Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Internetseiten werden vollgespamt mit Werbung!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 13.12.2015, 11:08   #1
JuliusxXx
 
Internetseiten werden vollgespamt mit Werbung! - Böse

Internetseiten werden vollgespamt mit Werbung!



Sehr gehertes Team,
ich untersuche meinen PC schon seid Monaten nach Malewar, Viren, Trojanern.
Doch dies vergebens...sobald ich einen Internetexplorer öffne und eine Internetseite betrete, wird an den Seiten alles vollgespamt.
Wenn ich dann wo hinclicken will, werde ich auf PC-Repair-Seiten weitergeleitet.
Ich habe Adblock installiert und schon viele Virenschutzsoftwars installiert jedoch haben alle nicht geholfen und ich habe auch Angst mir erneut noch etwas runterzuladen.
Wegen dem selben Problem habe ich letztes Jahr mein PC neu aufgesetzt und dies werde ich nicht nochmal machen wollen.
Ich hoffe das ich schnell eine Antwort bekomme!
Außerdem habe ich viele Anleitungen befollgt doch bei allen ist nichts passiert.
Vielen Dank schonmal im vorraus!
Julius

Geändert von JuliusxXx (13.12.2015 um 11:31 Uhr)

Alt 13.12.2015, 12:43   #2
M-K-D-B
/// TB-Ausbilder
 
Internetseiten werden vollgespamt mit Werbung! - Standard

Internetseiten werden vollgespamt mit Werbung!






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 13.12.2015, 13:17   #3
JuliusxXx
 
Internetseiten werden vollgespamt mit Werbung! - Standard

Internetseiten werden vollgespamt mit Werbung!




FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015 01
durchgeführt von Julius (Administrator) auf JULIUS-PC (13-12-2015 14:09:20)
Gestartet von C:\Users\Julius\Downloads
Geladene Profile: Julius (Verfügbare Profile: Julius & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sysinternals process Explorer) C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) D:\Users\Julius\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Spotify Ltd) C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Julius\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
HKLM\...\Run: [gpuminer] => C:\Users\Julius\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [mbot_de_014010063] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2014-12-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [Spotify Web Helper] => C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-02] (Spotify Ltd)
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [OneDrive] => "C:\Users\Julius\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [GoogleChromeAutoLaunch_044939204C016E84398025AA5214110E] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [Spotify] => C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-12-02] (Spotify Ltd)
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [ESL Wire] => D:\Program Files\EslWire\wire.exe [3771904 2014-12-09] (Turtle Entertainment GmbH)
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Run: [Gameo] => C:\Users\Julius\AppData\Roaming\Gameo\gameo.exe "C:\Users\Julius\AppData\Roaming\Gameo\gameo.dat" mode:minimized
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\MountPoints2: {2107e0ee-5a01-11e5-9bd6-74d435997828} - "F:\LG_PC_Programs.exe" 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Julius\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Julius\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Julius\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Julius\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Julius\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Julius\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-10-09]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2015-12-09]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-12] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-12] (Lavasoft Limited)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [NameServer] 199.203.131.151 82.163.143.181
Tcpip\..\Interfaces\{5b996dcd-c79f-43ab-b6c3-109f1a95ba91}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{5b996dcd-c79f-43ab-b6c3-109f1a95ba91}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6a0efc41-e7c8-4af6-b9d3-447cd781051a}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ef722ed9-a8ce-418c-8057-b04fbf6d139b}: [NameServer] 199.203.131.151 82.163.143.181
Tcpip\..\Interfaces\{ef722ed9-a8ce-418c-8057-b04fbf6d139b}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-004-752
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-004-752&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-004-752&q={searchTerms}
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D111215-A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-004-752
SearchScopes: HKLM -> DefaultScope {5EB58D8E-3B73-418C-902D-827209274513} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {5EB58D8E-3B73-418C-902D-827209274513} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-004-752&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-004-752&q={searchTerms}
SearchScopes: HKU\S-1-5-21-772782472-4148771176-3410317363-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D111215-A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
SearchScopes: HKU\S-1-5-21-772782472-4148771176-3410317363-1000 -> {5EB58D8E-3B73-418C-902D-827209274513} URL = 
SearchScopes: HKU\S-1-5-21-772782472-4148771176-3410317363-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://de.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10107__151112__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-772782472-4148771176-3410317363-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-004-752&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-11-12] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre7\bin\ssv.dll [2015-08-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\bin\ssv.dll [2015-06-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\bin\jp2ssv.dll [2015-06-06] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-772782472-4148771176-3410317363-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-772782472-4148771176-3410317363-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartpageing.com/?type=sc&ts=1449418292&z=6a9f8dc55e1b5001725e011g5z5z1t7z5gebfc0o3o&from=cor&uid=WDCXWD10JPVX-80JC3T0_WD-WX51AB3D0668D0668

FireFox:
========
FF ProfilePath: C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\hywyy970.default
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> D:\Program Files (x86)\bin\dtplugin\npDeployJava1.dll [2015-06-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> D:\Program Files (x86)\bin\plugin2\npjp2.dll [2015-06-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF SearchPlugin: C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\hywyy970.default\searchplugins\webssearches.xml [2015-12-13]
FF Extension: YahooToolsProtected  - C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\hywyy970.default\extensions\yahooprotected@gmail.com [2015-12-06] [ist nicht signiert]
FF Extension: WOT - C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\hywyy970.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Adblock Plus - C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\hywyy970.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-08]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\hywyy970.default\extensions\deskCutv2@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\hywyy970.default\extensions\yahooprotected@gmail.com

Chrome: 
=======
CHR Profile: C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (khagclindddokccfbmfmckaflngbmpon) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\khagclindddokccfbmfmckaflngbmpon [2015-08-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-23]
CHR Extension: (Skype Click to Call) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-23]
CHR Extension: (Norton Security Toolbar) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-10-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23]
CHR Extension: (oolpphfmdmjbojolagcbgdemojhcnlod) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2015-08-22]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
S2 EslWireHelper; D:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
S2 gopibeko; C:\Users\Julius\AppData\Local\03D40274-1439917235-0599-7806-280700080009\snsvAB5B.tmp [120832 2015-08-18] () [Datei ist nicht signiert]
S2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2546184 2015-11-12] (LogMeIn Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-24] (Electronic Arts)
S2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe [344232 2015-12-06] (Sysinternals process Explorer) <==== ACHTUNG
S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [X]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe" [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-05-25] ()
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-06] (LogMeIn Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 RTL8192cu; C:\Windows\System32\drivers\RTL8192cu.sys [806400 2011-05-13] (Realtek Semiconductor Corporation                           )
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [40568 2015-10-02] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [51400 2015-11-13] (SteelSeries ApS)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-13 14:11 - 2015-12-13 14:11 - 04676456 _____ (Kaspersky Lab ZAO) C:\Users\Julius\Downloads\tdsskiller.exe
2015-12-13 14:09 - 2015-12-13 14:10 - 00023457 _____ C:\Users\Julius\Downloads\FRST.txt
2015-12-13 14:08 - 2015-12-13 14:09 - 00000000 ____D C:\FRST
2015-12-13 14:08 - 2015-12-13 14:08 - 02369536 _____ (Farbar) C:\Users\Julius\Downloads\FRST64.exe
2015-12-13 12:29 - 2015-12-13 12:29 - 00016148 _____ C:\WINDOWS\system32\JULIUS-PC_Julius_HistoryPrediction.bin
2015-12-13 11:29 - 2015-12-13 11:29 - 00003206 _____ C:\WINDOWS\System32\Tasks\{A2F8FB57-1D53-4659-A3D1-F7048186DFE6}
2015-12-12 19:05 - 2015-12-12 19:05 - 00003222 _____ C:\WINDOWS\System32\Tasks\{9F35187C-91AE-45C7-ABCA-A454FE0DBA21}
2015-12-12 17:53 - 2015-12-12 18:45 - 1257142288 _____ C:\Users\Julius\Downloads\jka.rar
2015-12-12 15:54 - 2015-12-12 16:54 - 2239522815 _____ C:\Users\Julius\Downloads\_Oceanofgames.com_Chivalry_Medieval_Warfare.zip
2015-12-12 15:41 - 2015-12-12 16:53 - 00000000 ____D C:\Users\Julius\Documents\ManiaPlanet
2015-12-12 15:41 - 2015-12-12 16:40 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-12-12 15:41 - 2015-12-12 15:41 - 00000850 _____ C:\Users\Public\Desktop\SMStorm.lnk
2015-12-12 15:41 - 2015-12-12 15:41 - 00000806 _____ C:\Users\Public\Desktop\ManiaPlanet.lnk
2015-12-12 15:41 - 2015-12-12 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet
2015-12-12 15:41 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-12-12 15:37 - 2015-12-12 15:40 - 127307464 _____ (Nadeo ) C:\Users\Julius\Downloads\Maniaplanet_Setup_SMStorm.exe
2015-12-12 08:52 - 2015-12-12 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-12-10 18:21 - 2015-12-10 18:21 - 00345131 _____ C:\Users\Julius\Downloads\LotR2.Win7_.Patch.v2-lifeblogv3.exe
2015-12-10 18:21 - 2011-01-02 19:10 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
2015-12-10 14:29 - 2015-12-10 14:36 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-09 19:40 - 2015-12-09 19:40 - 00002155 _____ C:\Users\Julius\Desktop\SteelSeries Engine 3.lnk
2015-12-09 19:37 - 2015-12-10 18:07 - 00000000 ____D C:\Users\Julius\AppData\Roaming\steelseries-engine-3-client
2015-12-09 19:37 - 2015-12-09 19:37 - 00000000 ____D C:\ProgramData\SteelSeries
2015-12-09 19:37 - 2015-12-09 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-12-09 19:37 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-12-09 19:37 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-12-09 19:37 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-12-09 19:37 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-12-09 19:36 - 2015-12-09 19:36 - 00000000 ____D C:\Program Files\SteelSeries
2015-12-09 19:35 - 2015-12-09 19:36 - 80777776 _____ C:\Users\Julius\Downloads\SteelSeriesEngine3.6.2Setup.exe
2015-12-09 17:34 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 17:34 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-09 17:34 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-09 17:34 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-09 17:34 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 17:34 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 17:34 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-09 17:34 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-09 17:34 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-09 17:34 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 17:34 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 17:34 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 17:34 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-09 17:34 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 17:34 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-09 17:34 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 17:34 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 17:34 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 17:34 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-09 17:34 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 17:34 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-09 17:34 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-09 17:34 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-09 17:34 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-09 17:34 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-09 17:34 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 17:34 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 17:34 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 17:34 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 17:34 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-09 17:34 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 17:34 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-09 17:34 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 17:34 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-09 17:34 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-09 17:34 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 17:34 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-09 17:34 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 17:34 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-09 17:34 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 17:34 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 17:34 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-09 17:34 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-09 17:34 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 17:34 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-09 17:34 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-09 17:34 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 17:34 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-09 17:34 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 17:34 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 17:34 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 17:34 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-09 17:34 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 17:34 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 17:34 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 17:34 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 17:34 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-09 17:34 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-09 17:34 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 17:34 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 17:34 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 17:34 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-09 17:34 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 17:34 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-09 17:34 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 17:34 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 17:34 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 17:34 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 17:34 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-09 17:34 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-09 17:34 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 17:34 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 17:34 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-09 17:34 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 17:34 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 17:34 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 17:34 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 17:34 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 17:34 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 17:34 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 17:26 - 2015-12-09 18:25 - 19452096 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-12-08 16:59 - 2015-12-08 16:59 - 00000000 ____D C:\ProgramData\{0a7f973f-30c8-0}
2015-12-08 16:59 - 2015-12-08 16:59 - 00000000 ____D C:\ProgramData\{005cb465-50c8-1}
2015-12-08 16:29 - 2015-12-08 16:29 - 00000000 ____D C:\Users\Julius\Documents\My Cheat Tables
2015-12-08 16:11 - 2015-12-08 16:11 - 00000000 ____D C:\Users\Julius\Desktop\Chemie
2015-12-06 17:12 - 2015-12-06 17:12 - 00000000 ____D C:\ProgramData\Tmp0x0x
2015-12-06 17:11 - 2015-12-08 16:16 - 00000000 ____D C:\Users\Julius\AppData\Roaming\istartpageing
2015-12-06 17:11 - 2015-12-06 17:11 - 00301829 _____ ( ) C:\Users\Julius\Downloads\Tom_Clancys_Splinter_Cell_Double_Agent_Full_PC_Cracked_ [1].exe
2015-12-06 17:10 - 2015-12-06 17:11 - 00947840 _____ (Program Web ) C:\Users\Julius\Downloads\Tom_Clancys_Splinter_Cell_Double_Agent_Full_PC_Cracked_.exe
2015-12-06 17:07 - 2015-12-06 17:07 - 02482228 _____ C:\Users\Julius\Desktop\Splinter Cell Double Agent No CD Crack!!.rar
2015-12-06 10:29 - 2015-12-06 10:29 - 00000000 ____D C:\Users\Julius\AppData\Local\Ori and the Blind Forest
2015-12-04 16:39 - 2015-12-04 16:39 - 00003252 _____ C:\WINDOWS\System32\Tasks\WinZipDriverUpdaterRunAtStartup
2015-12-04 16:39 - 2015-12-04 16:39 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-12-04 16:39 - 2015-12-04 16:39 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-12-04 16:39 - 2015-12-04 16:39 - 00000000 ____D C:\Users\Julius\AppData\Roaming\WinZip
2015-12-04 16:39 - 2015-12-04 16:39 - 00000000 ____D C:\Users\Julius\AppData\Roaming\ScreenSnapshotTool
2015-12-04 16:39 - 2015-12-04 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Driver Updater
2015-12-04 16:39 - 2015-12-04 16:39 - 00000000 ____D C:\Program Files (x86)\ScreenSnapshotTool
2015-12-04 16:39 - 2015-12-04 15:40 - 00000000 ____D C:\Program Files (x86)\WinZip Driver Updater
2015-12-04 16:08 - 2015-12-10 18:18 - 00000000 ____D C:\Users\Julius\BrawlhallaReplays
2015-12-04 16:05 - 2015-12-04 16:05 - 00000000 ____D C:\Users\Julius\AppData\Roaming\BrawlhallaAir
2015-12-04 15:46 - 2015-12-04 15:47 - 00000000 ____D C:\Users\Julius\AppData\Local\Gameo
2015-12-04 15:46 - 2015-12-04 15:46 - 00003824 _____ C:\WINDOWS\System32\Tasks\gameo_update
2015-12-04 15:46 - 2015-12-04 15:46 - 00000174 _____ C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-12-04 15:46 - 2015-12-04 15:46 - 00000000 ___HD C:\Users\Julius\AppData\Roaming\GoldenGate
2015-12-04 15:46 - 2015-12-04 15:46 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
2015-12-04 15:45 - 2015-12-04 15:47 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Gameo
2015-12-04 15:39 - 2015-12-05 09:37 - 00000318 _____ C:\WINDOWS\Tasks\WinZipDriverUpdater_UPDATES.job
2015-12-04 15:39 - 2015-12-04 15:39 - 00003134 _____ C:\WINDOWS\System32\Tasks\WinZipDriverUpdater_UPDATES
2015-12-04 13:04 - 2015-12-04 13:04 - 00001207 _____ C:\Users\Julius\Desktop\Die Installation von napoleon.total.war.update_Downloader fortsetzen.lnk
2015-12-04 11:21 - 2015-12-04 11:21 - 00000000 ____D C:\Users\Julius\AppData\Roaming\The Creative Assembly
2015-12-04 11:19 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-12-04 11:19 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-12-04 11:19 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-12-04 11:19 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-12-04 11:19 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-12-04 11:19 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-12-04 11:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-12-04 11:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-12-04 11:19 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-12-04 11:19 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-12-04 11:19 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-12-04 11:19 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-12-04 11:19 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-12-04 11:19 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-12-04 11:19 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-12-04 11:19 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-12-04 11:19 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-12-04 11:19 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-12-04 11:19 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-12-04 11:19 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-12-04 11:19 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-12-04 11:19 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-12-04 11:19 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-12-04 11:19 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-12-04 11:19 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-12-04 11:19 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-12-04 11:19 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-12-04 11:19 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-12-04 11:19 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-12-04 11:19 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-12-04 11:19 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-12-04 11:19 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-12-04 11:19 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-12-04 11:19 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-12-04 11:19 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-12-04 11:19 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-12-04 11:19 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-12-04 11:19 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-12-04 11:19 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-12-04 11:19 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-12-04 11:19 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-12-04 11:19 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-12-04 11:19 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-12-04 11:19 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-12-04 11:19 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-12-04 11:19 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-12-04 11:19 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-12-04 11:19 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-12-04 11:19 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-12-04 11:19 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-12-04 11:19 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-12-04 11:19 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-12-04 11:19 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-12-04 11:19 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-12-04 11:19 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-12-04 11:19 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-12-04 11:19 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-12-04 11:19 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-12-04 11:19 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-12-04 11:19 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-12-04 11:19 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-12-04 11:19 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-12-04 11:19 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-12-04 11:19 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-12-04 11:19 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-12-04 11:19 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-12-04 11:19 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-12-04 11:19 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-12-04 11:19 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-12-04 11:19 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-12-04 11:19 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-12-04 11:19 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-12-04 11:19 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-12-04 11:19 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-12-04 11:19 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-12-04 11:19 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-12-04 11:19 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-12-04 11:19 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-12-04 11:18 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-12-04 11:18 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-12-04 11:18 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-12-04 11:18 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-12-04 11:18 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-12-04 11:18 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-12-04 11:18 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-12-04 11:18 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-12-04 11:18 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-12-04 11:18 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-12-04 11:18 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-12-04 11:18 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-12-04 11:18 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-12-04 11:18 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-12-04 11:18 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-12-04 11:18 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-12-04 11:18 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-12-04 11:18 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-12-04 11:18 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-12-04 11:18 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-12-04 11:18 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-12-04 11:18 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-12-04 11:18 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-12-04 11:18 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-12-04 11:18 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-12-04 11:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-12-04 11:18 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-12-04 11:18 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-12-04 11:18 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-12-04 11:18 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-12-04 11:18 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-12-04 11:18 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-12-04 11:18 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-12-04 11:18 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-12-04 11:18 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-12-04 11:18 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-12-04 11:18 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-12-04 11:18 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-12-04 11:18 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-12-04 11:18 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-12-04 11:18 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-12-04 11:18 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-12-04 11:18 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-12-04 11:18 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-12-04 11:18 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-12-04 11:18 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-12-04 11:18 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-12-04 11:18 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-12-04 11:18 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-12-04 11:18 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-12-04 11:18 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-12-04 11:18 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-12-04 11:18 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-12-04 11:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-12-04 11:18 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-12-04 11:18 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-12-04 11:18 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-12-04 11:18 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-12-04 11:18 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-12-04 11:18 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-12-04 11:18 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-12-04 11:18 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-12-04 11:18 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-12-04 11:18 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-12-04 11:18 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-12-04 11:18 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-12-04 11:18 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-12-04 11:18 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-12-04 11:18 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-12-04 11:18 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-12-04 11:18 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-12-04 11:18 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-12-04 11:18 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-12-04 11:18 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-11-29 12:43 - 2015-11-29 13:37 - 00000000 ____D C:\Users\Julius\Desktop\Reli
2015-11-24 17:51 - 2015-12-04 16:30 - 00000000 ____D C:\Users\Julius\Desktop\NWT
2015-11-22 11:46 - 2015-12-08 16:15 - 00000811 _____ C:\Users\Julius\Desktop\Start Tor Browser (2).lnk
2015-11-15 09:53 - 2015-11-15 09:53 - 00004400 _____ C:\WINDOWS\System32\Tasks\avast! BCU UpdateS-1-5-21-772782472-4148771176-3410317363-1000
2015-11-15 09:53 - 2015-11-15 09:53 - 00003520 _____ C:\WINDOWS\System32\Tasks\avastBCLS-1-5-21-772782472-4148771176-3410317363-1000
2015-11-15 09:53 - 2015-11-15 09:53 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup
2015-11-15 09:53 - 2015-11-15 09:53 - 00000000 ____D C:\Users\Julius\AppData\Roaming\AVAST Software
2015-11-13 22:00 - 2015-11-13 22:00 - 01804680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-11-13 22:00 - 2015-11-13 22:00 - 00051400 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
2015-11-13 15:18 - 2015-11-13 15:18 - 00000856 _____ C:\Users\Public\Desktop\LOL Recorder.lnk
2015-11-13 14:47 - 2015-11-13 14:47 - 00000000 ____D C:\Users\Julius\AppData\Local\Skype

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-13 14:10 - 2015-05-25 15:54 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Spotify
2015-12-13 14:09 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-13 14:06 - 2015-09-26 12:03 - 00000000 ____D C:\Users\Julius\AppData\Local\Spotify
2015-12-13 14:04 - 2015-06-07 15:40 - 00000000 ____D C:\Users\Julius\AppData\Roaming\TS3Client
2015-12-13 13:25 - 2015-10-04 19:29 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-13 11:57 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-13 11:54 - 2015-05-25 10:10 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-13 11:50 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-13 11:50 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-13 11:32 - 2015-05-25 10:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-13 11:18 - 2015-08-18 16:18 - 00001078 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-12-13 11:15 - 2015-08-18 16:00 - 00000000 ____D C:\Users\Julius\AppData\Local\03D40274-1439917235-0599-7806-280700080009
2015-12-13 11:15 - 2015-08-11 12:04 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BD1CEF6A-057A-4A4C-9CAF-85AE4B0F2BA0}
2015-12-13 11:14 - 2015-10-30 17:05 - 00000000 ____D C:\Users\Julius\AppData\Local\ESL Wire Game Client
2015-12-13 11:10 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-13 11:09 - 2015-07-10 13:20 - 00219872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-12 21:54 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-12 21:32 - 2015-10-04 19:29 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-12 18:57 - 2015-10-04 16:54 - 00314880 ___SH C:\Users\Julius\Downloads\Thumbs.db
2015-12-12 16:59 - 2015-08-18 15:59 - 00000362 _____ C:\WINDOWS\Tasks\Superclean.job
2015-12-12 15:41 - 2015-07-30 18:50 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-12 15:41 - 2015-07-10 17:34 - 00883584 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-12 15:41 - 2015-07-10 17:34 - 00195718 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-12 08:52 - 2015-09-23 16:00 - 00000727 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-12-12 08:51 - 2015-07-30 18:51 - 00000000 ____D C:\Users\Julius
2015-12-12 08:46 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-10 15:15 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-10 15:12 - 2015-06-27 08:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 15:05 - 2015-06-27 08:17 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-10 14:49 - 2015-09-13 11:19 - 00000000 ____D C:\WINDOWS\Panther
2015-12-10 13:43 - 2015-09-23 16:04 - 00003980 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1443020663
2015-12-10 13:43 - 2015-09-23 16:04 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-10 13:43 - 2015-09-23 16:03 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-09 19:40 - 2015-10-02 13:44 - 00063488 ___SH C:\Users\Julius\Desktop\Thumbs.db
2015-12-09 18:25 - 2015-10-04 19:29 - 00004084 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-12-09 04:39 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-08 17:53 - 2015-08-14 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-08 16:24 - 2015-07-13 16:15 - 00001084 _____ C:\Users\Julius\Desktop\Steam.lnk
2015-12-08 16:15 - 2015-10-05 16:25 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-08 16:15 - 2015-09-23 16:04 - 00001180 _____ C:\Users\Public\Desktop\Opera.lnk
2015-12-08 16:15 - 2015-05-25 11:41 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-08 16:07 - 2015-08-18 17:17 - 00000000 ____D C:\Users\Julius\AppData\Local\Steam
2015-12-06 17:12 - 2015-05-25 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-05 10:35 - 2015-05-25 10:10 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 10:35 - 2015-05-25 10:10 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-05 10:35 - 2015-05-25 10:10 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-01 01:32 - 2015-10-11 11:57 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-11 11:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-28 17:40 - 2015-05-25 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-24 20:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-11-24 17:52 - 2015-08-19 10:36 - 00000000 ____D C:\Users\Julius\AppData\Local\Windows Live
2015-11-22 11:49 - 2015-09-20 16:43 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-11-22 11:44 - 2015-11-12 19:25 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-13 18:59 - 2015-05-25 12:30 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Skype
2015-11-13 16:31 - 2015-11-12 13:17 - 00000798 _____ C:\Users\Julius\Desktop\lol.launcher.admin - Shortcut.lnk
2015-11-13 14:56 - 2015-11-12 16:43 - 00000000 ____D C:\Users\Julius\AppData\Roaming\DriverFinder
2015-11-13 14:44 - 2015-05-28 19:00 - 00000000 ____D C:\Users\Julius\AppData\Roaming\LolClient
2015-11-13 13:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-31 08:14 - 2015-07-31 08:14 - 0000000 _____ () C:\Program Files (x86)\Norton Internet Security
2015-07-31 08:14 - 2015-07-31 08:14 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2015-06-07 13:14 - 2015-06-07 18:55 - 0000040 _____ () C:\Users\Julius\AppData\Roaming\cdr.ini
2015-08-23 17:34 - 2015-08-23 17:34 - 0000134 _____ () C:\Users\Julius\AppData\Local\updt.js
2015-11-12 16:47 - 2015-11-12 16:47 - 0000085 ___SH () C:\ProgramData\.zreglib

Einige Dateien in TEMP:
====================
C:\Users\Julius\AppData\Local\Temp\EslWireSetup-1.19.0.8185-x64.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 14:24

==================== Ende von FRST.txt ============================
         
--- --- ---
__________________

Alt 13.12.2015, 13:18   #4
JuliusxXx
 
Internetseiten werden vollgespamt mit Werbung! - Standard

Internetseiten werden vollgespamt mit Werbung!



FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-12-2015 01
durchgeführt von Julius (2015-12-13 14:11:52)
Gestartet von C:\Users\Julius\Downloads
Windows 10 Pro (X64) (2015-07-30 18:06:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-772782472-4148771176-3410317363-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-772782472-4148771176-3410317363-503 - Limited - Disabled)
Gast (S-1-5-21-772782472-4148771176-3410317363-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-772782472-4148771176-3410317363-1006 - Limited - Enabled)
Julius (S-1-5-21-772782472-4148771176-3410317363-1000 - Administrator - Enabled) => C:\Users\Julius

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Advanced ScreenSnapshot 1.1 (HKLM\...\{61FFE1F9-137D-4c31-A181-3415FCAA5946}) (Version: 1.1.0.11070 - qiusheng xie) <==== ACHTUNG
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
AutoGreen B12.1220.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.1220.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version:  - Blue Mammoth Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
Easy Tune 6 B13.1111.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1111.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version:  - SEIKO EPSON Corporation)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version:  - Turtle Entertainment GmbH)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version:  - Ubisoft)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Heroes of Scene (HKLM-x32\...\Steam App 356130) (Version:  - Icy Donut)
ISY N300 Micro WLAN N USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Marvel Super Heroes (HKLM-x32\...\LEGO Marvel Super Heroes_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.3 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.41 - www.leaguereplays.com)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mortal Kombat X (HKLM-x32\...\Mortal Kombat X_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
PlanetSide 2 (HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Rocket League (HKLM-x32\...\Rocket League_is1) (Version:  - Psyonix)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - ) <==== ACHTUNG
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Spotify (HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
SteelSeries Engine 3.6.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.6.2 - SteelSeries ApS)
TeamSpeak 3 Client (HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
World of Warships (HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-772782472-4148771176-3410317363-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> D:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-772782472-4148771176-3410317363-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> D:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-772782472-4148771176-3410317363-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> D:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-772782472-4148771176-3410317363-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> D:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-772782472-4148771176-3410317363-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> D:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-772782472-4148771176-3410317363-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> D:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-10-09 16:35 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06FC3D88-5998-423E-A7EB-D4EC4566FDDA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1007F0C5-BD8F-473C-85E8-855275A04F28} - System32\Tasks\{A2F8FB57-1D53-4659-A3D1-F7048186DFE6} => pcalua.exe -a G:\Bin\autorun.exe -d G:\Bin
Task: {15680F3A-4E8D-4966-83B6-D3474F982DB1} - System32\Tasks\avastBCLS-1-5-21-772782472-4148771176-3410317363-1000 => C:\Users\Julius\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
Task: {1609D38B-D546-4C81-80BE-EAB0CA0FDD6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1A0E8AF7-7524-4362-AF2D-290063710872} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1CBF8886-41F8-47B0-8DAD-5B41E54CCD84} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {28A34A3E-352C-43C8-99D9-F192CD3C13DF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {2A13041B-7F33-44F3-A9DB-DFC4239F5A5D} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe
Task: {2C29BDE3-4D00-4805-BCC2-BFDA5B6C270C} - System32\Tasks\gameo_update => C:\Users\Julius\AppData\Roaming\Gameo\gameo.exe <==== ACHTUNG
Task: {34F66CA9-EBA4-4B29-B927-8EB8ED1DB281} - System32\Tasks\WinZipDriverUpdater_UPDATES => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
Task: {360D5447-DA4D-485C-B461-BFB5C5160CBD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe
Task: {3D2EE65E-90F7-4D70-B219-CFF5F51AD58B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {408A9B9F-1AFD-4C4F-AEA3-6A4E5AA1B9CC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {45FE6F43-1AE3-4B06-82BA-DAB712FC3B1C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4710F22B-2965-4A9F-A605-419298A06DA1} - System32\Tasks\Security Utility Updater => C:\WINDOWS\system32\wscript.exe [2015-07-10] (Microsoft Corporation)
Task: {4D473F57-29F4-4BB3-B833-B58A7A741DB5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4F3397E0-F9E6-4030-A597-F5A8CF310D08} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {515D1F26-7E7F-4F68-8A1E-24B1129A1A80} - System32\Tasks\{0A388D99-0AAC-4040-8203-B66E15E5CBEA} => Firefox.exe hxxp://ui.skype.com/ui/0/7.5.0.101/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {59475E35-C4C5-43C8-85E9-D4CA8A0629EB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5D74D4A9-145D-4C52-8BE8-D6FDF906AA3E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {65CDCACF-870A-4925-95F3-2E8EBA851FAF} - System32\Tasks\$crrUnisntlDsply$ Updater => C:\WINDOWS\system32\wscript.exe [2015-07-10] (Microsoft Corporation)
Task: {6D6297EA-D263-4D74-8DDD-E5237E93C2E4} - System32\Tasks\Uninstaller_SkipUac_Julius => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {6D7C3BFB-19F1-4225-8C23-3874F61810E9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6FA139B7-2780-46C0-A559-D4AD98346306} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {701BBF3D-D3C1-41D0-9CF9-F62F1B022E5E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {70590570-E1D0-499C-8531-DD89C33C268E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {762E10AA-64E5-4616-9690-EEBB30D25C23} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {78FDF927-D76C-4545-A9F5-D1E6F2C9C62E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7FF8F881-E4E0-4579-ADAC-3892EB25B54B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8111F2D7-172D-442C-8452-7C4EA8FBB1B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {824509E4-EA59-44E4-92F2-F4E6DAFCFADF} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
Task: {93DD261B-3689-4048-AA23-72698541249D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {97778A30-1158-418D-8171-F05319637CD4} - System32\Tasks\ASC8_SkipUac_Julius => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {9B6450F2-6C66-4870-B93E-3E2822319F0B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {9D5A9D58-5C7B-4CBE-AC84-F417C1EDC18E} - System32\Tasks\avast! BCU UpdateS-1-5-21-772782472-4148771176-3410317363-1000 => C:\Users\Julius\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe
Task: {9DF6014E-DEF9-4C92-A021-905DBA094D28} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A1BF4B48-EC46-4FB0-AA64-BDEE59BC172A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A7AA6BB9-A38B-47F9-B1F9-B4CFA4444857} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {AAEDCF7C-B1F7-424F-AD62-3470C1DD2C6B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {AAF70867-E99C-43B3-809F-FB8A792BB2BA} - System32\Tasks\WinZipDriverUpdaterRunAtStartup => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
Task: {ABABF28D-3CA4-4DD0-B1C9-3FA0D544D1FA} - System32\Tasks\{9F35187C-91AE-45C7-ABCA-A454FE0DBA21} => pcalua.exe -a D:\JKA\CD1\autorun.exe -d D:\JKA\CD1
Task: {ADCDE2EE-2D34-4AA0-B9FF-AC8A75AAD045} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AF9E9FD8-7E2C-4DDA-96C4-B762C87EC39E} - System32\Tasks\Opera scheduled Autoupdate 1443020663 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {B4C03124-7BD7-4150-A158-BC7D6384AF30} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B55E79A4-8DB7-4819-8A0B-F7A7E8F1E92D} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe
Task: {CB585EFB-0657-4AA9-A21E-C346138FDD5C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {CF352860-BEA8-40BE-95CA-5A5BE3D8B154} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D0E1845F-4BC2-44D1-A038-6EE391E622EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {D7D094F3-3620-49DA-BB41-A290B65BBADA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {D950D26F-A16A-403E-91A0-CF1344111E68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DC618783-1272-4439-A1EB-EEACB2768EFB} - System32\Tasks\Superclean => c:\programdata\{91e6956a-7d19-0e35-91e6-6956a7d155a9}\hqghumeaylnlf.exe [2014-08-18] (Super PC Tools Ltd) <==== ACHTUNG
Task: {DEAEB248-35A3-4E6C-8672-31C973E3D389} - System32\Tasks\cfr3011 => C:\PROGRA~2\FASTSE~1\cfr3011.exe <==== ACHTUNG
Task: {E11903F3-2F72-4460-8426-C52997D0EBDA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E12781B1-0D3F-48FC-94BB-EC8E1B3EBBBF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E37AC991-F9EB-40FF-A5E6-411538CA3251} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {F04339D4-8436-4BD5-A2A3-63557B762562} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {F2C9E6AE-BC45-4C33-96E6-100B77578CEA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F3DAEC36-0791-45D8-A526-1EF840E79DE2} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ACHTUNG
Task: {F8AB4904-D2CF-425D-8E2C-232B004958EE} - System32\Tasks\{C2B5B19D-E9F4-4D48-9BF0-C49468B406C8} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.0.105/de/abandoninstall?page=tsProgressBar
Task: {FC76FBB7-CB0C-4237-B55A-5B1D7D81758D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE95ACBB-648C-450C-9C3B-7ADBEE1AA40B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FEE4A0C2-55AB-4390-BBD9-739FBA6F8B4C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Julius.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Superclean.job => c:\programdata\{91e6956a-7d19-0e35-91e6-6956a7d155a9}\hqghumeaylnlf.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Julius.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\WinZipDriverUpdater_UPDATES.job => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-30 19:38 - 2015-07-30 19:38 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 10:17 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-02 19:42 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-02 19:42 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\Users\Julius\AppData\Local\MEGAsync\ShellExtX64.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-04-08 20:53 - 2015-04-08 20:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-10-02 19:42 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-12-09 17:34 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 17:34 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 17:34 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 19:42 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-02-28 10:14 - 2015-11-27 14:53 - 00175080 _____ () D:\Users\Julius\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-08-04 14:43 - 2015-11-27 14:53 - 00103400 _____ () D:\Users\Julius\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 14:43 - 2015-11-27 14:53 - 00108008 _____ () D:\Users\Julius\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 14:46 - 2015-11-27 14:53 - 00312296 _____ () D:\Users\Julius\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 14:46 - 2015-11-27 14:53 - 00483816 _____ () D:\Users\Julius\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-06-05 14:48 - 2015-11-27 14:53 - 00317440 _____ () D:\Users\Julius\AppData\Local\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 14:48 - 2015-11-27 14:53 - 01709056 _____ () D:\Users\Julius\AppData\Local\TeamSpeak 3 Client\LIBEAY32.dll
2014-08-04 18:13 - 2015-11-10 20:55 - 00778752 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 08:34 - 2015-07-03 17:12 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2014-08-04 18:13 - 2015-12-10 21:11 - 02547280 _____ () D:\Program Files (x86)\Steam\video.dll
2014-08-29 09:24 - 2015-09-24 01:33 - 02549248 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 09:24 - 2015-09-24 01:33 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 09:24 - 2015-09-24 01:33 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 09:24 - 2015-09-24 01:33 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 09:24 - 2015-09-24 01:33 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-20 08:34 - 2015-07-03 17:12 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 08:34 - 2015-07-03 17:12 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2014-08-04 18:13 - 2015-12-10 21:11 - 00804432 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 14:30 - 2015-11-03 23:00 - 00201728 _____ () D:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-08-04 18:13 - 2015-11-17 01:31 - 47846176 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-20 08:34 - 2015-09-25 00:56 - 00119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2015-05-25 15:57 - 2015-12-02 20:11 - 50679920 _____ () C:\Users\Julius\AppData\Roaming\Spotify\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\AMD:Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files (x86)\AMD:Win32App
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App
AlternateDataStreams: C:\Program Files (x86)\GIGABYTE:Win32App
AlternateDataStreams: C:\Program Files (x86)\Norton Internet Security:Win32App

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acwfp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-772782472-4148771176-3410317363-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 199.203.131.151 - 82.163.143.181
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EADM => "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EasyTuneVI => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: search => cmd /c del %temp%\search.xpi
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VIAxHCUtl => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\StartupApproved\Run: => "HDAudDeck"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "gpuminer"
HKLM\...\StartupApproved\Run32: => "mbot_de_014010063"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_044939204C016E84398025AA5214110E"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "Security Utility"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "ESL Wire"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "Gameo"
HKU\S-1-5-21-772782472-4148771176-3410317363-1000\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{4E33FCD6-3DB9-49CD-8090-5DD954319776}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{553F6B2C-DC09-43A7-874E-CABF80EA295F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{CFC830EB-210D-4241-9F3D-DC15CE3ED322}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{0E92F443-E166-4674-BB14-2023CD188AC3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{4F4B94CF-655A-41E6-86E3-416A822811CF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{DF848657-1A5B-4FA6-82B9-151270BB0FE0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{8BB1C169-04B5-4472-A799-16E29EB0002E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{BAFE21BF-5217-4E92-B66D-E3415AD98452}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{6F392F39-586B-4920-918C-14217FAEDDE1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{0BEF4D47-4793-4559-9EBA-4C3BAF00334F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7BABFF2F-998A-4D15-9071-C13D03D2F50B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{EDD0D437-678C-4B16-B91B-6221DCC476C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A06881B0-1D14-46FB-982A-754C728583CD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{84FE64FB-5EAD-4562-9CEE-831C84C37BB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{95E1C2C3-F9D1-46B7-A5ED-661D53F3F10D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{095F1514-A39D-45CA-8980-8B275A0C015D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{EFC638BE-BB41-4AA8-9A42-CEBDC68FEAD0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1C80DC6B-5A7E-443E-AD80-A2BE8CBA3BB0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{9F33CA9E-A502-427F-845D-D103AD7789B8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{287BEFC3-054A-4E6D-8C8C-563D71686B89}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{EE944881-C6EF-4C7B-A2D0-A666CA396285}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{55315AC8-3E43-4AF1-8294-AC1E52FEBC3E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B24317D1-7EAC-4E7A-BCE1-A7C362A39E9C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{E8D1846E-B45B-4076-9809-66197CCDBF5B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{BCEC2A2B-3B9B-42B5-8219-BAADDE1AAE67}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DD68F97A-53D5-48A5-860F-A3745EBE8887}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0D94D44B-106D-45ED-9930-89A2F5AC4FF4}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{05D56741-8BC2-41B6-8FB4-EC065CBD56A9}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D3DE252A-9DA1-49D2-94D6-229B750A7BC4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{F85FBC62-B93F-4673-9DA3-6716E6D16853}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{0A7A7AFD-C0F3-4D59-974D-1316F06DE3CF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{1409768B-C2ED-4ABE-97C3-6A3B4C50BA3B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9E62F7A6-F19B-4706-A759-E442565701AF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{25D281E9-EB60-4A53-929E-760935374D7E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{FF43670B-0219-4B3E-BDB8-F4CCEFC6B8DC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{CBBDB4CA-1A84-4705-B69A-9CB15AE2758C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{BD07529E-49B7-499C-A1B3-510209E3CD9A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{5229F0FA-2368-4E3F-86DB-E6D4ACFA3D0C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{00BF58F0-9C76-42E9-9161-9E175A042CA1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2981E57F-B8C9-4303-9E2D-5CD78C651DFC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [UDP Query User{D51654E3-924D-4C6D-BE05-EA47405E904F}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6FF83F29-F4E6-4255-9A90-9B4BDB069692}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7C6342C7-1578-4503-9F20-8E7B7897F5FE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D0E0DB62-5C6F-4B4E-9366-45F23AAC994B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E8EDCF3D-B19E-45D3-A41D-6F7A88421431}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0EE0B692-16F0-40D8-A64D-D53C82F2FA15}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{943760E3-1FA3-4CFF-A44B-719FD74C0948}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{910ADA97-940B-4F98-B800-A5DEB64F5089}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D36042-6B42-4F32-B027-0DF6CF246CAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FB6EB869-2B07-44A0-AAF6-E330E6251A7E}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5EB39EE0-EF3D-4BBC-ABD5-84FAD5425F9A}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8114C7C2-6291-4582-9757-69C930235A84}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF8C6F45-B8BD-4AD0-A8F2-339C541A1F13}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{FB8EAFAB-BFA4-461B-874D-510FA0EEE8CC}D:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) D:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{FD7B4493-1926-4241-853A-E7C3BEE5F32D}D:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) D:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{2B455443-3106-4298-A22E-272478D36419}D:\program files (x86)\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\program files (x86)\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{383CAB7E-37A6-4A0C-B7E8-6CDEED5E7B10}D:\program files (x86)\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\program files (x86)\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{8D406BD9-6B32-451C-8005-0562B27184FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5AB49E27-3E83-435B-AA75-32459C5BA2BE}] => (Allow) LPort=2869
FirewallRules: [{B54456A6-6518-4435-B168-07FBCE7E988D}] => (Allow) LPort=1900
FirewallRules: [{0D69217E-D8F4-40CC-A7A4-EB2AD7719143}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [TCP Query User{91FF0762-7E7F-4233-8C21-690D2B1F54E7}D:\android2\bin\studio64.exe] => (Allow) D:\android2\bin\studio64.exe
FirewallRules: [UDP Query User{089EBA97-1822-4B05-AED2-134A4F4F331B}D:\android2\bin\studio64.exe] => (Allow) D:\android2\bin\studio64.exe
FirewallRules: [TCP Query User{2C55A470-B257-4A91-B1EE-140066DE474A}D:\program files\java\jdk1.7.0_79\bin\java.exe] => (Allow) D:\program files\java\jdk1.7.0_79\bin\java.exe
FirewallRules: [UDP Query User{D49C2D95-BFAE-479A-8623-2F5E2D3E71BB}D:\program files\java\jdk1.7.0_79\bin\java.exe] => (Allow) D:\program files\java\jdk1.7.0_79\bin\java.exe
FirewallRules: [{02258F45-7025-4EA0-8EE9-59D6A4424F39}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{600C57C4-0FAF-4665-8550-58AA3704A4BB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [TCP Query User{A99D6BA3-B909-4BF4-9E4E-D71CD87C585B}D:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) D:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{0E8717B4-29E8-4562-BD0B-68061551A626}D:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) D:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [TCP Query User{CE0E75DD-A75F-42D3-9C28-9D9F6A43E23E}D:\games\world_of_warships\wowslauncher.exe] => (Allow) D:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{C7A5E055-4DA4-47F0-A023-6B2C364DFDBD}D:\games\world_of_warships\wowslauncher.exe] => (Allow) D:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{C0567102-8CE5-4E8D-A9B3-7F1D48BA6CE9}C:\users\julius\desktop\tiuriu\the forest\theforest.exe] => (Allow) C:\users\julius\desktop\tiuriu\the forest\theforest.exe
FirewallRules: [UDP Query User{4B94A7E3-010B-4D8D-8056-6379B1586DB0}C:\users\julius\desktop\tiuriu\the forest\theforest.exe] => (Allow) C:\users\julius\desktop\tiuriu\the forest\theforest.exe
FirewallRules: [{B365C947-0402-49B7-97C0-C64647B11ACA}] => (Block) C:\users\julius\desktop\tiuriu\the forest\theforest.exe
FirewallRules: [{A320B5B3-3FD9-4250-9728-71ACF5195C03}] => (Block) C:\users\julius\desktop\tiuriu\the forest\theforest.exe
FirewallRules: [TCP Query User{07A25614-781C-4E2A-B6E2-CC1D590FF1AC}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{FADAB803-0995-462B-B1A3-B0C924E1C9C9}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{47179F40-3AE7-4F32-8E15-0FC4F11F7EC6}] => (Allow) D:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe
FirewallRules: [{198170F4-B585-4F21-B3B1-CF59CE1234C9}] => (Allow) D:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe
FirewallRules: [{3B641A04-508B-41A6-BFF5-2E3644236BCE}] => (Allow) D:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{5912B8F2-CE36-49DB-B257-59A805F937E4}] => (Allow) D:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{CCC9D257-17A6-4A17-83AF-2E003A3C53EA}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DB6C87C6-7E78-44BF-AF08-75A9550826DF}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6D343A4B-4476-4283-B2E9-1A14FECB6D27}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F2D72A40-308A-43C6-91CF-C9F8A988E82D}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{93262E08-89C1-472A-877E-FB13B864CE8F}] => (Allow) D:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\game.dat
FirewallRules: [{1336E156-6090-4546-B702-0A59BA4B560B}] => (Allow) D:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\game.dat
FirewallRules: [{44444C78-7176-416A-B735-52098BE7B8F0}] => (Allow) D:\Herr der Ringe\The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2-RELOADED\game.dat
FirewallRules: [{5DA66569-315D-43C6-8BE1-C775DFABA28D}] => (Allow) D:\Herr der Ringe\The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2-RELOADED\game.dat
FirewallRules: [{B68D895D-3E1D-4F55-B986-B29F968BA580}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Heroes Of Scene\HeroesOfScene.exe
FirewallRules: [{BEF1CB66-2E36-479A-A6E6-9B3CA27856F8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Heroes Of Scene\HeroesOfScene.exe
FirewallRules: [TCP Query User{2A7633C9-16BE-49F9-938E-84CDB1554D8F}D:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{9364215F-3E6D-42F8-89C5-13A6D38A7F81}D:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{FFBAF516-49C4-4710-86D0-F7843355238A}] => (Block) D:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{D12FCACB-4E2F-43EB-8813-5C6F3E07D5CC}] => (Block) D:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{C9DF66EE-CB61-4A29-BA60-C01171833498}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{33997FFC-7DA0-48DC-B9E8-D20E27C8C06E}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{9A8DC921-6DA2-4779-8D66-B40319EE9C02}] => (Block) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C662D96A-7874-472F-A286-AD6581E34ADA}] => (Block) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{DB25C08C-3396-438E-A1E3-7B5BB724BD04}D:\program files\java\jre7\bin\javaw.exe] => (Allow) D:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{EA4551F5-52FC-4B6E-90D9-9E0AF554308A}D:\program files\java\jre7\bin\javaw.exe] => (Allow) D:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{384CDBF8-1153-4F74-A2E5-299AA86C3ABC}] => (Block) D:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{BBAE3036-5358-4364-83C7-00A9FBF2F772}] => (Block) D:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{3B5DB50B-2997-4385-8AD2-23C6634D4E10}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{C2E0A9E9-D076-417A-935D-1D2A968FA452}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{CC480233-1336-4742-98CE-33452869E366}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{3A235F51-0E91-4092-A57C-657F2FA7A5EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{6885C7EE-7244-4DAB-A53F-4EE366BED761}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7D216773-2AB6-446E-B0DA-21874B556972}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D342E88F-83C3-44F9-85B2-0305842AD8F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{99D50F99-2538-42FD-A8E0-A7A27F976DAA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{943BF2B0-4AAB-4C45-A01D-879CA0E9E642}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C1AEBC6B-0FE7-4577-B05E-81A83AECCF7B}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{25CC46AB-8849-4D70-ACAB-72DF133C49EC}] => (Allow) D:\Program Files\EslWire\wire.exe
FirewallRules: [{C92A985F-C752-4419-A256-289435FAFD11}] => (Allow) D:\Program Files\EslWire\wire.exe
FirewallRules: [{D9782F1C-F98A-4B3E-8738-3AE98FCB5B2D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{E582CA2E-1D2C-4B0B-A9A2-D91867336AD0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{628364B7-0903-4F73-ACFC-5A3B2A328553}D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{63C5FDE0-0CE6-425B-8409-0FF668FEEE95}D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{7793708A-76B8-472B-9A43-E94BD663693C}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{5486D6F7-41C7-4C9B-99D3-0B612C976988}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{AC710808-60EA-4E48-B982-E0D8CC1243D8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{4AF5E52C-DF7E-41F6-BD99-37EFFE75A43B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CAA83BA6-1070-4BD5-935F-BAB8222982B4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B922376F-88C0-4D5A-B882-5D49D51233E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04C66346-5894-4021-A722-3C57713D07AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7E5A38D4-5E68-48DF-BD5A-F51E626D6522}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EC47E45E-38BC-46BE-A950-E032BACE2E37}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B5591FA7-949C-47D5-87BA-1540EBE1CADC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{95BD7560-B84D-4E15-85AF-AA3B5BAD8B07}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{CBE3D0EC-9D27-43FD-A6AD-3E7E0F84F447}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [TCP Query User{4F0E5285-768D-4533-9DB2-EA0865F9EF71}D:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) D:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{C4DA3553-BF5D-4235-90EF-6B6B6870D570}D:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) D:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{78344002-F70A-425E-A5CA-2EDC56FD8853}] => (Block) D:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{6F22F6F4-DD45-4DB7-A16F-78A64A4B1FDE}] => (Block) D:\program files (x86)\maniaplanet\maniaplanet.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/13/2015 11:34:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julius-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147221165. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/13/2015 11:17:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f38c5
Name des fehlerhaften Moduls: Cortana.BackgroundTask.dll, Version: 0.0.0.0, Zeitstempel: 0x5655366e
Ausnahmecode: 0x80000003
Fehleroffset: 0x000000000006c6a3
ID des fehlerhaften Prozesses: 0x1dac
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (12/13/2015 11:13:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.10240.16384, Zeitstempel: 0x559f38cb
Name des fehlerhaften Moduls: MosHostCore.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3908
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000096f2
ID des fehlerhaften Prozesses: 0x1210
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_MapsBroker0
Pfad der fehlerhaften Anwendung: svchost.exe_MapsBroker1
Pfad des fehlerhaften Moduls: svchost.exe_MapsBroker2
Berichtskennung: svchost.exe_MapsBroker3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_MapsBroker4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_MapsBroker5

Error: (12/12/2015 07:09:09 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Setup.exe wurde wegen dieses Fehlers geschlossen.

Programm: Setup.exe
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
User Action
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C000026E
Datenträgertyp: 0

Error: (12/12/2015 07:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x3b95ef0b
Name des fehlerhaften Moduls: Setup.exe, Version: 0.0.0.0, Zeitstempel: 0x3b95ef0b
Ausnahmecode: 0xc0000006
Fehleroffset: 0x0000661c
ID des fehlerhaften Prozesses: 0x2248
Startzeit der fehlerhaften Anwendung: 0xSetup.exe_unknown0
Pfad der fehlerhaften Anwendung: Setup.exe_unknown1
Pfad des fehlerhaften Moduls: Setup.exe_unknown2
Berichtskennung: Setup.exe_unknown3
Vollständiger Name des fehlerhaften Pakets: Setup.exe_unknown4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Setup.exe_unknown5

Error: (12/11/2015 05:28:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julius-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/11/2015 12:54:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julius-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/10/2015 09:40:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julius-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/10/2015 01:37:37 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (12/10/2015 01:37:37 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)


Systemfehler:
=============
Error: (12/13/2015 11:55:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Kerning Down" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/13/2015 11:54:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Epson Scanner Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/13/2015 11:54:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/13/2015 11:54:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/13/2015 11:54:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Msmq-Listeneradapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/13/2015 11:54:42 AM) (Source: WAS) (EventID: 5175) (User: )
Description: Der Listeneradapter für Protokoll "net.msmq" hat unerwartet die Verbindung getrennt.

Error: (12/13/2015 11:54:42 AM) (Source: WAS) (EventID: 5175) (User: )
Description: Der Listeneradapter für Protokoll "msmq.formatname" hat unerwartet die Verbindung getrennt.

Error: (12/13/2015 11:54:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Message Queuing" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/13/2015 11:36:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073cf9 fehlgeschlagen: Windows Calculator

Error: (12/13/2015 11:32:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073cf9 fehlgeschlagen: MSN News


CodeIntegrity:
===================================
  Date: 2015-11-16 20:42:42.640
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\LavasoftTcpService64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-16 20:42:42.584
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\LavasoftTcpService64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-15 10:02:06.768
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\LavasoftTcpService64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-15 10:02:06.709
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\LavasoftTcpService64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-02 08:57:42.127
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-02 08:57:41.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-02 08:57:40.897
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-02 08:57:40.664
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-02 08:57:40.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-02 08:57:39.809
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6300 Six-Core Processor 
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 4060.65 MB
Verfügbarer physikalischer RAM: 1603.32 MB
Summe virtueller Speicher: 8156.65 MB
Verfügbarer virtueller Speicher: 4824.32 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:89.56 GB) (Free:15.39 GB) NTFS
Drive d: (Daten) (Fixed) (Total:841.29 GB) (Free:304.71 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D369A90F)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
--- --- ---

Alt 13.12.2015, 13:22   #5
JuliusxXx
 
Internetseiten werden vollgespamt mit Werbung! - Standard

Internetseiten werden vollgespamt mit Werbung!



Code:
ATTFilter
14:11:17.0703 0x1334  TDSS rootkit removing tool 3.1.0.8 Dec  5 2015 01:19:03
14:11:17.0703 0x1334  UEFI system
14:11:20.0983 0x1334  ============================================================
14:11:20.0983 0x1334  Current date / time: 2015/12/13 14:11:20.0983
14:11:20.0983 0x1334  SystemInfo:
14:11:21.0012 0x1334  
14:11:21.0012 0x1334  OS Version: 10.0.10240 ServicePack: 0.0
14:11:21.0012 0x1334  Product type: Workstation
14:11:21.0012 0x1334  ComputerName: JULIUS-PC
14:11:21.0012 0x1334  UserName: Julius
14:11:21.0012 0x1334  Windows directory: C:\WINDOWS
14:11:21.0012 0x1334  System windows directory: C:\WINDOWS
14:11:21.0012 0x1334  Running under WOW64
14:11:21.0012 0x1334  Processor architecture: Intel x64
14:11:21.0012 0x1334  Number of processors: 6
14:11:21.0012 0x1334  Page size: 0x1000
14:11:21.0012 0x1334  Boot type: Normal boot
14:11:21.0012 0x1334  ============================================================
14:11:21.0412 0x1334  KLMD registered as C:\WINDOWS\system32\drivers\48348726.sys
14:11:22.0760 0x1334  System UUID: {34B17B2C-DD0C-1DD8-1E8E-4E493555E8A6}
14:11:36.0872 0x1334  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:11:37.0258 0x1334  ============================================================
14:11:37.0259 0x1334  \Device\Harddisk0\DR0:
14:11:37.0272 0x1334  GPT partitions:
14:11:37.0294 0x1334  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {AC0859DC-9634-4EE8-827A-3AEAC0C79895}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
14:11:37.0294 0x1334  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {727BF7CA-4543-41A1-B209-2587074BA755}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
14:11:37.0294 0x1334  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DE7D8DD3-4418-4655-9D4B-C591B28ABD7E}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x69294000
14:11:37.0294 0x1334  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2035395D-8718-4532-8D04-3C6516A76DE2}, Name: Basic data partition, StartLBA 0x69306800, BlocksNum 0xB31F000
14:11:37.0294 0x1334  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AF69F9C8-B322-4E3D-B43D-71EBC4F1B248}, Name: , StartLBA 0x74625800, BlocksNum 0xE1000
14:11:37.0294 0x1334  MBR partitions:
14:11:37.0294 0x1334  ============================================================
14:11:37.0407 0x1334  C: <-> \Device\Harddisk0\DR0\Partition4
14:11:37.0684 0x1334  D: <-> \Device\Harddisk0\DR0\Partition3
14:11:37.0684 0x1334  ============================================================
14:11:37.0684 0x1334  Initialize success
14:11:37.0684 0x1334  ============================================================
14:11:41.0184 0x074c  ============================================================
14:11:41.0184 0x074c  Scan started
14:11:41.0184 0x074c  Mode: Manual; 
14:11:41.0184 0x074c  ============================================================
14:11:41.0184 0x074c  KSN ping started
14:11:43.0901 0x074c  KSN ping finished: true
14:11:50.0681 0x074c  ================ Scan system memory ========================
14:11:50.0681 0x074c  System memory - ok
14:11:50.0682 0x074c  ================ Scan services =============================
14:11:52.0999 0x074c  1394ohci - ok
14:11:53.0003 0x074c  3ware - ok
14:11:53.0040 0x074c  ACPI - ok
14:11:53.0060 0x074c  acpiex - ok
14:11:53.0064 0x074c  acpipagr - ok
14:11:53.0088 0x074c  AcpiPmi - ok
14:11:53.0092 0x074c  acpitime - ok
14:11:53.0955 0x074c  [ BC9CB5E2A6C7FC587CAC3E1658F8462C, 785DE220AC906C30E9853E7DE94C5330529472C9B4ABF5F99F124A8D516EB33C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:11:53.0959 0x074c  AdobeFlashPlayerUpdateSvc - ok
14:11:54.0106 0x074c  ADP80XX - ok
14:11:54.0217 0x074c  AdvancedSystemCareService8 - ok
14:11:54.0240 0x074c  AFD - ok
14:11:54.0261 0x074c  agp440 - ok
14:11:54.0284 0x074c  ahcache - ok
14:11:54.0314 0x074c  AJRouter - ok
14:11:54.0332 0x074c  ALG - ok
14:11:54.0375 0x074c  [ 8F312E43E6BFED69705881D49B2A01B4, 7B8CB068ABD091E6F4764D6CF27C3318792C88064ECB5A7E5283AF74892FC3B4 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:11:54.0380 0x074c  AMD External Events Utility - ok
14:11:54.0465 0x074c  [ 17DBF2825FFA6D66B1B3C55665721884, AE6369796BB1D586F76AF90F68CD34242F7FD586E8C2183474D154F384881511 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
14:11:54.0471 0x074c  AMD FUEL Service - ok
14:11:54.0475 0x074c  AmdK8 - ok
14:11:54.0500 0x074c  amdkmdag - ok
14:11:54.0587 0x074c  [ 67A95F4B9F3C1E09F29017231E857F71, 984DA2D2264678EA001158939D2DA0F8A6D89362DCCEFFC1FFF00AEBF670B827 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
14:11:54.0600 0x074c  amdkmdap - ok
14:11:54.0607 0x074c  AmdPPM - ok
14:11:54.0612 0x074c  amdsata - ok
14:11:54.0637 0x074c  amdsbs - ok
14:11:54.0642 0x074c  amdxata - ok
14:11:54.0700 0x074c  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
14:11:54.0701 0x074c  amd_sata - ok
14:11:54.0720 0x074c  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
14:11:54.0721 0x074c  amd_xata - ok
14:11:54.0754 0x074c  [ E1E57FAEDA0D85420EDBAAFE29025585, 95594C9DFF71615CAEF79B19B5A99DD59720E967FC6D4F00082A62A6BE2E262C ] AndnetBus       C:\WINDOWS\System32\drivers\lgandnetbus64.sys
14:11:54.0755 0x074c  AndnetBus - ok
14:11:54.0789 0x074c  [ EF5AACC19563493F56C52F4EE54A672B, EFB9D3D43A1486C3B42BC56FE83A4A6957C820EB669AD1982772FF48E2797C80 ] AndNetDiag      C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys
14:11:54.0790 0x074c  AndNetDiag - ok
14:11:54.0812 0x074c  [ 23BC4FFCB177048C1664802126F0BA08, FD0EEE34DF61860996633BC7501223380E8655C1ED586900194BB823C0B24AB5 ] ANDNetModem     C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys
14:11:54.0814 0x074c  ANDNetModem - ok
14:11:54.0834 0x074c  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
14:11:54.0836 0x074c  AODDriver4.3 - ok
14:11:54.0887 0x074c  AppHostSvc - ok
14:11:54.0891 0x074c  AppID - ok
14:11:54.0913 0x074c  AppIDSvc - ok
14:11:54.0917 0x074c  Appinfo - ok
14:11:54.0942 0x074c  [ E4D0F0D5EB374D8BACF40E30E9771D60, 56C4E820485D100DACD4EF076E0B2607274B236CCC45E0CCD527C737645A1ACB ] AppleCharger    C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
14:11:54.0943 0x074c  AppleCharger - ok
14:11:54.0959 0x074c  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
14:11:54.0960 0x074c  AppleChargerSrv - ok
14:11:54.0965 0x074c  AppMgmt - ok
14:11:54.0976 0x074c  AppReadiness - ok
14:11:55.0014 0x074c  AppXSvc - ok
14:11:55.0017 0x074c  arcsas - ok
14:11:55.0239 0x074c  aspnet_state - ok
14:11:55.0244 0x074c  AsyncMac - ok
14:11:55.0258 0x074c  atapi - ok
14:11:55.0308 0x074c  [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
14:11:55.0310 0x074c  AtiHDAudioService - ok
14:11:55.0394 0x074c  AudioEndpointBuilder - ok
14:11:55.0414 0x074c  Audiosrv - ok
14:11:55.0448 0x074c  AxInstSV - ok
14:11:55.0457 0x074c  b06bdrv - ok
14:11:55.0468 0x074c  BasicDisplay - ok
14:11:55.0473 0x074c  BasicRender - ok
14:11:55.0478 0x074c  bcmfn2 - ok
14:11:55.0483 0x074c  BDESVC - ok
14:11:55.0502 0x074c  Beep - ok
14:11:55.0521 0x074c  BFE - ok
14:11:55.0534 0x074c  BITS - ok
14:11:55.0537 0x074c  bowser - ok
14:11:55.0546 0x074c  BrokerInfrastructure - ok
14:11:55.0560 0x074c  Browser - ok
14:11:55.0580 0x074c  BthAvrcpTg - ok
14:11:55.0588 0x074c  BthHFEnum - ok
14:11:55.0592 0x074c  bthhfhid - ok
14:11:55.0614 0x074c  BthHFSrv - ok
14:11:55.0618 0x074c  BTHMODEM - ok
14:11:55.0637 0x074c  bthserv - ok
14:11:55.0654 0x074c  buttonconverter - ok
14:11:55.0657 0x074c  CapImg - ok
14:11:55.0742 0x074c  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\WINDOWS\system32\drivers\NISx64\1507000.00B\ccSetx64.sys
14:11:55.0746 0x074c  ccSet_NIS - ok
14:11:55.0750 0x074c  cdfs - ok
14:11:55.0760 0x074c  CDPSvc - ok
14:11:55.0763 0x074c  cdrom - ok
14:11:55.0767 0x074c  CertPropSvc - ok
14:11:55.0779 0x074c  circlass - ok
14:11:55.0789 0x074c  CLFS - ok
14:11:55.0810 0x074c  ClipSVC - ok
14:11:55.0824 0x074c  CmBatt - ok
14:11:55.0844 0x074c  CNG - ok
14:11:55.0847 0x074c  cnghwassist - ok
14:11:55.0956 0x074c  CompositeBus - ok
14:11:55.0960 0x074c  COMSysApp - ok
14:11:55.0964 0x074c  condrv - ok
14:11:55.0985 0x074c  CoreMessagingRegistrar - ok
14:11:55.0998 0x074c  CryptSvc - ok
14:11:56.0002 0x074c  CSC - ok
14:11:56.0021 0x074c  CscService - ok
14:11:56.0040 0x074c  dam - ok
14:11:56.0067 0x074c  dc1-controller - ok
14:11:56.0088 0x074c  DcomLaunch - ok
14:11:56.0110 0x074c  DcpSvc - ok
14:11:56.0131 0x074c  defragsvc - ok
14:11:56.0138 0x074c  DeviceAssociationService - ok
14:11:56.0159 0x074c  DeviceInstall - ok
14:11:56.0178 0x074c  DevQueryBroker - ok
14:11:56.0188 0x074c  Dfsc - ok
14:11:56.0197 0x074c  Dhcp - ok
14:11:56.0232 0x074c  diagnosticshub.standardcollector.service - ok
14:11:56.0244 0x074c  DiagTrack - ok
14:11:56.0254 0x074c  disk - ok
14:11:56.0274 0x074c  DmEnrollmentSvc - ok
14:11:56.0278 0x074c  dmvsc - ok
14:11:56.0291 0x074c  dmwappushservice - ok
14:11:56.0298 0x074c  Dnscache - ok
14:11:56.0304 0x074c  dot3svc - ok
14:11:56.0309 0x074c  DPS - ok
14:11:56.0334 0x074c  drmkaud - ok
14:11:56.0455 0x074c  DsmSvc - ok
14:11:56.0469 0x074c  DsSvc - ok
14:11:56.0488 0x074c  DXGKrnl - ok
14:11:56.0509 0x074c  Eaphost - ok
14:11:56.0520 0x074c  ebdrv - ok
14:11:56.0605 0x074c  [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:11:56.0627 0x074c  eeCtrl - ok
14:11:56.0661 0x074c  EFS - ok
14:11:56.0665 0x074c  EhStorClass - ok
14:11:56.0675 0x074c  EhStorTcgDrv - ok
14:11:56.0681 0x074c  embeddedmode - ok
14:11:56.0687 0x074c  EntAppSvc - ok
14:11:56.0712 0x074c  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
14:11:56.0719 0x074c  EpsonScanSvc - ok
14:11:56.0738 0x074c  [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:11:56.0741 0x074c  EraserUtilRebootDrv - ok
14:11:56.0745 0x074c  ErrDev - ok
14:11:56.0857 0x074c  [ A2941FF542EFF81B32575EB964A89E48, E0C98E6648EF0B2E4819FA5656A8EF79855C39E0C1D43FCD08B36F1951FBF71A ] EslWireHelper   D:\Program Files\EslWire\service\WireHelperSvc.exe
14:11:56.0869 0x074c  EslWireHelper - ok
14:11:56.0910 0x074c  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
14:11:56.0911 0x074c  etdrv - ok
14:11:56.0950 0x074c  EventSystem - ok
14:11:56.0963 0x074c  exfat - ok
14:11:56.0972 0x074c  fastfat - ok
14:11:56.0977 0x074c  Fax - ok
14:11:56.0980 0x074c  fcvsc - ok
14:11:56.0984 0x074c  fdc - ok
14:11:56.0989 0x074c  fdPHost - ok
14:11:56.0992 0x074c  FDResPub - ok
14:11:56.0996 0x074c  fhsvc - ok
14:11:56.0999 0x074c  FileCrypt - ok
14:11:57.0002 0x074c  FileInfo - ok
14:11:57.0009 0x074c  Filetrace - ok
14:11:57.0013 0x074c  flpydisk - ok
14:11:57.0016 0x074c  FltMgr - ok
14:11:57.0033 0x074c  FontCache - ok
14:11:57.0117 0x074c  FontCache3.0.0.0 - ok
14:11:57.0124 0x074c  FsDepends - ok
14:11:57.0133 0x074c  Fs_Rec - ok
14:11:57.0139 0x074c  fvevol - ok
14:11:57.0143 0x074c  gagp30kx - ok
14:11:57.0186 0x074c  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
14:11:57.0187 0x074c  gdrv - ok
14:11:57.0221 0x074c  gencounter - ok
14:11:57.0242 0x074c  genericusbfn - ok
14:11:57.0346 0x074c  [ 812400977140134B25074657B0C4F06A, D85E079BB67A02139B69EA7FB77C627259C9A00D83C5D51FCB69250C1CE76E39 ] gopibeko        C:\Users\Julius\AppData\Local\03D40274-1439917235-0599-7806-280700080009\snsvAB5B.tmp
14:11:57.0353 0x074c  gopibeko - ok
14:11:57.0364 0x074c  GPIOClx0101 - ok
14:11:57.0407 0x074c  gpsvc - ok
14:11:57.0431 0x074c  GpuEnergyDrv - ok
14:11:57.0477 0x074c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:11:57.0485 0x074c  gupdate - ok
14:11:57.0497 0x074c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:11:57.0501 0x074c  gupdatem - ok
14:11:57.0533 0x074c  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
14:11:57.0535 0x074c  GVTDrv64 - ok
14:11:57.0573 0x074c  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
14:11:57.0575 0x074c  hamachi - ok
14:11:57.0722 0x074c  [ C0EF69A59C13D9204D1D70434AA3D00C, 56BD4F7C74B2A36665677C32F30C4E1839DB9AAAC82FFA4A2622B4D261D865F2 ] Hamachi2Svc     D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:11:57.0805 0x074c  Hamachi2Svc - ok
14:11:57.0849 0x074c  HdAudAddService - ok
14:11:57.0874 0x074c  HDAudBus - ok
14:11:57.0878 0x074c  HidBatt - ok
14:11:57.0881 0x074c  HidBth - ok
14:11:57.0893 0x074c  hidi2c - ok
14:11:57.0905 0x074c  hidinterrupt - ok
14:11:57.0909 0x074c  HidIr - ok
14:11:57.0916 0x074c  hidserv - ok
14:11:57.0920 0x074c  HidUsb - ok
14:11:57.0934 0x074c  HomeGroupListener - ok
14:11:57.0945 0x074c  HomeGroupProvider - ok
14:11:57.0948 0x074c  HpSAMD - ok
14:11:57.0952 0x074c  HTTP - ok
14:11:57.0955 0x074c  hwpolicy - ok
14:11:57.0958 0x074c  hyperkbd - ok
14:11:57.0962 0x074c  HyperVideo - ok
14:11:57.0965 0x074c  i8042prt - ok
14:11:57.0969 0x074c  iaLPSSi_GPIO - ok
14:11:57.0972 0x074c  iaLPSSi_I2C - ok
14:11:57.0976 0x074c  iaStorAV - ok
14:11:57.0981 0x074c  iaStorV - ok
14:11:57.0985 0x074c  ibbus - ok
14:11:58.0024 0x074c  [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:11:58.0027 0x074c  ICCS - ok
14:11:58.0058 0x074c  icssvc - ok
14:11:58.0098 0x074c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:11:58.0100 0x074c  IDriverT - ok
14:11:58.0104 0x074c  IEEtwCollectorService - ok
14:11:58.0115 0x074c  IKEEXT - ok
14:11:58.0121 0x074c  intelide - ok
14:11:58.0124 0x074c  intelpep - ok
14:11:58.0128 0x074c  intelppm - ok
14:11:58.0131 0x074c  IoQos - ok
14:11:58.0134 0x074c  IpFilterDriver - ok
14:11:58.0170 0x074c  iphlpsvc - ok
14:11:58.0173 0x074c  IPMIDRV - ok
14:11:58.0192 0x074c  IPNAT - ok
14:11:58.0195 0x074c  IRENUM - ok
14:11:58.0199 0x074c  isapnp - ok
14:11:58.0203 0x074c  iScsiPrt - ok
14:11:58.0207 0x074c  kbdclass - ok
14:11:58.0211 0x074c  kbdhid - ok
14:11:58.0215 0x074c  kdnic - ok
14:11:58.0219 0x074c  KeyIso - ok
14:11:58.0223 0x074c  KSecDD - ok
14:11:58.0229 0x074c  KSecPkg - ok
14:11:58.0233 0x074c  ksthunk - ok
14:11:58.0296 0x074c  KtmRm - ok
14:11:58.0316 0x074c  LanmanServer - ok
14:11:58.0364 0x074c  LanmanWorkstation - ok
14:11:58.0410 0x074c  lfsvc - ok
14:11:58.0427 0x074c  LicenseManager - ok
14:11:58.0468 0x074c  LiveUpdateSvc - ok
14:11:58.0471 0x074c  lltdio - ok
14:11:58.0493 0x074c  lltdsvc - ok
14:11:58.0504 0x074c  lmhosts - ok
14:11:58.0513 0x074c  LSI_SAS - ok
14:11:58.0549 0x074c  LSI_SAS2i - ok
14:11:58.0553 0x074c  LSI_SAS3i - ok
14:11:58.0557 0x074c  LSI_SSS - ok
14:11:58.0562 0x074c  LSM - ok
14:11:58.0567 0x074c  luafv - ok
14:11:58.0671 0x074c  MapsBroker - ok
14:11:58.0789 0x074c  McComponentHostService - ok
14:11:58.0794 0x074c  megasas - ok
14:11:58.0801 0x074c  megasr - ok
14:11:58.0804 0x074c  mlx4_bus - ok
14:11:58.0809 0x074c  MMCSS - ok
14:11:58.0813 0x074c  Modem - ok
14:11:58.0818 0x074c  monitor - ok
14:11:58.0824 0x074c  mouclass - ok
14:11:58.0828 0x074c  mouhid - ok
14:11:58.0892 0x074c  mountmgr - ok
14:11:58.0916 0x074c  mpsdrv - ok
14:11:58.0952 0x074c  MpsSvc - ok
14:11:59.0083 0x074c  MQAC - ok
14:11:59.0115 0x074c  MRxDAV - ok
14:11:59.0118 0x074c  mrxsmb - ok
14:11:59.0121 0x074c  mrxsmb10 - ok
14:11:59.0125 0x074c  mrxsmb20 - ok
14:11:59.0166 0x074c  MsBridge - ok
14:11:59.0186 0x074c  MSDTC - ok
14:11:59.0193 0x074c  Msfs - ok
14:11:59.0211 0x074c  msgpiowin32 - ok
14:11:59.0215 0x074c  mshidkmdf - ok
14:11:59.0220 0x074c  mshidumdf - ok
14:11:59.0225 0x074c  msisadrv - ok
14:11:59.0245 0x074c  MSiSCSI - ok
14:11:59.0248 0x074c  msiserver - ok
14:11:59.0252 0x074c  MSKSSRV - ok
14:11:59.0256 0x074c  MsLldp - ok
14:11:59.0269 0x074c  MSMQ - ok
14:11:59.0290 0x074c  MSPCLOCK - ok
14:11:59.0294 0x074c  MSPQM - ok
14:11:59.0298 0x074c  MsRPC - ok
14:11:59.0303 0x074c  mssmbios - ok
14:11:59.0309 0x074c  MSTEE - ok
14:11:59.0313 0x074c  MTConfig - ok
14:11:59.0326 0x074c  Mup - ok
14:11:59.0330 0x074c  mvumis - ok
14:11:59.0345 0x074c  NativeWifiP - ok
14:11:59.0353 0x074c  NcaSvc - ok
14:11:59.0357 0x074c  NcbService - ok
14:11:59.0361 0x074c  NcdAutoSetup - ok
14:11:59.0365 0x074c  ndfltr - ok
14:11:59.0383 0x074c  NDIS - ok
14:11:59.0400 0x074c  NdisCap - ok
14:11:59.0404 0x074c  NdisImPlatform - ok
14:11:59.0414 0x074c  NdisTapi - ok
14:11:59.0417 0x074c  Ndisuio - ok
14:11:59.0421 0x074c  NdisVirtualBus - ok
14:11:59.0425 0x074c  NdisWan - ok
14:11:59.0429 0x074c  ndiswanlegacy - ok
14:11:59.0432 0x074c  ndproxy - ok
14:11:59.0436 0x074c  Ndu - ok
14:11:59.0439 0x074c  NetBIOS - ok
14:11:59.0446 0x074c  NetBT - ok
14:11:59.0450 0x074c  Netlogon - ok
14:11:59.0472 0x074c  Netman - ok
14:11:59.0579 0x074c  NetMsmqActivator - ok
14:11:59.0582 0x074c  NetPipeActivator - ok
14:11:59.0599 0x074c  netprofm - ok
14:11:59.0635 0x074c  NetSetupSvc - ok
14:11:59.0637 0x074c  NetTcpActivator - ok
14:11:59.0641 0x074c  NetTcpPortSharing - ok
14:11:59.0646 0x074c  netvsc - ok
14:11:59.0667 0x074c  NgcCtnrSvc - ok
14:11:59.0670 0x074c  NgcSvc - ok
14:11:59.0682 0x074c  NlaSvc - ok
14:11:59.0697 0x074c  Npfs - ok
14:11:59.0721 0x074c  npsvctrig - ok
14:11:59.0730 0x074c  nsi - ok
14:11:59.0733 0x074c  nsiproxy - ok
14:11:59.0746 0x074c  NTFS - ok
14:11:59.0750 0x074c  Null - ok
14:11:59.0781 0x074c  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
14:11:59.0784 0x074c  nusb3hub - ok
14:11:59.0803 0x074c  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
14:11:59.0807 0x074c  nusb3xhc - ok
14:11:59.0812 0x074c  nvraid - ok
14:11:59.0816 0x074c  nvstor - ok
14:11:59.0820 0x074c  nv_agp - ok
14:11:59.0849 0x074c  OneSyncSvc - ok
14:12:00.0249 0x074c  [ 10202AD89DEF5E0F7CDCF2CE8C5EF1EE, F2A9CAC054A440EBF71D7372DAA7A57BC9DB1893C45EA01F21537CE714B7451B ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
14:12:00.0289 0x074c  Origin Client Service - ok
14:12:00.0318 0x074c  p2pimsvc - ok
14:12:00.0336 0x074c  p2psvc - ok
14:12:00.0353 0x074c  Parport - ok
14:12:00.0356 0x074c  partmgr - ok
14:12:00.0371 0x074c  PcaSvc - ok
14:12:00.0391 0x074c  pci - ok
14:12:00.0395 0x074c  pciide - ok
14:12:00.0399 0x074c  pcmcia - ok
14:12:00.0402 0x074c  pcw - ok
14:12:00.0425 0x074c  pdc - ok
14:12:00.0441 0x074c  PEAUTH - ok
14:12:00.0455 0x074c  PeerDistSvc - ok
14:12:00.0478 0x074c  percsas2i - ok
14:12:00.0481 0x074c  percsas3i - ok
14:12:00.0716 0x074c  PerfHost - ok
14:12:00.0762 0x074c  PimIndexMaintenanceSvc - ok
14:12:00.0860 0x074c  pla - ok
14:12:00.0874 0x074c  PlugPlay - ok
14:12:00.0882 0x074c  PNRPAutoReg - ok
14:12:00.0886 0x074c  PNRPsvc - ok
14:12:00.0917 0x074c  PolicyAgent - ok
14:12:00.0922 0x074c  Power - ok
14:12:00.0952 0x074c  PptpMiniport - ok
14:12:01.0166 0x074c  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:12:01.0280 0x074c  PrintNotify - ok
14:12:01.0294 0x074c  Processor - ok
14:12:01.0307 0x074c  ProfSvc - ok
14:12:01.0311 0x074c  Psched - ok
14:12:01.0323 0x074c  QWAVE - ok
14:12:01.0337 0x074c  QWAVEdrv - ok
14:12:01.0352 0x074c  RasAcd - ok
14:12:01.0368 0x074c  RasAgileVpn - ok
14:12:01.0379 0x074c  RasAuto - ok
14:12:01.0382 0x074c  Rasl2tp - ok
14:12:01.0394 0x074c  RasMan - ok
14:12:01.0398 0x074c  RasPppoe - ok
14:12:01.0401 0x074c  RasSstp - ok
14:12:01.0405 0x074c  rdbss - ok
14:12:01.0411 0x074c  rdpbus - ok
14:12:01.0415 0x074c  RDPDR - ok
14:12:01.0425 0x074c  RdpVideoMiniport - ok
14:12:01.0439 0x074c  rdyboost - ok
14:12:01.0465 0x074c  ReFSv1 - ok
14:12:01.0493 0x074c  RemoteAccess - ok
14:12:01.0499 0x074c  RemoteRegistry - ok
14:12:01.0537 0x074c  RetailDemo - ok
14:12:01.0546 0x074c  RpcEptMapper - ok
14:12:01.0554 0x074c  RpcLocator - ok
14:12:01.0565 0x074c  RpcSs - ok
14:12:01.0596 0x074c  rspndr - ok
14:12:01.0600 0x074c  rt640x64 - ok
14:12:01.0656 0x074c  [ 5223296F5DE2D24114577E1B5E32C937, 9D75A24FB93A5216A415E8B72D41E79B644AEF04AC4F3055BFA9116E109D5C99 ] RTL8192cu       C:\WINDOWS\System32\drivers\RTL8192cu.sys
14:12:01.0671 0x074c  RTL8192cu - ok
14:12:01.0692 0x074c  s3cap - ok
14:12:01.0695 0x074c  SamSs - ok
14:12:01.0715 0x074c  sbp2port - ok
14:12:01.0736 0x074c  SCardSvr - ok
14:12:01.0739 0x074c  ScDeviceEnum - ok
14:12:01.0757 0x074c  scfilter - ok
14:12:01.0784 0x074c  Schedule - ok
14:12:01.0805 0x074c  SCPolicySvc - ok
14:12:01.0831 0x074c  sdbus - ok
14:12:01.0842 0x074c  SDRSVC - ok
14:12:01.0846 0x074c  sdstor - ok
14:12:01.0855 0x074c  seclogon - ok
14:12:01.0882 0x074c  SENS - ok
14:12:01.0912 0x074c  SensorDataService - ok
14:12:01.0964 0x074c  SensorService - ok
14:12:01.0979 0x074c  SensrSvc - ok
14:12:01.0987 0x074c  SerCx - ok
14:12:01.0996 0x074c  SerCx2 - ok
14:12:02.0004 0x074c  Serenum - ok
14:12:02.0012 0x074c  Serial - ok
14:12:02.0017 0x074c  sermouse - ok
14:12:02.0037 0x074c  SessionEnv - ok
14:12:02.0044 0x074c  sfloppy - ok
14:12:02.0067 0x074c  SharedAccess - ok
14:12:02.0176 0x074c  ShellHWDetection - ok
14:12:02.0180 0x074c  SiSRaid2 - ok
14:12:02.0183 0x074c  SiSRaid4 - ok
14:12:02.0241 0x074c  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:12:02.0248 0x074c  SkypeUpdate - ok
14:12:02.0290 0x074c  smphost - ok
14:12:02.0316 0x074c  SmsRouter - ok
14:12:02.0347 0x074c  SNMPTRAP - ok
14:12:02.0394 0x074c  spaceport - ok
14:12:02.0398 0x074c  SpbCx - ok
14:12:02.0673 0x074c  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
14:12:02.0706 0x074c  speedfan - ok
14:12:02.0724 0x074c  Spooler - ok
14:12:02.0734 0x074c  sppsvc - ok
14:12:02.0737 0x074c  srv - ok
14:12:02.0740 0x074c  srv2 - ok
14:12:02.0757 0x074c  srvnet - ok
14:12:02.0794 0x074c  [ AFC159BDB8CD5A804D015D8A3624ECC6, 863150170D7F84D793C7CECD40439A5B46D337A8B904183ED8C53FDA9FB71091 ] ssdevfactory    C:\WINDOWS\System32\drivers\ssdevfactory.sys
14:12:02.0796 0x074c  ssdevfactory - ok
14:12:02.0810 0x074c  SSDPSRV - ok
14:12:02.0834 0x074c  [ 21075ADF0F99CF4FE71787D862FFA2F5, EC5A191161F8E2300DC5E3A0156185D7DB90B08FA9FC300DE43D51C0901E9711 ] sshid           C:\WINDOWS\System32\drivers\sshid.sys
14:12:02.0836 0x074c  sshid - ok
14:12:02.0856 0x074c  SstpSvc - ok
14:12:02.0899 0x074c  StateRepository - ok
14:12:02.0999 0x074c  [ FD7D26CD1E671DCDC2112494747A3AE1, C8A85F10FD3F4F3FCEF40D46EEF88DB72290421DB5F99EEB818B2E1F69143D5D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:12:03.0015 0x074c  Steam Client Service - ok
14:12:03.0019 0x074c  stexstor - ok
14:12:03.0038 0x074c  stisvc - ok
14:12:03.0041 0x074c  storahci - ok
14:12:03.0056 0x074c  storflt - ok
14:12:03.0084 0x074c  stornvme - ok
14:12:03.0100 0x074c  storqosflt - ok
14:12:03.0116 0x074c  StorSvc - ok
14:12:03.0119 0x074c  storufs - ok
14:12:03.0122 0x074c  storvsc - ok
14:12:03.0132 0x074c  svsvc - ok
14:12:03.0245 0x074c  swenum - ok
14:12:03.0249 0x074c  swprv - ok
14:12:03.0275 0x074c  Synth3dVsc - ok
14:12:03.0301 0x074c  SysMain - ok
14:12:03.0337 0x074c  SystemEventsBroker - ok
14:12:03.0368 0x074c  TabletInputService - ok
14:12:03.0393 0x074c  TapiSrv - ok
14:12:03.0411 0x074c  Tcpip - ok
14:12:03.0415 0x074c  Tcpip6 - ok
14:12:03.0425 0x074c  tcpipreg - ok
14:12:03.0440 0x074c  tdx - ok
14:12:03.0928 0x074c  [ CFC9B7B465283378D374D5E380D5D244, 5E66A62C6A6272B65181F116031AA80E8DCEDA3B7E2C1130DD631347DF644D79 ] TeamViewer      D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:12:04.0108 0x074c  TeamViewer - ok
14:12:04.0121 0x074c  terminpt - ok
14:12:04.0135 0x074c  TermService - ok
14:12:04.0142 0x074c  Themes - ok
14:12:04.0168 0x074c  tiledatamodelsvc - ok
14:12:04.0191 0x074c  TimeBroker - ok
14:12:04.0207 0x074c  TPM - ok
14:12:04.0225 0x074c  TrkWks - ok
14:12:04.0269 0x074c  TrustedInstaller - ok
14:12:04.0274 0x074c  TsUsbFlt - ok
14:12:04.0282 0x074c  TsUsbGD - ok
14:12:04.0284 0x074c  TuneUp.UtilitiesSvc - ok
14:12:04.0287 0x074c  TuneUpUtilitiesDrv - ok
14:12:04.0301 0x074c  tunnel - ok
14:12:04.0304 0x074c  uagp35 - ok
14:12:04.0307 0x074c  UASPStor - ok
14:12:04.0311 0x074c  UcmCx0101 - ok
14:12:04.0332 0x074c  UcmUcsi - ok
14:12:04.0349 0x074c  Ucx01000 - ok
14:12:04.0352 0x074c  UdeCx - ok
14:12:04.0355 0x074c  udfs - ok
14:12:04.0362 0x074c  UEFI - ok
14:12:04.0375 0x074c  Ufx01000 - ok
14:12:04.0388 0x074c  UfxChipidea - ok
14:12:04.0391 0x074c  ufxsynopsys - ok
14:12:04.0408 0x074c  UI0Detect - ok
14:12:04.0411 0x074c  uliagpkx - ok
14:12:04.0415 0x074c  umbus - ok
14:12:04.0418 0x074c  UmPass - ok
14:12:04.0437 0x074c  UmRdpService - ok
14:12:04.0491 0x074c  UnistoreSvc - ok
14:12:04.0514 0x074c  upnphost - ok
14:12:04.0538 0x074c  UrsChipidea - ok
14:12:04.0542 0x074c  UrsCx01000 - ok
14:12:04.0555 0x074c  UrsSynopsys - ok
14:12:04.0558 0x074c  usbccgp - ok
14:12:04.0581 0x074c  usbcir - ok
14:12:04.0618 0x074c  usbehci - ok
14:12:04.0648 0x074c  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
14:12:04.0650 0x074c  usbfilter - ok
14:12:04.0668 0x074c  usbhub - ok
14:12:04.0683 0x074c  USBHUB3 - ok
14:12:04.0695 0x074c  usbohci - ok
14:12:04.0699 0x074c  usbprint - ok
14:12:04.0721 0x074c  usbser - ok
14:12:04.0739 0x074c  USBSTOR - ok
14:12:04.0763 0x074c  usbuhci - ok
14:12:04.0784 0x074c  USBXHCI - ok
14:12:04.0803 0x074c  usb_rndisx - ok
14:12:04.0836 0x074c  UserDataSvc - ok
14:12:04.0854 0x074c  UserManager - ok
14:12:04.0875 0x074c  UsoSvc - ok
14:12:04.0887 0x074c  VaultSvc - ok
14:12:04.0890 0x074c  vdrvroot - ok
14:12:04.0895 0x074c  vds - ok
14:12:04.0899 0x074c  VerifierExt - ok
14:12:04.0905 0x074c  vhdmp - ok
14:12:04.0909 0x074c  vhf - ok
14:12:04.0951 0x074c  [ D07D5D02A4012FF013176146C9C2FF7A, 511996D837C0CF69BD82283DD9DA4EB903954DC8D1FD0C6173647925043F5117 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
14:12:04.0963 0x074c  VIAHdAudAddService - ok
14:12:04.0985 0x074c  [ 097A1A16F9F38715CEAA092DE626F517, 5D51D74C3264ADEA1A50F6620150B284E54C5294A548D1BC940B3B5FF5343998 ] VIAKaraokeService C:\WINDOWS\system32\viakaraokesrv.exe
14:12:05.0000 0x074c  VIAKaraokeService - ok
14:12:05.0004 0x074c  vmbus - ok
14:12:05.0008 0x074c  VMBusHID - ok
14:12:05.0028 0x074c  vmicguestinterface - ok
14:12:05.0032 0x074c  vmicheartbeat - ok
14:12:05.0036 0x074c  vmickvpexchange - ok
14:12:05.0041 0x074c  vmicrdv - ok
14:12:05.0045 0x074c  vmicshutdown - ok
14:12:05.0049 0x074c  vmictimesync - ok
14:12:05.0053 0x074c  vmicvmsession - ok
14:12:05.0057 0x074c  vmicvss - ok
14:12:05.0061 0x074c  volmgr - ok
14:12:05.0082 0x074c  volmgrx - ok
14:12:05.0086 0x074c  volsnap - ok
14:12:05.0102 0x074c  vpci - ok
14:12:05.0105 0x074c  vsmraid - ok
14:12:05.0121 0x074c  VSS - ok
14:12:05.0125 0x074c  VSTXRAID - ok
14:12:05.0132 0x074c  vwifibus - ok
14:12:05.0136 0x074c  vwififlt - ok
14:12:05.0149 0x074c  W32Time - ok
14:12:05.0182 0x074c  w3logsvc - ok
14:12:05.0196 0x074c  W3SVC - ok
14:12:05.0199 0x074c  WacomPen - ok
14:12:05.0203 0x074c  WalletService - ok
14:12:05.0207 0x074c  wanarp - ok
14:12:05.0211 0x074c  wanarpv6 - ok
14:12:05.0216 0x074c  WAS - ok
14:12:05.0221 0x074c  wbengine - ok
14:12:05.0225 0x074c  WbioSrvc - ok
14:12:05.0243 0x074c  Wcmsvc - ok
14:12:05.0247 0x074c  wcncsvc - ok
14:12:05.0251 0x074c  WcsPlugInService - ok
14:12:05.0254 0x074c  WdBoot - ok
14:12:05.0258 0x074c  Wdf01000 - ok
14:12:05.0279 0x074c  WdFilter - ok
14:12:05.0283 0x074c  WdiServiceHost - ok
14:12:05.0287 0x074c  WdiSystemHost - ok
14:12:05.0302 0x074c  wdiwifi - ok
14:12:05.0305 0x074c  WdNisDrv - ok
14:12:05.0328 0x074c  WdNisSvc - ok
14:12:05.0332 0x074c  WebClient - ok
14:12:05.0336 0x074c  Wecsvc - ok
14:12:05.0340 0x074c  WEPHOSTSVC - ok
14:12:05.0344 0x074c  wercplsupport - ok
14:12:05.0348 0x074c  WerSvc - ok
14:12:05.0352 0x074c  wfpcapture - ok
14:12:05.0356 0x074c  WFPLWFS - ok
14:12:05.0362 0x074c  WiaRpc - ok
14:12:05.0370 0x074c  WIMMount - ok
14:12:05.0372 0x074c  WinDefend - ok
14:12:05.0401 0x074c  WindowsMangerProtect - ok
14:12:05.0404 0x074c  WindowsTrustedRT - ok
14:12:05.0435 0x074c  WindowsTrustedRTProxy - ok
14:12:05.0453 0x074c  WinHttpAutoProxySvc - ok
14:12:05.0457 0x074c  WinMad - ok
14:12:05.0527 0x074c  Winmgmt - ok
14:12:05.0547 0x074c  WinRM - ok
14:12:05.0574 0x074c  WINUSB - ok
14:12:05.0579 0x074c  WinVerbs - ok
14:12:05.0584 0x074c  WlanSvc - ok
14:12:05.0599 0x074c  wlidsvc - ok
14:12:05.0603 0x074c  WmiAcpi - ok
14:12:05.0621 0x074c  wmiApSrv - ok
14:12:05.0641 0x074c  WMPNetworkSvc - ok
14:12:05.0655 0x074c  Wof - ok
14:12:05.0686 0x074c  workfolderssvc - ok
14:12:05.0699 0x074c  wpcfltr - ok
14:12:05.0722 0x074c  WPDBusEnum - ok
14:12:05.0733 0x074c  WpdUpFltr - ok
14:12:05.0737 0x074c  WpnService - ok
14:12:05.0758 0x074c  ws2ifsl - ok
14:12:05.0762 0x074c  wscsvc - ok
14:12:05.0768 0x074c  WSDPrintDevice - ok
14:12:05.0772 0x074c  WSDScan - ok
14:12:05.0776 0x074c  WSearch - ok
14:12:05.0783 0x074c  WSService - ok
14:12:05.0786 0x074c  wuauserv - ok
14:12:05.0790 0x074c  WudfPf - ok
14:12:05.0795 0x074c  WUDFRd - ok
14:12:05.0800 0x074c  wudfsvc - ok
14:12:05.0803 0x074c  WUDFWpdFs - ok
14:12:05.0807 0x074c  WUDFWpdMtp - ok
14:12:05.0812 0x074c  WwanSvc - ok
14:12:05.0816 0x074c  XblAuthManager - ok
14:12:05.0820 0x074c  XblGameSave - ok
14:12:05.0824 0x074c  xboxgip - ok
14:12:05.0829 0x074c  XboxNetApiSvc - ok
14:12:05.0856 0x074c  xinputhid - ok
14:12:05.0862 0x074c  xusb22 - ok
14:12:05.0873 0x074c  ================ Scan global ===============================
14:12:05.0937 0x074c  [ Global ] - ok
14:12:05.0938 0x074c  ================ Scan MBR ==================================
14:12:05.0965 0x074c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:12:05.0974 0x074c  \Device\Harddisk0\DR0 - ok
14:12:05.0974 0x074c  ================ Scan VBR ==================================
14:12:05.0976 0x074c  [ CF4543F469B496DAA1248519C0F215C3 ] \Device\Harddisk0\DR0\Partition1
14:12:06.0040 0x074c  \Device\Harddisk0\DR0\Partition1 - ok
14:12:06.0054 0x074c  [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
14:12:06.0054 0x074c  \Device\Harddisk0\DR0\Partition2 - ok
14:12:06.0067 0x074c  [ 73D49973CCC58DB0F7CCF8F9CD866DA1 ] \Device\Harddisk0\DR0\Partition3
14:12:06.0134 0x074c  \Device\Harddisk0\DR0\Partition3 - ok
14:12:06.0143 0x074c  [ 029C1A52AE9ABEB0FDB50BC9A8765A93 ] \Device\Harddisk0\DR0\Partition4
14:12:06.0144 0x074c  \Device\Harddisk0\DR0\Partition4 - ok
14:12:06.0158 0x074c  [ 0E7420F5A3418E8314D740B3BD4CE101 ] \Device\Harddisk0\DR0\Partition5
14:12:06.0160 0x074c  \Device\Harddisk0\DR0\Partition5 - ok
14:12:06.0160 0x074c  ================ Scan generic autorun ======================
14:12:06.0177 0x074c  HDAudDeck - ok
14:12:06.0212 0x074c  gpuminer - ok
14:12:06.0309 0x074c  [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
14:12:06.0323 0x074c  StartCCC - ok
14:12:06.0448 0x074c  [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:12:06.0454 0x074c  SunJavaUpdateSched - ok
14:12:06.0887 0x074c  [ E5255D63DD01AA9F1CC4355FE366E2D3, 2E28C14DC1FEAE10626D37FF4C1DAE27F3801A40EA973E02E42B48185CBBC89B ] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
14:12:07.0009 0x074c  LogMeIn Hamachi Ui - ok
14:12:07.0236 0x074c  OneDriveSetup - ok
14:12:07.0241 0x074c  OneDriveSetup - ok
14:12:07.0636 0x074c  [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
14:12:07.0919 0x074c  CCleaner Monitoring - ok
14:12:08.0052 0x074c  [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE
14:12:08.0057 0x074c  EPLTarget\P0000000000000000 - ok
14:12:08.0253 0x074c  [ A1BAEE2F2AA71318D08A81EB1AE60F1F, 8CEE7310553205E2047B2168CA7C578FBD80B403D644EC3E2DE7E4CECC9717FC ] C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:12:08.0294 0x074c  Spotify Web Helper - ok
14:12:08.0314 0x074c  RESTART_STICKY_NOTES - ok
14:12:08.0386 0x074c  OneDrive - ok
14:12:08.0386 0x074c  GoogleChromeAutoLaunch_044939204C016E84398025AA5214110E - ok
14:12:08.0842 0x074c  [ E9D5B153D89878EA4A0A73DB229649F9, DB19A242CDA809BA53EBA0577244B1678A5B2689EC1CA26B6F3707E171D5A893 ] C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe
14:12:08.0962 0x074c  Spotify - ok
14:12:09.0245 0x074c  [ D6DBFE38095E8B7715497281AB8355D6, 8881BC2C3237B3A11740C1D285517BCCA5D016ABD35161ACAC3FCDD991E006CA ] D:\Program Files\EslWire\wire.exe
14:12:09.0428 0x074c  ESL Wire - ok
14:12:09.0472 0x074c  Advanced SystemCare 8 - ok
14:12:09.0493 0x074c  Gameo - ok
14:12:09.0498 0x074c  OneDriveSetup - ok
14:12:09.0499 0x074c  Waiting for KSN requests completion. In queue: 22
14:12:10.0501 0x074c  Waiting for KSN requests completion. In queue: 22
14:12:11.0501 0x074c  Waiting for KSN requests completion. In queue: 22
14:12:12.0025 0x224c  Object required for P2P: [ 10202AD89DEF5E0F7CDCF2CE8C5EF1EE ] Origin Client Service
14:12:12.0502 0x074c  Waiting for KSN requests completion. In queue: 20
14:12:13.0502 0x074c  Waiting for KSN requests completion. In queue: 20
14:12:14.0503 0x074c  Waiting for KSN requests completion. In queue: 20
14:12:14.0636 0x224c  Object send P2P result: true
14:12:14.0640 0x224c  Object required for P2P: [ E5255D63DD01AA9F1CC4355FE366E2D3 ] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
14:12:15.0503 0x074c  Waiting for KSN requests completion. In queue: 6
14:12:16.0504 0x074c  Waiting for KSN requests completion. In queue: 6
14:12:17.0271 0x224c  Object send P2P result: true
14:12:17.0271 0x224c  Object required for P2P: [ A1BAEE2F2AA71318D08A81EB1AE60F1F ] C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:12:17.0504 0x074c  Waiting for KSN requests completion. In queue: 3
14:12:18.0505 0x074c  Waiting for KSN requests completion. In queue: 3
14:12:19.0505 0x074c  Waiting for KSN requests completion. In queue: 3
14:12:19.0894 0x224c  Object send P2P result: true
14:12:19.0894 0x224c  Object required for P2P: [ E9D5B153D89878EA4A0A73DB229649F9 ] C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe
14:12:20.0506 0x074c  Waiting for KSN requests completion. In queue: 2
14:12:21.0507 0x074c  Waiting for KSN requests completion. In queue: 2
14:12:22.0507 0x074c  Waiting for KSN requests completion. In queue: 2
14:12:22.0542 0x224c  Object send P2P result: true
14:12:23.0620 0x074c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x61100 ( enabled : updated )
14:12:23.0741 0x074c  Win FW state via NFP2: enabled ( trusted )
14:12:26.0276 0x074c  ============================================================
14:12:26.0276 0x074c  Scan finished
14:12:26.0276 0x074c  ============================================================
14:12:26.0314 0x2150  Detected object count: 0
14:12:26.0314 0x2150  Actual detected object count: 0
14:19:22.0293 0x0214  ============================================================
14:19:22.0293 0x0214  Scan started
14:19:22.0293 0x0214  Mode: Manual; 
14:19:22.0293 0x0214  ============================================================
14:19:22.0294 0x0214  KSN ping started
14:19:24.0801 0x0214  KSN ping finished: true
14:19:25.0767 0x0214  ================ Scan system memory ========================
14:19:25.0767 0x0214  System memory - ok
14:19:25.0768 0x0214  ================ Scan services =============================
14:19:25.0904 0x0214  1394ohci - ok
14:19:25.0909 0x0214  3ware - ok
14:19:25.0923 0x0214  ACPI - ok
14:19:25.0928 0x0214  acpiex - ok
14:19:25.0932 0x0214  acpipagr - ok
14:19:25.0938 0x0214  AcpiPmi - ok
14:19:25.0942 0x0214  acpitime - ok
14:19:26.0030 0x0214  [ BC9CB5E2A6C7FC587CAC3E1658F8462C, 785DE220AC906C30E9853E7DE94C5330529472C9B4ABF5F99F124A8D516EB33C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:19:26.0035 0x0214  AdobeFlashPlayerUpdateSvc - ok
14:19:26.0048 0x0214  ADP80XX - ok
14:19:26.0082 0x0214  AdvancedSystemCareService8 - ok
14:19:26.0094 0x0214  AFD - ok
14:19:26.0098 0x0214  agp440 - ok
14:19:26.0116 0x0214  ahcache - ok
14:19:26.0135 0x0214  AJRouter - ok
14:19:26.0142 0x0214  ALG - ok
14:19:26.0173 0x0214  [ 8F312E43E6BFED69705881D49B2A01B4, 7B8CB068ABD091E6F4764D6CF27C3318792C88064ECB5A7E5283AF74892FC3B4 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:19:26.0177 0x0214  AMD External Events Utility - ok
14:19:26.0230 0x0214  [ 17DBF2825FFA6D66B1B3C55665721884, AE6369796BB1D586F76AF90F68CD34242F7FD586E8C2183474D154F384881511 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
14:19:26.0236 0x0214  AMD FUEL Service - ok
14:19:26.0240 0x0214  AmdK8 - ok
14:19:26.0244 0x0214  amdkmdag - ok
14:19:26.0326 0x0214  [ 67A95F4B9F3C1E09F29017231E857F71, 984DA2D2264678EA001158939D2DA0F8A6D89362DCCEFFC1FFF00AEBF670B827 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
14:19:26.0343 0x0214  amdkmdap - ok
14:19:26.0350 0x0214  AmdPPM - ok
14:19:26.0356 0x0214  amdsata - ok
14:19:26.0369 0x0214  amdsbs - ok
14:19:26.0374 0x0214  amdxata - ok
14:19:26.0410 0x0214  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
14:19:26.0411 0x0214  amd_sata - ok
14:19:26.0419 0x0214  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
14:19:26.0420 0x0214  amd_xata - ok
14:19:26.0442 0x0214  [ E1E57FAEDA0D85420EDBAAFE29025585, 95594C9DFF71615CAEF79B19B5A99DD59720E967FC6D4F00082A62A6BE2E262C ] AndnetBus       C:\WINDOWS\System32\drivers\lgandnetbus64.sys
14:19:26.0443 0x0214  AndnetBus - ok
14:19:26.0466 0x0214  [ EF5AACC19563493F56C52F4EE54A672B, EFB9D3D43A1486C3B42BC56FE83A4A6957C820EB669AD1982772FF48E2797C80 ] AndNetDiag      C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys
14:19:26.0467 0x0214  AndNetDiag - ok
14:19:26.0478 0x0214  [ 23BC4FFCB177048C1664802126F0BA08, FD0EEE34DF61860996633BC7501223380E8655C1ED586900194BB823C0B24AB5 ] ANDNetModem     C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys
14:19:26.0479 0x0214  ANDNetModem - ok
14:19:26.0489 0x0214  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
14:19:26.0490 0x0214  AODDriver4.3 - ok
14:19:26.0520 0x0214  AppHostSvc - ok
14:19:26.0524 0x0214  AppID - ok
14:19:26.0545 0x0214  AppIDSvc - ok
14:19:26.0548 0x0214  Appinfo - ok
14:19:26.0562 0x0214  [ E4D0F0D5EB374D8BACF40E30E9771D60, 56C4E820485D100DACD4EF076E0B2607274B236CCC45E0CCD527C737645A1ACB ] AppleCharger    C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
14:19:26.0563 0x0214  AppleCharger - ok
14:19:26.0580 0x0214  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
14:19:26.0581 0x0214  AppleChargerSrv - ok
14:19:26.0585 0x0214  AppMgmt - ok
14:19:26.0589 0x0214  AppReadiness - ok
14:19:26.0602 0x0214  AppXSvc - ok
14:19:26.0606 0x0214  arcsas - ok
14:19:26.0694 0x0214  aspnet_state - ok
14:19:26.0703 0x0214  AsyncMac - ok
14:19:26.0724 0x0214  atapi - ok
14:19:26.0765 0x0214  [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
14:19:26.0771 0x0214  AtiHDAudioService - ok
14:19:26.0827 0x0214  AudioEndpointBuilder - ok
14:19:26.0835 0x0214  Audiosrv - ok
14:19:26.0847 0x0214  AxInstSV - ok
14:19:26.0853 0x0214  b06bdrv - ok
14:19:26.0868 0x0214  BasicDisplay - ok
14:19:26.0872 0x0214  BasicRender - ok
14:19:26.0877 0x0214  bcmfn2 - ok
14:19:26.0880 0x0214  BDESVC - ok
14:19:26.0890 0x0214  Beep - ok
14:19:26.0909 0x0214  BFE - ok
14:19:26.0922 0x0214  BITS - ok
14:19:26.0926 0x0214  bowser - ok
14:19:26.0934 0x0214  BrokerInfrastructure - ok
14:19:26.0938 0x0214  Browser - ok
14:19:26.0957 0x0214  BthAvrcpTg - ok
14:19:26.0966 0x0214  BthHFEnum - ok
14:19:26.0969 0x0214  bthhfhid - ok
14:19:26.0981 0x0214  BthHFSrv - ok
14:19:26.0985 0x0214  BTHMODEM - ok
14:19:26.0990 0x0214  bthserv - ok
14:19:26.0998 0x0214  buttonconverter - ok
14:19:27.0001 0x0214  CapImg - ok
14:19:27.0065 0x0214  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\WINDOWS\system32\drivers\NISx64\1507000.00B\ccSetx64.sys
14:19:27.0067 0x0214  ccSet_NIS - ok
14:19:27.0071 0x0214  cdfs - ok
14:19:27.0074 0x0214  CDPSvc - ok
14:19:27.0079 0x0214  cdrom - ok
14:19:27.0082 0x0214  CertPropSvc - ok
14:19:27.0085 0x0214  circlass - ok
14:19:27.0100 0x0214  CLFS - ok
14:19:27.0121 0x0214  ClipSVC - ok
14:19:27.0130 0x0214  CmBatt - ok
14:19:27.0133 0x0214  CNG - ok
14:19:27.0137 0x0214  cnghwassist - ok
14:19:27.0199 0x0214  CompositeBus - ok
14:19:27.0206 0x0214  COMSysApp - ok
14:19:27.0211 0x0214  condrv - ok
14:19:27.0241 0x0214  CoreMessagingRegistrar - ok
14:19:27.0254 0x0214  CryptSvc - ok
14:19:27.0257 0x0214  CSC - ok
14:19:27.0261 0x0214  CscService - ok
14:19:27.0274 0x0214  dam - ok
14:19:27.0289 0x0214  dc1-controller - ok
14:19:27.0299 0x0214  DcomLaunch - ok
14:19:27.0302 0x0214  DcpSvc - ok
14:19:27.0307 0x0214  defragsvc - ok
14:19:27.0311 0x0214  DeviceAssociationService - ok
14:19:27.0315 0x0214  DeviceInstall - ok
14:19:27.0318 0x0214  DevQueryBroker - ok
14:19:27.0344 0x0214  Dfsc - ok
14:19:27.0348 0x0214  Dhcp - ok
14:19:27.0377 0x0214  diagnosticshub.standardcollector.service - ok
14:19:27.0389 0x0214  DiagTrack - ok
14:19:27.0393 0x0214  disk - ok
14:19:27.0419 0x0214  DmEnrollmentSvc - ok
14:19:27.0422 0x0214  dmvsc - ok
14:19:27.0436 0x0214  dmwappushservice - ok
14:19:27.0439 0x0214  Dnscache - ok
14:19:27.0444 0x0214  dot3svc - ok
14:19:27.0447 0x0214  DPS - ok
14:19:27.0467 0x0214  drmkaud - ok
14:19:27.0478 0x0214  DsmSvc - ok
14:19:27.0491 0x0214  DsSvc - ok
14:19:27.0500 0x0214  DXGKrnl - ok
14:19:27.0503 0x0214  Eaphost - ok
14:19:27.0507 0x0214  ebdrv - ok
14:19:27.0586 0x0214  [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:19:27.0601 0x0214  eeCtrl - ok
14:19:27.0630 0x0214  EFS - ok
14:19:27.0635 0x0214  EhStorClass - ok
14:19:27.0644 0x0214  EhStorTcgDrv - ok
14:19:27.0660 0x0214  embeddedmode - ok
14:19:27.0666 0x0214  EntAppSvc - ok
14:19:27.0692 0x0214  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
14:19:27.0697 0x0214  EpsonScanSvc - ok
14:19:27.0729 0x0214  [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:19:27.0731 0x0214  EraserUtilRebootDrv - ok
14:19:27.0735 0x0214  ErrDev - ok
14:19:27.0848 0x0214  [ A2941FF542EFF81B32575EB964A89E48, E0C98E6648EF0B2E4819FA5656A8EF79855C39E0C1D43FCD08B36F1951FBF71A ] EslWireHelper   D:\Program Files\EslWire\service\WireHelperSvc.exe
14:19:27.0859 0x0214  EslWireHelper - ok
14:19:27.0900 0x0214  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
14:19:27.0901 0x0214  etdrv - ok
14:19:27.0922 0x0214  EventSystem - ok
14:19:27.0931 0x0214  exfat - ok
14:19:27.0940 0x0214  fastfat - ok
14:19:27.0957 0x0214  Fax - ok
14:19:27.0960 0x0214  fcvsc - ok
14:19:27.0964 0x0214  fdc - ok
14:19:27.0975 0x0214  fdPHost - ok
14:19:27.0979 0x0214  FDResPub - ok
14:19:27.0982 0x0214  fhsvc - ok
14:19:27.0986 0x0214  FileCrypt - ok
14:19:27.0991 0x0214  FileInfo - ok
14:19:27.0995 0x0214  Filetrace - ok
14:19:27.0998 0x0214  flpydisk - ok
14:19:28.0001 0x0214  FltMgr - ok
14:19:28.0024 0x0214  FontCache - ok
14:19:28.0107 0x0214  FontCache3.0.0.0 - ok
14:19:28.0111 0x0214  FsDepends - ok
14:19:28.0115 0x0214  Fs_Rec - ok
14:19:28.0118 0x0214  fvevol - ok
14:19:28.0122 0x0214  gagp30kx - ok
14:19:28.0165 0x0214  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
14:19:28.0166 0x0214  gdrv - ok
14:19:28.0189 0x0214  gencounter - ok
14:19:28.0209 0x0214  genericusbfn - ok
14:19:28.0300 0x0214  [ 812400977140134B25074657B0C4F06A, D85E079BB67A02139B69EA7FB77C627259C9A00D83C5D51FCB69250C1CE76E39 ] gopibeko        C:\Users\Julius\AppData\Local\03D40274-1439917235-0599-7806-280700080009\snsvAB5B.tmp
14:19:28.0303 0x0214  gopibeko - ok
14:19:28.0307 0x0214  GPIOClx0101 - ok
14:19:28.0319 0x0214  gpsvc - ok
14:19:28.0343 0x0214  GpuEnergyDrv - ok
14:19:28.0386 0x0214  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:19:28.0389 0x0214  gupdate - ok
14:19:28.0394 0x0214  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:19:28.0397 0x0214  gupdatem - ok
14:19:28.0413 0x0214  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
14:19:28.0414 0x0214  GVTDrv64 - ok
14:19:28.0453 0x0214  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
14:19:28.0454 0x0214  hamachi - ok
14:19:28.0583 0x0214  [ C0EF69A59C13D9204D1D70434AA3D00C, 56BD4F7C74B2A36665677C32F30C4E1839DB9AAAC82FFA4A2622B4D261D865F2 ] Hamachi2Svc     D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:19:28.0679 0x0214  Hamachi2Svc - ok
14:19:28.0717 0x0214  HdAudAddService - ok
14:19:28.0743 0x0214  HDAudBus - ok
14:19:28.0747 0x0214  HidBatt - ok
14:19:28.0750 0x0214  HidBth - ok
14:19:28.0761 0x0214  hidi2c - ok
14:19:28.0774 0x0214  hidinterrupt - ok
14:19:28.0777 0x0214  HidIr - ok
14:19:28.0784 0x0214  hidserv - ok
14:19:28.0789 0x0214  HidUsb - ok
14:19:28.0803 0x0214  HomeGroupListener - ok
14:19:28.0813 0x0214  HomeGroupProvider - ok
14:19:28.0817 0x0214  HpSAMD - ok
14:19:28.0821 0x0214  HTTP - ok
14:19:28.0825 0x0214  hwpolicy - ok
14:19:28.0829 0x0214  hyperkbd - ok
14:19:28.0833 0x0214  HyperVideo - ok
14:19:28.0837 0x0214  i8042prt - ok
14:19:28.0842 0x0214  iaLPSSi_GPIO - ok
14:19:28.0846 0x0214  iaLPSSi_I2C - ok
14:19:28.0850 0x0214  iaStorAV - ok
14:19:28.0854 0x0214  iaStorV - ok
14:19:28.0858 0x0214  ibbus - ok
14:19:28.0881 0x0214  [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:19:28.0884 0x0214  ICCS - ok
14:19:28.0915 0x0214  icssvc - ok
14:19:28.0966 0x0214  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:19:28.0968 0x0214  IDriverT - ok
14:19:28.0974 0x0214  IEEtwCollectorService - ok
14:19:28.0983 0x0214  IKEEXT - ok
14:19:28.0990 0x0214  intelide - ok
14:19:28.0994 0x0214  intelpep - ok
14:19:28.0998 0x0214  intelppm - ok
14:19:29.0002 0x0214  IoQos - ok
14:19:29.0008 0x0214  IpFilterDriver - ok
14:19:29.0016 0x0214  iphlpsvc - ok
14:19:29.0020 0x0214  IPMIDRV - ok
14:19:29.0024 0x0214  IPNAT - ok
14:19:29.0027 0x0214  IRENUM - ok
14:19:29.0030 0x0214  isapnp - ok
14:19:29.0034 0x0214  iScsiPrt - ok
14:19:29.0039 0x0214  kbdclass - ok
14:19:29.0042 0x0214  kbdhid - ok
14:19:29.0046 0x0214  kdnic - ok
14:19:29.0049 0x0214  KeyIso - ok
14:19:29.0052 0x0214  KSecDD - ok
14:19:29.0056 0x0214  KSecPkg - ok
14:19:29.0060 0x0214  ksthunk - ok
14:19:29.0065 0x0214  KtmRm - ok
14:19:29.0073 0x0214  LanmanServer - ok
14:19:29.0077 0x0214  LanmanWorkstation - ok
14:19:29.0083 0x0214  lfsvc - ok
14:19:29.0087 0x0214  LicenseManager - ok
14:19:29.0103 0x0214  LiveUpdateSvc - ok
14:19:29.0107 0x0214  lltdio - ok
14:19:29.0111 0x0214  lltdsvc - ok
14:19:29.0115 0x0214  lmhosts - ok
14:19:29.0120 0x0214  LSI_SAS - ok
14:19:29.0150 0x0214  LSI_SAS2i - ok
14:19:29.0154 0x0214  LSI_SAS3i - ok
14:19:29.0157 0x0214  LSI_SSS - ok
14:19:29.0161 0x0214  LSM - ok
14:19:29.0164 0x0214  luafv - ok
14:19:29.0195 0x0214  MapsBroker - ok
14:19:29.0221 0x0214  McComponentHostService - ok
14:19:29.0225 0x0214  megasas - ok
14:19:29.0228 0x0214  megasr - ok
14:19:29.0232 0x0214  mlx4_bus - ok
14:19:29.0236 0x0214  MMCSS - ok
14:19:29.0239 0x0214  Modem - ok
14:19:29.0242 0x0214  monitor - ok
14:19:29.0246 0x0214  mouclass - ok
14:19:29.0249 0x0214  mouhid - ok
14:19:29.0262 0x0214  mountmgr - ok
14:19:29.0265 0x0214  mpsdrv - ok
14:19:29.0278 0x0214  MpsSvc - ok
14:19:29.0299 0x0214  MQAC - ok
14:19:29.0302 0x0214  MRxDAV - ok
14:19:29.0306 0x0214  mrxsmb - ok
14:19:29.0310 0x0214  mrxsmb10 - ok
14:19:29.0313 0x0214  mrxsmb20 - ok
14:19:29.0348 0x0214  MsBridge - ok
14:19:29.0368 0x0214  MSDTC - ok
14:19:29.0375 0x0214  Msfs - ok
14:19:29.0394 0x0214  msgpiowin32 - ok
14:19:29.0397 0x0214  mshidkmdf - ok
14:19:29.0400 0x0214  mshidumdf - ok
14:19:29.0406 0x0214  msisadrv - ok
14:19:29.0409 0x0214  MSiSCSI - ok
14:19:29.0412 0x0214  msiserver - ok
14:19:29.0415 0x0214  MSKSSRV - ok
14:19:29.0419 0x0214  MsLldp - ok
14:19:29.0429 0x0214  MSMQ - ok
14:19:29.0433 0x0214  MSPCLOCK - ok
14:19:29.0436 0x0214  MSPQM - ok
14:19:29.0440 0x0214  MsRPC - ok
14:19:29.0444 0x0214  mssmbios - ok
14:19:29.0448 0x0214  MSTEE - ok
14:19:29.0451 0x0214  MTConfig - ok
14:19:29.0455 0x0214  Mup - ok
14:19:29.0459 0x0214  mvumis - ok
14:19:29.0464 0x0214  NativeWifiP - ok
14:19:29.0480 0x0214  NcaSvc - ok
14:19:29.0484 0x0214  NcbService - ok
14:19:29.0487 0x0214  NcdAutoSetup - ok
14:19:29.0491 0x0214  ndfltr - ok
14:19:29.0499 0x0214  NDIS - ok
14:19:29.0503 0x0214  NdisCap - ok
14:19:29.0507 0x0214  NdisImPlatform - ok
14:19:29.0511 0x0214  NdisTapi - ok
14:19:29.0514 0x0214  Ndisuio - ok
14:19:29.0518 0x0214  NdisVirtualBus - ok
14:19:29.0522 0x0214  NdisWan - ok
14:19:29.0526 0x0214  ndiswanlegacy - ok
14:19:29.0529 0x0214  ndproxy - ok
14:19:29.0533 0x0214  Ndu - ok
14:19:29.0536 0x0214  NetBIOS - ok
14:19:29.0541 0x0214  NetBT - ok
14:19:29.0544 0x0214  Netlogon - ok
14:19:29.0554 0x0214  Netman - ok
14:19:29.0573 0x0214  NetMsmqActivator - ok
14:19:29.0575 0x0214  NetPipeActivator - ok
14:19:29.0579 0x0214  netprofm - ok
14:19:29.0607 0x0214  NetSetupSvc - ok
14:19:29.0609 0x0214  NetTcpActivator - ok
14:19:29.0612 0x0214  NetTcpPortSharing - ok
14:19:29.0616 0x0214  netvsc - ok
14:19:29.0623 0x0214  NgcCtnrSvc - ok
14:19:29.0626 0x0214  NgcSvc - ok
14:19:29.0643 0x0214  NlaSvc - ok
14:19:29.0646 0x0214  Npfs - ok
14:19:29.0660 0x0214  npsvctrig - ok
14:19:29.0663 0x0214  nsi - ok
14:19:29.0666 0x0214  nsiproxy - ok
14:19:29.0685 0x0214  NTFS - ok
14:19:29.0689 0x0214  Null - ok
14:19:29.0709 0x0214  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
14:19:29.0711 0x0214  nusb3hub - ok
14:19:29.0731 0x0214  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
14:19:29.0734 0x0214  nusb3xhc - ok
14:19:29.0738 0x0214  nvraid - ok
14:19:29.0742 0x0214  nvstor - ok
14:19:29.0745 0x0214  nv_agp - ok
14:19:29.0755 0x0214  OneSyncSvc - ok
14:19:29.0899 0x0214  [ 10202AD89DEF5E0F7CDCF2CE8C5EF1EE, F2A9CAC054A440EBF71D7372DAA7A57BC9DB1893C45EA01F21537CE714B7451B ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
14:19:29.0973 0x0214  Origin Client Service - ok
14:19:29.0975 0x0214  Object required for P2P: [ 10202AD89DEF5E0F7CDCF2CE8C5EF1EE ] Origin Client Service
14:19:32.0591 0x0214  Object send P2P result: true
14:19:32.0637 0x0214  p2pimsvc - ok
14:19:32.0655 0x0214  p2psvc - ok
14:19:32.0672 0x0214  Parport - ok
14:19:32.0680 0x0214  partmgr - ok
14:19:32.0687 0x0214  PcaSvc - ok
14:19:32.0698 0x0214  pci - ok
14:19:32.0703 0x0214  pciide - ok
14:19:32.0708 0x0214  pcmcia - ok
14:19:32.0712 0x0214  pcw - ok
14:19:32.0732 0x0214  pdc - ok
14:19:32.0747 0x0214  PEAUTH - ok
14:19:32.0751 0x0214  PeerDistSvc - ok
14:19:32.0764 0x0214  percsas2i - ok
14:19:32.0767 0x0214  percsas3i - ok
14:19:32.0824 0x0214  PerfHost - ok
14:19:32.0848 0x0214  PimIndexMaintenanceSvc - ok
14:19:32.0874 0x0214  pla - ok
14:19:32.0884 0x0214  PlugPlay - ok
14:19:32.0888 0x0214  PNRPAutoReg - ok
14:19:32.0892 0x0214  PNRPsvc - ok
14:19:32.0903 0x0214  PolicyAgent - ok
14:19:32.0908 0x0214  Power - ok
14:19:32.0916 0x0214  PptpMiniport - ok
14:19:33.0076 0x0214  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:19:33.0181 0x0214  PrintNotify - ok
14:19:33.0204 0x0214  Processor - ok
14:19:33.0216 0x0214  ProfSvc - ok
14:19:33.0219 0x0214  Psched - ok
14:19:33.0232 0x0214  QWAVE - ok
14:19:33.0245 0x0214  QWAVEdrv - ok
14:19:33.0249 0x0214  RasAcd - ok
14:19:33.0266 0x0214  RasAgileVpn - ok
14:19:33.0276 0x0214  RasAuto - ok
14:19:33.0279 0x0214  Rasl2tp - ok
14:19:33.0283 0x0214  RasMan - ok
14:19:33.0286 0x0214  RasPppoe - ok
14:19:33.0290 0x0214  RasSstp - ok
14:19:33.0294 0x0214  rdbss - ok
14:19:33.0299 0x0214  rdpbus - ok
14:19:33.0305 0x0214  RDPDR - ok
14:19:33.0313 0x0214  RdpVideoMiniport - ok
14:19:33.0326 0x0214  rdyboost - ok
14:19:33.0341 0x0214  ReFSv1 - ok
14:19:33.0357 0x0214  RemoteAccess - ok
14:19:33.0361 0x0214  RemoteRegistry - ok
14:19:33.0379 0x0214  RetailDemo - ok
14:19:33.0383 0x0214  RpcEptMapper - ok
14:19:33.0396 0x0214  RpcLocator - ok
14:19:33.0399 0x0214  RpcSs - ok
14:19:33.0418 0x0214  rspndr - ok
14:19:33.0421 0x0214  rt640x64 - ok
14:19:33.0475 0x0214  [ 5223296F5DE2D24114577E1B5E32C937, 9D75A24FB93A5216A415E8B72D41E79B644AEF04AC4F3055BFA9116E109D5C99 ] RTL8192cu       C:\WINDOWS\System32\drivers\RTL8192cu.sys
14:19:33.0490 0x0214  RTL8192cu - ok
14:19:33.0495 0x0214  s3cap - ok
14:19:33.0498 0x0214  SamSs - ok
14:19:33.0513 0x0214  sbp2port - ok
14:19:33.0523 0x0214  SCardSvr - ok
14:19:33.0526 0x0214  ScDeviceEnum - ok
14:19:33.0530 0x0214  scfilter - ok
14:19:33.0538 0x0214  Schedule - ok
14:19:33.0547 0x0214  SCPolicySvc - ok
14:19:33.0563 0x0214  sdbus - ok
14:19:33.0567 0x0214  SDRSVC - ok
14:19:33.0571 0x0214  sdstor - ok
14:19:33.0574 0x0214  seclogon - ok
14:19:33.0578 0x0214  SENS - ok
14:19:33.0600 0x0214  SensorDataService - ok
14:19:33.0618 0x0214  SensorService - ok
14:19:33.0623 0x0214  SensrSvc - ok
14:19:33.0627 0x0214  SerCx - ok
14:19:33.0631 0x0214  SerCx2 - ok
14:19:33.0634 0x0214  Serenum - ok
14:19:33.0639 0x0214  Serial - ok
14:19:33.0643 0x0214  sermouse - ok
14:19:33.0652 0x0214  SessionEnv - ok
14:19:33.0659 0x0214  sfloppy - ok
14:19:33.0677 0x0214  SharedAccess - ok
14:19:33.0710 0x0214  ShellHWDetection - ok
14:19:33.0714 0x0214  SiSRaid2 - ok
14:19:33.0717 0x0214  SiSRaid4 - ok
14:19:33.0774 0x0214  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:19:33.0780 0x0214  SkypeUpdate - ok
14:19:33.0789 0x0214  smphost - ok
14:19:33.0794 0x0214  SmsRouter - ok
14:19:33.0813 0x0214  SNMPTRAP - ok
14:19:33.0827 0x0214  spaceport - ok
14:19:33.0831 0x0214  SpbCx - ok
14:19:33.0894 0x0214  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
14:19:33.0904 0x0214  speedfan - ok
14:19:33.0908 0x0214  Spooler - ok
14:19:33.0912 0x0214  sppsvc - ok
14:19:33.0916 0x0214  srv - ok
14:19:33.0919 0x0214  srv2 - ok
14:19:33.0923 0x0214  srvnet - ok
14:19:33.0950 0x0214  [ AFC159BDB8CD5A804D015D8A3624ECC6, 863150170D7F84D793C7CECD40439A5B46D337A8B904183ED8C53FDA9FB71091 ] ssdevfactory    C:\WINDOWS\System32\drivers\ssdevfactory.sys
14:19:33.0952 0x0214  ssdevfactory - ok
14:19:33.0966 0x0214  SSDPSRV - ok
14:19:33.0991 0x0214  [ 21075ADF0F99CF4FE71787D862FFA2F5, EC5A191161F8E2300DC5E3A0156185D7DB90B08FA9FC300DE43D51C0901E9711 ] sshid           C:\WINDOWS\System32\drivers\sshid.sys
14:19:33.0993 0x0214  sshid - ok
14:19:34.0001 0x0214  SstpSvc - ok
14:19:34.0022 0x0214  StateRepository - ok
14:19:34.0079 0x0214  [ FD7D26CD1E671DCDC2112494747A3AE1, C8A85F10FD3F4F3FCEF40D46EEF88DB72290421DB5F99EEB818B2E1F69143D5D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:19:34.0094 0x0214  Steam Client Service - ok
14:19:34.0099 0x0214  stexstor - ok
14:19:34.0117 0x0214  stisvc - ok
14:19:34.0121 0x0214  storahci - ok
14:19:34.0126 0x0214  storflt - ok
14:19:34.0141 0x0214  stornvme - ok
14:19:34.0144 0x0214  storqosflt - ok
14:19:34.0161 0x0214  StorSvc - ok
14:19:34.0164 0x0214  storufs - ok
14:19:34.0168 0x0214  storvsc - ok
14:19:34.0178 0x0214  svsvc - ok
14:19:34.0224 0x0214  swenum - ok
14:19:34.0229 0x0214  swprv - ok
14:19:34.0255 0x0214  Synth3dVsc - ok
14:19:34.0269 0x0214  SysMain - ok
14:19:34.0294 0x0214  SystemEventsBroker - ok
14:19:34.0315 0x0214  TabletInputService - ok
14:19:34.0339 0x0214  TapiSrv - ok
14:19:34.0349 0x0214  Tcpip - ok
14:19:34.0359 0x0214  Tcpip6 - ok
14:19:34.0369 0x0214  tcpipreg - ok
14:19:34.0397 0x0214  tdx - ok
14:19:34.0597 0x0214  [ CFC9B7B465283378D374D5E380D5D244, 5E66A62C6A6272B65181F116031AA80E8DCEDA3B7E2C1130DD631347DF644D79 ] TeamViewer      D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:19:34.0746 0x0214  TeamViewer - ok
14:19:34.0759 0x0214  terminpt - ok
14:19:34.0782 0x0214  TermService - ok
14:19:34.0785 0x0214  Themes - ok
14:19:34.0805 0x0214  tiledatamodelsvc - ok
14:19:34.0809 0x0214  TimeBroker - ok
14:19:34.0820 0x0214  TPM - ok
14:19:34.0823 0x0214  TrkWks - ok
14:19:34.0849 0x0214  TrustedInstaller - ok
14:19:34.0854 0x0214  TsUsbFlt - ok
14:19:34.0874 0x0214  TsUsbGD - ok
14:19:34.0876 0x0214  TuneUp.UtilitiesSvc - ok
14:19:34.0879 0x0214  TuneUpUtilitiesDrv - ok
14:19:34.0892 0x0214  tunnel - ok
14:19:34.0896 0x0214  uagp35 - ok
14:19:34.0899 0x0214  UASPStor - ok
14:19:34.0903 0x0214  UcmCx0101 - ok
14:19:34.0912 0x0214  UcmUcsi - ok
14:19:34.0915 0x0214  Ucx01000 - ok
14:19:34.0918 0x0214  UdeCx - ok
14:19:34.0923 0x0214  udfs - ok
14:19:34.0927 0x0214  UEFI - ok
14:19:34.0931 0x0214  Ufx01000 - ok
14:19:34.0934 0x0214  UfxChipidea - ok
14:19:34.0938 0x0214  ufxsynopsys - ok
14:19:34.0955 0x0214  UI0Detect - ok
14:19:34.0958 0x0214  uliagpkx - ok
14:19:34.0961 0x0214  umbus - ok
14:19:34.0964 0x0214  UmPass - ok
14:19:34.0968 0x0214  UmRdpService - ok
14:19:34.0982 0x0214  UnistoreSvc - ok
14:19:34.0997 0x0214  upnphost - ok
14:19:35.0018 0x0214  UrsChipidea - ok
14:19:35.0022 0x0214  UrsCx01000 - ok
14:19:35.0026 0x0214  UrsSynopsys - ok
14:19:35.0030 0x0214  usbccgp - ok
14:19:35.0034 0x0214  usbcir - ok
14:19:35.0050 0x0214  usbehci - ok
14:19:35.0073 0x0214  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
14:19:35.0075 0x0214  usbfilter - ok
14:19:35.0079 0x0214  usbhub - ok
14:19:35.0086 0x0214  USBHUB3 - ok
14:19:35.0090 0x0214  usbohci - ok
14:19:35.0093 0x0214  usbprint - ok
14:19:35.0098 0x0214  usbser - ok
14:19:35.0101 0x0214  USBSTOR - ok
14:19:35.0112 0x0214  usbuhci - ok
14:19:35.0121 0x0214  USBXHCI - ok
14:19:35.0125 0x0214  usb_rndisx - ok
14:19:35.0139 0x0214  UserDataSvc - ok
14:19:35.0168 0x0214  UserManager - ok
14:19:35.0189 0x0214  UsoSvc - ok
14:19:35.0201 0x0214  VaultSvc - ok
14:19:35.0205 0x0214  vdrvroot - ok
14:19:35.0208 0x0214  vds - ok
14:19:35.0212 0x0214  VerifierExt - ok
14:19:35.0216 0x0214  vhdmp - ok
14:19:35.0219 0x0214  vhf - ok
14:19:35.0265 0x0214  [ D07D5D02A4012FF013176146C9C2FF7A, 511996D837C0CF69BD82283DD9DA4EB903954DC8D1FD0C6173647925043F5117 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
14:19:35.0278 0x0214  VIAHdAudAddService - ok
14:19:35.0311 0x0214  [ 097A1A16F9F38715CEAA092DE626F517, 5D51D74C3264ADEA1A50F6620150B284E54C5294A548D1BC940B3B5FF5343998 ] VIAKaraokeService C:\WINDOWS\system32\viakaraokesrv.exe
14:19:35.0323 0x0214  VIAKaraokeService - ok
14:19:35.0327 0x0214  vmbus - ok
14:19:35.0331 0x0214  VMBusHID - ok
14:19:35.0342 0x0214  vmicguestinterface - ok
14:19:35.0347 0x0214  vmicheartbeat - ok
14:19:35.0350 0x0214  vmickvpexchange - ok
14:19:35.0355 0x0214  vmicrdv - ok
14:19:35.0360 0x0214  vmicshutdown - ok
14:19:35.0364 0x0214  vmictimesync - ok
14:19:35.0368 0x0214  vmicvmsession - ok
14:19:35.0371 0x0214  vmicvss - ok
14:19:35.0375 0x0214  volmgr - ok
14:19:35.0379 0x0214  volmgrx - ok
14:19:35.0382 0x0214  volsnap - ok
14:19:35.0394 0x0214  vpci - ok
14:19:35.0398 0x0214  vsmraid - ok
14:19:35.0402 0x0214  VSS - ok
14:19:35.0406 0x0214  VSTXRAID - ok
14:19:35.0411 0x0214  vwifibus - ok
14:19:35.0416 0x0214  vwififlt - ok
14:19:35.0430 0x0214  W32Time - ok
14:19:35.0453 0x0214  w3logsvc - ok
14:19:35.0466 0x0214  W3SVC - ok
14:19:35.0471 0x0214  WacomPen - ok
14:19:35.0475 0x0214  WalletService - ok
14:19:35.0478 0x0214  wanarp - ok
14:19:35.0483 0x0214  wanarpv6 - ok
14:19:35.0487 0x0214  WAS - ok
14:19:35.0491 0x0214  wbengine - ok
14:19:35.0495 0x0214  WbioSrvc - ok
14:19:35.0502 0x0214  Wcmsvc - ok
14:19:35.0506 0x0214  wcncsvc - ok
14:19:35.0511 0x0214  WcsPlugInService - ok
14:19:35.0514 0x0214  WdBoot - ok
14:19:35.0518 0x0214  Wdf01000 - ok
14:19:35.0522 0x0214  WdFilter - ok
14:19:35.0526 0x0214  WdiServiceHost - ok
14:19:35.0530 0x0214  WdiSystemHost - ok
14:19:35.0550 0x0214  wdiwifi - ok
14:19:35.0553 0x0214  WdNisDrv - ok
14:19:35.0576 0x0214  WdNisSvc - ok
14:19:35.0580 0x0214  WebClient - ok
14:19:35.0585 0x0214  Wecsvc - ok
14:19:35.0589 0x0214  WEPHOSTSVC - ok
14:19:35.0593 0x0214  wercplsupport - ok
14:19:35.0598 0x0214  WerSvc - ok
14:19:35.0602 0x0214  wfpcapture - ok
14:19:35.0607 0x0214  WFPLWFS - ok
14:19:35.0611 0x0214  WiaRpc - ok
14:19:35.0616 0x0214  WIMMount - ok
14:19:35.0619 0x0214  WinDefend - ok
14:19:35.0649 0x0214  WindowsMangerProtect - ok
14:19:35.0652 0x0214  WindowsTrustedRT - ok
14:19:35.0673 0x0214  WindowsTrustedRTProxy - ok
14:19:35.0679 0x0214  WinHttpAutoProxySvc - ok
14:19:35.0682 0x0214  WinMad - ok
14:19:35.0720 0x0214  Winmgmt - ok
14:19:35.0728 0x0214  WinRM - ok
14:19:35.0745 0x0214  WINUSB - ok
14:19:35.0748 0x0214  WinVerbs - ok
14:19:35.0752 0x0214  WlanSvc - ok
14:19:35.0769 0x0214  wlidsvc - ok
14:19:35.0774 0x0214  WmiAcpi - ok
14:19:35.0779 0x0214  wmiApSrv - ok
14:19:35.0789 0x0214  WMPNetworkSvc - ok
14:19:35.0803 0x0214  Wof - ok
14:19:35.0834 0x0214  workfolderssvc - ok
14:19:35.0848 0x0214  wpcfltr - ok
14:19:35.0881 0x0214  WPDBusEnum - ok
14:19:35.0885 0x0214  WpdUpFltr - ok
14:19:35.0890 0x0214  WpnService - ok
14:19:35.0917 0x0214  ws2ifsl - ok
14:19:35.0926 0x0214  wscsvc - ok
14:19:35.0930 0x0214  WSDPrintDevice - ok
14:19:35.0934 0x0214  WSDScan - ok
14:19:35.0938 0x0214  WSearch - ok
14:19:35.0944 0x0214  WSService - ok
14:19:35.0949 0x0214  wuauserv - ok
14:19:35.0952 0x0214  WudfPf - ok
14:19:35.0957 0x0214  WUDFRd - ok
14:19:35.0961 0x0214  wudfsvc - ok
14:19:35.0965 0x0214  WUDFWpdFs - ok
14:19:35.0969 0x0214  WUDFWpdMtp - ok
14:19:35.0974 0x0214  WwanSvc - ok
14:19:35.0978 0x0214  XblAuthManager - ok
14:19:35.0983 0x0214  XblGameSave - ok
14:19:35.0988 0x0214  xboxgip - ok
14:19:35.0993 0x0214  XboxNetApiSvc - ok
14:19:36.0027 0x0214  xinputhid - ok
14:19:36.0032 0x0214  xusb22 - ok
14:19:36.0043 0x0214  ================ Scan global ===============================
14:19:36.0107 0x0214  [ Global ] - ok
14:19:36.0108 0x0214  ================ Scan MBR ==================================
14:19:36.0136 0x0214  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:19:36.0140 0x0214  \Device\Harddisk0\DR0 - ok
14:19:36.0141 0x0214  ================ Scan VBR ==================================
14:19:36.0143 0x0214  [ CF4543F469B496DAA1248519C0F215C3 ] \Device\Harddisk0\DR0\Partition1
14:19:36.0211 0x0214  \Device\Harddisk0\DR0\Partition1 - ok
14:19:36.0225 0x0214  [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
14:19:36.0225 0x0214  \Device\Harddisk0\DR0\Partition2 - ok
14:19:36.0237 0x0214  [ 73D49973CCC58DB0F7CCF8F9CD866DA1 ] \Device\Harddisk0\DR0\Partition3
14:19:36.0316 0x0214  \Device\Harddisk0\DR0\Partition3 - ok
14:19:36.0335 0x0214  [ 029C1A52AE9ABEB0FDB50BC9A8765A93 ] \Device\Harddisk0\DR0\Partition4
14:19:36.0337 0x0214  \Device\Harddisk0\DR0\Partition4 - ok
14:19:36.0351 0x0214  [ 0E7420F5A3418E8314D740B3BD4CE101 ] \Device\Harddisk0\DR0\Partition5
14:19:36.0353 0x0214  \Device\Harddisk0\DR0\Partition5 - ok
14:19:36.0353 0x0214  ================ Scan generic autorun ======================
14:19:36.0370 0x0214  HDAudDeck - ok
14:19:36.0405 0x0214  gpuminer - ok
14:19:36.0501 0x0214  [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
14:19:36.0514 0x0214  StartCCC - ok
14:19:36.0563 0x0214  [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:19:36.0570 0x0214  SunJavaUpdateSched - ok
14:19:36.0773 0x0214  [ E5255D63DD01AA9F1CC4355FE366E2D3, 2E28C14DC1FEAE10626D37FF4C1DAE27F3801A40EA973E02E42B48185CBBC89B ] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
14:19:36.0944 0x0214  LogMeIn Hamachi Ui - ok
14:19:36.0951 0x0214  Object required for P2P: [ E5255D63DD01AA9F1CC4355FE366E2D3 ] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
14:19:39.0571 0x0214  Object send P2P result: true
14:19:39.0643 0x0214  OneDriveSetup - ok
14:19:39.0648 0x0214  OneDriveSetup - ok
14:19:39.0962 0x0214  [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
14:19:40.0233 0x0214  CCleaner Monitoring - ok
14:19:40.0316 0x0214  [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE
14:19:40.0321 0x0214  EPLTarget\P0000000000000000 - ok
14:19:40.0438 0x0214  [ A1BAEE2F2AA71318D08A81EB1AE60F1F, 8CEE7310553205E2047B2168CA7C578FBD80B403D644EC3E2DE7E4CECC9717FC ] C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:19:40.0472 0x0214  Spotify Web Helper - ok
14:19:40.0475 0x0214  Object required for P2P: [ A1BAEE2F2AA71318D08A81EB1AE60F1F ] C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:19:43.0090 0x0214  Object send P2P result: true
14:19:43.0124 0x0214  RESTART_STICKY_NOTES - ok
14:19:43.0261 0x0214  OneDrive - ok
14:19:43.0262 0x0214  GoogleChromeAutoLaunch_044939204C016E84398025AA5214110E - ok
14:19:43.0637 0x0214  [ E9D5B153D89878EA4A0A73DB229649F9, DB19A242CDA809BA53EBA0577244B1678A5B2689EC1CA26B6F3707E171D5A893 ] C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe
14:19:43.0768 0x0214  Spotify - ok
14:19:43.0779 0x0214  Object required for P2P: [ E9D5B153D89878EA4A0A73DB229649F9 ] C:\Users\Julius\AppData\Roaming\Spotify\Spotify.exe
14:19:46.0412 0x0214  Object send P2P result: true
14:19:46.0601 0x0214  [ D6DBFE38095E8B7715497281AB8355D6, 8881BC2C3237B3A11740C1D285517BCCA5D016ABD35161ACAC3FCDD991E006CA ] D:\Program Files\EslWire\wire.exe
14:19:46.0693 0x0214  ESL Wire - ok
14:19:46.0727 0x0214  Advanced SystemCare 8 - ok
14:19:46.0738 0x0214  Gameo - ok
14:19:46.0741 0x0214  OneDriveSetup - ok
14:19:46.0747 0x0214  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x61100 ( enabled : updated )
14:19:46.0749 0x0214  Win FW state via NFP2: enabled ( trusted )
14:19:49.0287 0x0214  ============================================================
14:19:49.0287 0x0214  Scan finished
14:19:49.0287 0x0214  ============================================================
14:19:49.0309 0x0a3c  Detected object count: 0
14:19:49.0309 0x0a3c  Actual detected object count: 0
         


Alt 14.12.2015, 12:28   #6
M-K-D-B
/// TB-Ausbilder
 
Internetseiten werden vollgespamt mit Werbung! - Standard

Internetseiten werden vollgespamt mit Werbung!



Servus,


Zukünftig bitte beachten:
Zitat:
Gestartet von C:\Users\Julius\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.









Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
--> Internetseiten werden vollgespamt mit Werbung!

Alt 18.12.2015, 16:32   #7
M-K-D-B
/// TB-Ausbilder
 
Internetseiten werden vollgespamt mit Werbung! - Standard

Internetseiten werden vollgespamt mit Werbung!



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
offline: 16.09. bis 20.09.
____________________________________

Das Trojaner-Board unterstützen

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Antwort

Themen zu Internetseiten werden vollgespamt mit Werbung!
angst, antwort, aufgesetzt, erneut, explorer, geholfen, hilfe bei beseitigung, hoffe, installier, installiert, inter, interne, internet abbruch hijackthis virus trojaner, internetexplorer, internetseite, internetseiten, monate, neu aufgesetzt, problem, schnell, schonmal, seite, seiten, troja, trojaner, trojaner - adware - ram - software - virus, viren, werbung, werbung auf jeder internetseite



Ähnliche Themen: Internetseiten werden vollgespamt mit Werbung!


  1. Werbung auf Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 08.10.2014 (3)
  2. Überall Werbung auf den Internetseiten
    Log-Analyse und Auswertung - 01.10.2014 (3)
  3. Win 7: Selbständige Internetseiten und Umleitung auf Werbung
    Log-Analyse und Auswertung - 05.06.2014 (12)
  4. Internetseiten mit Werbung überfüllt
    Log-Analyse und Auswertung - 03.02.2014 (1)
  5. Internetseiten mit Werbung überfüllt
    Plagegeister aller Art und deren Bekämpfung - 01.02.2014 (3)
  6. Werbung auf Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 31.12.2013 (17)
  7. Werbung öffnet sich auf vielen Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (1)
  8. Werbung bei Google und anderen Internetseiten
    Log-Analyse und Auswertung - 08.08.2013 (3)
  9. Werbung auf regelmäßig besuchen Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 13.07.2013 (11)
  10. Falsche Internetseiten werden aufgerufen
    Plagegeister aller Art und deren Bekämpfung - 11.10.2011 (1)
  11. Falsche Internetseiten werden aufgerufen!
    Log-Analyse und Auswertung - 01.11.2010 (18)
  12. Ausländischer Werbung in ICQ und auf einigen Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 25.11.2009 (1)
  13. Falsche Internetseiten werden geöffnet
    Log-Analyse und Auswertung - 22.06.2009 (4)
  14. Internetseiten werden umgeleitet ! ?
    Plagegeister aller Art und deren Bekämpfung - 28.12.2008 (6)
  15. Es öffnen sich durchgehend Internetseiten/werbung
    Plagegeister aller Art und deren Bekämpfung - 01.12.2008 (3)
  16. Internetseiten werden nicht angezeigt
    Alles rund um Windows - 07.01.2007 (5)
  17. Internetseiten werden nicht angezeigt
    Alles rund um Windows - 14.02.2005 (9)

Zum Thema Internetseiten werden vollgespamt mit Werbung! - Sehr gehertes Team, ich untersuche meinen PC schon seid Monaten nach Malewar, Viren, Trojanern. Doch dies vergebens...sobald ich einen Internetexplorer öffne und eine Internetseite betrete, wird an den Seiten alles - Internetseiten werden vollgespamt mit Werbung!...
Archiv
Du betrachtest: Internetseiten werden vollgespamt mit Werbung! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.