| |
| |||||||
Log-Analyse und Auswertung: DNS Unlocker loswerdenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
22.09.2015, 14:32
| #1 |
 |  DNS Unlocker loswerden Gute Tag, Ich habe mir den DNS Unlocker Trojaner eingefangen. Ich bin nach dieser Anleitung aus dem Forum vorgegangen jedoch erfolglos. http://www.trojaner-board.de/169694-...wser_entfernen Aufgefallen ist mir der Trojaner beim surfen unter Firefox. Habe aber unter "Erweiterungen" nichts verdächtiges gefunden. Ich kann jetzt zwar wieder normal surfen allerdings popen immer wieder Warnungen von MBAM auf diese schauen so aus: hxxp://prntscr.com/8j71ou Falls jemand bereit ist mir über Teamviewer zu helfen wäre ich sehr dankbar. Anbei die Logs. Danke, Alex |
|
22.09.2015, 14:43
| #2 |
| /// TB-Ausbilder   | DNS Unlocker loswerden Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
22.09.2015, 14:56
| #3 |
| | DNS Unlocker loswerden Hallo Matthias,
__________________danke für deine Hilfe. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 durchgeführt von Alex (Administrator) auf ALEX-PC (22-09-2015 15:49:56) Gestartet von C:\Users\Alex\Downloads Geladene Profile: Alex (Verfügbare Profile: Alex) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 10 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files\Prio\prio_svc.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Company) C:\Program Files (x86)\Popcorn Time\Updater.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\SysWOW64\HsMgr.exe () C:\Windows\system\HsMgr64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (CMedia) C:\Program Files\ASUS Essence STX II Audio Device\Customapp\AsusAudioCenter.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe () C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe () C:\Program Files (x86)\eXtra Buttons\xb.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe (LINE Corporation) C:\Program Files (x86)\LINE\LINE.exe (EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe () C:\Program Files\pia_manager\pia_manager.exe (Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (hxxp://www.ruby-lang.org/) C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\bin\rubyw.exe () C:\Program Files\pia_manager\pia_manager.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (hxxp://www.ruby-lang.org/) C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\bin\rubyw.exe () C:\Program Files\pia_manager\pia_tray\pia_tray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation) HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CmiCnfgSTXII.dll,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2000-01-01] (Intel Corporation) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Amazon Music] => C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] () HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [eXtra Buttons] => C:\Program Files (x86)\eXtra Buttons\xb.exe [2800128 2013-07-08] () HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Voobly] => [X] HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.) HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [LINE] => C:\Program Files (x86)\LINE\line.exe [15664152 2015-08-18] (LINE Corporation) AppInit_DLLs: prio.dll => C:\Program Files\Prio\prio.dll [17264 2012-11-08] (O&K Software) AppInit_DLLs-x32: prio32.dll => C:\Program Files\Prio\prio32.dll [15216 2012-11-08] (O&K Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2015-05-30] ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan) CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{78A7E6A4-8C3E-4DC9-ACC6-2E6A0AD66A09}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}: [DhcpNameServer] 209.222.18.222 209.222.18.218 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-922301408-332873160-1376262277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net SearchScopes: HKLM -> DefaultScope {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKLM -> {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> DefaultScope {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {A4EC09D4-13F1-4C49-9308-2A10EA44511C} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms} BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472 FF Homepage: www.google.at FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-27] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-27] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\searchplugins\katcr.xml [2015-06-20] FF Extension: ColorfulTabs - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-09-21] FF Extension: FEBE - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-06-27] FF Extension: savetexttofile - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\HighlightedTextToFile@bobbyrne01.org.xpi [2015-06-27] FF Extension: Art Project - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\jid1-2owcJCGUIo2yBA@jetpack.xpi [2015-06-29] FF Extension: S3.Google Translator - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\s3google@translator.xpi [2015-06-27] FF Extension: Tab Auto Reload - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\TabAutoReload@schuzak.jp.xpi [2015-06-27] FF Extension: Tab Scope - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\tabscope@xuldev.org.xpi [2015-06-27] FF Extension: Tile Tabs - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\tiletabs@DW-dev.xpi [2015-09-22] FF Extension: Session Manager - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-06-27] FF Extension: Capture & Print - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2015-06-27] FF Extension: ReloadEvery - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-09-07] FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2015-06-27] FF Extension: RightToClick - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-06-27] FF Extension: Adblock Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-27] FF Extension: BetterPrivacy - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-06-27] FF Extension: Tab Mix Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-06-27] FF Extension: DownThemAll! - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-06-27] FF Extension: Greasemonkey - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-06-27] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.at/" CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-19] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-19] CHR Extension: (Skype Click to Call) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-28] CHR Extension: (AgarioMods Evergreen Script) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2015-07-17] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-19] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-09-19] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-01-27] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-01] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-06-28] () R2 prio_svc; C:\Program Files\Prio\prio_svc.exe [12656 2012-11-08] () R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-04-16] (Avira Operations GmbH & Co. KG) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2014-09-29] (Intel Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-01-27] (Intel Corporation) R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-02-25] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 STXIIService; C:\Windows\System32\drivers\STXII.sys [2736640 2014-02-18] (C-Media Inc) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-22 15:49 - 2015-09-22 15:49 - 02191360 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe 2015-09-22 15:49 - 2015-09-22 15:49 - 00024706 _____ C:\Users\Alex\Downloads\FRST.txt 2015-09-22 15:49 - 2015-09-22 15:49 - 00000000 ____D C:\FRST 2015-09-22 15:21 - 2015-09-22 15:21 - 00001058 _____ C:\Users\Alex\Desktop\JRT.txt 2015-09-22 15:16 - 2015-09-22 15:16 - 00001217 _____ C:\Users\Alex\Desktop\MBAM Anwendungsprotokoll.txt 2015-09-22 14:23 - 2015-09-22 14:23 - 00000000 ____D C:\Program Files (x86)\ESET 2015-09-22 14:15 - 2015-09-22 14:23 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe 2015-09-22 14:15 - 2015-09-22 14:23 - 00001868 _____ C:\Users\Alex\Desktop\sc-cleaner.txt 2015-09-22 14:15 - 2015-09-22 14:15 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Alex\Downloads\sc-cleaner.exe 2015-09-22 14:14 - 2015-09-22 14:14 - 01798976 _____ (Malwarebytes) C:\Users\Alex\Downloads\JRT.exe 2015-09-22 14:13 - 2015-09-22 14:13 - 01662976 _____ C:\Users\Alex\Downloads\AdwCleaner_5.008.exe 2015-09-22 13:59 - 2015-09-22 15:43 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-22 13:59 - 2015-09-22 13:59 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-09-22 13:59 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-22 13:59 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-22 13:59 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-22 13:58 - 2015-09-22 13:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Alex\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-21 02:22 - 2015-09-21 02:30 - 00000000 ____D C:\Users\Alex\AppData\Local\Arma 3 Launcher 2015-09-21 02:22 - 2015-09-21 02:29 - 00000000 ____D C:\Users\Alex\AppData\Local\Arma 3 2015-09-21 02:22 - 2015-09-21 02:23 - 00000000 ____D C:\Users\Alex\Documents\Arma 3 2015-09-21 02:22 - 2015-09-21 02:22 - 00000000 ____D C:\Users\Alex\AppData\Local\Bohemia_Interactive 2015-09-21 02:22 - 2015-09-21 02:22 - 00000000 ____D C:\ProgramData\Bohemia Interactive 2015-09-19 21:53 - 2015-09-19 21:53 - 00000222 _____ C:\Users\Alex\Desktop\Arma 3.url 2015-09-19 00:53 - 2015-09-19 00:53 - 00000025 _____ C:\Users\Alex\Desktop\gallier produktion.txt 2015-09-17 17:03 - 2015-09-19 11:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-09-15 21:55 - 2015-09-22 00:00 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-09-15 21:55 - 2015-09-15 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-09-15 21:54 - 2015-09-22 15:22 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-15 21:54 - 2015-09-22 14:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-15 21:54 - 2015-09-15 21:54 - 00929872 _____ (Google Inc.) C:\Users\Alex\Downloads\ChromeSetup.exe 2015-09-15 21:54 - 2015-09-15 21:54 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-15 21:54 - 2015-09-15 21:54 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-10 19:29 - 2015-09-10 19:29 - 00000038 _____ C:\Users\Alex\Desktop\zravian benefit account.txt 2015-09-09 14:06 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-09-09 14:06 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-09-09 14:06 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-09-09 14:06 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-09-09 14:06 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-09-09 14:06 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-09-09 14:06 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-09-09 14:06 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-09-09 14:06 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-09-09 14:06 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-09-09 14:06 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-09-09 14:06 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-09-09 14:06 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-09-09 14:06 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-09-09 14:06 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-09-09 14:06 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-09-09 14:06 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-09-09 14:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-09-09 14:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-09-09 14:06 - 2015-08-22 16:40 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-09-09 14:06 - 2015-08-22 15:51 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-09-09 14:06 - 2015-08-22 15:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-09-09 14:06 - 2015-08-22 15:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-09-09 14:06 - 2015-08-22 15:51 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-09-09 14:06 - 2015-08-22 15:50 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-09-09 14:06 - 2015-08-22 15:50 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-09-09 14:06 - 2015-08-20 20:53 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-09-09 14:06 - 2015-08-20 20:46 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-09-09 14:06 - 2015-08-20 20:21 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-09-09 14:06 - 2015-08-20 20:19 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-09-09 14:06 - 2015-08-20 19:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2015-09-09 14:06 - 2015-08-20 19:55 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-09-09 14:06 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2015-09-09 14:06 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-09-09 14:06 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-09-09 14:06 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-09-09 14:06 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-09-09 14:06 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-09-09 14:06 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-09-09 14:06 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-09-09 14:06 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-09-09 14:06 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-09-09 14:06 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-09-09 14:06 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-09-09 14:06 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-09-09 14:01 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-09-09 14:01 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-09-09 14:01 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-09-09 14:01 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-09-09 14:01 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-09-09 14:01 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-09-09 14:01 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-09-09 14:01 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-09-09 14:01 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-09-09 14:01 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-09-08 18:49 - 2015-09-08 18:49 - 00000222 _____ C:\Users\Alex\Desktop\Total War Arena.url 2015-09-08 03:28 - 2015-09-08 04:20 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TS3Client 2015-09-08 03:28 - 2015-09-08 03:28 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-09-08 03:28 - 2015-09-08 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-09-08 03:27 - 2015-09-08 03:28 - 31071896 _____ (TeamSpeak Systems GmbH) C:\Users\Alex\Downloads\TeamSpeak3-Client-win64-3.0.17.exe 2015-09-02 06:10 - 2015-09-02 06:10 - 00000054 _____ C:\Users\Alex\Desktop\seleren irc screenshots.txt 2015-09-02 04:27 - 2015-09-02 04:28 - 00000000 ____D C:\Users\Alex\AppData\Local\LINE 2015-09-02 04:27 - 2015-09-02 04:27 - 00000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk 2015-09-02 04:27 - 2015-09-02 04:27 - 00000951 _____ C:\Users\Public\Desktop\LINE.lnk 2015-09-02 04:27 - 2015-09-02 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE 2015-09-02 04:27 - 2015-09-02 04:27 - 00000000 ____D C:\Program Files (x86)\LINE 2015-09-02 04:14 - 2015-09-02 04:19 - 28198424 _____ (LINE Corporation) C:\Users\Alex\Downloads\LineInst.exe 2015-09-01 00:05 - 2015-09-01 00:05 - 00001317 _____ C:\Users\Alex\Desktop\ZRAVIAN STUFF.txt 2015-08-31 16:39 - 2015-08-31 16:39 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Sun 2015-08-31 16:39 - 2015-08-31 16:39 - 00000000 ____D C:\Users\Alex\.oracle_jre_usage 2015-08-28 15:26 - 2015-08-29 19:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-26 09:07 - 2015-08-26 09:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Alex\Downloads\Xbox360_64Deu.exe 2015-08-26 09:07 - 2015-08-26 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-08-26 09:07 - 2015-08-26 09:07 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories 2015-08-26 09:04 - 2015-08-26 09:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2015-08-25 05:43 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-25 05:43 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-22 15:36 - 2015-05-27 20:04 - 01325485 _____ C:\Windows\WindowsUpdate.log 2015-09-22 15:30 - 2009-07-14 06:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-22 15:30 - 2009-07-14 06:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-22 15:28 - 2015-05-28 05:58 - 00699726 _____ C:\Windows\system32\perfh007.dat 2015-09-22 15:28 - 2015-05-28 05:58 - 00149364 _____ C:\Windows\system32\perfc007.dat 2015-09-22 15:28 - 2009-07-14 07:13 - 01621742 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-22 15:24 - 2015-05-27 21:02 - 00006467 _____ C:\Windows\SysWOW64\Gms.log 2015-09-22 15:22 - 2015-07-01 19:59 - 00016087 _____ C:\Windows\setupact.log 2015-09-22 15:22 - 2015-05-27 20:33 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-22 15:22 - 2015-05-27 20:04 - 00000000 ____D C:\Users\Alex 2015-09-22 15:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-22 15:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2015-09-22 15:18 - 2015-06-27 13:06 - 00000000 ____D C:\AdwCleaner 2015-09-22 14:58 - 2015-05-27 21:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-22 14:53 - 2015-05-27 21:11 - 00000000 ____D C:\Program Files (x86)\Steam 2015-09-22 14:19 - 2015-07-16 22:42 - 00002718 _____ C:\Windows\PFRO.log 2015-09-22 14:13 - 2015-05-27 20:51 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Skype 2015-09-22 13:53 - 2015-05-27 20:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-09-21 20:58 - 2015-05-27 21:13 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-09-21 20:58 - 2015-05-27 21:13 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-21 20:58 - 2015-05-27 21:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-09-21 20:39 - 2015-05-27 20:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-09-21 03:19 - 2015-08-19 06:40 - 00000122 _____ C:\Users\Alex\Desktop\ZRAVIAN.txt 2015-09-21 02:21 - 2015-05-27 20:17 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-20 19:20 - 2015-05-27 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-15 21:55 - 2015-05-27 20:09 - 00000000 ____D C:\Program Files (x86)\Google 2015-09-11 01:13 - 2015-05-27 21:28 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent 2015-09-10 08:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-09-10 03:19 - 2009-07-14 06:45 - 00296480 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-10 03:18 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-10 03:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-09-10 03:03 - 2015-05-27 21:43 - 00000000 ____D C:\Windows\system32\MRT 2015-09-09 13:19 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-09-08 18:50 - 2015-05-27 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-09-08 03:28 - 2015-05-27 20:53 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-08-31 16:39 - 2015-05-27 21:14 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\ProgramData\Oracle 2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-31 16:34 - 2015-05-28 22:07 - 00000000 ____D C:\Program Files (x86)\Voobly 2015-08-29 02:17 - 2015-06-19 01:00 - 00001159 _____ C:\Users\Alex\Desktop\Mozilla Firefox.lnk 2015-08-29 01:59 - 2015-05-27 21:22 - 00000000 ____D C:\Users\Alex\Desktop\Games 2015-08-26 18:37 - 2015-05-27 21:43 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-26 09:07 - 2015-07-19 00:32 - 00046990 _____ C:\Windows\DirectX.log 2015-08-25 05:43 - 2015-05-27 20:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-23 01:31 - 2015-06-04 19:59 - 00000000 ____D C:\Users\Alex\Documents\My Games ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-07-27 02:42 - 2015-07-27 03:26 - 0000058 _____ () C:\Users\Alex\AppData\Roaming\prio.ini 2015-05-27 23:55 - 2015-05-27 23:55 - 0000000 _____ () C:\Users\Alex\AppData\Local\Driver_LOM_8161Present.flag 2015-06-21 05:22 - 2015-07-27 03:26 - 0007621 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg 2015-08-18 03:42 - 2015-08-18 03:42 - 0000003 _____ () C:\Users\Alex\AppData\Local\updater.log 2015-08-18 03:42 - 2015-08-18 03:42 - 0000424 _____ () C:\Users\Alex\AppData\Local\UserProducts.xml Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Alex\Notepad2.exe Einige Dateien in TEMP: ==================== C:\Users\Alex\AppData\Local\Temp\avgnt.exe C:\Users\Alex\AppData\Local\Temp\jre-8u51-windows-au.exe C:\Users\Alex\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Alex\AppData\Local\Temp\OpenOffice_4.1.1_Win_x86_install_de.exe C:\Users\Alex\AppData\Local\Temp\update.exe C:\Users\Alex\AppData\Local\Temp\ytb.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-21 00:15 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Alex (2015-09-22 15:50:07)
Gestartet von C:\Users\Alex\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-27 18:04:05)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-922301408-332873160-1376262277-500 - Administrator - Disabled)
Alex (S-1-5-21-922301408-332873160-1376262277-1000 - Administrator - Enabled) => C:\Users\Alex
Gast (S-1-5-21-922301408-332873160-1376262277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-922301408-332873160-1376262277-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Akamai NetSession Interface (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.1.0 - Amazon Services LLC) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ASUS Essence STX II Audio Device (HKLM-x32\...\{1A01B996-F7F7-473C-9EA4-B22801713A83}) (Version: - ASUSTek Computer Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
eXtra Buttons (HKLM-x32\...\eXtra Buttons) (Version: - )
Geeks3D FurMark 1.15.2.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Network Connections 19.5.303.0 (HKLM\...\PROSetDX) (Version: 19.5.303.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.27 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.26 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
LINE (HKLM-x32\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaHuman YouTube to MP3 Converter Version 3.8.1 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.8.1 - )
Metin2 Singapore (HKLM-x32\...\Metin2 Singapore) (Version: - Tec Interactive Pte Ltd)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.2.1 - Popcorn Time)
Popcorn Time (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Popcorn Time) (Version: - Popcorn Official)
Prio (HKLM\...\Prio) (Version: 2.0.0.2960 - )
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Revive BF2 (HKLM\...\{72427ED2-72A7-4DB3-99CE-D0E36B24307A}_is1) (Version: 1.5 - Battlelog.co)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly)
TP-LINK Wireless Client Utility (HKLM-x32\...\{385C8E5A-0B4F-4DCD-BBBD-2A8AE0400A76}) (Version: 7.0 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Websuche (HKLM-x32\...\Websuche) (Version: - Websuche)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-922301408-332873160-1376262277-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
21-09-2015 02:21:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
21-09-2015 02:21:31 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
22-09-2015 13:51:17 calculadora-setup wird entfernt
22-09-2015 14:15:13 JRT Pre-Junkware Removal
22-09-2015 14:20:59 JRT Pre-Junkware Removal
22-09-2015 15:19:36 JRT Pre-Junkware Removal
22-09-2015 15:21:20 Wiederherstellungsvorgang
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08B135AF-3070-4757-A915-B0239CE0E993} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {326F8FFA-04FB-4CA2-BB2F-0CB814848E47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {68596127-0212-412A-B1B4-0126A02F168E} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-06-12] ()
Task: {6ED1DDD7-3171-4E44-ABC3-F20948DF2F91} - System32\Tasks\{07EF5ACA-E114-4FDB-81C2-3F9D928C9482} => pcalua.exe -a C:\Users\Alex\Downloads\Metin2-SG_installer.exe -d C:\Users\Alex\Downloads
Task: {AD1849D5-A0DA-4A97-8888-F418AFAECBA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {AF21D5D8-6711-48A3-BD91-B10EFF68DC2E} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D96732E7-FAFE-46C6-8130-AD39EA0FDD41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {FC893FD4-3133-4120-BB74-96E80525CE75} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-27 20:32 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-03 01:27 - 2015-06-28 22:16 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-08 21:30 - 2012-11-08 21:30 - 00012656 _____ () C:\Program Files\Prio\prio_svc.exe
2015-05-27 23:49 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2015-05-27 23:49 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2015-05-27 21:44 - 2015-07-21 07:02 - 05887808 _____ () C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-07-08 11:05 - 2013-07-08 11:05 - 02800128 _____ () C:\Program Files (x86)\eXtra Buttons\xb.exe
2015-05-27 21:43 - 2015-06-12 21:27 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-27 20:33 - 2015-08-18 01:30 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-05-27 20:33 - 2015-08-18 01:31 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-05-27 20:33 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-27 23:49 - 2013-12-16 12:05 - 00143360 ____N () C:\Program Files\ASUS Essence STX II Audio Device\Customapp\VmixP8.dll
2015-08-18 04:20 - 2015-08-18 04:20 - 03129368 _____ () C:\Program Files (x86)\LINE\ampkit_windows.dll
2015-07-03 07:44 - 2015-07-03 07:44 - 00123416 _____ () C:\Program Files (x86)\LINE\PlayerHelper.dll
2015-09-22 15:22 - 2015-09-22 15:22 - 00012800 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00009728 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00014848 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\src\rgloader\rgloader193.mswin.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00009216 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00126976 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00016384 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00127316 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\bin\libffi-6.dll
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00013312 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00095744 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocr4EAB.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00012800 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00009728 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00014848 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\src\rgloader\rgloader193.mswin.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00118784 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00069120 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00083968 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\bin\zlib1.dll
2015-09-22 15:22 - 2015-09-22 15:22 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00275968 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00015360 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008192 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00009216 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00023552 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00036352 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00126976 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00016384 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00127316 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\bin\libffi-6.dll
2015-09-22 15:22 - 2015-09-22 15:22 - 00013312 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00095744 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-22 15:22 - 2015-09-22 15:22 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocr6853.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-05-27 21:43 - 2015-06-12 21:27 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-02-25 14:15 - 2015-02-25 14:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-922301408-332873160-1376262277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Voobly => "C:\Program Files (x86)\Voobly\voobly.exe" --startup
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{5B64105A-C666-4CE8-B359-D30B082E0CA0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2C40850-A5AA-4ED9-8305-1F508A0BE65A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5A1315B2-CFD8-4AC1-A017-6CB4BCB002FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{330407AD-6A7B-4D23-B304-75D744A07BC2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E6450CA3-0928-4DA2-9879-23C4EC818A6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA1B7172-B0A5-4AEE-B194-2A8E393C025A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8DF01D04-A169-4013-ACFF-17C4F281B3D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FFC5AB27-CE90-46EF-8D1E-7C50312413E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{877A2798-DC72-4DD3-8E2B-CF4EC857EE39}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{270CCFC5-E177-442E-A312-D8C5D0EFF0EF}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BD17E38C-8B8F-4D28-95A6-4693CAEC76D5}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E34E6BF-A746-4EF2-BAAE-2FD8043577B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DE9990F3-09FA-4D85-9D2C-9F72DA932B6F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BB816CE2-A4C9-4BBD-A155-FDE6D61CFAF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3862A5E1-B38D-4842-9026-AC2C62DA1F9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{B4EB3307-C8CB-4843-A4B4-3377082144C7}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{87A0A2AC-7365-4213-8C6B-1345F5AF1702}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{A275C0BC-AEA9-4445-ADED-D9028FA8EEB1}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{400ECE11-9C93-4A80-9580-107A678BC1AB}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{AE693290-433D-4872-BF53-B527571D330A}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{EC123608-59F5-47D8-99FB-4642119DFDD2}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{4D6AB7F9-DE85-406E-AC04-297AA1AC59DB}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{2B6447A5-46DC-41A3-8A2E-8B8EC7E0874A}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [TCP Query User{6AB9E431-1DD3-4F43-9217-D6B2A21BAF33}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{CD055AFE-39AE-4113-8B8B-97AE7A5EFD68}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [TCP Query User{ECA5F127-1BB3-420B-9464-AB368E892FD2}C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{66905585-6CB9-49E9-93E4-5264759118FB}C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{7E0BAC1F-FA84-46E8-A81B-EC8FC4BDDED0}] => (Block) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{21471CFD-29EA-405E-B039-503CAFF35FE3}] => (Block) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{F68CFCDD-063F-4D98-91A7-DDF988AC23A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{7340655E-3C42-45C3-A4B1-3BAC6D81E78A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{0AAA37E5-E4AD-4F7A-ADD6-97DA8BB6705D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{B23FC7BD-54B7-4E4D-A61C-9046B8A2B60D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{C32BE6A7-9F84-4DF6-8480-7C01A83E2097}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{5F0CBFD2-2F9B-48A0-A2CA-9B578DD086A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DAB3C782-D79F-478E-A1F0-11EE6B349E08}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DB39D13B-F79C-495E-8440-8A8AA02C0900}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{4011400D-EC8A-4682-860F-AABB0100CBC0}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{8414FFD5-5902-42B4-BB56-646CB264C935}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{F10EF931-0A90-4B93-BE3E-EC093418FBFC}] => (Block) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{E6274DFC-5D95-441F-9BDF-F2DDCB3799C9}] => (Block) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{853CCFFB-C5DA-4FBA-AACE-E7E2B439EC87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D03653C8-45EA-477C-818A-EEED672B41B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3817FB66-A021-4861-BF46-4CBF329250E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FD2DAA03-8142-4067-BB72-BB1B40575F6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8F8DB2F7-ADA1-4273-A31A-37CB4BC8FD43}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{087BAA49-73A3-4EE0-A9EB-BE3DA85DE082}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B9962A2F-B162-49B7-AD8D-9CCE17B694DA}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{A7BF42BA-33F5-47B1-A0F1-65488D199546}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{6B672278-D07E-4F07-AB1B-5CB3FF2383F0}C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe
FirewallRules: [UDP Query User{22E6417E-03A7-4851-8876-F40174BE6D70}C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe
FirewallRules: [TCP Query User{320B5154-D197-4332-82DB-F05CA56D0F73}C:\users\alex\desktop\games\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\aom\aomxnocd.exe
FirewallRules: [UDP Query User{5C5D940D-ACE1-4A06-91D4-674A1E023DB8}C:\users\alex\desktop\games\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\aom\aomxnocd.exe
FirewallRules: [{8056A593-8640-4E48-AE1B-6D65FC41C2C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D0712E2-7834-47F3-8A0A-C18239968099}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C75AEA7-1A49-457A-9D10-C80BB2D19FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{21546473-4648-4B28-BA8D-3FA569F65FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{334074C8-6C57-4D94-8533-A340375F8618}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [UDP Query User{156F8C93-4E8D-4EE1-86B1-5D3DB9C73B50}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [{5519A36E-6D4C-4D8D-8018-56A11F099D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{EC028352-8DD8-491A-A030-2447B1EE4F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{6D8719E4-D075-4B44-AB15-6E81348606DE}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6CE4E723-4C78-4FAA-AC46-0199FDB6C20A}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D5272A81-4AF5-4588-A1E2-1FA3FE9066BC}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{9CE42FEE-E36A-45CF-A0B2-B1484E80C498}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [TCP Query User{C01F5E34-8B04-495F-891A-3B6AD0ADF5BA}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{52FB8920-61F6-4117-9FC5-D71F7631034B}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [{FCE05C0A-61EA-4427-B73F-3365BEBF6A73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{925B2254-BCCF-4EAD-B305-94B68DF7295F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{59C810B3-1BF1-45BB-8D5D-C9F8C8BB4B8F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{0CBC8BBD-9B89-4BD0-843D-BDD7F456A875}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{05C8AEE7-635B-4FFF-BDFD-7A4E8A6BE5E1}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{830AF29B-681F-42B6-AD15-A37259D79ED4}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [{CDB41466-6B95-4991-A859-8721A569DD0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1EB6A4F1-E0DC-4874-BD5D-BFFD5D5A462A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4DA1CA31-B1EA-48E9-9678-D92323456ED6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AC6C871D-277B-4116-A812-7521A00EE05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E4BC80B-0D59-49A9-B0E6-CFDB30579A82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F8BE2A13-C6BC-4439-B869-58F875EFC8F0}C:\users\alex\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{93350CC3-C1AD-4361-9994-FA5EEA1A0960}C:\users\alex\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{B3B62059-B393-4B8D-935E-84E60B21952A}] => (Block) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{88F5271D-F0AC-48ED-AD84-A5C9CE5BE53A}] => (Block) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{97016943-6291-4A5F-A5BB-B3F254342466}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{1BBFDF3B-7E31-4D72-A1F1-C90F06B38F2B}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{4AF77ECA-E1FE-4DDB-AEE4-190B8C5D3BC8}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{EFECB1B9-D8A3-4AF1-9CD3-FAB76AE5D80D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{C4B674C4-50BF-42B1-8330-393DE274D58D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{7E7D31A5-8127-4265-8B68-3637BA9CCF9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{92290EFF-8A05-430F-A94D-FF85D8E03409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{C695DCD9-57B3-4F25-8A42-6D4B70D908D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5E7E4103-8D7D-4F73-8EC9-68816A30C166}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{08526CBC-1EB4-420C-94D8-CA6A03B29DC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{EC498E06-A410-4437-9014-DA902BCA1C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{81A3C3AD-1226-4635-8656-FCC8C3254427}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1EFA3522-2D65-4AD2-8CC5-3A01603411B0}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FFC2418C-EE22-4129-9AF3-E7B7B792014D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FD19B638-5CAF-4034-AB88-7CB4360CE6A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DBDB38A6-263E-402F-9820-64757152E223}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D9E25726-FEFC-4D93-A172-98B2498EA621}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D94FF140-DA62-40DF-9820-608CB9B7D8B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/22/2015 03:36:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 03:36:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 03:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2015 03:17:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2015 02:23:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 02:23:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 02:19:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2015 01:53:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2015 12:04:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2015 10:33:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (09/22/2015 03:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/22/2015 03:37:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/22/2015 03:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/22/2015 03:37:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/22/2015 03:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/22/2015 03:37:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/22/2015 03:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/22/2015 03:37:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/22/2015 03:37:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/22/2015 03:37:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2015-06-01 16:16:40.648
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ntdll.dll" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16197.21 MB
Verfügbarer physikalischer RAM: 12996.3 MB
Summe virtueller Speicher: 32392.62 MB
Verfügbarer virtueller Speicher: 28095.49 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:953.77 GB) (Free:816.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: 09E0FDF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
22.09.2015, 14:58
| #4 |
| | DNS Unlocker loswerdenCode:
ATTFilter 15:50:57.0701 0x0a9c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:51:01.0005 0x0a9c ============================================================
15:51:01.0005 0x0a9c Current date / time: 2015/09/22 15:51:01.0005
15:51:01.0005 0x0a9c SystemInfo:
15:51:01.0005 0x0a9c
15:51:01.0005 0x0a9c OS Version: 6.1.7601 ServicePack: 1.0
15:51:01.0005 0x0a9c Product type: Workstation
15:51:01.0005 0x0a9c ComputerName: ALEX-PC
15:51:01.0005 0x0a9c UserName: Alex
15:51:01.0005 0x0a9c Windows directory: C:\Windows
15:51:01.0005 0x0a9c System windows directory: C:\Windows
15:51:01.0005 0x0a9c Running under WOW64
15:51:01.0005 0x0a9c Processor architecture: Intel x64
15:51:01.0005 0x0a9c Number of processors: 8
15:51:01.0005 0x0a9c Page size: 0x1000
15:51:01.0005 0x0a9c Boot type: Normal boot
15:51:01.0005 0x0a9c ============================================================
15:51:01.0195 0x0a9c KLMD registered as C:\Windows\system32\drivers\11778521.sys
15:51:01.0277 0x0a9c System UUID: {60829599-3F0A-0196-106D-017BDA7164C9}
15:51:01.0571 0x0a9c Drive \Device\Harddisk0\DR0 - Size: 0xEE77A56000 ( 953.87 Gb ), SectorSize: 0x200, Cylinders: 0x1E667, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:51:01.0574 0x0a9c ============================================================
15:51:01.0574 0x0a9c \Device\Harddisk0\DR0:
15:51:01.0574 0x0a9c MBR partitions:
15:51:01.0574 0x0a9c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:51:01.0574 0x0a9c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7738A000
15:51:01.0574 0x0a9c ============================================================
15:51:01.0575 0x0a9c C: <-> \Device\Harddisk0\DR0\Partition2
15:51:01.0575 0x0a9c ============================================================
15:51:01.0576 0x0a9c Initialize success
15:51:01.0576 0x0a9c ============================================================
15:51:07.0320 0x0aa4 ============================================================
15:51:07.0320 0x0aa4 Scan started
15:51:07.0320 0x0aa4 Mode: Manual;
15:51:07.0320 0x0aa4 ============================================================
15:51:07.0320 0x0aa4 KSN ping started
15:51:10.0046 0x0aa4 KSN ping finished: true
15:51:10.0780 0x0aa4 ================ Scan system memory ========================
15:51:10.0780 0x0aa4 System memory - ok
15:51:10.0781 0x0aa4 ================ Scan services =============================
15:51:10.0797 0x0aa4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:51:10.0799 0x0aa4 1394ohci - ok
15:51:10.0810 0x0aa4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:51:10.0814 0x0aa4 ACPI - ok
15:51:10.0815 0x0aa4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:51:10.0816 0x0aa4 AcpiPmi - ok
15:51:10.0828 0x0aa4 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:51:10.0830 0x0aa4 AdobeFlashPlayerUpdateSvc - ok
15:51:10.0838 0x0aa4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:51:10.0842 0x0aa4 adp94xx - ok
15:51:10.0848 0x0aa4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:51:10.0851 0x0aa4 adpahci - ok
15:51:10.0854 0x0aa4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:51:10.0856 0x0aa4 adpu320 - ok
15:51:10.0859 0x0aa4 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:51:10.0860 0x0aa4 AeLookupSvc - ok
15:51:10.0867 0x0aa4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:51:10.0871 0x0aa4 AFD - ok
15:51:10.0874 0x0aa4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:51:10.0874 0x0aa4 agp440 - ok
15:51:10.0877 0x0aa4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:51:10.0877 0x0aa4 ALG - ok
15:51:10.0879 0x0aa4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:51:10.0879 0x0aa4 aliide - ok
15:51:10.0881 0x0aa4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:51:10.0881 0x0aa4 amdide - ok
15:51:10.0883 0x0aa4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:51:10.0884 0x0aa4 AmdK8 - ok
15:51:10.0886 0x0aa4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:51:10.0886 0x0aa4 AmdPPM - ok
15:51:10.0889 0x0aa4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:51:10.0890 0x0aa4 amdsata - ok
15:51:10.0894 0x0aa4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:51:10.0895 0x0aa4 amdsbs - ok
15:51:10.0897 0x0aa4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:51:10.0897 0x0aa4 amdxata - ok
15:51:10.0912 0x0aa4 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
15:51:10.0920 0x0aa4 AntiVirMailService - ok
15:51:10.0927 0x0aa4 [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
15:51:10.0932 0x0aa4 AntiVirSchedulerService - ok
15:51:10.0939 0x0aa4 [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
15:51:10.0943 0x0aa4 AntiVirService - ok
15:51:10.0959 0x0aa4 [ D9A8EE3F4A1E604B9315B34A5AA4569E, 287BA8FA1949646E03D39F36F50C016251358A8A454EE19D249E76A723F1455E ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
15:51:10.0970 0x0aa4 AntiVirWebService - ok
15:51:10.0972 0x0aa4 [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID C:\Windows\system32\drivers\appid.sys
15:51:10.0973 0x0aa4 AppID - ok
15:51:10.0975 0x0aa4 [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:51:10.0975 0x0aa4 AppIDSvc - ok
15:51:10.0977 0x0aa4 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
15:51:10.0978 0x0aa4 Appinfo - ok
15:51:10.0981 0x0aa4 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:51:10.0982 0x0aa4 Apple Mobile Device Service - ok
15:51:10.0985 0x0aa4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:51:10.0986 0x0aa4 arc - ok
15:51:10.0988 0x0aa4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:51:10.0989 0x0aa4 arcsas - ok
15:51:10.0995 0x0aa4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:51:10.0997 0x0aa4 aspnet_state - ok
15:51:10.0999 0x0aa4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:51:10.0999 0x0aa4 AsyncMac - ok
15:51:11.0001 0x0aa4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:51:11.0001 0x0aa4 atapi - ok
15:51:11.0033 0x0aa4 [ 40734F3A5EEC4C4AC6A1FAF10B293714, 069885A5EED99E51E5D8621CF5174DCCC6C56B3F950A11C14A3A97A8DADD9D5C ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:51:11.0057 0x0aa4 athr - ok
15:51:11.0069 0x0aa4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:51:11.0075 0x0aa4 AudioEndpointBuilder - ok
15:51:11.0085 0x0aa4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:51:11.0092 0x0aa4 AudioSrv - ok
15:51:11.0095 0x0aa4 [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:51:11.0097 0x0aa4 avgntflt - ok
15:51:11.0100 0x0aa4 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:51:11.0101 0x0aa4 avipbb - ok
15:51:11.0106 0x0aa4 [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:51:11.0108 0x0aa4 Avira.ServiceHost - ok
15:51:11.0110 0x0aa4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:51:11.0110 0x0aa4 avkmgr - ok
15:51:11.0112 0x0aa4 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
15:51:11.0113 0x0aa4 avnetflt - ok
15:51:11.0115 0x0aa4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:51:11.0117 0x0aa4 AxInstSV - ok
15:51:11.0123 0x0aa4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:51:11.0127 0x0aa4 b06bdrv - ok
15:51:11.0132 0x0aa4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:51:11.0135 0x0aa4 b57nd60a - ok
15:51:11.0138 0x0aa4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:51:11.0139 0x0aa4 BDESVC - ok
15:51:11.0140 0x0aa4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:51:11.0141 0x0aa4 Beep - ok
15:51:11.0155 0x0aa4 [ 56805606D40B1EC96AE8442E21318C13, 3CBCB50EA8D2124B5E322D38F721670B4997F5F6865D3C7D5F819B9EF9620394 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
15:51:11.0166 0x0aa4 BEService - ok
15:51:11.0176 0x0aa4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:51:11.0182 0x0aa4 BFE - ok
15:51:11.0185 0x0aa4 [ 35BAC943C9C9C501B2DB888858D41F99, 4EDA511CC7029ECB757E2B7B90903503DC649B7B5060238D6418EF4506E172A5 ] BfLwf C:\Windows\system32\DRIVERS\bflwfx64.sys
15:51:11.0186 0x0aa4 BfLwf - ok
15:51:11.0197 0x0aa4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:51:11.0205 0x0aa4 BITS - ok
15:51:11.0207 0x0aa4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:51:11.0208 0x0aa4 blbdrive - ok
15:51:11.0214 0x0aa4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:51:11.0219 0x0aa4 Bonjour Service - ok
15:51:11.0221 0x0aa4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:51:11.0222 0x0aa4 bowser - ok
15:51:11.0224 0x0aa4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:51:11.0224 0x0aa4 BrFiltLo - ok
15:51:11.0226 0x0aa4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:51:11.0226 0x0aa4 BrFiltUp - ok
15:51:11.0229 0x0aa4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:51:11.0231 0x0aa4 Browser - ok
15:51:11.0235 0x0aa4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:51:11.0238 0x0aa4 Brserid - ok
15:51:11.0240 0x0aa4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:51:11.0240 0x0aa4 BrSerWdm - ok
15:51:11.0242 0x0aa4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:51:11.0242 0x0aa4 BrUsbMdm - ok
15:51:11.0243 0x0aa4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:51:11.0244 0x0aa4 BrUsbSer - ok
15:51:11.0246 0x0aa4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:51:11.0246 0x0aa4 BTHMODEM - ok
15:51:11.0249 0x0aa4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:51:11.0250 0x0aa4 bthserv - ok
15:51:11.0267 0x0aa4 [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
15:51:11.0280 0x0aa4 c2cautoupdatesvc - ok
15:51:11.0302 0x0aa4 [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
15:51:11.0317 0x0aa4 c2cpnrsvc - ok
15:51:11.0321 0x0aa4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:51:11.0322 0x0aa4 cdfs - ok
15:51:11.0325 0x0aa4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:51:11.0326 0x0aa4 cdrom - ok
15:51:11.0329 0x0aa4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:51:11.0330 0x0aa4 CertPropSvc - ok
15:51:11.0332 0x0aa4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:51:11.0332 0x0aa4 circlass - ok
15:51:11.0338 0x0aa4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:51:11.0341 0x0aa4 CLFS - ok
15:51:11.0345 0x0aa4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:11.0346 0x0aa4 clr_optimization_v2.0.50727_32 - ok
15:51:11.0350 0x0aa4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:51:11.0351 0x0aa4 clr_optimization_v2.0.50727_64 - ok
15:51:11.0356 0x0aa4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:51:11.0359 0x0aa4 clr_optimization_v4.0.30319_32 - ok
15:51:11.0362 0x0aa4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:51:11.0364 0x0aa4 clr_optimization_v4.0.30319_64 - ok
15:51:11.0366 0x0aa4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:51:11.0366 0x0aa4 CmBatt - ok
15:51:11.0367 0x0aa4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:51:11.0368 0x0aa4 cmdide - ok
15:51:11.0374 0x0aa4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
15:51:11.0379 0x0aa4 CNG - ok
15:51:11.0381 0x0aa4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:51:11.0381 0x0aa4 Compbatt - ok
15:51:11.0383 0x0aa4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:51:11.0383 0x0aa4 CompositeBus - ok
15:51:11.0384 0x0aa4 COMSysApp - ok
15:51:11.0396 0x0aa4 [ 7C3EF8B5521499E47D2C5402031831C4, C71DD1BC87DCD34F97D809B66F6081E17D3C135E8E185DE2451484543A08D23A ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:51:11.0399 0x0aa4 cphs - ok
15:51:11.0401 0x0aa4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:51:11.0401 0x0aa4 crcdisk - ok
15:51:11.0405 0x0aa4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:51:11.0407 0x0aa4 CryptSvc - ok
15:51:11.0415 0x0aa4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:51:11.0420 0x0aa4 DcomLaunch - ok
15:51:11.0425 0x0aa4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:51:11.0428 0x0aa4 defragsvc - ok
15:51:11.0431 0x0aa4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:51:11.0432 0x0aa4 DfsC - ok
15:51:11.0437 0x0aa4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:51:11.0440 0x0aa4 Dhcp - ok
15:51:11.0457 0x0aa4 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
15:51:11.0470 0x0aa4 DiagTrack - ok
15:51:11.0473 0x0aa4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:51:11.0473 0x0aa4 discache - ok
15:51:11.0475 0x0aa4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:51:11.0476 0x0aa4 Disk - ok
15:51:11.0480 0x0aa4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:51:11.0482 0x0aa4 Dnscache - ok
15:51:11.0486 0x0aa4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:51:11.0489 0x0aa4 dot3svc - ok
15:51:11.0492 0x0aa4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:51:11.0494 0x0aa4 DPS - ok
15:51:11.0495 0x0aa4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:51:11.0495 0x0aa4 drmkaud - ok
15:51:11.0508 0x0aa4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:51:11.0517 0x0aa4 DXGKrnl - ok
15:51:11.0523 0x0aa4 [ A82585AA7B7DD775CB0FFCC2401C35E9, 0EB6D898EA260D3E60AD77AA4875C378719173D159B5945FDBBFB20E2B3C2927 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys
15:51:11.0527 0x0aa4 e1dexpress - ok
15:51:11.0530 0x0aa4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:51:11.0531 0x0aa4 EapHost - ok
15:51:11.0569 0x0aa4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:51:11.0598 0x0aa4 ebdrv - ok
15:51:11.0602 0x0aa4 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS C:\Windows\System32\lsass.exe
15:51:11.0603 0x0aa4 EFS - ok
15:51:11.0613 0x0aa4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:51:11.0619 0x0aa4 ehRecvr - ok
15:51:11.0622 0x0aa4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:51:11.0623 0x0aa4 ehSched - ok
15:51:11.0631 0x0aa4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:51:11.0636 0x0aa4 elxstor - ok
15:51:11.0637 0x0aa4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:51:11.0638 0x0aa4 ErrDev - ok
15:51:11.0645 0x0aa4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:51:11.0649 0x0aa4 EventSystem - ok
15:51:11.0652 0x0aa4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:51:11.0654 0x0aa4 exfat - ok
15:51:11.0658 0x0aa4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:51:11.0660 0x0aa4 fastfat - ok
15:51:11.0669 0x0aa4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:51:11.0676 0x0aa4 Fax - ok
15:51:11.0678 0x0aa4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:51:11.0678 0x0aa4 fdc - ok
15:51:11.0679 0x0aa4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:51:11.0680 0x0aa4 fdPHost - ok
15:51:11.0682 0x0aa4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:51:11.0682 0x0aa4 FDResPub - ok
15:51:11.0684 0x0aa4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:51:11.0685 0x0aa4 FileInfo - ok
15:51:11.0687 0x0aa4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:51:11.0688 0x0aa4 Filetrace - ok
15:51:11.0689 0x0aa4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:51:11.0689 0x0aa4 flpydisk - ok
15:51:11.0694 0x0aa4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:51:11.0697 0x0aa4 FltMgr - ok
15:51:11.0711 0x0aa4 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
15:51:11.0722 0x0aa4 FontCache - ok
15:51:11.0725 0x0aa4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:51:11.0726 0x0aa4 FontCache3.0.0.0 - ok
15:51:11.0728 0x0aa4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:51:11.0728 0x0aa4 FsDepends - ok
15:51:11.0730 0x0aa4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:51:11.0731 0x0aa4 Fs_Rec - ok
15:51:11.0735 0x0aa4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:51:11.0737 0x0aa4 fvevol - ok
15:51:11.0739 0x0aa4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:51:11.0740 0x0aa4 gagp30kx - ok
15:51:11.0741 0x0aa4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:51:11.0742 0x0aa4 GEARAspiWDM - ok
15:51:11.0757 0x0aa4 [ 4B015AACA104091DF767273653B1B883, 7141B30D54F7DFE2B4718FB2EBAC7FA407D9BEA1D00F664C0278AC7E3B716A67 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:51:11.0767 0x0aa4 GfExperienceService - ok
15:51:11.0778 0x0aa4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:51:11.0786 0x0aa4 gpsvc - ok
15:51:11.0790 0x0aa4 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:51:11.0791 0x0aa4 gupdate - ok
15:51:11.0794 0x0aa4 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:51:11.0796 0x0aa4 gupdatem - ok
15:51:11.0797 0x0aa4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:51:11.0798 0x0aa4 hcw85cir - ok
15:51:11.0803 0x0aa4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:51:11.0806 0x0aa4 HdAudAddService - ok
15:51:11.0809 0x0aa4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:51:11.0810 0x0aa4 HDAudBus - ok
15:51:11.0812 0x0aa4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:51:11.0812 0x0aa4 HidBatt - ok
15:51:11.0814 0x0aa4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:51:11.0815 0x0aa4 HidBth - ok
15:51:11.0817 0x0aa4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:51:11.0818 0x0aa4 HidIr - ok
15:51:11.0820 0x0aa4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:51:11.0820 0x0aa4 hidserv - ok
15:51:11.0822 0x0aa4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:51:11.0822 0x0aa4 HidUsb - ok
15:51:11.0824 0x0aa4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:51:11.0826 0x0aa4 hkmsvc - ok
15:51:11.0830 0x0aa4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:51:11.0832 0x0aa4 HomeGroupListener - ok
15:51:11.0836 0x0aa4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:51:11.0838 0x0aa4 HomeGroupProvider - ok
15:51:11.0840 0x0aa4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:51:11.0841 0x0aa4 HpSAMD - ok
15:51:11.0851 0x0aa4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:51:11.0858 0x0aa4 HTTP - ok
15:51:11.0860 0x0aa4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:51:11.0861 0x0aa4 hwpolicy - ok
15:51:11.0863 0x0aa4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:51:11.0864 0x0aa4 i8042prt - ok
15:51:11.0882 0x0aa4 [ 9E47BCE5F240C13331A493E156270589, 21BCBB18CAD5BC5CED3A8D9C3868D4AB4B781A2F8E40A49AABFD4AC8DC2FBC9F ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
15:51:11.0894 0x0aa4 iaStorA - ok
15:51:11.0897 0x0aa4 [ 2FAE62EA1F9516603FE399B0340BC68B, BB534D8209566D7F44C034AF62439EB764875BB138FE5C6C5DA86EDC6203B077 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:51:11.0898 0x0aa4 IAStorDataMgrSvc - ok
15:51:11.0899 0x0aa4 [ 9ADE730DBDC336D4DED0C70AC720994E, F36353CE4C136B97F4A478AB08845BE00377BA10A42F480C651B96CDB0D2094F ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
15:51:11.0900 0x0aa4 iaStorF - ok
15:51:11.0906 0x0aa4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:51:11.0910 0x0aa4 iaStorV - ok
15:51:11.0922 0x0aa4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:51:11.0930 0x0aa4 idsvc - ok
15:51:11.0987 0x0aa4 [ C5E23116B13704940651AD1694B1A37D, 2FF3E2D16799B0D896E1CE9AB22637FF290CD9D03EBE773EBC2C23281A9C6F8C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:51:12.0030 0x0aa4 igfx - ok
15:51:12.0039 0x0aa4 [ F5BBF0F3A5F2FE6B292038132D483A25, C4E3BF543E5F83A56FC6BD48A54191592F242EF64DFD7F5277E13BDD66554B4C ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
15:51:12.0042 0x0aa4 igfxCUIService1.0.0.0 - ok
15:51:12.0044 0x0aa4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:51:12.0044 0x0aa4 iirsp - ok
15:51:12.0056 0x0aa4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:51:12.0064 0x0aa4 IKEEXT - ok
15:51:12.0077 0x0aa4 [ 5E7F2CE9E9BF48521298D1C6729145C5, 0FD2350D5A26EDEA4F83F2E3D22FD0047AEA4623096C6FF7A70F8248B185FBC8 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:51:12.0085 0x0aa4 Intel(R) Capability Licensing Service TCP IP Interface - ok
15:51:12.0090 0x0aa4 [ 27A82EC9FD1CA4A5526A61828D2053AB, 863E0650BCD4F112A1B187D6B5770C8E4F5322B7E1CBD12DC790B46F0EF75D11 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
15:51:12.0092 0x0aa4 Intel(R) PROSet Monitoring Service - ok
15:51:12.0094 0x0aa4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:51:12.0094 0x0aa4 intelide - ok
15:51:12.0096 0x0aa4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:51:12.0097 0x0aa4 intelppm - ok
15:51:12.0100 0x0aa4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:51:12.0101 0x0aa4 IPBusEnum - ok
15:51:12.0103 0x0aa4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:51:12.0104 0x0aa4 IpFilterDriver - ok
15:51:12.0112 0x0aa4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:51:12.0118 0x0aa4 iphlpsvc - ok
15:51:12.0120 0x0aa4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:51:12.0121 0x0aa4 IPMIDRV - ok
15:51:12.0124 0x0aa4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:51:12.0125 0x0aa4 IPNAT - ok
15:51:12.0134 0x0aa4 [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:51:12.0140 0x0aa4 iPod Service - ok
15:51:12.0142 0x0aa4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:51:12.0142 0x0aa4 IRENUM - ok
15:51:12.0144 0x0aa4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:51:12.0144 0x0aa4 isapnp - ok
15:51:12.0149 0x0aa4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:51:12.0152 0x0aa4 iScsiPrt - ok
15:51:12.0154 0x0aa4 [ 487DD6972C62E3997DAE859C65E49BC4, 9DB73DFFB447A02A4661B4F98B65AAB9E24AB3A95A1DBFA6A7FACC8A763919F2 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:51:12.0154 0x0aa4 iusb3hcs - ok
15:51:12.0160 0x0aa4 [ 49A1C5EB879FB54A16BFCBA90C55B261, 14DDF2178DF5869244A43394F995F704753F51AF196B5B400DEC33B0282C8A42 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
15:51:12.0163 0x0aa4 iusb3hub - ok
15:51:12.0174 0x0aa4 [ 30036C8A4FC1B4833CE1E3868E109EB9, A2E6A7DF284BE79FC785CEAA91BE71B79562D908E7D74FB745DA59F04B0FF51F ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:51:12.0181 0x0aa4 iusb3xhc - ok
15:51:12.0185 0x0aa4 [ 1C3EF75B521DB60E951711440648B0D5, 95F594ADB6CCDE5CB7E0601B90A611D3A39485419D078CEB6DB84FFC0AC7E6A7 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:51:12.0187 0x0aa4 jhi_service - ok
15:51:12.0189 0x0aa4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:51:12.0190 0x0aa4 kbdclass - ok
15:51:12.0191 0x0aa4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:51:12.0192 0x0aa4 kbdhid - ok
15:51:12.0195 0x0aa4 [ 819433A6CFC8771F0A2B0BB8EF6125B1, 37BE3545E3782CFA56F1A890B389CDF37C48F177CEE3EF23F4FDDF3D2A094DD3 ] Ke2200 C:\Windows\system32\DRIVERS\e22w7x64.sys
15:51:12.0196 0x0aa4 Ke2200 - ok
15:51:12.0198 0x0aa4 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso C:\Windows\system32\lsass.exe
15:51:12.0199 0x0aa4 KeyIso - ok
15:51:12.0201 0x0aa4 [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:51:12.0202 0x0aa4 KSecDD - ok
15:51:12.0205 0x0aa4 [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:51:12.0207 0x0aa4 KSecPkg - ok
15:51:12.0209 0x0aa4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:51:12.0209 0x0aa4 ksthunk - ok
15:51:12.0215 0x0aa4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:51:12.0219 0x0aa4 KtmRm - ok
15:51:12.0223 0x0aa4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:51:12.0226 0x0aa4 LanmanServer - ok
15:51:12.0229 0x0aa4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:51:12.0230 0x0aa4 LanmanWorkstation - ok
15:51:12.0233 0x0aa4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:51:12.0234 0x0aa4 lltdio - ok
15:51:12.0240 0x0aa4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:51:12.0243 0x0aa4 lltdsvc - ok
15:51:12.0245 0x0aa4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:51:12.0246 0x0aa4 lmhosts - ok
15:51:12.0252 0x0aa4 [ 631ABC3E8FF50F9B70B9A52568B1F5F6, 9F3286C95A2D2BFA0D7082F648E2FBBA339C06188F950AE1FE3A797B644AD813 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:51:12.0255 0x0aa4 LMS - ok
15:51:12.0259 0x0aa4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:51:12.0260 0x0aa4 LSI_FC - ok
15:51:12.0263 0x0aa4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:51:12.0264 0x0aa4 LSI_SAS - ok
15:51:12.0266 0x0aa4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:51:12.0267 0x0aa4 LSI_SAS2 - ok
15:51:12.0269 0x0aa4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:51:12.0270 0x0aa4 LSI_SCSI - ok
15:51:12.0273 0x0aa4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:51:12.0274 0x0aa4 luafv - ok
15:51:12.0277 0x0aa4 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:51:12.0277 0x0aa4 MBAMProtector - ok
15:51:12.0300 0x0aa4 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
15:51:12.0317 0x0aa4 MBAMScheduler - ok
15:51:12.0332 0x0aa4 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:51:12.0342 0x0aa4 MBAMService - ok
15:51:12.0346 0x0aa4 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:51:12.0347 0x0aa4 MBAMSwissArmy - ok
15:51:12.0349 0x0aa4 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:51:12.0350 0x0aa4 MBAMWebAccessControl - ok
15:51:12.0352 0x0aa4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:51:12.0353 0x0aa4 Mcx2Svc - ok
15:51:12.0355 0x0aa4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:51:12.0355 0x0aa4 megasas - ok
15:51:12.0360 0x0aa4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:51:12.0363 0x0aa4 MegaSR - ok
15:51:12.0365 0x0aa4 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
15:51:12.0367 0x0aa4 MEIx64 - ok
15:51:12.0369 0x0aa4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:51:12.0370 0x0aa4 MMCSS - ok
15:51:12.0371 0x0aa4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:51:12.0372 0x0aa4 Modem - ok
15:51:12.0374 0x0aa4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:51:12.0374 0x0aa4 monitor - ok
15:51:12.0376 0x0aa4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:51:12.0376 0x0aa4 mouclass - ok
15:51:12.0378 0x0aa4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:51:12.0379 0x0aa4 mouhid - ok
15:51:12.0382 0x0aa4 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:51:12.0383 0x0aa4 mountmgr - ok
15:51:12.0386 0x0aa4 [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:51:12.0387 0x0aa4 MozillaMaintenance - ok
15:51:12.0391 0x0aa4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:51:12.0392 0x0aa4 mpio - ok
15:51:12.0394 0x0aa4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:51:12.0395 0x0aa4 mpsdrv - ok
15:51:12.0406 0x0aa4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:51:12.0414 0x0aa4 MpsSvc - ok
15:51:12.0417 0x0aa4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:51:12.0419 0x0aa4 MRxDAV - ok
15:51:12.0422 0x0aa4 [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:51:12.0424 0x0aa4 mrxsmb - ok
15:51:12.0428 0x0aa4 [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:51:12.0431 0x0aa4 mrxsmb10 - ok
15:51:12.0434 0x0aa4 [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:51:12.0436 0x0aa4 mrxsmb20 - ok
15:51:12.0437 0x0aa4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:51:12.0438 0x0aa4 msahci - ok
15:51:12.0441 0x0aa4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:51:12.0442 0x0aa4 msdsm - ok
15:51:12.0445 0x0aa4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:51:12.0447 0x0aa4 MSDTC - ok
15:51:12.0450 0x0aa4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:51:12.0450 0x0aa4 Msfs - ok
15:51:12.0452 0x0aa4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:51:12.0452 0x0aa4 mshidkmdf - ok
15:51:12.0453 0x0aa4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:51:12.0454 0x0aa4 msisadrv - ok
15:51:12.0457 0x0aa4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:51:12.0458 0x0aa4 MSiSCSI - ok
15:51:12.0460 0x0aa4 msiserver - ok
15:51:12.0461 0x0aa4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:51:12.0462 0x0aa4 MSKSSRV - ok
15:51:12.0463 0x0aa4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:51:12.0463 0x0aa4 MSPCLOCK - ok
15:51:12.0464 0x0aa4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:51:12.0465 0x0aa4 MSPQM - ok
15:51:12.0470 0x0aa4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:51:12.0475 0x0aa4 MsRPC - ok
15:51:12.0478 0x0aa4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:51:12.0478 0x0aa4 mssmbios - ok
15:51:12.0479 0x0aa4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:51:12.0480 0x0aa4 MSTEE - ok
15:51:12.0481 0x0aa4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:51:12.0481 0x0aa4 MTConfig - ok
15:51:12.0483 0x0aa4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:51:12.0484 0x0aa4 Mup - ok
15:51:12.0491 0x0aa4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:51:12.0496 0x0aa4 napagent - ok
15:51:12.0501 0x0aa4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:51:12.0504 0x0aa4 NativeWifiP - ok
15:51:12.0517 0x0aa4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:51:12.0526 0x0aa4 NDIS - ok
15:51:12.0528 0x0aa4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:51:12.0528 0x0aa4 NdisCap - ok
15:51:12.0530 0x0aa4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:51:12.0530 0x0aa4 NdisTapi - ok
15:51:12.0532 0x0aa4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:51:12.0533 0x0aa4 Ndisuio - ok
15:51:12.0536 0x0aa4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:51:12.0538 0x0aa4 NdisWan - ok
15:51:12.0540 0x0aa4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:51:12.0541 0x0aa4 NDProxy - ok
15:51:12.0543 0x0aa4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:51:12.0543 0x0aa4 NetBIOS - ok
15:51:12.0547 0x0aa4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:51:12.0550 0x0aa4 NetBT - ok
15:51:12.0552 0x0aa4 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon C:\Windows\system32\lsass.exe
15:51:12.0552 0x0aa4 Netlogon - ok
15:51:12.0558 0x0aa4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:51:12.0561 0x0aa4 Netman - ok
15:51:12.0568 0x0aa4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:12.0569 0x0aa4 NetMsmqActivator - ok
15:51:12.0572 0x0aa4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:12.0573 0x0aa4 NetPipeActivator - ok
15:51:12.0580 0x0aa4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:51:12.0585 0x0aa4 netprofm - ok
15:51:12.0587 0x0aa4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:12.0589 0x0aa4 NetTcpActivator - ok
15:51:12.0591 0x0aa4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:12.0593 0x0aa4 NetTcpPortSharing - ok
15:51:12.0595 0x0aa4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:51:12.0595 0x0aa4 nfrd960 - ok
15:51:12.0600 0x0aa4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:51:12.0603 0x0aa4 NlaSvc - ok
15:51:12.0605 0x0aa4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:51:12.0606 0x0aa4 Npfs - ok
15:51:12.0608 0x0aa4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:51:12.0609 0x0aa4 nsi - ok
15:51:12.0610 0x0aa4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:51:12.0611 0x0aa4 nsiproxy - ok
15:51:12.0632 0x0aa4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:51:12.0651 0x0aa4 Ntfs - ok
15:51:12.0653 0x0aa4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:51:12.0653 0x0aa4 Null - ok
15:51:12.0656 0x0aa4 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
15:51:12.0656 0x0aa4 nusb3hub - ok
15:51:12.0660 0x0aa4 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
15:51:12.0662 0x0aa4 nusb3xhc - ok
15:51:12.0666 0x0aa4 [ 14B5D48DC0220A6E5E4A757B6E082060, 5B506C14291AEDF1A6AF2191B28B23F3FE15B72D268D3CCA61655652B149C5E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:51:12.0668 0x0aa4 NVHDA - ok
15:51:12.0793 0x0aa4 [ 9D411EBA92A9C28E36059AC75049BCC2, 8FCADB4B2F2B200598C9E27D4BA6A32D356B726CAF34B761C95F6E5353284AF0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:51:12.0892 0x0aa4 nvlddmkm - ok
15:51:12.0922 0x0aa4 [ FF23D09C29FBC3AC854692CE4535EBC0, A309606A7DD6771E505532E56C77EA94BCC34C6A485C083B2C259F152A50666D ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:51:12.0939 0x0aa4 NvNetworkService - ok
15:51:12.0943 0x0aa4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:51:12.0945 0x0aa4 nvraid - ok
15:51:12.0948 0x0aa4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:51:12.0950 0x0aa4 nvstor - ok
15:51:12.0951 0x0aa4 [ 6DB62AA6DF3CAA4E2D9DBEBD0D554035, 5C4A61E605F703468132AC0EB4B8058C8FE328D1C8A7919E2B1CC564F2FD7003 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:51:12.0952 0x0aa4 NvStreamKms - ok
15:51:13.0014 0x0aa4 [ 30524DD64CF6E47D093FAF5DD22BEB4D, F929FF5C6089709EEE02A3971D571C7F391F89622833DB79984D99D115656DC3 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
15:51:13.0063 0x0aa4 NvStreamSvc - ok
15:51:13.0079 0x0aa4 [ 1BC6175DAFB0BFEAF8C927F109F912BF, EDEAC4AD10518FEDA9E827E60B840F8CBD2E22CC796E798941A8C64268115224 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:51:13.0088 0x0aa4 nvsvc - ok
15:51:13.0091 0x0aa4 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:51:13.0091 0x0aa4 nvvad_WaveExtensible - ok
15:51:13.0094 0x0aa4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:51:13.0095 0x0aa4 nv_agp - ok
15:51:13.0097 0x0aa4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:51:13.0098 0x0aa4 ohci1394 - ok
15:51:13.0122 0x0aa4 [ FCE83ABDE761C87D17EA65960455F0E5, E59C13E26845FE0537AEBF0E4A9DC0AF3E6DF55C7A54247FC8078AC5DE666AD4 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:51:13.0140 0x0aa4 Origin Client Service - ok
15:51:13.0147 0x0aa4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:51:13.0150 0x0aa4 p2pimsvc - ok
15:51:13.0157 0x0aa4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:51:13.0162 0x0aa4 p2psvc - ok
15:51:13.0164 0x0aa4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:51:13.0165 0x0aa4 Parport - ok
15:51:13.0168 0x0aa4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:51:13.0169 0x0aa4 partmgr - ok
15:51:13.0172 0x0aa4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:51:13.0174 0x0aa4 PcaSvc - ok
15:51:13.0178 0x0aa4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:51:13.0180 0x0aa4 pci - ok
15:51:13.0181 0x0aa4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:51:13.0182 0x0aa4 pciide - ok
15:51:13.0186 0x0aa4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:51:13.0188 0x0aa4 pcmcia - ok
15:51:13.0190 0x0aa4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:51:13.0191 0x0aa4 pcw - ok
15:51:13.0200 0x0aa4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:51:13.0206 0x0aa4 PEAUTH - ok
15:51:13.0216 0x0aa4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:51:13.0217 0x0aa4 PerfHost - ok
15:51:13.0236 0x0aa4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:51:13.0249 0x0aa4 pla - ok
15:51:13.0256 0x0aa4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:51:13.0260 0x0aa4 PlugPlay - ok
15:51:13.0262 0x0aa4 PnkBstrA - ok
15:51:13.0264 0x0aa4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:51:13.0264 0x0aa4 PNRPAutoReg - ok
15:51:13.0270 0x0aa4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:51:13.0273 0x0aa4 PNRPsvc - ok
15:51:13.0280 0x0aa4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:51:13.0285 0x0aa4 PolicyAgent - ok
15:51:13.0290 0x0aa4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:51:13.0292 0x0aa4 Power - ok
15:51:13.0295 0x0aa4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:51:13.0296 0x0aa4 PptpMiniport - ok
15:51:13.0298 0x0aa4 [ 9EF7419948DA708D0F570C8A61C28783, 0C932CAAF1D63C6A23C06AA9280DDD97F6304B92715B15CC0E3400EF1385589B ] prio_svc C:\Program Files\Prio\prio_svc.exe
15:51:13.0298 0x0aa4 prio_svc - ok
15:51:13.0300 0x0aa4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:51:13.0301 0x0aa4 Processor - ok
15:51:13.0305 0x0aa4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:51:13.0307 0x0aa4 ProfSvc - ok
15:51:13.0309 0x0aa4 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:51:13.0310 0x0aa4 ProtectedStorage - ok
15:51:13.0312 0x0aa4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:51:13.0314 0x0aa4 Psched - ok
15:51:13.0333 0x0aa4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:51:13.0346 0x0aa4 ql2300 - ok
15:51:13.0350 0x0aa4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:51:13.0351 0x0aa4 ql40xx - ok
15:51:13.0357 0x0aa4 [ 86D9A906B8467AE1E331296AFE0F083F, 01B332F0A291C64EB537D17E8B971D0157C72606F9396BAAF2C4479519E26353 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
15:51:13.0360 0x0aa4 Qualcomm Atheros Killer Service V2 - ok
15:51:13.0365 0x0aa4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:51:13.0368 0x0aa4 QWAVE - ok
15:51:13.0369 0x0aa4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:51:13.0370 0x0aa4 QWAVEdrv - ok
15:51:13.0372 0x0aa4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:51:13.0372 0x0aa4 RasAcd - ok
15:51:13.0374 0x0aa4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:51:13.0375 0x0aa4 RasAgileVpn - ok
15:51:13.0377 0x0aa4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:51:13.0379 0x0aa4 RasAuto - ok
15:51:13.0382 0x0aa4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:51:13.0383 0x0aa4 Rasl2tp - ok
15:51:13.0388 0x0aa4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:51:13.0392 0x0aa4 RasMan - ok
15:51:13.0394 0x0aa4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:51:13.0395 0x0aa4 RasPppoe - ok
15:51:13.0398 0x0aa4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:51:13.0399 0x0aa4 RasSstp - ok
15:51:13.0404 0x0aa4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:51:13.0407 0x0aa4 rdbss - ok
15:51:13.0408 0x0aa4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:51:13.0409 0x0aa4 rdpbus - ok
15:51:13.0410 0x0aa4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:51:13.0411 0x0aa4 RDPCDD - ok
15:51:13.0413 0x0aa4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:51:13.0413 0x0aa4 RDPENCDD - ok
15:51:13.0415 0x0aa4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:51:13.0415 0x0aa4 RDPREFMP - ok
15:51:13.0418 0x0aa4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:51:13.0418 0x0aa4 RdpVideoMiniport - ok
15:51:13.0422 0x0aa4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:51:13.0425 0x0aa4 RDPWD - ok
15:51:13.0429 0x0aa4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:51:13.0431 0x0aa4 rdyboost - ok
15:51:13.0433 0x0aa4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:51:13.0435 0x0aa4 RemoteAccess - ok
15:51:13.0438 0x0aa4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:51:13.0440 0x0aa4 RemoteRegistry - ok
15:51:13.0442 0x0aa4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:51:13.0443 0x0aa4 RpcEptMapper - ok
15:51:13.0445 0x0aa4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:51:13.0445 0x0aa4 RpcLocator - ok
15:51:13.0452 0x0aa4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:51:13.0457 0x0aa4 RpcSs - ok
15:51:13.0460 0x0aa4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:51:13.0461 0x0aa4 rspndr - ok
15:51:13.0462 0x0aa4 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs C:\Windows\system32\lsass.exe
15:51:13.0463 0x0aa4 SamSs - ok
15:51:13.0466 0x0aa4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:51:13.0467 0x0aa4 sbp2port - ok
15:51:13.0470 0x0aa4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:51:13.0473 0x0aa4 SCardSvr - ok
15:51:13.0474 0x0aa4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:51:13.0475 0x0aa4 scfilter - ok
15:51:13.0489 0x0aa4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
15:51:13.0499 0x0aa4 Schedule - ok
15:51:13.0502 0x0aa4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:51:13.0503 0x0aa4 SCPolicySvc - ok
15:51:13.0507 0x0aa4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:51:13.0509 0x0aa4 SDRSVC - ok
15:51:13.0510 0x0aa4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:51:13.0511 0x0aa4 secdrv - ok
15:51:13.0513 0x0aa4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:51:13.0514 0x0aa4 seclogon - ok
15:51:13.0516 0x0aa4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:51:13.0517 0x0aa4 SENS - ok
15:51:13.0519 0x0aa4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:51:13.0520 0x0aa4 SensrSvc - ok
15:51:13.0521 0x0aa4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:51:13.0521 0x0aa4 Serenum - ok
15:51:13.0524 0x0aa4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:51:13.0525 0x0aa4 Serial - ok
15:51:13.0526 0x0aa4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:51:13.0527 0x0aa4 sermouse - ok
15:51:13.0531 0x0aa4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:51:13.0533 0x0aa4 SessionEnv - ok
15:51:13.0534 0x0aa4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:51:13.0535 0x0aa4 sffdisk - ok
15:51:13.0536 0x0aa4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:51:13.0536 0x0aa4 sffp_mmc - ok
15:51:13.0538 0x0aa4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:51:13.0538 0x0aa4 sffp_sd - ok
15:51:13.0540 0x0aa4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:51:13.0540 0x0aa4 sfloppy - ok
15:51:13.0545 0x0aa4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:51:13.0549 0x0aa4 SharedAccess - ok
15:51:13.0555 0x0aa4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:51:13.0559 0x0aa4 ShellHWDetection - ok
15:51:13.0561 0x0aa4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:51:13.0561 0x0aa4 SiSRaid2 - ok
15:51:13.0563 0x0aa4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:51:13.0564 0x0aa4 SiSRaid4 - ok
15:51:13.0570 0x0aa4 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:51:13.0573 0x0aa4 SkypeUpdate - ok
15:51:13.0575 0x0aa4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:51:13.0576 0x0aa4 Smb - ok
15:51:13.0579 0x0aa4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:51:13.0579 0x0aa4 SNMPTRAP - ok
15:51:13.0581 0x0aa4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:51:13.0582 0x0aa4 spldr - ok
15:51:13.0589 0x0aa4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:51:13.0595 0x0aa4 Spooler - ok
15:51:13.0636 0x0aa4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:51:13.0668 0x0aa4 sppsvc - ok
15:51:13.0673 0x0aa4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:51:13.0674 0x0aa4 sppuinotify - ok
15:51:13.0680 0x0aa4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:51:13.0685 0x0aa4 srv - ok
15:51:13.0691 0x0aa4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:51:13.0695 0x0aa4 srv2 - ok
15:51:13.0698 0x0aa4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:51:13.0700 0x0aa4 srvnet - ok
15:51:13.0704 0x0aa4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:51:13.0706 0x0aa4 SSDPSRV - ok
15:51:13.0708 0x0aa4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:51:13.0710 0x0aa4 SstpSvc - ok
15:51:13.0720 0x0aa4 [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:51:13.0728 0x0aa4 Steam Client Service - ok
15:51:13.0735 0x0aa4 [ 0E952C9DDE28962922CCDEFA0BF8C425, 41AEA8777DDDE907E94B69A0D03D4EAD4983DB1B798CB01A77E4D8E57CA4A9AD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:51:13.0739 0x0aa4 Stereo Service - ok
15:51:13.0741 0x0aa4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:51:13.0741 0x0aa4 stexstor - ok
15:51:13.0749 0x0aa4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:51:13.0755 0x0aa4 stisvc - ok
15:51:13.0788 0x0aa4 [ EDD288D69C3F9739832F162F28532781, 2B041F4CDC07776F6104B749985E5FDB30F29C506A30B3306F102E82380A8A3E ] STXIIService C:\Windows\system32\drivers\STXII.sys
15:51:13.0812 0x0aa4 STXIIService - ok
15:51:13.0815 0x0aa4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:51:13.0815 0x0aa4 swenum - ok
15:51:13.0822 0x0aa4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:51:13.0828 0x0aa4 swprv - ok
15:51:13.0849 0x0aa4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
15:51:13.0865 0x0aa4 SysMain - ok
15:51:13.0868 0x0aa4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:51:13.0870 0x0aa4 TabletInputService - ok
15:51:13.0871 0x0aa4 [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
15:51:13.0872 0x0aa4 tap0901 - ok
15:51:13.0877 0x0aa4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:51:13.0880 0x0aa4 TapiSrv - ok
15:51:13.0882 0x0aa4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:51:13.0883 0x0aa4 TBS - ok
15:51:13.0906 0x0aa4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:51:13.0923 0x0aa4 Tcpip - ok
15:51:13.0946 0x0aa4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:51:13.0964 0x0aa4 TCPIP6 - ok
15:51:13.0967 0x0aa4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:51:13.0968 0x0aa4 tcpipreg - ok
15:51:13.0970 0x0aa4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:51:13.0971 0x0aa4 TDPIPE - ok
15:51:13.0972 0x0aa4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:51:13.0973 0x0aa4 TDTCP - ok
15:51:13.0975 0x0aa4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:51:13.0977 0x0aa4 tdx - ok
15:51:14.0047 0x0aa4 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
15:51:14.0098 0x0aa4 TeamViewer - ok
15:51:14.0104 0x0aa4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:51:14.0105 0x0aa4 TermDD - ok
15:51:14.0114 0x0aa4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:51:14.0121 0x0aa4 TermService - ok
15:51:14.0123 0x0aa4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:51:14.0124 0x0aa4 Themes - ok
15:51:14.0127 0x0aa4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:51:14.0128 0x0aa4 THREADORDER - ok
15:51:14.0130 0x0aa4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:51:14.0132 0x0aa4 TrkWks - ok
15:51:14.0135 0x0aa4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:51:14.0137 0x0aa4 TrustedInstaller - ok
15:51:14.0140 0x0aa4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:51:14.0140 0x0aa4 tssecsrv - ok
15:51:14.0142 0x0aa4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:51:14.0143 0x0aa4 TsUsbFlt - ok
15:51:14.0145 0x0aa4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:51:14.0145 0x0aa4 TsUsbGD - ok
15:51:14.0148 0x0aa4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:51:14.0149 0x0aa4 tunnel - ok
15:51:14.0151 0x0aa4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:51:14.0152 0x0aa4 uagp35 - ok
15:51:14.0157 0x0aa4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:51:14.0160 0x0aa4 udfs - ok
15:51:14.0163 0x0aa4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:51:14.0164 0x0aa4 UI0Detect - ok
15:51:14.0166 0x0aa4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:51:14.0167 0x0aa4 uliagpkx - ok
15:51:14.0169 0x0aa4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:51:14.0169 0x0aa4 umbus - ok
15:51:14.0171 0x0aa4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:51:14.0171 0x0aa4 UmPass - ok
15:51:14.0177 0x0aa4 [ 37567E01AC541BD72DAF6260F7E82216, 26C96B349A57A1C0264FD95AB2D4BE6FFAD1A845FEFEAD52AF606669BFBF8108 ] Update service C:\Program Files (x86)\Popcorn Time\Updater.exe
15:51:14.0180 0x0aa4 Update service - ok
15:51:14.0186 0x0aa4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:51:14.0190 0x0aa4 upnphost - ok
15:51:14.0192 0x0aa4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:51:14.0193 0x0aa4 usbccgp - ok
15:51:14.0196 0x0aa4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:51:14.0197 0x0aa4 usbcir - ok
15:51:14.0199 0x0aa4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:51:14.0199 0x0aa4 usbehci - ok
15:51:14.0205 0x0aa4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:51:14.0208 0x0aa4 usbhub - ok
15:51:14.0210 0x0aa4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:51:14.0210 0x0aa4 usbohci - ok
15:51:14.0212 0x0aa4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:51:14.0212 0x0aa4 usbprint - ok
15:51:14.0214 0x0aa4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
15:51:14.0215 0x0aa4 USBSTOR - ok
15:51:14.0217 0x0aa4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:51:14.0218 0x0aa4 usbuhci - ok
15:51:14.0219 0x0aa4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:51:14.0220 0x0aa4 UxSms - ok
15:51:14.0222 0x0aa4 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc C:\Windows\system32\lsass.exe
15:51:14.0223 0x0aa4 VaultSvc - ok
15:51:14.0224 0x0aa4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:51:14.0225 0x0aa4 vdrvroot - ok
15:51:14.0233 0x0aa4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:51:14.0238 0x0aa4 vds - ok
15:51:14.0241 0x0aa4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:51:14.0241 0x0aa4 vga - ok
15:51:14.0243 0x0aa4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:51:14.0243 0x0aa4 VgaSave - ok
15:51:14.0247 0x0aa4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:51:14.0249 0x0aa4 vhdmp - ok
15:51:14.0251 0x0aa4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:51:14.0251 0x0aa4 viaide - ok
15:51:14.0253 0x0aa4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:51:14.0254 0x0aa4 volmgr - ok
15:51:14.0259 0x0aa4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:51:14.0263 0x0aa4 volmgrx - ok
15:51:14.0268 0x0aa4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:51:14.0271 0x0aa4 volsnap - ok
15:51:14.0274 0x0aa4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:51:14.0276 0x0aa4 vsmraid - ok
15:51:14.0295 0x0aa4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:51:14.0310 0x0aa4 VSS - ok
15:51:14.0313 0x0aa4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:51:14.0313 0x0aa4 vwifibus - ok
15:51:14.0315 0x0aa4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:51:14.0316 0x0aa4 vwififlt - ok
15:51:14.0322 0x0aa4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:51:14.0326 0x0aa4 W32Time - ok
15:51:14.0328 0x0aa4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:51:14.0329 0x0aa4 WacomPen - ok
15:51:14.0331 0x0aa4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:51:14.0332 0x0aa4 WANARP - ok
15:51:14.0334 0x0aa4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:51:14.0335 0x0aa4 Wanarpv6 - ok
15:51:14.0351 0x0aa4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:51:14.0363 0x0aa4 WatAdminSvc - ok
15:51:14.0383 0x0aa4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:51:14.0397 0x0aa4 wbengine - ok
15:51:14.0401 0x0aa4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:51:14.0404 0x0aa4 WbioSrvc - ok
15:51:14.0409 0x0aa4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:51:14.0413 0x0aa4 wcncsvc - ok
15:51:14.0415 0x0aa4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:51:14.0416 0x0aa4 WcsPlugInService - ok
15:51:14.0418 0x0aa4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:51:14.0418 0x0aa4 Wd - ok
15:51:14.0428 0x0aa4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:51:14.0436 0x0aa4 Wdf01000 - ok
15:51:14.0438 0x0aa4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:51:14.0440 0x0aa4 WdiServiceHost - ok
15:51:14.0442 0x0aa4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:51:14.0443 0x0aa4 WdiSystemHost - ok
15:51:14.0447 0x0aa4 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
15:51:14.0450 0x0aa4 WebClient - ok
15:51:14.0455 0x0aa4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:51:14.0457 0x0aa4 Wecsvc - ok
15:51:14.0460 0x0aa4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:51:14.0461 0x0aa4 wercplsupport - ok
15:51:14.0464 0x0aa4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:51:14.0466 0x0aa4 WerSvc - ok
15:51:14.0467 0x0aa4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:51:14.0468 0x0aa4 WfpLwf - ok
15:51:14.0469 0x0aa4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:51:14.0469 0x0aa4 WIMMount - ok
15:51:14.0471 0x0aa4 WinDefend - ok
15:51:14.0473 0x0aa4 WinHttpAutoProxySvc - ok
15:51:14.0479 0x0aa4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:51:14.0482 0x0aa4 Winmgmt - ok
15:51:14.0507 0x0aa4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
15:51:14.0525 0x0aa4 WinRM - ok
15:51:14.0539 0x0aa4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:51:14.0548 0x0aa4 Wlansvc - ok
15:51:14.0550 0x0aa4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:51:14.0550 0x0aa4 WmiAcpi - ok
15:51:14.0555 0x0aa4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:51:14.0557 0x0aa4 wmiApSrv - ok
15:51:14.0558 0x0aa4 WMPNetworkSvc - ok
15:51:14.0560 0x0aa4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:51:14.0560 0x0aa4 WPCSvc - ok
15:51:14.0563 0x0aa4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:51:14.0565 0x0aa4 WPDBusEnum - ok
15:51:14.0566 0x0aa4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:51:14.0567 0x0aa4 ws2ifsl - ok
15:51:14.0569 0x0aa4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:51:14.0571 0x0aa4 wscsvc - ok
15:51:14.0572 0x0aa4 WSearch - ok
15:51:14.0603 0x0aa4 [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv C:\Windows\system32\wuaueng.dll
15:51:14.0627 0x0aa4 wuauserv - ok
15:51:14.0631 0x0aa4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:51:14.0632 0x0aa4 WudfPf - ok
15:51:14.0635 0x0aa4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:51:14.0636 0x0aa4 wudfsvc - ok
15:51:14.0640 0x0aa4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:51:14.0643 0x0aa4 WwanSvc - ok
15:51:14.0646 0x0aa4 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:51:14.0647 0x0aa4 xusb21 - ok
15:51:14.0649 0x0aa4 ================ Scan global ===============================
15:51:14.0651 0x0aa4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:51:14.0655 0x0aa4 [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
15:51:14.0662 0x0aa4 [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
15:51:14.0665 0x0aa4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:51:14.0671 0x0aa4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:51:14.0674 0x0aa4 [ Global ] - ok
15:51:14.0675 0x0aa4 ================ Scan MBR ==================================
15:51:14.0675 0x0aa4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:51:14.0698 0x0aa4 \Device\Harddisk0\DR0 - ok
15:51:14.0699 0x0aa4 ================ Scan VBR ==================================
15:51:14.0700 0x0aa4 [ 9DFD66DA4EEA7C4B2EE178F1C63F2FDC ] \Device\Harddisk0\DR0\Partition1
15:51:14.0700 0x0aa4 \Device\Harddisk0\DR0\Partition1 - ok
15:51:14.0701 0x0aa4 [ E2F910E40942892B79ACB8C968002154 ] \Device\Harddisk0\DR0\Partition2
15:51:14.0702 0x0aa4 \Device\Harddisk0\DR0\Partition2 - ok
15:51:14.0702 0x0aa4 ================ Scan generic autorun ======================
15:51:14.0732 0x0aa4 [ A202423724FAA9524036A2741FABB623, 17C48FBA1E1AC3F1E11209C77DC81AD49614337CF8C79D35F0466CEB9265D142 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:51:14.0755 0x0aa4 NvBackend - ok
15:51:14.0758 0x0aa4 [ E59A630B65679AC7B5A58DF3299E6AC4, 99B7CA31D8E7679C45203D2287DB6F13B669C95ABEB2E2F0AE7290DCF84F273E ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
15:51:14.0759 0x0aa4 IAStorIcon - ok
15:51:14.0768 0x0aa4 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
15:51:14.0769 0x0aa4 Cmaudio8788 - ok
15:51:14.0772 0x0aa4 [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
15:51:14.0775 0x0aa4 Cmaudio8788GX - ok
15:51:14.0779 0x0aa4 [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
15:51:14.0782 0x0aa4 Cmaudio8788GX64 - ok
15:51:14.0784 0x0aa4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:51:14.0785 0x0aa4 ShadowPlay - ok
15:51:14.0788 0x0aa4 [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
15:51:14.0790 0x0aa4 iTunesHelper - ok
15:51:14.0800 0x0aa4 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
15:51:14.0810 0x0aa4 XboxStat - ok
15:51:14.0823 0x0aa4 [ 27F8A7A78773427E5D931628F89D6839, 61A312590322109BEA9EA70345E6FB40435D9BACE2B9CFF3ADF68C7B3D6FA163 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
15:51:14.0830 0x0aa4 avgnt - ok
15:51:14.0835 0x0aa4 [ 20218284E050B0C671CC5456214CA335, 5890424D7D17E1BC7D577A8C2615BD99F67C654B9928D72824A721285EBAE706 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:51:14.0837 0x0aa4 USB3MON - ok
15:51:14.0841 0x0aa4 [ 53C6C41356D532FEFD8056AB2906D129, C5E54C571FA44AF7FD1974464CC5D5DD30BA0D31ED20CF6B3DBB5A49FC5F0AC7 ] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
15:51:14.0843 0x0aa4 Lightshot - ok
15:51:14.0851 0x0aa4 [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:51:14.0857 0x0aa4 SunJavaUpdateSched - ok
15:51:14.0859 0x0aa4 [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
15:51:14.0860 0x0aa4 Avira SystrayStartTrigger - ok
15:51:14.0874 0x0aa4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:51:14.0886 0x0aa4 Sidebar - ok
15:51:14.0889 0x0aa4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:51:14.0891 0x0aa4 mctadmin - ok
15:51:14.0905 0x0aa4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:51:14.0915 0x0aa4 Sidebar - ok
15:51:14.0918 0x0aa4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:51:14.0919 0x0aa4 mctadmin - ok
15:51:14.0997 0x0aa4 [ B0E08F135E64D4D9BE120E7236617875, B2DF285CD6A5C646614BBDA3655764DB67CA2F90F8B423484B15D095D70F099D ] C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe
15:51:15.0048 0x0aa4 Amazon Music - ok
15:51:15.0151 0x0aa4 [ 47DBCC66CF9A3DCEF2D42051431160D3, 5E99CB8333471E80590AED8CA139EF859AD617D1C7BD9406913A86016DCA08F6 ] C:\Program Files\CCleaner\CCleaner64.exe
15:51:15.0241 0x0aa4 CCleaner Monitoring - ok
15:51:15.0281 0x0aa4 [ 686A9B880E5428E06DE44CFC825EE0A8, 1782F283AD06BDE1DD777050E5E3DB65DF599F5CAA186A4B8F0A969C27190901 ] C:\Program Files (x86)\eXtra Buttons\xb.exe
15:51:15.0305 0x0aa4 eXtra Buttons - ok
15:51:15.0361 0x0aa4 [ 5721B5C4CBEBBD0C85AE311366783386, C2A780D6F49A0F75CF53C6A032BC9C4494D6F0FB5A0B767845AE5052179C7C40 ] C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
15:51:15.0401 0x0aa4 Akamai NetSession Interface - ok
15:51:15.0587 0x0aa4 [ C038CF7F6C1989C878382AA1F86981D3, 3EC4B3FE56E7F22F7CF253051BE7ADAC06298DEA112960FB4FC80A28CB5EF558 ] C:\Program Files (x86)\LINE\line.exe
15:51:15.0723 0x0aa4 LINE - ok
15:51:15.0732 0x0aa4 Waiting for KSN requests completion. In queue: 229
15:51:16.0732 0x0aa4 Waiting for KSN requests completion. In queue: 144
15:51:17.0733 0x0aa4 Waiting for KSN requests completion. In queue: 117
15:51:18.0743 0x0aa4 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.12.420 ), 0x41000 ( enabled : updated )
15:51:18.0765 0x0aa4 Win FW state via NFP2: enabled ( trusted )
15:51:21.0439 0x0aa4 ============================================================
15:51:21.0439 0x0aa4 Scan finished
15:51:21.0439 0x0aa4 ============================================================
15:51:21.0444 0x18d4 Detected object count: 0
15:51:21.0444 0x18d4 Actual detected object count: 0
|
|
22.09.2015, 15:05
| #5 | |
| /// TB-Ausbilder | DNS Unlocker loswerden Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Scan mit Combofix
|
|
22.09.2015, 15:17
| #6 |
| | DNS Unlocker loswerden Alles klar, werde ich zukünftig beachten. Soll ich die Antivirensoftware nun wieder aktivieren? Code:
ATTFilter ComboFix 15-09-21.01 - Alex 22.09.2015 16:11:01.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.16197.12627 [GMT 2:00]
ausgeführt von:: c:\users\Alex\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Alex\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-08-22 bis 2015-09-22 ))))))))))))))))))))))))))))))
.
.
2015-09-22 14:12 . 2015-09-22 14:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-09-22 13:49 . 2015-09-22 13:50 -------- d-----w- C:\FRST
2015-09-22 12:23 . 2015-09-22 12:23 -------- d-----w- c:\program files (x86)\ESET
2015-09-22 11:59 . 2015-09-22 14:14 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-22 11:59 . 2015-09-22 11:59 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-09-22 11:59 . 2015-09-22 11:59 -------- d-----w- c:\programdata\Malwarebytes
2015-09-22 11:59 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-09-22 11:59 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-09-22 11:59 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-09-21 00:22 . 2015-09-21 00:29 -------- d-----w- c:\users\Alex\AppData\Local\Arma 3
2015-09-21 00:22 . 2015-09-21 00:22 -------- d-----w- c:\programdata\Bohemia Interactive
2015-09-21 00:22 . 2015-09-21 00:30 -------- d-----w- c:\users\Alex\AppData\Local\Arma 3 Launcher
2015-09-21 00:22 . 2015-09-21 00:22 -------- d-----w- c:\users\Alex\AppData\Local\Bohemia_Interactive
2015-09-17 15:03 . 2015-09-19 09:51 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2015-09-09 12:01 . 2015-08-26 18:07 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-09-08 01:28 . 2015-09-08 02:20 -------- d-----w- c:\users\Alex\AppData\Roaming\TS3Client
2015-09-02 02:27 . 2015-09-02 02:28 -------- d-----w- c:\users\Alex\AppData\Local\LINE
2015-09-02 02:27 . 2015-09-02 02:27 -------- d-----w- c:\program files (x86)\LINE
2015-08-31 14:39 . 2015-08-31 14:39 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-08-31 14:39 . 2015-08-31 14:39 -------- d-----w- c:\users\Alex\.oracle_jre_usage
2015-08-26 07:07 . 2015-08-26 07:07 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2015-08-25 03:43 . 2015-08-11 04:52 69416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-08-25 03:43 . 2015-08-11 04:52 50472 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-21 18:58 . 2015-05-27 19:13 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-21 18:58 . 2015-05-27 19:13 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-31 14:39 . 2015-05-27 19:14 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-26 16:37 . 2015-05-27 19:43 134753440 ----a-w- c:\windows\system32\MRT.exe
2015-08-17 23:30 . 2015-05-27 18:33 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-08-17 23:30 . 2015-05-27 18:33 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-08-17 23:29 . 2015-05-27 18:33 1756608 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-08-17 23:29 . 2015-05-27 18:33 1710568 ----a-w- c:\windows\system32\nvspcap64.dll
2015-08-11 04:52 . 2015-05-27 18:32 72504 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-08-10 23:18 . 2015-05-27 18:32 17624328 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-08-10 23:18 . 2015-05-27 18:32 15139256 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-08-10 23:18 . 2015-08-10 23:18 948832 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-08-10 23:18 . 2015-08-10 23:18 30496400 ----a-w- c:\windows\system32\nvoglv64.dll
2015-08-10 23:18 . 2015-08-10 23:18 22960768 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-08-10 23:18 . 2015-08-10 23:18 16160424 ----a-w- c:\windows\system32\nvopencl.dll
2015-08-10 23:18 . 2015-08-10 23:18 13278968 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-08-10 23:18 . 2015-08-10 23:18 11063440 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-08-10 23:18 . 2015-06-28 07:04 1110768 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-08-10 23:18 . 2015-08-10 23:18 991888 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-08-10 23:18 . 2015-08-10 23:18 986752 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-08-10 23:18 . 2015-08-10 23:18 48992 ----a-w- c:\windows\system32\nvhdap64.dll
2015-08-10 23:18 . 2015-08-10 23:18 417360 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2015-08-10 23:18 . 2015-08-10 23:18 417096 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2015-08-10 23:18 . 2015-08-10 23:18 372880 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2015-08-10 23:18 . 2015-08-10 23:18 214880 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-08-10 23:18 . 2015-08-10 23:18 1906832 ----a-w- c:\windows\system32\nvdispco6435382.dll
2015-08-10 23:18 . 2015-08-10 23:18 187152 ----a-w- c:\windows\system32\nvinitx.dll
2015-08-10 23:18 . 2015-08-10 23:18 164192 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-08-10 23:18 . 2015-08-10 23:18 160896 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-08-10 23:18 . 2015-08-10 23:18 1576288 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-08-10 23:18 . 2015-08-10 23:18 1568056 ----a-w- c:\windows\system32\nvdispgenco6435382.dll
2015-08-10 23:18 . 2015-08-10 23:18 137424 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-08-10 23:18 . 2015-08-10 23:18 1069896 ----a-w- c:\windows\system32\NvIFR64.dll
2015-08-10 23:18 . 2015-05-27 18:32 512320 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2015-08-10 23:18 . 2015-05-27 18:32 15902640 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-08-10 23:18 . 2015-05-27 18:32 12886592 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-08-10 23:18 . 2015-05-27 18:32 1061520 ----a-w- c:\windows\system32\NvFBC64.dll
2015-08-10 23:18 . 2015-08-10 23:18 42740536 ----a-w- c:\windows\system32\nvcompiler.dll
2015-08-10 23:18 . 2015-08-10 23:18 37759104 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-08-10 23:18 . 2015-08-10 23:18 2943800 ----a-w- c:\windows\system32\nvcuvid.dll
2015-08-10 23:18 . 2015-08-10 23:18 2611000 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-08-10 23:18 . 2015-08-10 23:18 14514128 ----a-w- c:\windows\system32\nvcuda.dll
2015-08-10 23:18 . 2015-08-10 23:18 11845224 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-08-10 23:18 . 2015-05-27 18:32 3417208 ----a-w- c:\windows\system32\nvapi64.dll
2015-08-10 23:18 . 2015-05-27 18:32 3017608 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-08-07 00:44 . 2015-05-27 18:32 937592 ----a-w- c:\windows\system32\nvvsvc.exe
2015-08-07 00:44 . 2015-05-27 18:32 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-08-07 00:44 . 2015-05-27 18:32 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-08-07 00:44 . 2015-05-27 18:32 2558768 ----a-w- c:\windows\system32\nvsvcr.dll
2015-08-07 00:44 . 2015-05-27 18:32 6873904 ----a-w- c:\windows\system32\nvcpl.dll
2015-08-07 00:44 . 2015-05-27 18:32 3492984 ----a-w- c:\windows\system32\nvsvc64.dll
2015-08-07 00:04 . 2015-08-18 19:38 572024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-08-03 13:07 . 2015-05-27 18:32 5133709 ----a-w- c:\windows\system32\nvcoproc.bin
2015-07-30 18:06 . 2015-08-17 23:29 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-17 23:29 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-17 23:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-17 23:29 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 17:57 . 2015-08-17 23:29 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 13:13 . 2015-08-18 01:03 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-18 01:03 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-28 20:09 . 2015-08-17 23:29 17344 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-28 20:05 . 2015-08-17 23:29 774656 ----a-w- c:\windows\system32\invagent.dll
2015-07-28 20:05 . 2015-08-17 23:29 743424 ----a-w- c:\windows\system32\generaltel.dll
2015-07-28 20:05 . 2015-08-17 23:29 437760 ----a-w- c:\windows\system32\devinv.dll
2015-07-28 20:05 . 2015-08-17 23:29 1116672 ----a-w- c:\windows\system32\appraiser.dll
2015-07-28 20:05 . 2015-08-17 23:29 69120 ----a-w- c:\windows\system32\acmigration.dll
2015-07-28 20:05 . 2015-08-17 23:29 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-28 19:55 . 2015-08-17 23:29 1148416 ----a-w- c:\windows\system32\aeinv.dll
2015-07-27 22:16 . 2015-05-27 18:16 162528 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-07-27 22:16 . 2015-05-27 18:16 141416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-07-23 00:06 . 2015-08-18 19:32 5568960 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-07-23 00:06 . 2015-08-18 19:32 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-07-23 00:06 . 2015-08-18 19:32 155584 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-07-23 00:03 . 2015-08-18 19:32 1730496 ----a-w- c:\windows\system32\ntdll.dll
2015-07-23 00:03 . 2015-08-18 19:32 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-07-23 00:03 . 2015-08-18 19:32 243712 ----a-w- c:\windows\system32\wow64.dll
2015-07-23 00:03 . 2015-08-18 19:32 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-07-23 00:03 . 2015-08-18 19:32 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-07-23 00:02 . 2015-08-18 19:32 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-07-23 00:02 . 2015-08-18 19:32 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2015-07-23 00:02 . 2015-08-18 19:32 879104 ----a-w- c:\windows\system32\tdh.dll
2015-07-23 00:02 . 2015-08-18 19:32 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-07-23 00:02 . 2015-08-18 19:32 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-07-23 00:02 . 2015-08-18 19:32 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-07-23 00:02 . 2015-08-18 19:32 503808 ----a-w- c:\windows\system32\srcore.dll
2015-07-23 00:02 . 2015-08-18 19:32 50176 ----a-w- c:\windows\system32\srclient.dll
2015-07-23 00:02 . 2015-08-18 19:32 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-23 00:02 . 2015-08-18 19:32 28160 ----a-w- c:\windows\system32\secur32.dll
2015-07-23 00:02 . 2015-08-18 19:32 1216512 ----a-w- c:\windows\system32\rpcrt4.dll
2015-07-23 00:02 . 2015-08-18 19:32 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-07-23 00:02 . 2015-08-18 19:32 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-07-23 00:02 . 2015-08-18 19:32 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-07-23 00:02 . 2015-08-18 19:32 729088 ----a-w- c:\windows\system32\kerberos.dll
2015-07-23 00:02 . 2015-08-18 19:32 424448 ----a-w- c:\windows\system32\KernelBase.dll
2015-07-23 00:02 . 2015-08-18 19:32 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-07-23 00:02 . 2015-08-18 19:32 1163264 ----a-w- c:\windows\system32\kernel32.dll
2015-07-23 00:02 . 2015-08-18 19:32 44032 ----a-w- c:\windows\system32\cryptbase.dll
2015-07-23 00:02 . 2015-08-18 19:32 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-07-23 00:02 . 2015-08-18 19:32 22016 ----a-w- c:\windows\system32\credssp.dll
2015-07-23 00:02 . 2015-08-18 19:32 879104 ----a-w- c:\windows\system32\advapi32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amazon Music"="c:\users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2015-07-21 5887808]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-07-17 8418584]
"eXtra Buttons"="c:\program files (x86)\eXtra Buttons\xb.exe" [2013-07-08 2800128]
"Akamai NetSession Interface"="c:\users\Alex\AppData\Local\Akamai\netsession_win.exe" [2015-07-23 4691384]
"LINE"="c:\program files (x86)\LINE\line.exe" [2015-08-18 15664152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2015-08-26 782008]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 296216]
"Lightshot"="c:\program files (x86)\Skillbrains\lightshot\Lightshot.exe" [2014-11-18 226560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-08-13 66936]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Display Manager.lnk - c:\program files (x86)\Dell\Dell Display Manager\ddm.exe [2015-5-30 690880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"RequireSignedAppInit_DLLs"=0 (0x0)
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 prio_svc;Prio Service;c:\program files\Prio\prio_svc.exe;c:\program files\Prio\prio_svc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 Update service;Update service;c:\program files (x86)\Popcorn Time\Updater.exe;c:\program files (x86)\Popcorn Time\Updater.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 STXIIService;ASUS Essence STX II Audio Interface;c:\windows\system32\drivers\STXII.sys;c:\windows\SYSNATIVE\drivers\STXII.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - NAL
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-09-21 22:00 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\45.0.2454.99\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-27 18:58]
.
2015-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 19:54]
.
2015-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 19:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-17 2634872]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2015-01-27 36352]
"Cmaudio8788"="c:\windows\Syswow64\CmiCnfgSTXII.dll" [2014-01-27 13463552]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-17 1710568]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-08-13 170256]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.startseite24.net
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\
FF - prefs.js: browser.startup.homepage - www.google.at
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Voobly - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\program files\pia_manager\pia_manager.exe
c:\users\Alex\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
c:\users\Alex\AppData\Local\Temp\ocr4FB4.tmp\bin\rubyw.exe
c:\program files\pia_manager\pia_manager.exe
c:\users\Alex\AppData\Local\Temp\ocr6067.tmp\bin\rubyw.exe
c:\program files\pia_manager\pia_tray\pia_tray.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-09-22 16:15:03 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-09-22 14:15
.
Vor Suchlauf: 14 Verzeichnis(se), 875.205.779.456 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 890.419.462.144 Bytes frei
.
- - End Of File - - 3F026A1032E5680E2584898236FA09A3
A36C5E4F47E84449FF07ED3517B43A31
|
|
22.09.2015, 15:20
| #7 |
| /// TB-Ausbilder | DNS Unlocker loswerden Servus, ja, kannst du wieder aktivieren. Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2
|
|
22.09.2015, 15:51
| #8 |
| | DNS Unlocker loswerdenCode:
ATTFilter # AdwCleaner v5.008 - Bericht erstellt am 22/09/2015 um 16:46:16
# Aktualisiert am 18/09/2015 von Xplode
# Datenbank : 2015-09-20.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Alex - ALEX-PC
# Gestartet von : C:\Users\Alex\Desktop\AdwCleaner_5.008.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [791 Bytes] ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 durchgeführt von Alex (Administrator) auf ALEX-PC (22-09-2015 16:50:23) Gestartet von C:\Users\Alex\Desktop Geladene Profile: Alex (Verfügbare Profile: Alex) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 10 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files\Prio\prio_svc.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Company) C:\Program Files (x86)\Popcorn Time\Updater.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\SysWOW64\HsMgr.exe () C:\Windows\system\HsMgr64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (CMedia) C:\Program Files\ASUS Essence STX II Audio Device\Customapp\AsusAudioCenter.exe () C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe () C:\Program Files (x86)\eXtra Buttons\xb.exe (Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe (LINE Corporation) C:\Program Files (x86)\LINE\LINE.exe (EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (NVIDIA Corporation) C:\Users\Alex\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe () C:\Program Files\pia_manager\pia_manager.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (hxxp://www.ruby-lang.org/) C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\bin\rubyw.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files\pia_manager\pia_manager.exe (hxxp://www.ruby-lang.org/) C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\bin\rubyw.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Program Files\pia_manager\pia_tray\pia_tray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation) HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CmiCnfgSTXII.dll,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2000-01-01] (Intel Corporation) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Amazon Music] => C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] () HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [eXtra Buttons] => C:\Program Files (x86)\eXtra Buttons\xb.exe [2800128 2013-07-08] () HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.) HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Run: [LINE] => C:\Program Files (x86)\LINE\line.exe [15664152 2015-08-18] (LINE Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2015-05-30] ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{78A7E6A4-8C3E-4DC9-ACC6-2E6A0AD66A09}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}: [DhcpNameServer] 209.222.18.222 209.222.18.218 Internet Explorer: ================== HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-922301408-332873160-1376262277-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-922301408-332873160-1376262277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net SearchScopes: HKLM -> DefaultScope {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKLM -> {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> DefaultScope {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {A4EC09D4-13F1-4C49-9308-2A10EA44511C} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {F459BFCD-D839-49DF-809F-6585C4D35F92} URL = hxxp://www.startseite24.net/?q={searchTerms} BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472 FF Homepage: www.google.at FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-27] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-27] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\searchplugins\katcr.xml [2015-06-20] FF Extension: ColorfulTabs - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-09-21] FF Extension: FEBE - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-06-27] FF Extension: savetexttofile - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\HighlightedTextToFile@bobbyrne01.org.xpi [2015-06-27] FF Extension: Art Project - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\jid1-2owcJCGUIo2yBA@jetpack.xpi [2015-06-29] FF Extension: S3.Google Translator - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\s3google@translator.xpi [2015-06-27] FF Extension: Tab Auto Reload - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\TabAutoReload@schuzak.jp.xpi [2015-06-27] FF Extension: Tab Scope - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\tabscope@xuldev.org.xpi [2015-06-27] FF Extension: Tile Tabs - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\tiletabs@DW-dev.xpi [2015-09-22] FF Extension: Session Manager - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-06-27] FF Extension: Capture & Print - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2015-06-27] FF Extension: ReloadEvery - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-09-07] FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2015-06-27] FF Extension: RightToClick - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-06-27] FF Extension: Adblock Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-27] FF Extension: BetterPrivacy - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-06-27] FF Extension: Tab Mix Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-06-27] FF Extension: DownThemAll! - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-06-27] FF Extension: Greasemonkey - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l8vv2d5t.default-1435403607472\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-06-27] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.at/" CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-19] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-19] CHR Extension: (Skype Click to Call) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-28] CHR Extension: (AgarioMods Evergreen Script) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2015-07-17] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-19] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-09-19] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-01-27] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-01] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-06-28] () R2 prio_svc; C:\Program Files\Prio\prio_svc.exe [12656 2012-11-08] () R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-04-16] (Avira Operations GmbH & Co. KG) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2014-09-29] (Intel Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-01-27] (Intel Corporation) R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-02-25] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 STXIIService; C:\Windows\System32\drivers\STXII.sys [2736640 2014-02-18] (C-Media Inc) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-22 16:50 - 2015-09-22 16:50 - 00025011 _____ C:\Users\Alex\Desktop\FRST.txt 2015-09-22 16:15 - 2015-09-22 16:15 - 00024806 _____ C:\ComboFix.txt 2015-09-22 16:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-09-22 16:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-09-22 16:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-09-22 16:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-09-22 16:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-09-22 16:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-09-22 16:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-09-22 16:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-09-22 16:08 - 2015-09-22 16:15 - 00000000 ____D C:\Qoobox 2015-09-22 16:08 - 2015-09-22 16:14 - 00000000 ____D C:\Windows\erdnt 2015-09-22 16:07 - 2015-09-22 16:07 - 05635484 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe 2015-09-22 15:50 - 2015-09-22 15:50 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Alex\Downloads\tdsskiller.exe 2015-09-22 15:50 - 2015-09-22 15:50 - 00052947 _____ C:\Users\Alex\Downloads\Addition.txt 2015-09-22 15:49 - 2015-09-22 16:50 - 00000000 ____D C:\FRST 2015-09-22 15:49 - 2015-09-22 15:50 - 00048110 _____ C:\Users\Alex\Downloads\FRST.txt 2015-09-22 15:49 - 2015-09-22 15:49 - 02191360 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe 2015-09-22 15:21 - 2015-09-22 15:21 - 00001058 _____ C:\Users\Alex\Desktop\JRT.txt 2015-09-22 15:16 - 2015-09-22 15:16 - 00001217 _____ C:\Users\Alex\Desktop\MBAM Anwendungsprotokoll.txt 2015-09-22 14:23 - 2015-09-22 14:23 - 00000000 ____D C:\Program Files (x86)\ESET 2015-09-22 14:15 - 2015-09-22 14:23 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe 2015-09-22 14:15 - 2015-09-22 14:23 - 00001868 _____ C:\Users\Alex\Desktop\sc-cleaner.txt 2015-09-22 14:15 - 2015-09-22 14:15 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Alex\Downloads\sc-cleaner.exe 2015-09-22 14:14 - 2015-09-22 14:14 - 01798976 _____ (Malwarebytes) C:\Users\Alex\Downloads\JRT.exe 2015-09-22 14:13 - 2015-09-22 14:13 - 01662976 _____ C:\Users\Alex\Desktop\AdwCleaner_5.008.exe 2015-09-22 13:59 - 2015-09-22 16:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-22 13:59 - 2015-09-22 13:59 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-09-22 13:59 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-22 13:59 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-22 13:59 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-22 13:58 - 2015-09-22 13:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Alex\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-21 02:22 - 2015-09-21 02:30 - 00000000 ____D C:\Users\Alex\AppData\Local\Arma 3 Launcher 2015-09-21 02:22 - 2015-09-21 02:29 - 00000000 ____D C:\Users\Alex\AppData\Local\Arma 3 2015-09-21 02:22 - 2015-09-21 02:23 - 00000000 ____D C:\Users\Alex\Documents\Arma 3 2015-09-21 02:22 - 2015-09-21 02:22 - 00000000 ____D C:\Users\Alex\AppData\Local\Bohemia_Interactive 2015-09-21 02:22 - 2015-09-21 02:22 - 00000000 ____D C:\ProgramData\Bohemia Interactive 2015-09-19 21:53 - 2015-09-19 21:53 - 00000222 _____ C:\Users\Alex\Desktop\Arma 3.url 2015-09-19 00:53 - 2015-09-19 00:53 - 00000025 _____ C:\Users\Alex\Desktop\gallier produktion.txt 2015-09-17 17:03 - 2015-09-19 11:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-09-15 21:55 - 2015-09-22 00:00 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-09-15 21:55 - 2015-09-15 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-09-15 21:54 - 2015-09-22 16:47 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-15 21:54 - 2015-09-22 15:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-15 21:54 - 2015-09-15 21:54 - 00929872 _____ (Google Inc.) C:\Users\Alex\Downloads\ChromeSetup.exe 2015-09-15 21:54 - 2015-09-15 21:54 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-15 21:54 - 2015-09-15 21:54 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-10 19:29 - 2015-09-10 19:29 - 00000038 _____ C:\Users\Alex\Desktop\zravian benefit account.txt 2015-09-09 14:06 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-09-09 14:06 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-09-09 14:06 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-09-09 14:06 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-09-09 14:06 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-09-09 14:06 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-09-09 14:06 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-09-09 14:06 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-09-09 14:06 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-09-09 14:06 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-09-09 14:06 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-09-09 14:06 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-09-09 14:06 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-09-09 14:06 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-09-09 14:06 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-09-09 14:06 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-09-09 14:06 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-09-09 14:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-09-09 14:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-09-09 14:06 - 2015-08-22 16:40 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-09-09 14:06 - 2015-08-22 16:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-09-09 14:06 - 2015-08-22 15:51 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-09-09 14:06 - 2015-08-22 15:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-09-09 14:06 - 2015-08-22 15:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-09-09 14:06 - 2015-08-22 15:51 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-09-09 14:06 - 2015-08-22 15:50 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-09-09 14:06 - 2015-08-22 15:50 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-09-09 14:06 - 2015-08-22 15:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-09-09 14:06 - 2015-08-20 20:53 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-09-09 14:06 - 2015-08-20 20:46 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-09-09 14:06 - 2015-08-20 20:21 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-09-09 14:06 - 2015-08-20 20:19 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-09-09 14:06 - 2015-08-20 19:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2015-09-09 14:06 - 2015-08-20 19:55 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-09-09 14:06 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2015-09-09 14:06 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-09-09 14:06 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-09-09 14:06 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-09-09 14:06 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-09-09 14:06 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-09-09 14:06 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-09-09 14:06 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-09-09 14:06 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-09-09 14:06 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-09-09 14:06 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-09-09 14:06 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-09-09 14:06 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-09-09 14:01 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-09-09 14:01 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-09-09 14:01 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-09-09 14:01 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-09-09 14:01 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-09-09 14:01 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-09-09 14:01 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-09-09 14:01 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-09-09 14:01 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-09-09 14:01 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-09-09 14:01 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-09-08 18:49 - 2015-09-08 18:49 - 00000222 _____ C:\Users\Alex\Desktop\Total War Arena.url 2015-09-08 03:28 - 2015-09-08 04:20 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TS3Client 2015-09-08 03:28 - 2015-09-08 03:28 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-09-08 03:28 - 2015-09-08 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-09-08 03:27 - 2015-09-08 03:28 - 31071896 _____ (TeamSpeak Systems GmbH) C:\Users\Alex\Downloads\TeamSpeak3-Client-win64-3.0.17.exe 2015-09-02 06:10 - 2015-09-02 06:10 - 00000054 _____ C:\Users\Alex\Desktop\seleren irc screenshots.txt 2015-09-02 04:27 - 2015-09-02 04:28 - 00000000 ____D C:\Users\Alex\AppData\Local\LINE 2015-09-02 04:27 - 2015-09-02 04:27 - 00000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk 2015-09-02 04:27 - 2015-09-02 04:27 - 00000951 _____ C:\Users\Public\Desktop\LINE.lnk 2015-09-02 04:27 - 2015-09-02 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE 2015-09-02 04:27 - 2015-09-02 04:27 - 00000000 ____D C:\Program Files (x86)\LINE 2015-09-02 04:14 - 2015-09-02 04:19 - 28198424 _____ (LINE Corporation) C:\Users\Alex\Downloads\LineInst.exe 2015-09-01 00:05 - 2015-09-01 00:05 - 00001317 _____ C:\Users\Alex\Desktop\ZRAVIAN STUFF.txt 2015-08-31 16:39 - 2015-08-31 16:39 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Sun 2015-08-31 16:39 - 2015-08-31 16:39 - 00000000 ____D C:\Users\Alex\.oracle_jre_usage 2015-08-28 15:26 - 2015-08-29 19:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-26 09:07 - 2015-08-26 09:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Alex\Downloads\Xbox360_64Deu.exe 2015-08-26 09:07 - 2015-08-26 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-08-26 09:07 - 2015-08-26 09:07 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories 2015-08-26 09:04 - 2015-08-26 09:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2015-08-25 05:43 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-25 05:43 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-22 16:50 - 2015-05-27 20:04 - 01337423 _____ C:\Windows\WindowsUpdate.log 2015-09-22 16:49 - 2015-05-27 21:02 - 00006469 _____ C:\Windows\SysWOW64\Gms.log 2015-09-22 16:47 - 2015-07-01 19:59 - 00016423 _____ C:\Windows\setupact.log 2015-09-22 16:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-22 16:46 - 2015-06-27 13:06 - 00000000 ____D C:\AdwCleaner 2015-09-22 16:46 - 2015-05-27 20:33 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-22 16:22 - 2009-07-14 06:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-22 16:22 - 2009-07-14 06:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-22 16:20 - 2015-05-28 05:58 - 00699726 _____ C:\Windows\system32\perfh007.dat 2015-09-22 16:20 - 2015-05-28 05:58 - 00149364 _____ C:\Windows\system32\perfc007.dat 2015-09-22 16:20 - 2009-07-14 07:13 - 01621742 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-22 16:15 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-09-22 16:14 - 2015-07-16 22:42 - 00003264 _____ C:\Windows\PFRO.log 2015-09-22 16:14 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-09-22 16:02 - 2015-05-27 20:51 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Skype 2015-09-22 15:58 - 2015-05-27 21:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-22 15:22 - 2015-05-27 20:04 - 00000000 ____D C:\Users\Alex 2015-09-22 15:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2015-09-22 14:53 - 2015-05-27 21:11 - 00000000 ____D C:\Program Files (x86)\Steam 2015-09-22 13:53 - 2015-05-27 20:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-09-21 20:58 - 2015-05-27 21:13 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-09-21 20:58 - 2015-05-27 21:13 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-21 20:58 - 2015-05-27 21:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-09-21 20:39 - 2015-05-27 20:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-09-21 03:19 - 2015-08-19 06:40 - 00000122 _____ C:\Users\Alex\Desktop\ZRAVIAN.txt 2015-09-21 02:21 - 2015-05-27 20:17 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-20 19:20 - 2015-05-27 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-15 21:55 - 2015-05-27 20:09 - 00000000 ____D C:\Program Files (x86)\Google 2015-09-11 01:13 - 2015-05-27 21:28 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent 2015-09-10 08:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-09-10 03:19 - 2009-07-14 06:45 - 00296480 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-10 03:18 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-10 03:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-09-10 03:03 - 2015-05-27 21:43 - 00000000 ____D C:\Windows\system32\MRT 2015-09-09 13:19 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-09-08 18:50 - 2015-05-27 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-09-08 03:28 - 2015-05-27 20:53 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-08-31 16:39 - 2015-05-27 21:14 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\ProgramData\Oracle 2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-31 16:39 - 2015-05-27 21:14 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-31 16:34 - 2015-05-28 22:07 - 00000000 ____D C:\Program Files (x86)\Voobly 2015-08-29 02:17 - 2015-06-19 01:00 - 00001159 _____ C:\Users\Alex\Desktop\Mozilla Firefox.lnk 2015-08-29 01:59 - 2015-05-27 21:22 - 00000000 ____D C:\Users\Alex\Desktop\Games 2015-08-26 18:37 - 2015-05-27 21:43 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-26 09:07 - 2015-07-19 00:32 - 00046990 _____ C:\Windows\DirectX.log 2015-08-25 05:43 - 2015-05-27 20:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-23 01:31 - 2015-06-04 19:59 - 00000000 ____D C:\Users\Alex\Documents\My Games ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-07-27 02:42 - 2015-07-27 03:26 - 0000058 _____ () C:\Users\Alex\AppData\Roaming\prio.ini 2015-05-27 23:55 - 2015-05-27 23:55 - 0000000 _____ () C:\Users\Alex\AppData\Local\Driver_LOM_8161Present.flag 2015-06-21 05:22 - 2015-07-27 03:26 - 0007621 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg 2015-08-18 03:42 - 2015-08-18 03:42 - 0000003 _____ () C:\Users\Alex\AppData\Local\updater.log 2015-08-18 03:42 - 2015-08-18 03:42 - 0000424 _____ () C:\Users\Alex\AppData\Local\UserProducts.xml Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Alex\Notepad2.exe Einige Dateien in TEMP: ==================== C:\Users\Alex\AppData\Local\Temp\avgnt.exe C:\Users\Alex\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-21 00:15 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Alex (2015-09-22 16:50:33)
Gestartet von C:\Users\Alex\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-27 18:04:05)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-922301408-332873160-1376262277-500 - Administrator - Disabled)
Alex (S-1-5-21-922301408-332873160-1376262277-1000 - Administrator - Enabled) => C:\Users\Alex
Gast (S-1-5-21-922301408-332873160-1376262277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-922301408-332873160-1376262277-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Akamai NetSession Interface (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.1.0 - Amazon Services LLC) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ASUS Essence STX II Audio Device (HKLM-x32\...\{1A01B996-F7F7-473C-9EA4-B22801713A83}) (Version: - ASUSTek Computer Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
eXtra Buttons (HKLM-x32\...\eXtra Buttons) (Version: - )
Geeks3D FurMark 1.15.2.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Network Connections 19.5.303.0 (HKLM\...\PROSetDX) (Version: 19.5.303.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.27 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.26 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
LINE (HKLM-x32\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaHuman YouTube to MP3 Converter Version 3.8.1 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.8.1 - )
Metin2 Singapore (HKLM-x32\...\Metin2 Singapore) (Version: - Tec Interactive Pte Ltd)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.2.1 - Popcorn Time)
Popcorn Time (HKU\S-1-5-21-922301408-332873160-1376262277-1000\...\Popcorn Time) (Version: - Popcorn Official)
Prio (HKLM\...\Prio) (Version: 2.0.0.2960 - )
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Revive BF2 (HKLM\...\{72427ED2-72A7-4DB3-99CE-D0E36B24307A}_is1) (Version: 1.5 - Battlelog.co)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly)
TP-LINK Wireless Client Utility (HKLM-x32\...\{385C8E5A-0B4F-4DCD-BBBD-2A8AE0400A76}) (Version: 7.0 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Websuche (HKLM-x32\...\Websuche) (Version: - Websuche)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-922301408-332873160-1376262277-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
21-09-2015 02:21:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
21-09-2015 02:21:31 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
22-09-2015 13:51:17 calculadora-setup wird entfernt
22-09-2015 14:15:13 JRT Pre-Junkware Removal
22-09-2015 14:20:59 JRT Pre-Junkware Removal
22-09-2015 15:19:36 JRT Pre-Junkware Removal
22-09-2015 15:21:20 Wiederherstellungsvorgang
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-09-22 16:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08B135AF-3070-4757-A915-B0239CE0E993} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {326F8FFA-04FB-4CA2-BB2F-0CB814848E47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {68596127-0212-412A-B1B4-0126A02F168E} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-06-12] ()
Task: {6ED1DDD7-3171-4E44-ABC3-F20948DF2F91} - System32\Tasks\{07EF5ACA-E114-4FDB-81C2-3F9D928C9482} => pcalua.exe -a C:\Users\Alex\Downloads\Metin2-SG_installer.exe -d C:\Users\Alex\Downloads
Task: {AD1849D5-A0DA-4A97-8888-F418AFAECBA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {AF21D5D8-6711-48A3-BD91-B10EFF68DC2E} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D96732E7-FAFE-46C6-8130-AD39EA0FDD41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {FC893FD4-3133-4120-BB74-96E80525CE75} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-27 20:32 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-03 01:27 - 2015-06-28 22:16 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-08 21:30 - 2012-11-08 21:30 - 00012656 _____ () C:\Program Files\Prio\prio_svc.exe
2015-05-27 23:49 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2015-05-27 23:49 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2015-05-27 21:44 - 2015-07-21 07:02 - 05887808 _____ () C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-07-08 11:05 - 2013-07-08 11:05 - 02800128 _____ () C:\Program Files (x86)\eXtra Buttons\xb.exe
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-27 20:33 - 2015-08-18 01:30 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-05-27 20:33 - 2015-08-18 01:31 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-05-27 21:43 - 2015-06-12 21:27 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-05-27 20:33 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-27 23:49 - 2013-12-16 12:05 - 00143360 ____N () C:\Program Files\ASUS Essence STX II Audio Device\Customapp\VmixP8.dll
2015-08-18 04:20 - 2015-08-18 04:20 - 03129368 _____ () C:\Program Files (x86)\LINE\ampkit_windows.dll
2015-07-03 07:44 - 2015-07-03 07:44 - 00123416 _____ () C:\Program Files (x86)\LINE\PlayerHelper.dll
2015-09-22 16:47 - 2015-09-22 16:47 - 00012800 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00009728 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00014848 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\src\rgloader\rgloader193.mswin.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00009216 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00126976 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00016384 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00127316 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\bin\libffi-6.dll
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00013312 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00095744 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocrD4EA.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00012800 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00009728 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00014848 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\src\rgloader\rgloader193.mswin.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00094208 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00118784 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00069120 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00083968 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\bin\zlib1.dll
2015-09-22 16:47 - 2015-09-22 16:47 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00275968 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00015360 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008192 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00009216 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00023552 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00008704 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00036352 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00126976 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00016384 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00127316 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\bin\libffi-6.dll
2015-09-22 16:47 - 2015-09-22 16:47 - 00013312 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00095744 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-22 16:47 - 2015-09-22 16:47 - 00026624 _____ () C:\Users\Alex\AppData\Local\Temp\ocrDD63.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-05-27 21:43 - 2015-06-12 21:27 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-05-27 21:43 - 2015-06-12 21:27 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-02-25 14:15 - 2015-02-25 14:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-922301408-332873160-1376262277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Voobly => "C:\Program Files (x86)\Voobly\voobly.exe" --startup
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{5B64105A-C666-4CE8-B359-D30B082E0CA0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2C40850-A5AA-4ED9-8305-1F508A0BE65A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5A1315B2-CFD8-4AC1-A017-6CB4BCB002FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{330407AD-6A7B-4D23-B304-75D744A07BC2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E6450CA3-0928-4DA2-9879-23C4EC818A6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA1B7172-B0A5-4AEE-B194-2A8E393C025A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8DF01D04-A169-4013-ACFF-17C4F281B3D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FFC5AB27-CE90-46EF-8D1E-7C50312413E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{877A2798-DC72-4DD3-8E2B-CF4EC857EE39}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{270CCFC5-E177-442E-A312-D8C5D0EFF0EF}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BD17E38C-8B8F-4D28-95A6-4693CAEC76D5}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E34E6BF-A746-4EF2-BAAE-2FD8043577B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DE9990F3-09FA-4D85-9D2C-9F72DA932B6F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BB816CE2-A4C9-4BBD-A155-FDE6D61CFAF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3862A5E1-B38D-4842-9026-AC2C62DA1F9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{B4EB3307-C8CB-4843-A4B4-3377082144C7}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{87A0A2AC-7365-4213-8C6B-1345F5AF1702}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{A275C0BC-AEA9-4445-ADED-D9028FA8EEB1}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{400ECE11-9C93-4A80-9580-107A678BC1AB}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{AE693290-433D-4872-BF53-B527571D330A}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{EC123608-59F5-47D8-99FB-4642119DFDD2}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{4D6AB7F9-DE85-406E-AC04-297AA1AC59DB}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{2B6447A5-46DC-41A3-8A2E-8B8EC7E0874A}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [TCP Query User{6AB9E431-1DD3-4F43-9217-D6B2A21BAF33}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{CD055AFE-39AE-4113-8B8B-97AE7A5EFD68}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [TCP Query User{ECA5F127-1BB3-420B-9464-AB368E892FD2}C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{66905585-6CB9-49E9-93E4-5264759118FB}C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{7E0BAC1F-FA84-46E8-A81B-EC8FC4BDDED0}] => (Block) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{21471CFD-29EA-405E-B039-503CAFF35FE3}] => (Block) C:\users\alex\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{F68CFCDD-063F-4D98-91A7-DDF988AC23A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{7340655E-3C42-45C3-A4B1-3BAC6D81E78A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{0AAA37E5-E4AD-4F7A-ADD6-97DA8BB6705D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{B23FC7BD-54B7-4E4D-A61C-9046B8A2B60D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{C32BE6A7-9F84-4DF6-8480-7C01A83E2097}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{5F0CBFD2-2F9B-48A0-A2CA-9B578DD086A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DAB3C782-D79F-478E-A1F0-11EE6B349E08}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DB39D13B-F79C-495E-8440-8A8AA02C0900}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{4011400D-EC8A-4682-860F-AABB0100CBC0}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{8414FFD5-5902-42B4-BB56-646CB264C935}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{F10EF931-0A90-4B93-BE3E-EC093418FBFC}] => (Block) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{E6274DFC-5D95-441F-9BDF-F2DDCB3799C9}] => (Block) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{853CCFFB-C5DA-4FBA-AACE-E7E2B439EC87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D03653C8-45EA-477C-818A-EEED672B41B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3817FB66-A021-4861-BF46-4CBF329250E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FD2DAA03-8142-4067-BB72-BB1B40575F6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8F8DB2F7-ADA1-4273-A31A-37CB4BC8FD43}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{087BAA49-73A3-4EE0-A9EB-BE3DA85DE082}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B9962A2F-B162-49B7-AD8D-9CCE17B694DA}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{A7BF42BA-33F5-47B1-A0F1-65488D199546}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{6B672278-D07E-4F07-AB1B-5CB3FF2383F0}C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe
FirewallRules: [UDP Query User{22E6417E-03A7-4851-8876-F40174BE6D70}C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\[pc game] age of mythology the titans expansion [ team mjy ]\aom\aomxnocd.exe
FirewallRules: [TCP Query User{320B5154-D197-4332-82DB-F05CA56D0F73}C:\users\alex\desktop\games\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\aom\aomxnocd.exe
FirewallRules: [UDP Query User{5C5D940D-ACE1-4A06-91D4-674A1E023DB8}C:\users\alex\desktop\games\aom\aomxnocd.exe] => (Allow) C:\users\alex\desktop\games\aom\aomxnocd.exe
FirewallRules: [{8056A593-8640-4E48-AE1B-6D65FC41C2C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D0712E2-7834-47F3-8A0A-C18239968099}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C75AEA7-1A49-457A-9D10-C80BB2D19FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{21546473-4648-4B28-BA8D-3FA569F65FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{334074C8-6C57-4D94-8533-A340375F8618}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [UDP Query User{156F8C93-4E8D-4EE1-86B1-5D3DB9C73B50}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [{5519A36E-6D4C-4D8D-8018-56A11F099D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{EC028352-8DD8-491A-A030-2447B1EE4F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{6D8719E4-D075-4B44-AB15-6E81348606DE}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6CE4E723-4C78-4FAA-AC46-0199FDB6C20A}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D5272A81-4AF5-4588-A1E2-1FA3FE9066BC}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{9CE42FEE-E36A-45CF-A0B2-B1484E80C498}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [TCP Query User{C01F5E34-8B04-495F-891A-3B6AD0ADF5BA}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{52FB8920-61F6-4117-9FC5-D71F7631034B}C:\users\alex\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\alex\appdata\local\akamai\netsession_win.exe
FirewallRules: [{FCE05C0A-61EA-4427-B73F-3365BEBF6A73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{925B2254-BCCF-4EAD-B305-94B68DF7295F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{59C810B3-1BF1-45BB-8D5D-C9F8C8BB4B8F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{0CBC8BBD-9B89-4BD0-843D-BDD7F456A875}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{05C8AEE7-635B-4FFF-BDFD-7A4E8A6BE5E1}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{830AF29B-681F-42B6-AD15-A37259D79ED4}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [{CDB41466-6B95-4991-A859-8721A569DD0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1EB6A4F1-E0DC-4874-BD5D-BFFD5D5A462A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4DA1CA31-B1EA-48E9-9678-D92323456ED6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AC6C871D-277B-4116-A812-7521A00EE05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E4BC80B-0D59-49A9-B0E6-CFDB30579A82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F8BE2A13-C6BC-4439-B869-58F875EFC8F0}C:\users\alex\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{93350CC3-C1AD-4361-9994-FA5EEA1A0960}C:\users\alex\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{B3B62059-B393-4B8D-935E-84E60B21952A}] => (Block) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{88F5271D-F0AC-48ED-AD84-A5C9CE5BE53A}] => (Block) C:\users\alex\appdata\local\popcorn time\nw.exe
FirewallRules: [{97016943-6291-4A5F-A5BB-B3F254342466}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{1BBFDF3B-7E31-4D72-A1F1-C90F06B38F2B}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{4AF77ECA-E1FE-4DDB-AEE4-190B8C5D3BC8}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{EFECB1B9-D8A3-4AF1-9CD3-FAB76AE5D80D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{C4B674C4-50BF-42B1-8330-393DE274D58D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{7E7D31A5-8127-4265-8B68-3637BA9CCF9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{92290EFF-8A05-430F-A94D-FF85D8E03409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{C695DCD9-57B3-4F25-8A42-6D4B70D908D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5E7E4103-8D7D-4F73-8EC9-68816A30C166}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{08526CBC-1EB4-420C-94D8-CA6A03B29DC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{EC498E06-A410-4437-9014-DA902BCA1C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{81A3C3AD-1226-4635-8656-FCC8C3254427}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1EFA3522-2D65-4AD2-8CC5-3A01603411B0}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FFC2418C-EE22-4129-9AF3-E7B7B792014D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FD19B638-5CAF-4034-AB88-7CB4360CE6A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DBDB38A6-263E-402F-9820-64757152E223}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D9E25726-FEFC-4D93-A172-98B2498EA621}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D94FF140-DA62-40DF-9820-608CB9B7D8B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/22/2015 04:47:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2015 04:35:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 04:14:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2015 03:36:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 03:36:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 03:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2015 03:17:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2015 02:23:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 02:23:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/22/2015 02:19:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (09/22/2015 04:47:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2015 04:46:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-09-22 16:12:35.542
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-09-22 16:12:35.528
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-06-01 16:16:40.648
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\ntdll.dll" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16197.21 MB
Verfügbarer physikalischer RAM: 12780.89 MB
Summe virtueller Speicher: 32392.62 MB
Verfügbarer virtueller Speicher: 28325.91 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:953.77 GB) (Free:829.22 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: 09E0FDF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
22.09.2015, 15:58
| #9 |
| /// TB-Ausbilder | DNS Unlocker loswerden Wir entfernen noch die letzten Reste und kontrollieren anschließend nochmal alles mit weiteren Scannern. Bitte berichte mir, ob das Problem nach den Schritten weg ist oder nicht. Hinweis: Die Suchläufe mit EEK und ESET können länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
Tcpip\..\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}: [DhcpNameServer] 209.222.18.222 209.222.18.218
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {A4EC09D4-13F1-4C49-9308-2A10EA44511C} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
RemoveProxy:
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Lade Dir bitte von hier  Emsisoft Emergency Kit herunter.
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4 ESET Online Scanner
Bitte poste mit deiner nächsten Antwort
|
|
22.09.2015, 16:05
| #10 |
| | DNS Unlocker loswerden Hallo, ich habe den frst Ordner auf den Desktop verschoben. Wenn ich nun das Pogramm starte und auf entfernen drücke bekomme ich folgende Warnung: Es scheint als wüssten Sie nicht was sie tun. Um Schaden zu vermeiden wird sich das Pogramm nun beenden. |
|
22.09.2015, 16:10
| #11 | |
| /// TB-Ausbilder | DNS Unlocker loswerdenZitat:
 Mit einem Ordner hat das nichts zu tun. Schritt 1 nochmal durchlesen... Den Inhalt der Code-Box, den ich unter Schritt 1 gepostet hab, in eine leere txt Datei packen und die txt Datei als fixlist.txt abspeichern. FRST.exe starten und auf entfernen klicken... Eigentlich ganz einfach...  |
|
22.09.2015, 16:12
| #12 |
| | DNS Unlocker loswerden Das ist mir schon klar, dass das nichts mit dem Ordner zu tun hat. Ich wollte nur anmerken dass das möglicherweise das Problem ist. Die Fixlist ist selbstverständlich schon erstellt und ebenfalls am Desktop abgespeichter. Hätte ich wohl extra anmerken sollen. |
|
22.09.2015, 16:16
| #13 | |
| /// TB-Ausbilder | DNS Unlocker loswerdenZitat:
fixlist.txt FRST.exe Im Systemlaufwerk muss der Ordner FRST sein: C:\FRST kA, welchen Ordner du meinst...evtl. einen FRST-Ordner, der auf dem Desktop erstellt wird, wenn sich FRST neu updatet. Dann befinet sich darin die alte FRST.exe, den ordner kannst du dann eigentlich sofort löschen. Die Warnung kommt meist dann, wenn du einfach eine komplette Logdatei von FRST als fixlist.txt abspeicherst und nicht die paar wenigen Zeilen wie in meinem Schritt 1 gepostet. |
|
22.09.2015, 16:28
| #14 |
| | DNS Unlocker loswerden Du hattest recht, ich hab einen frst log abgespeichert  Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Alex (2015-09-22 17:18:54) Run:1
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
Tcpip\..\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}: [DhcpNameServer] 209.222.18.222 209.222.18.218
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKU\S-1-5-21-922301408-332873160-1376262277-1000 -> {A4EC09D4-13F1-4C49-9308-2A10EA44511C} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
RemoveProxy:
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C75AA87C-6D00-42FB-BD5D-D49555D27EF2}\\DhcpNameServer => Wert erfolgreich entfernt
"HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A4EC09D4-13F1-4C49-9308-2A10EA44511C}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{A4EC09D4-13F1-4C49-9308-2A10EA44511C} => Schlüssel nicht gefunden.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
EmptyTemp: => 2.2 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 17:19:02 ====
Code:
ATTFilter Emsisoft Emergency Kit - Version 10.0
Letztes Update: 22.09.2015 17:26:00
Benutzerkonto: Alex-PC\Alex
Scan-Einstellungen:
Scan-Methode: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien
PUPs-Erkennung: An
Archiv-Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan-Beginn: 22.09.2015 17:30:15
Key: HKEY_USERS\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\CLASSES\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5} Gefunden: Application.Toolbar (A)
Key: HKEY_USERS\S-1-5-21-922301408-332873160-1376262277-1000\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326} Gefunden: Application.Toolbar (A)
Gescannt: 83044
Gefunden 2
Scan-Ende: 22.09.2015 17:30:28
Scan-Zeit: 0:00:13
Gelöscht 0
PS: Das ist jetzt der zweite Scan, da ich beim ersten nur in die Quarantäne vershoben habe und dann gelöscht statt direkt zu löschen. |
|
22.09.2015, 16:30
| #15 | |
| /// TB-Ausbilder | DNS Unlocker loswerdenZitat:
 Macht ja nichts. |
|
| Themen zu DNS Unlocker loswerden |
| anleitung, bereit, dns, dns unlocker, erweiterungen, gefunde, immer wieder, leitung, locker, loswerden, mbam, nichts, popen, surfe, surfen, teamviewer, troja, trojaner, unlocker, unter, verdächtiges, warnungen |
und 
und speichere die Logdatei auf Deinem Desktop.
