)
  14. Avira Ransom File Unlocker
    Diskussionsforum - 17.08.2012 (195)
  15. Unlöschbare Dateien löschen mit Unlocker
    Anleitungen, FAQs & Links - 09.09.2009 (1)
  16. unlocker installiert das ebayShortcut.exe
    Plagegeister aller Art und deren Bekämpfung - 19.11.2008 (8)
  17. unlocker installiert den ebayShortcut.exe link
    Mülltonne - 12.11.2008 (0)

Zum Thema DNS Unlocker loswerden - Gute Tag, Ich habe mir den DNS Unlocker Trojaner eingefangen. Ich bin nach dieser Anleitung aus dem Forum vorgegangen jedoch erfolglos. http://www.trojaner-board.de/169694-...wser_entfernen Aufgefallen ist mir der Trojaner beim surfen unter - DNS Unlocker loswerden...
Archiv
Du betrachtest: DNS Unlocker loswerden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.